diff --git a/.github/workflows/ssh-example-test.yml b/.github/workflows/ssh-example-test.yml index 25a6005..ba20dc3 100644 --- a/.github/workflows/ssh-example-test.yml +++ b/.github/workflows/ssh-example-test.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: ls -a via OPEN SSH Private Key uses: ./ diff --git a/.node-version b/.node-version index bc78e9f..d845d9d 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -20.12.1 +24.14.0 diff --git a/action.yml b/action.yml index 79734a6..cc4498f 100644 --- a/action.yml +++ b/action.yml @@ -29,7 +29,7 @@ inputs: description: "Try keyboard-interactive user authentication if primary user authentication method fails." required: false runs: - using: "node20" + using: "node24" main: "dist/index.js" branding: color: "purple" diff --git a/dist/build/Release/cpufeatures.node b/dist/build/Release/cpufeatures.node index ce23551..7f87ffe 100755 Binary files a/dist/build/Release/cpufeatures.node and b/dist/build/Release/cpufeatures.node differ diff --git a/dist/index.js b/dist/index.js index fef1a84..d0fe59d 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1,7 +1,7 @@ require('./sourcemap-register.js');/******/ (() => { // webpackBootstrap /******/ var __webpack_modules__ = ({ -/***/ 4822: +/***/ 1188: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -22,13 +22,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -39,9 +49,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }); }; Object.defineProperty(exports, "__esModule", ({ value: true })); -const core = __importStar(__nccwpck_require__(2186)); -const node_ssh_1 = __nccwpck_require__(7334); -const keyboard_1 = __nccwpck_require__(4487); +const core = __importStar(__nccwpck_require__(7484)); +const node_ssh_1 = __nccwpck_require__(1227); +const keyboard_1 = __nccwpck_require__(7615); function run() { return __awaiter(this, void 0, void 0, function* () { const command = core.getInput('command'); @@ -62,8 +72,8 @@ function run() { } }); } -function connect(host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) { - return __awaiter(this, void 0, void 0, function* () { +function connect() { + return __awaiter(this, arguments, void 0, function* (host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) { const ssh = new node_ssh_1.NodeSSH(); console.log(`Establishing a SSH connection to ${host}.`); try { @@ -91,8 +101,8 @@ function connect(host = 'localhost', username, port = 22, privateKey, password, }); } function executeCommand(ssh, command) { - var _a; return __awaiter(this, void 0, void 0, function* () { + var _a; console.log(`Executing command: ${command}`); try { const { code } = yield ssh.exec(command, [], { @@ -128,7 +138,7 @@ run(); /***/ }), -/***/ 4487: +/***/ 7615: /***/ ((__unused_webpack_module, exports) => { "use strict"; @@ -146,14 +156,18 @@ exports.keyboardFunction = keyboardFunction; /***/ }), -/***/ 7351: +/***/ 4914: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -163,36 +177,68 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.issue = exports.issueCommand = void 0; -const os = __importStar(__nccwpck_require__(2037)); -const utils_1 = __nccwpck_require__(5278); +exports.issueCommand = issueCommand; +exports.issue = issue; +const os = __importStar(__nccwpck_require__(857)); +const utils_1 = __nccwpck_require__(302); /** - * Commands + * Issues a command to the GitHub Actions runner + * + * @param command - The command name to issue + * @param properties - Additional properties for the command (key-value pairs) + * @param message - The message to include with the command + * @remarks + * This function outputs a specially formatted string to stdout that the Actions + * runner interprets as a command. These commands can control workflow behavior, + * set outputs, create annotations, mask values, and more. * * Command Format: * ::name key=value,key=value::message * - * Examples: - * ::warning::This is the message - * ::set-env name=MY_VAR::some value + * @example + * ```typescript + * // Issue a warning annotation + * issueCommand('warning', {}, 'This is a warning message'); + * // Output: ::warning::This is a warning message + * + * // Set an environment variable + * issueCommand('set-env', { name: 'MY_VAR' }, 'some value'); + * // Output: ::set-env name=MY_VAR::some value + * + * // Add a secret mask + * issueCommand('add-mask', {}, 'secretValue123'); + * // Output: ::add-mask::secretValue123 + * ``` + * + * @internal + * This is an internal utility function that powers the public API functions + * such as setSecret, warning, error, and exportVariable. */ function issueCommand(command, properties, message) { const cmd = new Command(command, properties, message); process.stdout.write(cmd.toString() + os.EOL); } -exports.issueCommand = issueCommand; function issue(name, message = '') { issueCommand(name, {}, message); } -exports.issue = issue; const CMD_STRING = '::'; class Command { constructor(command, properties, message) { @@ -228,13 +274,13 @@ class Command { } } function escapeData(s) { - return utils_1.toCommandValue(s) + return (0, utils_1.toCommandValue)(s) .replace(/%/g, '%25') .replace(/\r/g, '%0D') .replace(/\n/g, '%0A'); } function escapeProperty(s) { - return utils_1.toCommandValue(s) + return (0, utils_1.toCommandValue)(s) .replace(/%/g, '%25') .replace(/\r/g, '%0D') .replace(/\n/g, '%0A') @@ -245,14 +291,18 @@ function escapeProperty(s) { /***/ }), -/***/ 2186: +/***/ 7484: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -262,13 +312,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -279,13 +339,34 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }); }; Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; -const command_1 = __nccwpck_require__(7351); -const file_command_1 = __nccwpck_require__(717); -const utils_1 = __nccwpck_require__(5278); -const os = __importStar(__nccwpck_require__(2037)); -const path = __importStar(__nccwpck_require__(1017)); -const oidc_utils_1 = __nccwpck_require__(8041); +exports.platform = exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = exports.markdownSummary = exports.summary = exports.ExitCode = void 0; +exports.exportVariable = exportVariable; +exports.setSecret = setSecret; +exports.addPath = addPath; +exports.getInput = getInput; +exports.getMultilineInput = getMultilineInput; +exports.getBooleanInput = getBooleanInput; +exports.setOutput = setOutput; +exports.setCommandEcho = setCommandEcho; +exports.setFailed = setFailed; +exports.isDebug = isDebug; +exports.debug = debug; +exports.error = error; +exports.warning = warning; +exports.notice = notice; +exports.info = info; +exports.startGroup = startGroup; +exports.endGroup = endGroup; +exports.group = group; +exports.saveState = saveState; +exports.getState = getState; +exports.getIDToken = getIDToken; +const command_1 = __nccwpck_require__(4914); +const file_command_1 = __nccwpck_require__(4753); +const utils_1 = __nccwpck_require__(302); +const os = __importStar(__nccwpck_require__(857)); +const path = __importStar(__nccwpck_require__(6928)); +const oidc_utils_1 = __nccwpck_require__(5306); /** * The code to exit an action */ @@ -299,7 +380,7 @@ var ExitCode; * A code indicating that the action was a failure */ ExitCode[ExitCode["Failure"] = 1] = "Failure"; -})(ExitCode = exports.ExitCode || (exports.ExitCode = {})); +})(ExitCode || (exports.ExitCode = ExitCode = {})); //----------------------------------------------------------------------- // Variables //----------------------------------------------------------------------- @@ -310,23 +391,46 @@ var ExitCode; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function exportVariable(name, val) { - const convertedVal = utils_1.toCommandValue(val); + const convertedVal = (0, utils_1.toCommandValue)(val); process.env[name] = convertedVal; const filePath = process.env['GITHUB_ENV'] || ''; if (filePath) { - return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val)); + return (0, file_command_1.issueFileCommand)('ENV', (0, file_command_1.prepareKeyValueMessage)(name, val)); } - command_1.issueCommand('set-env', { name }, convertedVal); + (0, command_1.issueCommand)('set-env', { name }, convertedVal); } -exports.exportVariable = exportVariable; /** * Registers a secret which will get masked from logs - * @param secret value of the secret + * + * @param secret - Value of the secret to be masked + * @remarks + * This function instructs the Actions runner to mask the specified value in any + * logs produced during the workflow run. Once registered, the secret value will + * be replaced with asterisks (***) whenever it appears in console output, logs, + * or error messages. + * + * This is useful for protecting sensitive information such as: + * - API keys + * - Access tokens + * - Authentication credentials + * - URL parameters containing signatures (SAS tokens) + * + * Note that masking only affects future logs; any previous appearances of the + * secret in logs before calling this function will remain unmasked. + * + * @example + * ```typescript + * // Register an API token as a secret + * const apiToken = "abc123xyz456"; + * setSecret(apiToken); + * + * // Now any logs containing this value will show *** instead + * console.log(`Using token: ${apiToken}`); // Outputs: "Using token: ***" + * ``` */ function setSecret(secret) { - command_1.issueCommand('add-mask', {}, secret); + (0, command_1.issueCommand)('add-mask', {}, secret); } -exports.setSecret = setSecret; /** * Prepends inputPath to the PATH (for this action and future actions) * @param inputPath @@ -334,14 +438,13 @@ exports.setSecret = setSecret; function addPath(inputPath) { const filePath = process.env['GITHUB_PATH'] || ''; if (filePath) { - file_command_1.issueFileCommand('PATH', inputPath); + (0, file_command_1.issueFileCommand)('PATH', inputPath); } else { - command_1.issueCommand('add-path', {}, inputPath); + (0, command_1.issueCommand)('add-path', {}, inputPath); } process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`; } -exports.addPath = addPath; /** * Gets the value of an input. * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed. @@ -361,7 +464,6 @@ function getInput(name, options) { } return val.trim(); } -exports.getInput = getInput; /** * Gets the values of an multiline input. Each value is also trimmed. * @@ -379,7 +481,6 @@ function getMultilineInput(name, options) { } return inputs.map(input => input.trim()); } -exports.getMultilineInput = getMultilineInput; /** * Gets the input value of the boolean type in the YAML 1.2 "core schema" specification. * Support boolean input list: `true | True | TRUE | false | False | FALSE` . @@ -401,7 +502,6 @@ function getBooleanInput(name, options) { throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${name}\n` + `Support boolean input list: \`true | True | TRUE | false | False | FALSE\``); } -exports.getBooleanInput = getBooleanInput; /** * Sets the value of an output. * @@ -412,21 +512,19 @@ exports.getBooleanInput = getBooleanInput; function setOutput(name, value) { const filePath = process.env['GITHUB_OUTPUT'] || ''; if (filePath) { - return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value)); + return (0, file_command_1.issueFileCommand)('OUTPUT', (0, file_command_1.prepareKeyValueMessage)(name, value)); } process.stdout.write(os.EOL); - command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value)); + (0, command_1.issueCommand)('set-output', { name }, (0, utils_1.toCommandValue)(value)); } -exports.setOutput = setOutput; /** * Enables or disables the echoing of commands into stdout for the rest of the step. * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set. * */ function setCommandEcho(enabled) { - command_1.issue('echo', enabled ? 'on' : 'off'); + (0, command_1.issue)('echo', enabled ? 'on' : 'off'); } -exports.setCommandEcho = setCommandEcho; //----------------------------------------------------------------------- // Results //----------------------------------------------------------------------- @@ -439,7 +537,6 @@ function setFailed(message) { process.exitCode = ExitCode.Failure; error(message); } -exports.setFailed = setFailed; //----------------------------------------------------------------------- // Logging Commands //----------------------------------------------------------------------- @@ -449,42 +546,37 @@ exports.setFailed = setFailed; function isDebug() { return process.env['RUNNER_DEBUG'] === '1'; } -exports.isDebug = isDebug; /** * Writes debug message to user log * @param message debug message */ function debug(message) { - command_1.issueCommand('debug', {}, message); + (0, command_1.issueCommand)('debug', {}, message); } -exports.debug = debug; /** * Adds an error issue * @param message error issue message. Errors will be converted to string via toString() * @param properties optional properties to add to the annotation. */ function error(message, properties = {}) { - command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); + (0, command_1.issueCommand)('error', (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message); } -exports.error = error; /** * Adds a warning issue * @param message warning issue message. Errors will be converted to string via toString() * @param properties optional properties to add to the annotation. */ function warning(message, properties = {}) { - command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); + (0, command_1.issueCommand)('warning', (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message); } -exports.warning = warning; /** * Adds a notice issue * @param message notice issue message. Errors will be converted to string via toString() * @param properties optional properties to add to the annotation. */ function notice(message, properties = {}) { - command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); + (0, command_1.issueCommand)('notice', (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message); } -exports.notice = notice; /** * Writes info to log with console.log. * @param message info message @@ -492,7 +584,6 @@ exports.notice = notice; function info(message) { process.stdout.write(message + os.EOL); } -exports.info = info; /** * Begin an output group. * @@ -501,16 +592,14 @@ exports.info = info; * @param name The name of the output group */ function startGroup(name) { - command_1.issue('group', name); + (0, command_1.issue)('group', name); } -exports.startGroup = startGroup; /** * End an output group. */ function endGroup() { - command_1.issue('endgroup'); + (0, command_1.issue)('endgroup'); } -exports.endGroup = endGroup; /** * Wrap an asynchronous function call in a group. * @@ -532,7 +621,6 @@ function group(name, fn) { return result; }); } -exports.group = group; //----------------------------------------------------------------------- // Wrapper action state //----------------------------------------------------------------------- @@ -546,11 +634,10 @@ exports.group = group; function saveState(name, value) { const filePath = process.env['GITHUB_STATE'] || ''; if (filePath) { - return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value)); + return (0, file_command_1.issueFileCommand)('STATE', (0, file_command_1.prepareKeyValueMessage)(name, value)); } - command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value)); + (0, command_1.issueCommand)('save-state', { name }, (0, utils_1.toCommandValue)(value)); } -exports.saveState = saveState; /** * Gets the value of an state set by this action's main execution. * @@ -560,35 +647,37 @@ exports.saveState = saveState; function getState(name) { return process.env[`STATE_${name}`] || ''; } -exports.getState = getState; function getIDToken(aud) { return __awaiter(this, void 0, void 0, function* () { return yield oidc_utils_1.OidcClient.getIDToken(aud); }); } -exports.getIDToken = getIDToken; /** * Summary exports */ -var summary_1 = __nccwpck_require__(1327); +var summary_1 = __nccwpck_require__(1847); Object.defineProperty(exports, "summary", ({ enumerable: true, get: function () { return summary_1.summary; } })); /** * @deprecated use core.summary */ -var summary_2 = __nccwpck_require__(1327); +var summary_2 = __nccwpck_require__(1847); Object.defineProperty(exports, "markdownSummary", ({ enumerable: true, get: function () { return summary_2.markdownSummary; } })); /** * Path exports */ -var path_utils_1 = __nccwpck_require__(2981); +var path_utils_1 = __nccwpck_require__(1976); Object.defineProperty(exports, "toPosixPath", ({ enumerable: true, get: function () { return path_utils_1.toPosixPath; } })); Object.defineProperty(exports, "toWin32Path", ({ enumerable: true, get: function () { return path_utils_1.toWin32Path; } })); Object.defineProperty(exports, "toPlatformPath", ({ enumerable: true, get: function () { return path_utils_1.toPlatformPath; } })); +/** + * Platform utilities exports + */ +exports.platform = __importStar(__nccwpck_require__(8968)); //# sourceMappingURL=core.js.map /***/ }), -/***/ 717: +/***/ 4753: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -596,7 +685,11 @@ Object.defineProperty(exports, "toPlatformPath", ({ enumerable: true, get: funct // For internal use, subject to change. var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -606,21 +699,32 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.prepareKeyValueMessage = exports.issueFileCommand = void 0; +exports.issueFileCommand = issueFileCommand; +exports.prepareKeyValueMessage = prepareKeyValueMessage; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ -const fs = __importStar(__nccwpck_require__(7147)); -const os = __importStar(__nccwpck_require__(2037)); -const uuid_1 = __nccwpck_require__(5840); -const utils_1 = __nccwpck_require__(5278); +const crypto = __importStar(__nccwpck_require__(6982)); +const fs = __importStar(__nccwpck_require__(9896)); +const os = __importStar(__nccwpck_require__(857)); +const utils_1 = __nccwpck_require__(302); function issueFileCommand(command, message) { const filePath = process.env[`GITHUB_${command}`]; if (!filePath) { @@ -629,14 +733,13 @@ function issueFileCommand(command, message) { if (!fs.existsSync(filePath)) { throw new Error(`Missing file at path: ${filePath}`); } - fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, { + fs.appendFileSync(filePath, `${(0, utils_1.toCommandValue)(message)}${os.EOL}`, { encoding: 'utf8' }); } -exports.issueFileCommand = issueFileCommand; function prepareKeyValueMessage(key, value) { - const delimiter = `ghadelimiter_${uuid_1.v4()}`; - const convertedValue = utils_1.toCommandValue(value); + const delimiter = `ghadelimiter_${crypto.randomUUID()}`; + const convertedValue = (0, utils_1.toCommandValue)(value); // These should realistically never happen, but just in case someone finds a // way to exploit uuid generation let's not allow keys or values that contain // the delimiter. @@ -648,12 +751,11 @@ function prepareKeyValueMessage(key, value) { } return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`; } -exports.prepareKeyValueMessage = prepareKeyValueMessage; //# sourceMappingURL=file-command.js.map /***/ }), -/***/ 8041: +/***/ 5306: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -669,9 +771,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.OidcClient = void 0; -const http_client_1 = __nccwpck_require__(6255); -const auth_1 = __nccwpck_require__(5526); -const core_1 = __nccwpck_require__(2186); +const http_client_1 = __nccwpck_require__(4844); +const auth_1 = __nccwpck_require__(4552); +const core_1 = __nccwpck_require__(7484); class OidcClient { static createHttpClient(allowRetry = true, maxRetry = 10) { const requestOptions = { @@ -695,15 +797,15 @@ class OidcClient { return runtimeUrl; } static getCall(id_token_url) { - var _a; return __awaiter(this, void 0, void 0, function* () { + var _a; const httpclient = OidcClient.createHttpClient(); const res = yield httpclient .getJson(id_token_url) .catch(error => { throw new Error(`Failed to get ID Token. \n Error Code : ${error.statusCode}\n - Error Message: ${error.result.message}`); + Error Message: ${error.message}`); }); const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value; if (!id_token) { @@ -721,9 +823,9 @@ class OidcClient { const encodedAudience = encodeURIComponent(audience); id_token_url = `${id_token_url}&audience=${encodedAudience}`; } - core_1.debug(`ID token url is ${id_token_url}`); + (0, core_1.debug)(`ID token url is ${id_token_url}`); const id_token = yield OidcClient.getCall(id_token_url); - core_1.setSecret(id_token); + (0, core_1.setSecret)(id_token); return id_token; } catch (error) { @@ -737,14 +839,18 @@ exports.OidcClient = OidcClient; /***/ }), -/***/ 2981: +/***/ 1976: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -754,16 +860,28 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0; -const path = __importStar(__nccwpck_require__(1017)); +exports.toPosixPath = toPosixPath; +exports.toWin32Path = toWin32Path; +exports.toPlatformPath = toPlatformPath; +const path = __importStar(__nccwpck_require__(6928)); /** * toPosixPath converts the given path to the posix form. On Windows, \\ will be * replaced with /. @@ -774,7 +892,6 @@ const path = __importStar(__nccwpck_require__(1017)); function toPosixPath(pth) { return pth.replace(/[\\]/g, '/'); } -exports.toPosixPath = toPosixPath; /** * toWin32Path converts the given path to the win32 form. On Linux, / will be * replaced with \\. @@ -785,7 +902,6 @@ exports.toPosixPath = toPosixPath; function toWin32Path(pth) { return pth.replace(/[/]/g, '\\'); } -exports.toWin32Path = toWin32Path; /** * toPlatformPath converts the given path to a platform-specific path. It does * this by replacing instances of / and \ with the platform-specific path @@ -797,12 +913,122 @@ exports.toWin32Path = toWin32Path; function toPlatformPath(pth) { return pth.replace(/[/\\]/g, path.sep); } -exports.toPlatformPath = toPlatformPath; //# sourceMappingURL=path-utils.js.map /***/ }), -/***/ 1327: +/***/ 8968: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.isLinux = exports.isMacOS = exports.isWindows = exports.arch = exports.platform = void 0; +exports.getDetails = getDetails; +const os_1 = __importDefault(__nccwpck_require__(857)); +const exec = __importStar(__nccwpck_require__(5236)); +const getWindowsInfo = () => __awaiter(void 0, void 0, void 0, function* () { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', undefined, { + silent: true + }); + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', undefined, { + silent: true + }); + return { + name: name.trim(), + version: version.trim() + }; +}); +const getMacOsInfo = () => __awaiter(void 0, void 0, void 0, function* () { + var _a, _b, _c, _d; + const { stdout } = yield exec.getExecOutput('sw_vers', undefined, { + silent: true + }); + const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ''; + const name = (_d = (_c = stdout.match(/ProductName:\s*(.+)/)) === null || _c === void 0 ? void 0 : _c[1]) !== null && _d !== void 0 ? _d : ''; + return { + name, + version + }; +}); +const getLinuxInfo = () => __awaiter(void 0, void 0, void 0, function* () { + const { stdout } = yield exec.getExecOutput('lsb_release', ['-i', '-r', '-s'], { + silent: true + }); + const [name, version] = stdout.trim().split('\n'); + return { + name, + version + }; +}); +exports.platform = os_1.default.platform(); +exports.arch = os_1.default.arch(); +exports.isWindows = exports.platform === 'win32'; +exports.isMacOS = exports.platform === 'darwin'; +exports.isLinux = exports.platform === 'linux'; +function getDetails() { + return __awaiter(this, void 0, void 0, function* () { + return Object.assign(Object.assign({}, (yield (exports.isWindows + ? getWindowsInfo() + : exports.isMacOS + ? getMacOsInfo() + : getLinuxInfo()))), { platform: exports.platform, + arch: exports.arch, + isWindows: exports.isWindows, + isMacOS: exports.isMacOS, + isLinux: exports.isLinux }); + }); +} +//# sourceMappingURL=platform.js.map + +/***/ }), + +/***/ 1847: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -818,8 +1044,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0; -const os_1 = __nccwpck_require__(2037); -const fs_1 = __nccwpck_require__(7147); +const os_1 = __nccwpck_require__(857); +const fs_1 = __nccwpck_require__(9896); const { access, appendFile, writeFile } = fs_1.promises; exports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY'; exports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary'; @@ -1092,7 +1318,7 @@ exports.summary = _summary; /***/ }), -/***/ 5278: +/***/ 302: /***/ ((__unused_webpack_module, exports) => { "use strict"; @@ -1100,7 +1326,8 @@ exports.summary = _summary; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.toCommandProperties = exports.toCommandValue = void 0; +exports.toCommandValue = toCommandValue; +exports.toCommandProperties = toCommandProperties; /** * Sanitizes an input into a string so it can be passed into issueCommand safely * @param input input to sanitize into a string @@ -1114,7 +1341,6 @@ function toCommandValue(input) { } return JSON.stringify(input); } -exports.toCommandValue = toCommandValue; /** * * @param annotationProperties @@ -1134,16 +1360,48 @@ function toCommandProperties(annotationProperties) { endColumn: annotationProperties.endColumn }; } -exports.toCommandProperties = toCommandProperties; //# sourceMappingURL=utils.js.map /***/ }), -/***/ 5526: -/***/ (function(__unused_webpack_module, exports) { +/***/ 5236: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -1154,27 +1412,749 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }); }; Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0; -class BasicCredentialHandler { - constructor(username, password) { - this.username = username; - this.password = password; - } - prepareRequest(options) { - if (!options.headers) { - throw Error('The request has no headers'); +exports.exec = exec; +exports.getExecOutput = getExecOutput; +const string_decoder_1 = __nccwpck_require__(3193); +const tr = __importStar(__nccwpck_require__(6665)); +/** + * Exec a command. + * Output will be streamed to the live console. + * Returns promise with return code + * + * @param commandLine command to execute (can include additional args). Must be correctly escaped. + * @param args optional arguments for tool. Escaping is handled by the lib. + * @param options optional exec options. See ExecOptions + * @returns Promise exit code + */ +function exec(commandLine, args, options) { + return __awaiter(this, void 0, void 0, function* () { + const commandArgs = tr.argStringToArray(commandLine); + if (commandArgs.length === 0) { + throw new Error(`Parameter 'commandLine' cannot be null or empty.`); } - options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`; - } - // This handler cannot handle 401 - canHandleAuthentication() { - return false; - } - handleAuthentication() { - return __awaiter(this, void 0, void 0, function* () { - throw new Error('not implemented'); - }); - } + // Path to tool to execute should be first arg + const toolPath = commandArgs[0]; + args = commandArgs.slice(1).concat(args || []); + const runner = new tr.ToolRunner(toolPath, args, options); + return runner.exec(); + }); +} +/** + * Exec a command and get the output. + * Output will be streamed to the live console. + * Returns promise with the exit code and collected stdout and stderr + * + * @param commandLine command to execute (can include additional args). Must be correctly escaped. + * @param args optional arguments for tool. Escaping is handled by the lib. + * @param options optional exec options. See ExecOptions + * @returns Promise exit code, stdout, and stderr + */ +function getExecOutput(commandLine, args, options) { + return __awaiter(this, void 0, void 0, function* () { + var _a, _b; + let stdout = ''; + let stderr = ''; + //Using string decoder covers the case where a mult-byte character is split + const stdoutDecoder = new string_decoder_1.StringDecoder('utf8'); + const stderrDecoder = new string_decoder_1.StringDecoder('utf8'); + const originalStdoutListener = (_a = options === null || options === void 0 ? void 0 : options.listeners) === null || _a === void 0 ? void 0 : _a.stdout; + const originalStdErrListener = (_b = options === null || options === void 0 ? void 0 : options.listeners) === null || _b === void 0 ? void 0 : _b.stderr; + const stdErrListener = (data) => { + stderr += stderrDecoder.write(data); + if (originalStdErrListener) { + originalStdErrListener(data); + } + }; + const stdOutListener = (data) => { + stdout += stdoutDecoder.write(data); + if (originalStdoutListener) { + originalStdoutListener(data); + } + }; + const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + //flush any remaining characters + stdout += stdoutDecoder.end(); + stderr += stderrDecoder.end(); + return { + exitCode, + stdout, + stderr + }; + }); +} +//# sourceMappingURL=exec.js.map + +/***/ }), + +/***/ 6665: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.ToolRunner = void 0; +exports.argStringToArray = argStringToArray; +const os = __importStar(__nccwpck_require__(857)); +const events = __importStar(__nccwpck_require__(4434)); +const child = __importStar(__nccwpck_require__(5317)); +const path = __importStar(__nccwpck_require__(6928)); +const io = __importStar(__nccwpck_require__(4994)); +const ioUtil = __importStar(__nccwpck_require__(5207)); +const timers_1 = __nccwpck_require__(3557); +/* eslint-disable @typescript-eslint/unbound-method */ +const IS_WINDOWS = process.platform === 'win32'; +/* + * Class for running command line tools. Handles quoting and arg parsing in a platform agnostic way. + */ +class ToolRunner extends events.EventEmitter { + constructor(toolPath, args, options) { + super(); + if (!toolPath) { + throw new Error("Parameter 'toolPath' cannot be null or empty."); + } + this.toolPath = toolPath; + this.args = args || []; + this.options = options || {}; + } + _debug(message) { + if (this.options.listeners && this.options.listeners.debug) { + this.options.listeners.debug(message); + } + } + _getCommandString(options, noPrefix) { + const toolPath = this._getSpawnFileName(); + const args = this._getSpawnArgs(options); + let cmd = noPrefix ? '' : '[command]'; // omit prefix when piped to a second tool + if (IS_WINDOWS) { + // Windows + cmd file + if (this._isCmdFile()) { + cmd += toolPath; + for (const a of args) { + cmd += ` ${a}`; + } + } + // Windows + verbatim + else if (options.windowsVerbatimArguments) { + cmd += `"${toolPath}"`; + for (const a of args) { + cmd += ` ${a}`; + } + } + // Windows (regular) + else { + cmd += this._windowsQuoteCmdArg(toolPath); + for (const a of args) { + cmd += ` ${this._windowsQuoteCmdArg(a)}`; + } + } + } + else { + // OSX/Linux - this can likely be improved with some form of quoting. + // creating processes on Unix is fundamentally different than Windows. + // on Unix, execvp() takes an arg array. + cmd += toolPath; + for (const a of args) { + cmd += ` ${a}`; + } + } + return cmd; + } + _processLineBuffer(data, strBuffer, onLine) { + try { + let s = strBuffer + data.toString(); + let n = s.indexOf(os.EOL); + while (n > -1) { + const line = s.substring(0, n); + onLine(line); + // the rest of the string ... + s = s.substring(n + os.EOL.length); + n = s.indexOf(os.EOL); + } + return s; + } + catch (err) { + // streaming lines to console is best effort. Don't fail a build. + this._debug(`error processing line. Failed with error ${err}`); + return ''; + } + } + _getSpawnFileName() { + if (IS_WINDOWS) { + if (this._isCmdFile()) { + return process.env['COMSPEC'] || 'cmd.exe'; + } + } + return this.toolPath; + } + _getSpawnArgs(options) { + if (IS_WINDOWS) { + if (this._isCmdFile()) { + let argline = `/D /S /C "${this._windowsQuoteCmdArg(this.toolPath)}`; + for (const a of this.args) { + argline += ' '; + argline += options.windowsVerbatimArguments + ? a + : this._windowsQuoteCmdArg(a); + } + argline += '"'; + return [argline]; + } + } + return this.args; + } + _endsWith(str, end) { + return str.endsWith(end); + } + _isCmdFile() { + const upperToolPath = this.toolPath.toUpperCase(); + return (this._endsWith(upperToolPath, '.CMD') || + this._endsWith(upperToolPath, '.BAT')); + } + _windowsQuoteCmdArg(arg) { + // for .exe, apply the normal quoting rules that libuv applies + if (!this._isCmdFile()) { + return this._uvQuoteCmdArg(arg); + } + // otherwise apply quoting rules specific to the cmd.exe command line parser. + // the libuv rules are generic and are not designed specifically for cmd.exe + // command line parser. + // + // for a detailed description of the cmd.exe command line parser, refer to + // http://stackoverflow.com/questions/4094699/how-does-the-windows-command-interpreter-cmd-exe-parse-scripts/7970912#7970912 + // need quotes for empty arg + if (!arg) { + return '""'; + } + // determine whether the arg needs to be quoted + const cmdSpecialChars = [ + ' ', + '\t', + '&', + '(', + ')', + '[', + ']', + '{', + '}', + '^', + '=', + ';', + '!', + "'", + '+', + ',', + '`', + '~', + '|', + '<', + '>', + '"' + ]; + let needsQuotes = false; + for (const char of arg) { + if (cmdSpecialChars.some(x => x === char)) { + needsQuotes = true; + break; + } + } + // short-circuit if quotes not needed + if (!needsQuotes) { + return arg; + } + // the following quoting rules are very similar to the rules that by libuv applies. + // + // 1) wrap the string in quotes + // + // 2) double-up quotes - i.e. " => "" + // + // this is different from the libuv quoting rules. libuv replaces " with \", which unfortunately + // doesn't work well with a cmd.exe command line. + // + // note, replacing " with "" also works well if the arg is passed to a downstream .NET console app. + // for example, the command line: + // foo.exe "myarg:""my val""" + // is parsed by a .NET console app into an arg array: + // [ "myarg:\"my val\"" ] + // which is the same end result when applying libuv quoting rules. although the actual + // command line from libuv quoting rules would look like: + // foo.exe "myarg:\"my val\"" + // + // 3) double-up slashes that precede a quote, + // e.g. hello \world => "hello \world" + // hello\"world => "hello\\""world" + // hello\\"world => "hello\\\\""world" + // hello world\ => "hello world\\" + // + // technically this is not required for a cmd.exe command line, or the batch argument parser. + // the reasons for including this as a .cmd quoting rule are: + // + // a) this is optimized for the scenario where the argument is passed from the .cmd file to an + // external program. many programs (e.g. .NET console apps) rely on the slash-doubling rule. + // + // b) it's what we've been doing previously (by deferring to node default behavior) and we + // haven't heard any complaints about that aspect. + // + // note, a weakness of the quoting rules chosen here, is that % is not escaped. in fact, % cannot be + // escaped when used on the command line directly - even though within a .cmd file % can be escaped + // by using %%. + // + // the saving grace is, on the command line, %var% is left as-is if var is not defined. this contrasts + // the line parsing rules within a .cmd file, where if var is not defined it is replaced with nothing. + // + // one option that was explored was replacing % with ^% - i.e. %var% => ^%var^%. this hack would + // often work, since it is unlikely that var^ would exist, and the ^ character is removed when the + // variable is used. the problem, however, is that ^ is not removed when %* is used to pass the args + // to an external program. + // + // an unexplored potential solution for the % escaping problem, is to create a wrapper .cmd file. + // % can be escaped within a .cmd file. + let reverse = '"'; + let quoteHit = true; + for (let i = arg.length; i > 0; i--) { + // walk the string in reverse + reverse += arg[i - 1]; + if (quoteHit && arg[i - 1] === '\\') { + reverse += '\\'; // double the slash + } + else if (arg[i - 1] === '"') { + quoteHit = true; + reverse += '"'; // double the quote + } + else { + quoteHit = false; + } + } + reverse += '"'; + return reverse.split('').reverse().join(''); + } + _uvQuoteCmdArg(arg) { + // Tool runner wraps child_process.spawn() and needs to apply the same quoting as + // Node in certain cases where the undocumented spawn option windowsVerbatimArguments + // is used. + // + // Since this function is a port of quote_cmd_arg from Node 4.x (technically, lib UV, + // see https://github.com/nodejs/node/blob/v4.x/deps/uv/src/win/process.c for details), + // pasting copyright notice from Node within this function: + // + // Copyright Joyent, Inc. and other Node contributors. All rights reserved. + // + // Permission is hereby granted, free of charge, to any person obtaining a copy + // of this software and associated documentation files (the "Software"), to + // deal in the Software without restriction, including without limitation the + // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + // sell copies of the Software, and to permit persons to whom the Software is + // furnished to do so, subject to the following conditions: + // + // The above copyright notice and this permission notice shall be included in + // all copies or substantial portions of the Software. + // + // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + // IN THE SOFTWARE. + if (!arg) { + // Need double quotation for empty argument + return '""'; + } + if (!arg.includes(' ') && !arg.includes('\t') && !arg.includes('"')) { + // No quotation needed + return arg; + } + if (!arg.includes('"') && !arg.includes('\\')) { + // No embedded double quotes or backslashes, so I can just wrap + // quote marks around the whole thing. + return `"${arg}"`; + } + // Expected input/output: + // input : hello"world + // output: "hello\"world" + // input : hello""world + // output: "hello\"\"world" + // input : hello\world + // output: hello\world + // input : hello\\world + // output: hello\\world + // input : hello\"world + // output: "hello\\\"world" + // input : hello\\"world + // output: "hello\\\\\"world" + // input : hello world\ + // output: "hello world\\" - note the comment in libuv actually reads "hello world\" + // but it appears the comment is wrong, it should be "hello world\\" + let reverse = '"'; + let quoteHit = true; + for (let i = arg.length; i > 0; i--) { + // walk the string in reverse + reverse += arg[i - 1]; + if (quoteHit && arg[i - 1] === '\\') { + reverse += '\\'; + } + else if (arg[i - 1] === '"') { + quoteHit = true; + reverse += '\\'; + } + else { + quoteHit = false; + } + } + reverse += '"'; + return reverse.split('').reverse().join(''); + } + _cloneExecOptions(options) { + options = options || {}; + const result = { + cwd: options.cwd || process.cwd(), + env: options.env || process.env, + silent: options.silent || false, + windowsVerbatimArguments: options.windowsVerbatimArguments || false, + failOnStdErr: options.failOnStdErr || false, + ignoreReturnCode: options.ignoreReturnCode || false, + delay: options.delay || 10000 + }; + result.outStream = options.outStream || process.stdout; + result.errStream = options.errStream || process.stderr; + return result; + } + _getSpawnOptions(options, toolPath) { + options = options || {}; + const result = {}; + result.cwd = options.cwd; + result.env = options.env; + result['windowsVerbatimArguments'] = + options.windowsVerbatimArguments || this._isCmdFile(); + if (options.windowsVerbatimArguments) { + result.argv0 = `"${toolPath}"`; + } + return result; + } + /** + * Exec a tool. + * Output will be streamed to the live console. + * Returns promise with return code + * + * @param tool path to tool to exec + * @param options optional exec options. See ExecOptions + * @returns number + */ + exec() { + return __awaiter(this, void 0, void 0, function* () { + // root the tool path if it is unrooted and contains relative pathing + if (!ioUtil.isRooted(this.toolPath) && + (this.toolPath.includes('/') || + (IS_WINDOWS && this.toolPath.includes('\\')))) { + // prefer options.cwd if it is specified, however options.cwd may also need to be rooted + this.toolPath = path.resolve(process.cwd(), this.options.cwd || process.cwd(), this.toolPath); + } + // if the tool is only a file name, then resolve it from the PATH + // otherwise verify it exists (add extension on Windows if necessary) + this.toolPath = yield io.which(this.toolPath, true); + return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () { + this._debug(`exec tool: ${this.toolPath}`); + this._debug('arguments:'); + for (const arg of this.args) { + this._debug(` ${arg}`); + } + const optionsNonNull = this._cloneExecOptions(this.options); + if (!optionsNonNull.silent && optionsNonNull.outStream) { + optionsNonNull.outStream.write(this._getCommandString(optionsNonNull) + os.EOL); + } + const state = new ExecState(optionsNonNull, this.toolPath); + state.on('debug', (message) => { + this._debug(message); + }); + if (this.options.cwd && !(yield ioUtil.exists(this.options.cwd))) { + return reject(new Error(`The cwd: ${this.options.cwd} does not exist!`)); + } + const fileName = this._getSpawnFileName(); + const cp = child.spawn(fileName, this._getSpawnArgs(optionsNonNull), this._getSpawnOptions(this.options, fileName)); + let stdbuffer = ''; + if (cp.stdout) { + cp.stdout.on('data', (data) => { + if (this.options.listeners && this.options.listeners.stdout) { + this.options.listeners.stdout(data); + } + if (!optionsNonNull.silent && optionsNonNull.outStream) { + optionsNonNull.outStream.write(data); + } + stdbuffer = this._processLineBuffer(data, stdbuffer, (line) => { + if (this.options.listeners && this.options.listeners.stdline) { + this.options.listeners.stdline(line); + } + }); + }); + } + let errbuffer = ''; + if (cp.stderr) { + cp.stderr.on('data', (data) => { + state.processStderr = true; + if (this.options.listeners && this.options.listeners.stderr) { + this.options.listeners.stderr(data); + } + if (!optionsNonNull.silent && + optionsNonNull.errStream && + optionsNonNull.outStream) { + const s = optionsNonNull.failOnStdErr + ? optionsNonNull.errStream + : optionsNonNull.outStream; + s.write(data); + } + errbuffer = this._processLineBuffer(data, errbuffer, (line) => { + if (this.options.listeners && this.options.listeners.errline) { + this.options.listeners.errline(line); + } + }); + }); + } + cp.on('error', (err) => { + state.processError = err.message; + state.processExited = true; + state.processClosed = true; + state.CheckComplete(); + }); + cp.on('exit', (code) => { + state.processExitCode = code; + state.processExited = true; + this._debug(`Exit code ${code} received from tool '${this.toolPath}'`); + state.CheckComplete(); + }); + cp.on('close', (code) => { + state.processExitCode = code; + state.processExited = true; + state.processClosed = true; + this._debug(`STDIO streams have closed for tool '${this.toolPath}'`); + state.CheckComplete(); + }); + state.on('done', (error, exitCode) => { + if (stdbuffer.length > 0) { + this.emit('stdline', stdbuffer); + } + if (errbuffer.length > 0) { + this.emit('errline', errbuffer); + } + cp.removeAllListeners(); + if (error) { + reject(error); + } + else { + resolve(exitCode); + } + }); + if (this.options.input) { + if (!cp.stdin) { + throw new Error('child process missing stdin'); + } + cp.stdin.end(this.options.input); + } + })); + }); + } +} +exports.ToolRunner = ToolRunner; +/** + * Convert an arg string to an array of args. Handles escaping + * + * @param argString string of arguments + * @returns string[] array of arguments + */ +function argStringToArray(argString) { + const args = []; + let inQuotes = false; + let escaped = false; + let arg = ''; + function append(c) { + // we only escape double quotes. + if (escaped && c !== '"') { + arg += '\\'; + } + arg += c; + escaped = false; + } + for (let i = 0; i < argString.length; i++) { + const c = argString.charAt(i); + if (c === '"') { + if (!escaped) { + inQuotes = !inQuotes; + } + else { + append(c); + } + continue; + } + if (c === '\\' && escaped) { + append(c); + continue; + } + if (c === '\\' && inQuotes) { + escaped = true; + continue; + } + if (c === ' ' && !inQuotes) { + if (arg.length > 0) { + args.push(arg); + arg = ''; + } + continue; + } + append(c); + } + if (arg.length > 0) { + args.push(arg.trim()); + } + return args; +} +class ExecState extends events.EventEmitter { + constructor(options, toolPath) { + super(); + this.processClosed = false; // tracks whether the process has exited and stdio is closed + this.processError = ''; + this.processExitCode = 0; + this.processExited = false; // tracks whether the process has exited + this.processStderr = false; // tracks whether stderr was written to + this.delay = 10000; // 10 seconds + this.done = false; + this.timeout = null; + if (!toolPath) { + throw new Error('toolPath must not be empty'); + } + this.options = options; + this.toolPath = toolPath; + if (options.delay) { + this.delay = options.delay; + } + } + CheckComplete() { + if (this.done) { + return; + } + if (this.processClosed) { + this._setResult(); + } + else if (this.processExited) { + this.timeout = (0, timers_1.setTimeout)(ExecState.HandleTimeout, this.delay, this); + } + } + _debug(message) { + this.emit('debug', message); + } + _setResult() { + // determine whether there is an error + let error; + if (this.processExited) { + if (this.processError) { + error = new Error(`There was an error when attempting to execute the process '${this.toolPath}'. This may indicate the process failed to start. Error: ${this.processError}`); + } + else if (this.processExitCode !== 0 && !this.options.ignoreReturnCode) { + error = new Error(`The process '${this.toolPath}' failed with exit code ${this.processExitCode}`); + } + else if (this.processStderr && this.options.failOnStdErr) { + error = new Error(`The process '${this.toolPath}' failed because one or more lines were written to the STDERR stream`); + } + } + // clear the timeout + if (this.timeout) { + clearTimeout(this.timeout); + this.timeout = null; + } + this.done = true; + this.emit('done', error, this.processExitCode); + } + static HandleTimeout(state) { + if (state.done) { + return; + } + if (!state.processClosed && state.processExited) { + const message = `The STDIO streams did not close within ${state.delay / 1000} seconds of the exit event from process '${state.toolPath}'. This may indicate a child process inherited the STDIO streams and has not yet exited.`; + state._debug(message); + } + state._setResult(); + } +} +//# sourceMappingURL=toolrunner.js.map + +/***/ }), + +/***/ 4552: +/***/ (function(__unused_webpack_module, exports) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0; +class BasicCredentialHandler { + constructor(username, password) { + this.username = username; + this.password = password; + } + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } } exports.BasicCredentialHandler = BasicCredentialHandler; class BearerCredentialHandler { @@ -1227,7 +2207,7 @@ exports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHand /***/ }), -/***/ 6255: +/***/ 4844: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -1235,7 +2215,11 @@ exports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHand /* eslint-disable @typescript-eslint/no-explicit-any */ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -1245,13 +2229,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -1262,11 +2256,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }); }; Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0; -const http = __importStar(__nccwpck_require__(3685)); -const https = __importStar(__nccwpck_require__(5687)); -const pm = __importStar(__nccwpck_require__(9835)); -const tunnel = __importStar(__nccwpck_require__(4294)); +exports.HttpClient = exports.HttpClientResponse = exports.HttpClientError = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0; +exports.getProxyUrl = getProxyUrl; +exports.isHttps = isHttps; +const http = __importStar(__nccwpck_require__(8611)); +const https = __importStar(__nccwpck_require__(5692)); +const pm = __importStar(__nccwpck_require__(4988)); +const tunnel = __importStar(__nccwpck_require__(770)); +const undici_1 = __nccwpck_require__(6752); var HttpCodes; (function (HttpCodes) { HttpCodes[HttpCodes["OK"] = 200] = "OK"; @@ -1296,16 +2293,16 @@ var HttpCodes; HttpCodes[HttpCodes["BadGateway"] = 502] = "BadGateway"; HttpCodes[HttpCodes["ServiceUnavailable"] = 503] = "ServiceUnavailable"; HttpCodes[HttpCodes["GatewayTimeout"] = 504] = "GatewayTimeout"; -})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {})); +})(HttpCodes || (exports.HttpCodes = HttpCodes = {})); var Headers; (function (Headers) { Headers["Accept"] = "accept"; Headers["ContentType"] = "content-type"; -})(Headers = exports.Headers || (exports.Headers = {})); +})(Headers || (exports.Headers = Headers = {})); var MediaTypes; (function (MediaTypes) { MediaTypes["ApplicationJson"] = "application/json"; -})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {})); +})(MediaTypes || (exports.MediaTypes = MediaTypes = {})); /** * Returns the proxy URL, depending upon the supplied url and proxy environment variables. * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com @@ -1314,7 +2311,6 @@ function getProxyUrl(serverUrl) { const proxyUrl = pm.getProxyUrl(new URL(serverUrl)); return proxyUrl ? proxyUrl.href : ''; } -exports.getProxyUrl = getProxyUrl; const HttpRedirectCodes = [ HttpCodes.MovedPermanently, HttpCodes.ResourceMoved, @@ -1356,13 +2352,25 @@ class HttpClientResponse { })); }); } + readBodyBuffer() { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () { + const chunks = []; + this.message.on('data', (chunk) => { + chunks.push(chunk); + }); + this.message.on('end', () => { + resolve(Buffer.concat(chunks)); + }); + })); + }); + } } exports.HttpClientResponse = HttpClientResponse; function isHttps(requestUrl) { const parsedUrl = new URL(requestUrl); return parsedUrl.protocol === 'https:'; } -exports.isHttps = isHttps; class HttpClient { constructor(userAgent, handlers, requestOptions) { this._ignoreSslError = false; @@ -1373,7 +2381,7 @@ class HttpClient { this._maxRetries = 1; this._keepAlive = false; this._disposed = false; - this.userAgent = userAgent; + this.userAgent = this._getUserAgentWithOrchestrationId(userAgent); this.handlers = handlers || []; this.requestOptions = requestOptions; if (requestOptions) { @@ -1445,36 +2453,39 @@ class HttpClient { * Gets a typed object from an endpoint * Be aware that not found returns a null. Other errors (4xx, 5xx) reject the promise */ - getJson(requestUrl, additionalHeaders = {}) { - return __awaiter(this, void 0, void 0, function* () { + getJson(requestUrl_1) { + return __awaiter(this, arguments, void 0, function* (requestUrl, additionalHeaders = {}) { additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); const res = yield this.get(requestUrl, additionalHeaders); return this._processResponse(res, this.requestOptions); }); } - postJson(requestUrl, obj, additionalHeaders = {}) { - return __awaiter(this, void 0, void 0, function* () { + postJson(requestUrl_1, obj_1) { + return __awaiter(this, arguments, void 0, function* (requestUrl, obj, additionalHeaders = {}) { const data = JSON.stringify(obj, null, 2); additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); - additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = + this._getExistingOrDefaultContentTypeHeader(additionalHeaders, MediaTypes.ApplicationJson); const res = yield this.post(requestUrl, data, additionalHeaders); return this._processResponse(res, this.requestOptions); }); } - putJson(requestUrl, obj, additionalHeaders = {}) { - return __awaiter(this, void 0, void 0, function* () { + putJson(requestUrl_1, obj_1) { + return __awaiter(this, arguments, void 0, function* (requestUrl, obj, additionalHeaders = {}) { const data = JSON.stringify(obj, null, 2); additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); - additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = + this._getExistingOrDefaultContentTypeHeader(additionalHeaders, MediaTypes.ApplicationJson); const res = yield this.put(requestUrl, data, additionalHeaders); return this._processResponse(res, this.requestOptions); }); } - patchJson(requestUrl, obj, additionalHeaders = {}) { - return __awaiter(this, void 0, void 0, function* () { + patchJson(requestUrl_1, obj_1) { + return __awaiter(this, arguments, void 0, function* (requestUrl, obj, additionalHeaders = {}) { const data = JSON.stringify(obj, null, 2); additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); - additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = + this._getExistingOrDefaultContentTypeHeader(additionalHeaders, MediaTypes.ApplicationJson); const res = yield this.patch(requestUrl, data, additionalHeaders); return this._processResponse(res, this.requestOptions); }); @@ -1661,10 +2672,19 @@ class HttpClient { const parsedUrl = new URL(serverUrl); return this._getAgent(parsedUrl); } - _prepareRequest(method, requestUrl, headers) { - const info = {}; - info.parsedUrl = requestUrl; - const usingSsl = info.parsedUrl.protocol === 'https:'; + getAgentDispatcher(serverUrl) { + const parsedUrl = new URL(serverUrl); + const proxyUrl = pm.getProxyUrl(parsedUrl); + const useProxy = proxyUrl && proxyUrl.hostname; + if (!useProxy) { + return; + } + return this._getProxyAgentDispatcher(parsedUrl, proxyUrl); + } + _prepareRequest(method, requestUrl, headers) { + const info = {}; + info.parsedUrl = requestUrl; + const usingSsl = info.parsedUrl.protocol === 'https:'; info.httpModule = usingSsl ? https : http; const defaultPort = usingSsl ? 443 : 80; info.options = {}; @@ -1694,12 +2714,73 @@ class HttpClient { } return lowercaseKeys(headers || {}); } + /** + * Gets an existing header value or returns a default. + * Handles converting number header values to strings since HTTP headers must be strings. + * Note: This returns string | string[] since some headers can have multiple values. + * For headers that must always be a single string (like Content-Type), use the + * specialized _getExistingOrDefaultContentTypeHeader method instead. + */ _getExistingOrDefaultHeader(additionalHeaders, header, _default) { let clientHeader; if (this.requestOptions && this.requestOptions.headers) { - clientHeader = lowercaseKeys(this.requestOptions.headers)[header]; + const headerValue = lowercaseKeys(this.requestOptions.headers)[header]; + if (headerValue) { + clientHeader = + typeof headerValue === 'number' ? headerValue.toString() : headerValue; + } + } + const additionalValue = additionalHeaders[header]; + if (additionalValue !== undefined) { + return typeof additionalValue === 'number' + ? additionalValue.toString() + : additionalValue; + } + if (clientHeader !== undefined) { + return clientHeader; + } + return _default; + } + /** + * Specialized version of _getExistingOrDefaultHeader for Content-Type header. + * Always returns a single string (not an array) since Content-Type should be a single value. + * Converts arrays to comma-separated strings and numbers to strings to ensure type safety. + * This was split from _getExistingOrDefaultHeader to provide stricter typing for callers + * that assign the result to places expecting a string (e.g., additionalHeaders[Headers.ContentType]). + */ + _getExistingOrDefaultContentTypeHeader(additionalHeaders, _default) { + let clientHeader; + if (this.requestOptions && this.requestOptions.headers) { + const headerValue = lowercaseKeys(this.requestOptions.headers)[Headers.ContentType]; + if (headerValue) { + if (typeof headerValue === 'number') { + clientHeader = String(headerValue); + } + else if (Array.isArray(headerValue)) { + clientHeader = headerValue.join(', '); + } + else { + clientHeader = headerValue; + } + } + } + const additionalValue = additionalHeaders[Headers.ContentType]; + // Return the first non-undefined value, converting numbers or arrays to strings if necessary + if (additionalValue !== undefined) { + if (typeof additionalValue === 'number') { + return String(additionalValue); + } + else if (Array.isArray(additionalValue)) { + return additionalValue.join(', '); + } + else { + return additionalValue; + } + } + if (clientHeader !== undefined) { + return clientHeader; } - return additionalHeaders[header] || clientHeader || _default; + return _default; } _getAgent(parsedUrl) { let agent; @@ -1708,7 +2789,7 @@ class HttpClient { if (this._keepAlive && useProxy) { agent = this._proxyAgent; } - if (this._keepAlive && !useProxy) { + if (!useProxy) { agent = this._agent; } // if agent is already assigned use that agent. @@ -1740,16 +2821,12 @@ class HttpClient { agent = tunnelAgent(agentOptions); this._proxyAgent = agent; } - // if reusing agent across request and tunneling agent isn't assigned create a new agent - if (this._keepAlive && !agent) { + // if tunneling agent isn't assigned create a new agent + if (!agent) { const options = { keepAlive: this._keepAlive, maxSockets }; agent = usingSsl ? new https.Agent(options) : new http.Agent(options); this._agent = agent; } - // if not using private agent and tunnel agent isn't setup then use global agent - if (!agent) { - agent = usingSsl ? https.globalAgent : http.globalAgent; - } if (usingSsl && this._ignoreSslError) { // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options @@ -1760,6 +2837,41 @@ class HttpClient { } return agent; } + _getProxyAgentDispatcher(parsedUrl, proxyUrl) { + let proxyAgent; + if (this._keepAlive) { + proxyAgent = this._proxyAgentDispatcher; + } + // if agent is already assigned use that agent. + if (proxyAgent) { + return proxyAgent; + } + const usingSsl = parsedUrl.protocol === 'https:'; + proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl.href, pipelining: !this._keepAlive ? 0 : 1 }, ((proxyUrl.username || proxyUrl.password) && { + token: `Basic ${Buffer.from(`${proxyUrl.username}:${proxyUrl.password}`).toString('base64')}` + }))); + this._proxyAgentDispatcher = proxyAgent; + if (usingSsl && this._ignoreSslError) { + // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process + // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options + // we have to cast it to any and change it directly + proxyAgent.options = Object.assign(proxyAgent.options.requestTls || {}, { + rejectUnauthorized: false + }); + } + return proxyAgent; + } + _getUserAgentWithOrchestrationId(userAgent) { + const baseUserAgent = userAgent || 'actions/http-client'; + const orchId = process.env['ACTIONS_ORCHESTRATION_ID']; + if (orchId) { + // Sanitize the orchestration ID to ensure it contains only valid characters + // Valid characters: 0-9, a-z, _, -, . + const sanitizedId = orchId.replace(/[^a-z0-9_.-]/gi, '_'); + return `${baseUserAgent} actions_orchestration_id/${sanitizedId}`; + } + return baseUserAgent; + } _performExponentialBackoff(retryNumber) { return __awaiter(this, void 0, void 0, function* () { retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber); @@ -1839,13 +2951,14 @@ const lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCa /***/ }), -/***/ 9835: +/***/ 4988: /***/ ((__unused_webpack_module, exports) => { "use strict"; Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.checkBypass = exports.getProxyUrl = void 0; +exports.getProxyUrl = getProxyUrl; +exports.checkBypass = checkBypass; function getProxyUrl(reqUrl) { const usingSsl = reqUrl.protocol === 'https:'; if (checkBypass(reqUrl)) { @@ -1860,17 +2973,26 @@ function getProxyUrl(reqUrl) { } })(); if (proxyVar) { - return new URL(proxyVar); + try { + return new DecodedURL(proxyVar); + } + catch (_a) { + if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://')) + return new DecodedURL(`http://${proxyVar}`); + } } else { return undefined; } } -exports.getProxyUrl = getProxyUrl; function checkBypass(reqUrl) { if (!reqUrl.hostname) { return false; } + const reqHost = reqUrl.hostname; + if (isLoopbackAddress(reqHost)) { + return true; + } const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || ''; if (!noProxy) { return false; @@ -1896,145 +3018,718 @@ function checkBypass(reqUrl) { .split(',') .map(x => x.trim().toUpperCase()) .filter(x => x)) { - if (upperReqHosts.some(x => x === upperNoProxyItem)) { + if (upperNoProxyItem === '*' || + upperReqHosts.some(x => x === upperNoProxyItem || + x.endsWith(`.${upperNoProxyItem}`) || + (upperNoProxyItem.startsWith('.') && + x.endsWith(`${upperNoProxyItem}`)))) { return true; } } return false; } -exports.checkBypass = checkBypass; +function isLoopbackAddress(host) { + const hostLower = host.toLowerCase(); + return (hostLower === 'localhost' || + hostLower.startsWith('127.') || + hostLower.startsWith('[::1]') || + hostLower.startsWith('[0:0:0:0:0:0:0:1]')); +} +class DecodedURL extends URL { + constructor(url, base) { + super(url, base); + this._decodedUsername = decodeURIComponent(super.username); + this._decodedPassword = decodeURIComponent(super.password); + } + get username() { + return this._decodedUsername; + } + get password() { + return this._decodedPassword; + } +} //# sourceMappingURL=proxy.js.map /***/ }), -/***/ 9348: -/***/ ((module) => { - -// Copyright 2011 Mark Cavage All rights reserved. - - -module.exports = { - - newInvalidAsn1Error: function (msg) { - var e = new Error(); - e.name = 'InvalidAsn1Error'; - e.message = msg || ''; - return e; - } - -}; - - -/***/ }), - -/***/ 194: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - -// Copyright 2011 Mark Cavage All rights reserved. - -var errors = __nccwpck_require__(9348); -var types = __nccwpck_require__(2473); - -var Reader = __nccwpck_require__(290); -var Writer = __nccwpck_require__(3200); - - -// --- Exports - -module.exports = { - - Reader: Reader, +/***/ 5207: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - Writer: Writer +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); }; - -for (var t in types) { - if (types.hasOwnProperty(t)) - module.exports[t] = types[t]; +var _a; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.READONLY = exports.UV_FS_O_EXLOCK = exports.IS_WINDOWS = exports.unlink = exports.symlink = exports.stat = exports.rmdir = exports.rm = exports.rename = exports.readdir = exports.open = exports.mkdir = exports.lstat = exports.copyFile = exports.chmod = void 0; +exports.readlink = readlink; +exports.exists = exists; +exports.isDirectory = isDirectory; +exports.isRooted = isRooted; +exports.tryGetExecutablePath = tryGetExecutablePath; +exports.getCmdPath = getCmdPath; +const fs = __importStar(__nccwpck_require__(9896)); +const path = __importStar(__nccwpck_require__(6928)); +_a = fs.promises +// export const {open} = 'fs' +, exports.chmod = _a.chmod, exports.copyFile = _a.copyFile, exports.lstat = _a.lstat, exports.mkdir = _a.mkdir, exports.open = _a.open, exports.readdir = _a.readdir, exports.rename = _a.rename, exports.rm = _a.rm, exports.rmdir = _a.rmdir, exports.stat = _a.stat, exports.symlink = _a.symlink, exports.unlink = _a.unlink; +// export const {open} = 'fs' +exports.IS_WINDOWS = process.platform === 'win32'; +/** + * Custom implementation of readlink to ensure Windows junctions + * maintain trailing backslash for backward compatibility with Node.js < 24 + * + * In Node.js 20, Windows junctions (directory symlinks) always returned paths + * with trailing backslashes. Node.js 24 removed this behavior, which breaks + * code that relied on this format for path operations. + * + * This implementation restores the Node 20 behavior by adding a trailing + * backslash to all junction results on Windows. + */ +function readlink(fsPath) { + return __awaiter(this, void 0, void 0, function* () { + const result = yield fs.promises.readlink(fsPath); + // On Windows, restore Node 20 behavior: add trailing backslash to all results + // since junctions on Windows are always directory links + if (exports.IS_WINDOWS && !result.endsWith('\\')) { + return `${result}\\`; + } + return result; + }); } -for (var e in errors) { - if (errors.hasOwnProperty(e)) - module.exports[e] = errors[e]; +// See https://github.com/nodejs/node/blob/d0153aee367422d0858105abec186da4dff0a0c5/deps/uv/include/uv/win.h#L691 +exports.UV_FS_O_EXLOCK = 0x10000000; +exports.READONLY = fs.constants.O_RDONLY; +function exists(fsPath) { + return __awaiter(this, void 0, void 0, function* () { + try { + yield (0, exports.stat)(fsPath); + } + catch (err) { + if (err.code === 'ENOENT') { + return false; + } + throw err; + } + return true; + }); } - - -/***/ }), - -/***/ 290: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - -// Copyright 2011 Mark Cavage All rights reserved. - -var assert = __nccwpck_require__(9491); -var Buffer = (__nccwpck_require__(5118).Buffer); - -var ASN1 = __nccwpck_require__(2473); -var errors = __nccwpck_require__(9348); - - -// --- Globals - -var newInvalidAsn1Error = errors.newInvalidAsn1Error; - - - -// --- API - -function Reader(data) { - if (!data || !Buffer.isBuffer(data)) - throw new TypeError('data must be a node Buffer'); - - this._buf = data; - this._size = data.length; - - // These hold the "current" state - this._len = 0; - this._offset = 0; +function isDirectory(fsPath_1) { + return __awaiter(this, arguments, void 0, function* (fsPath, useStat = false) { + const stats = useStat ? yield (0, exports.stat)(fsPath) : yield (0, exports.lstat)(fsPath); + return stats.isDirectory(); + }); } - -Object.defineProperty(Reader.prototype, 'length', { - enumerable: true, - get: function () { return (this._len); } -}); - -Object.defineProperty(Reader.prototype, 'offset', { - enumerable: true, - get: function () { return (this._offset); } -}); - -Object.defineProperty(Reader.prototype, 'remain', { - get: function () { return (this._size - this._offset); } -}); - -Object.defineProperty(Reader.prototype, 'buffer', { - get: function () { return (this._buf.slice(this._offset)); } -}); - - /** - * Reads a single byte and advances offset; you can pass in `true` to make this - * a "peek" operation (i.e., get the byte, but don't advance the offset). - * - * @param {Boolean} peek true means don't move offset. - * @return {Number} the next byte, null if not enough data. + * On OSX/Linux, true if path starts with '/'. On Windows, true for paths like: + * \, \hello, \\hello\share, C:, and C:\hello (and corresponding alternate separator cases). */ -Reader.prototype.readByte = function (peek) { - if (this._size - this._offset < 1) - return null; - - var b = this._buf[this._offset] & 0xff; +function isRooted(p) { + p = normalizeSeparators(p); + if (!p) { + throw new Error('isRooted() parameter "p" cannot be empty'); + } + if (exports.IS_WINDOWS) { + return (p.startsWith('\\') || /^[A-Z]:/i.test(p) // e.g. \ or \hello or \\hello + ); // e.g. C: or C:\hello + } + return p.startsWith('/'); +} +/** + * Best effort attempt to determine whether a file exists and is executable. + * @param filePath file path to check + * @param extensions additional file extensions to try + * @return if file exists and is executable, returns the file path. otherwise empty string. + */ +function tryGetExecutablePath(filePath, extensions) { + return __awaiter(this, void 0, void 0, function* () { + let stats = undefined; + try { + // test file exists + stats = yield (0, exports.stat)(filePath); + } + catch (err) { + if (err.code !== 'ENOENT') { + // eslint-disable-next-line no-console + console.log(`Unexpected error attempting to determine if executable file exists '${filePath}': ${err}`); + } + } + if (stats && stats.isFile()) { + if (exports.IS_WINDOWS) { + // on Windows, test for valid extension + const upperExt = path.extname(filePath).toUpperCase(); + if (extensions.some(validExt => validExt.toUpperCase() === upperExt)) { + return filePath; + } + } + else { + if (isUnixExecutable(stats)) { + return filePath; + } + } + } + // try each extension + const originalFilePath = filePath; + for (const extension of extensions) { + filePath = originalFilePath + extension; + stats = undefined; + try { + stats = yield (0, exports.stat)(filePath); + } + catch (err) { + if (err.code !== 'ENOENT') { + // eslint-disable-next-line no-console + console.log(`Unexpected error attempting to determine if executable file exists '${filePath}': ${err}`); + } + } + if (stats && stats.isFile()) { + if (exports.IS_WINDOWS) { + // preserve the case of the actual file (since an extension was appended) + try { + const directory = path.dirname(filePath); + const upperName = path.basename(filePath).toUpperCase(); + for (const actualName of yield (0, exports.readdir)(directory)) { + if (upperName === actualName.toUpperCase()) { + filePath = path.join(directory, actualName); + break; + } + } + } + catch (err) { + // eslint-disable-next-line no-console + console.log(`Unexpected error attempting to determine the actual case of the file '${filePath}': ${err}`); + } + return filePath; + } + else { + if (isUnixExecutable(stats)) { + return filePath; + } + } + } + } + return ''; + }); +} +function normalizeSeparators(p) { + p = p || ''; + if (exports.IS_WINDOWS) { + // convert slashes on Windows + p = p.replace(/\//g, '\\'); + // remove redundant slashes + return p.replace(/\\\\+/g, '\\'); + } + // remove redundant slashes + return p.replace(/\/\/+/g, '/'); +} +// on Mac/Linux, test the execute bit +// R W X R W X R W X +// 256 128 64 32 16 8 4 2 1 +function isUnixExecutable(stats) { + return ((stats.mode & 1) > 0 || + ((stats.mode & 8) > 0 && + process.getgid !== undefined && + stats.gid === process.getgid()) || + ((stats.mode & 64) > 0 && + process.getuid !== undefined && + stats.uid === process.getuid())); +} +// Get the path of cmd.exe in windows +function getCmdPath() { + var _a; + return (_a = process.env['COMSPEC']) !== null && _a !== void 0 ? _a : `cmd.exe`; +} +//# sourceMappingURL=io-util.js.map - if (!peek) - this._offset += 1; +/***/ }), - return b; -}; +/***/ 4994: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { +"use strict"; -Reader.prototype.peek = function () { - return this.readByte(true); -}; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.cp = cp; +exports.mv = mv; +exports.rmRF = rmRF; +exports.mkdirP = mkdirP; +exports.which = which; +exports.findInPath = findInPath; +const assert_1 = __nccwpck_require__(2613); +const path = __importStar(__nccwpck_require__(6928)); +const ioUtil = __importStar(__nccwpck_require__(5207)); +/** + * Copies a file or folder. + * Based off of shelljs - https://github.com/shelljs/shelljs/blob/9237f66c52e5daa40458f94f9565e18e8132f5a6/src/cp.js + * + * @param source source path + * @param dest destination path + * @param options optional. See CopyOptions. + */ +function cp(source_1, dest_1) { + return __awaiter(this, arguments, void 0, function* (source, dest, options = {}) { + const { force, recursive, copySourceDirectory } = readCopyOptions(options); + const destStat = (yield ioUtil.exists(dest)) ? yield ioUtil.stat(dest) : null; + // Dest is an existing file, but not forcing + if (destStat && destStat.isFile() && !force) { + return; + } + // If dest is an existing directory, should copy inside. + const newDest = destStat && destStat.isDirectory() && copySourceDirectory + ? path.join(dest, path.basename(source)) + : dest; + if (!(yield ioUtil.exists(source))) { + throw new Error(`no such file or directory: ${source}`); + } + const sourceStat = yield ioUtil.stat(source); + if (sourceStat.isDirectory()) { + if (!recursive) { + throw new Error(`Failed to copy. ${source} is a directory, but tried to copy without recursive flag.`); + } + else { + yield cpDirRecursive(source, newDest, 0, force); + } + } + else { + if (path.relative(source, newDest) === '') { + // a file cannot be copied to itself + throw new Error(`'${newDest}' and '${source}' are the same file`); + } + yield copyFile(source, newDest, force); + } + }); +} +/** + * Moves a path. + * + * @param source source path + * @param dest destination path + * @param options optional. See MoveOptions. + */ +function mv(source_1, dest_1) { + return __awaiter(this, arguments, void 0, function* (source, dest, options = {}) { + if (yield ioUtil.exists(dest)) { + let destExists = true; + if (yield ioUtil.isDirectory(dest)) { + // If dest is directory copy src into dest + dest = path.join(dest, path.basename(source)); + destExists = yield ioUtil.exists(dest); + } + if (destExists) { + if (options.force == null || options.force) { + yield rmRF(dest); + } + else { + throw new Error('Destination already exists'); + } + } + } + yield mkdirP(path.dirname(dest)); + yield ioUtil.rename(source, dest); + }); +} +/** + * Remove a path recursively with force + * + * @param inputPath path to remove + */ +function rmRF(inputPath) { + return __awaiter(this, void 0, void 0, function* () { + if (ioUtil.IS_WINDOWS) { + // Check for invalid characters + // https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file + if (/[*"<>|]/.test(inputPath)) { + throw new Error('File path must not contain `*`, `"`, `<`, `>` or `|` on Windows'); + } + } + try { + // note if path does not exist, error is silent + yield ioUtil.rm(inputPath, { + force: true, + maxRetries: 3, + recursive: true, + retryDelay: 300 + }); + } + catch (err) { + throw new Error(`File was unable to be removed ${err}`); + } + }); +} +/** + * Make a directory. Creates the full path with folders in between + * Will throw if it fails + * + * @param fsPath path to create + * @returns Promise + */ +function mkdirP(fsPath) { + return __awaiter(this, void 0, void 0, function* () { + (0, assert_1.ok)(fsPath, 'a path argument must be provided'); + yield ioUtil.mkdir(fsPath, { recursive: true }); + }); +} +/** + * Returns path of a tool had the tool actually been invoked. Resolves via paths. + * If you check and the tool does not exist, it will throw. + * + * @param tool name of the tool + * @param check whether to check if tool exists + * @returns Promise path to tool + */ +function which(tool, check) { + return __awaiter(this, void 0, void 0, function* () { + if (!tool) { + throw new Error("parameter 'tool' is required"); + } + // recursive when check=true + if (check) { + const result = yield which(tool, false); + if (!result) { + if (ioUtil.IS_WINDOWS) { + throw new Error(`Unable to locate executable file: ${tool}. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also verify the file has a valid extension for an executable file.`); + } + else { + throw new Error(`Unable to locate executable file: ${tool}. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also check the file mode to verify the file is executable.`); + } + } + return result; + } + const matches = yield findInPath(tool); + if (matches && matches.length > 0) { + return matches[0]; + } + return ''; + }); +} +/** + * Returns a list of all occurrences of the given tool on the system path. + * + * @returns Promise the paths of the tool + */ +function findInPath(tool) { + return __awaiter(this, void 0, void 0, function* () { + if (!tool) { + throw new Error("parameter 'tool' is required"); + } + // build the list of extensions to try + const extensions = []; + if (ioUtil.IS_WINDOWS && process.env['PATHEXT']) { + for (const extension of process.env['PATHEXT'].split(path.delimiter)) { + if (extension) { + extensions.push(extension); + } + } + } + // if it's rooted, return it if exists. otherwise return empty. + if (ioUtil.isRooted(tool)) { + const filePath = yield ioUtil.tryGetExecutablePath(tool, extensions); + if (filePath) { + return [filePath]; + } + return []; + } + // if any path separators, return empty + if (tool.includes(path.sep)) { + return []; + } + // build the list of directories + // + // Note, technically "where" checks the current directory on Windows. From a toolkit perspective, + // it feels like we should not do this. Checking the current directory seems like more of a use + // case of a shell, and the which() function exposed by the toolkit should strive for consistency + // across platforms. + const directories = []; + if (process.env.PATH) { + for (const p of process.env.PATH.split(path.delimiter)) { + if (p) { + directories.push(p); + } + } + } + // find all matches + const matches = []; + for (const directory of directories) { + const filePath = yield ioUtil.tryGetExecutablePath(path.join(directory, tool), extensions); + if (filePath) { + matches.push(filePath); + } + } + return matches; + }); +} +function readCopyOptions(options) { + const force = options.force == null ? true : options.force; + const recursive = Boolean(options.recursive); + const copySourceDirectory = options.copySourceDirectory == null + ? true + : Boolean(options.copySourceDirectory); + return { force, recursive, copySourceDirectory }; +} +function cpDirRecursive(sourceDir, destDir, currentDepth, force) { + return __awaiter(this, void 0, void 0, function* () { + // Ensure there is not a run away recursive copy + if (currentDepth >= 255) + return; + currentDepth++; + yield mkdirP(destDir); + const files = yield ioUtil.readdir(sourceDir); + for (const fileName of files) { + const srcFile = `${sourceDir}/${fileName}`; + const destFile = `${destDir}/${fileName}`; + const srcFileStat = yield ioUtil.lstat(srcFile); + if (srcFileStat.isDirectory()) { + // Recurse + yield cpDirRecursive(srcFile, destFile, currentDepth, force); + } + else { + yield copyFile(srcFile, destFile, force); + } + } + // Change the mode for the newly created directory + yield ioUtil.chmod(destDir, (yield ioUtil.stat(sourceDir)).mode); + }); +} +// Buffered file copy +function copyFile(srcFile, destFile, force) { + return __awaiter(this, void 0, void 0, function* () { + if ((yield ioUtil.lstat(srcFile)).isSymbolicLink()) { + // unlink/re-link it + try { + yield ioUtil.lstat(destFile); + yield ioUtil.unlink(destFile); + } + catch (e) { + // Try to override file permission + if (e.code === 'EPERM') { + yield ioUtil.chmod(destFile, '0666'); + yield ioUtil.unlink(destFile); + } + // other errors = it doesn't exist, no work to do + } + // Copy over symlink + const symlinkFull = yield ioUtil.readlink(srcFile); + yield ioUtil.symlink(symlinkFull, destFile, ioUtil.IS_WINDOWS ? 'junction' : null); + } + else if (!(yield ioUtil.exists(destFile)) || force) { + yield ioUtil.copyFile(srcFile, destFile); + } + }); +} +//# sourceMappingURL=io.js.map + +/***/ }), + +/***/ 6656: +/***/ ((module) => { + +// Copyright 2011 Mark Cavage All rights reserved. + + +module.exports = { + + newInvalidAsn1Error: function (msg) { + var e = new Error(); + e.name = 'InvalidAsn1Error'; + e.message = msg || ''; + return e; + } + +}; + + +/***/ }), + +/***/ 7703: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +// Copyright 2011 Mark Cavage All rights reserved. + +var errors = __nccwpck_require__(6656); +var types = __nccwpck_require__(254); + +var Reader = __nccwpck_require__(1996); +var Writer = __nccwpck_require__(9816); + + +// --- Exports + +module.exports = { + + Reader: Reader, + + Writer: Writer + +}; + +for (var t in types) { + if (types.hasOwnProperty(t)) + module.exports[t] = types[t]; +} +for (var e in errors) { + if (errors.hasOwnProperty(e)) + module.exports[e] = errors[e]; +} + + +/***/ }), + +/***/ 1996: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +// Copyright 2011 Mark Cavage All rights reserved. + +var assert = __nccwpck_require__(2613); +var Buffer = (__nccwpck_require__(2803).Buffer); + +var ASN1 = __nccwpck_require__(254); +var errors = __nccwpck_require__(6656); + + +// --- Globals + +var newInvalidAsn1Error = errors.newInvalidAsn1Error; + + + +// --- API + +function Reader(data) { + if (!data || !Buffer.isBuffer(data)) + throw new TypeError('data must be a node Buffer'); + + this._buf = data; + this._size = data.length; + + // These hold the "current" state + this._len = 0; + this._offset = 0; +} + +Object.defineProperty(Reader.prototype, 'length', { + enumerable: true, + get: function () { return (this._len); } +}); + +Object.defineProperty(Reader.prototype, 'offset', { + enumerable: true, + get: function () { return (this._offset); } +}); + +Object.defineProperty(Reader.prototype, 'remain', { + get: function () { return (this._size - this._offset); } +}); + +Object.defineProperty(Reader.prototype, 'buffer', { + get: function () { return (this._buf.slice(this._offset)); } +}); + + +/** + * Reads a single byte and advances offset; you can pass in `true` to make this + * a "peek" operation (i.e., get the byte, but don't advance the offset). + * + * @param {Boolean} peek true means don't move offset. + * @return {Number} the next byte, null if not enough data. + */ +Reader.prototype.readByte = function (peek) { + if (this._size - this._offset < 1) + return null; + + var b = this._buf[this._offset] & 0xff; + + if (!peek) + this._offset += 1; + + return b; +}; + + +Reader.prototype.peek = function () { + return this.readByte(true); +}; /** @@ -2230,7 +3925,7 @@ module.exports = Reader; /***/ }), -/***/ 2473: +/***/ 254: /***/ ((module) => { // Copyright 2011 Mark Cavage All rights reserved. @@ -2273,15 +3968,15 @@ module.exports = { /***/ }), -/***/ 3200: +/***/ 9816: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { // Copyright 2011 Mark Cavage All rights reserved. -var assert = __nccwpck_require__(9491); -var Buffer = (__nccwpck_require__(5118).Buffer); -var ASN1 = __nccwpck_require__(2473); -var errors = __nccwpck_require__(9348); +var assert = __nccwpck_require__(2613); +var Buffer = (__nccwpck_require__(2803).Buffer); +var ASN1 = __nccwpck_require__(254); +var errors = __nccwpck_require__(6656); // --- Globals @@ -2597,7 +4292,7 @@ module.exports = Writer; /***/ }), -/***/ 970: +/***/ 9837: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { // Copyright 2011 Mark Cavage All rights reserved. @@ -2605,7 +4300,7 @@ module.exports = Writer; // If you have no idea what ASN.1 or BER is, see this: // ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc -var Ber = __nccwpck_require__(194); +var Ber = __nccwpck_require__(7703); @@ -2624,13 +4319,13 @@ module.exports = { /***/ }), -/***/ 5447: +/***/ 686: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -var crypto_hash_sha512 = (__nccwpck_require__(8729).lowlevel.crypto_hash); +var crypto_hash_sha512 = (__nccwpck_require__(668).lowlevel).crypto_hash; /* * This file is a 1:1 port from the OpenBSD blowfish.c and bcrypt_pbkdf.c. As a @@ -3188,20 +4883,20 @@ module.exports = { /***/ }), -/***/ 4137: +/***/ 4982: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const binding = __nccwpck_require__(4240); +const binding = __nccwpck_require__(5243); module.exports = binding.getCPUInfo; /***/ }), -/***/ 1554: +/***/ 6543: /***/ ((module) => { "use strict"; @@ -3237,15 +4932,15 @@ module.exports = isStream; /***/ }), -/***/ 9126: +/***/ 6512: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const fs = __nccwpck_require__(7147); -const path = __nccwpck_require__(1017); -const {promisify} = __nccwpck_require__(3837); -const semver = __nccwpck_require__(5911); +const fs = __nccwpck_require__(9896); +const path = __nccwpck_require__(6928); +const {promisify} = __nccwpck_require__(9023); +const semver = __nccwpck_require__(9318); const useNativeRecursiveOption = semver.satisfies(process.version, '>=10.12.0'); @@ -3401,7 +5096,7 @@ module.exports.sync = (input, options) => { /***/ }), -/***/ 5118: +/***/ 2803: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -3409,7 +5104,7 @@ module.exports.sync = (input, options) => { -var buffer = __nccwpck_require__(4300) +var buffer = __nccwpck_require__(181) var Buffer = buffer.Buffer var safer = {} @@ -3486,7 +5181,7 @@ module.exports = safer /***/ }), -/***/ 5911: +/***/ 9318: /***/ ((module, exports) => { exports = module.exports = SemVer @@ -5136,7 +6831,7 @@ function coerce (version, options) { /***/ }), -/***/ 8741: +/***/ 4646: /***/ ((module) => { module.exports = shellescape; @@ -5160,7 +6855,7 @@ function shellescape(a) { /***/ }), -/***/ 3204: +/***/ 5683: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -5170,12 +6865,12 @@ const { Duplex: DuplexStream, Readable: ReadableStream, Writable: WritableStream, -} = __nccwpck_require__(2781); +} = __nccwpck_require__(2203); const { CHANNEL_EXTENDED_DATATYPE: { STDERR }, -} = __nccwpck_require__(6832); -const { bufferSlice } = __nccwpck_require__(9475); +} = __nccwpck_require__(4020); +const { bufferSlice } = __nccwpck_require__(2184); const PACKET_SIZE = 32 * 1024; const MAX_WINDOW = 2 * 1024 * 1024; @@ -5463,26 +7158,26 @@ module.exports = { /***/ }), -/***/ 9054: +/***/ 3849: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const { Socket } = __nccwpck_require__(1808); -const { Duplex } = __nccwpck_require__(2781); -const { resolve } = __nccwpck_require__(1017); -const { readFile } = __nccwpck_require__(7147); -const { execFile, spawn } = __nccwpck_require__(2081); +const { Socket } = __nccwpck_require__(9278); +const { Duplex } = __nccwpck_require__(2203); +const { resolve } = __nccwpck_require__(6928); +const { readFile } = __nccwpck_require__(9896); +const { execFile, spawn } = __nccwpck_require__(5317); -const { isParsedKey, parseKey } = __nccwpck_require__(2218); +const { isParsedKey, parseKey } = __nccwpck_require__(1789); const { makeBufferParser, readUInt32BE, writeUInt32BE, writeUInt32LE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); function once(cb) { let called = false; @@ -6594,7 +8289,7 @@ module.exports = { /***/ }), -/***/ 6063: +/***/ 6297: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -6608,10 +8303,10 @@ const { createHash, getHashes, randomFillSync, -} = __nccwpck_require__(6113); -const { Socket } = __nccwpck_require__(1808); -const { lookup: dnsLookup } = __nccwpck_require__(9523); -const EventEmitter = __nccwpck_require__(2361); +} = __nccwpck_require__(6982); +const { Socket } = __nccwpck_require__(9278); +const { lookup: dnsLookup } = __nccwpck_require__(2250); +const EventEmitter = __nccwpck_require__(4434); const HASHES = getHashes(); const { @@ -6630,11 +8325,11 @@ const { SUPPORTED_KEX, SUPPORTED_MAC, SUPPORTED_SERVER_HOST_KEY, -} = __nccwpck_require__(6832); -const { init: cryptoInit } = __nccwpck_require__(5708); -const Protocol = __nccwpck_require__(9031); -const { parseKey } = __nccwpck_require__(2218); -const { SFTP } = __nccwpck_require__(2026); +} = __nccwpck_require__(4020); +const { init: cryptoInit } = __nccwpck_require__(2888); +const Protocol = __nccwpck_require__(7841); +const { parseKey } = __nccwpck_require__(1789); +const { SFTP } = __nccwpck_require__(4996); const { bufferCopy, makeBufferParser, @@ -6642,23 +8337,23 @@ const { readUInt32BE, sigSSHToASN1, writeUInt32BE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); -const { AgentContext, createAgent, isAgent } = __nccwpck_require__(9054); +const { AgentContext, createAgent, isAgent } = __nccwpck_require__(3849); const { Channel, MAX_WINDOW, PACKET_SIZE, windowAdjust, WINDOW_THRESHOLD, -} = __nccwpck_require__(3204); +} = __nccwpck_require__(5683); const { ChannelManager, generateAlgorithmList, isWritable, onChannelOpenFailure, onCHANNEL_CLOSE, -} = __nccwpck_require__(834); +} = __nccwpck_require__(2137); const bufferParser = makeBufferParser(); const sigParser = makeBufferParser(); @@ -6873,16 +8568,14 @@ class Client extends EventEmitter { let hostVerifier; if (typeof cfg.hostVerifier === 'function') { const hashCb = cfg.hostVerifier; - let hasher; + let hashAlgo; if (HASHES.indexOf(cfg.hostHash) !== -1) { // Default to old behavior of hashing on user's behalf - hasher = createHash(cfg.hostHash); + hashAlgo = cfg.hostHash; } hostVerifier = (key, verify) => { - if (hasher) { - hasher.update(key); - key = hasher.digest('hex'); - } + if (hashAlgo) + key = createHash(hashAlgo).update(key).digest('hex'); const ret = hashCb(key, verify); if (ret !== undefined) verify(ret); @@ -6897,6 +8590,7 @@ class Client extends EventEmitter { const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => { debug(`Debug output from server: ${JSON.stringify(msg)}`); }); + let serverSigAlgs; const proto = this._protocol = new Protocol({ ident: this.config.ident, offer: (allOfferDefaults ? undefined : algorithms), @@ -6948,6 +8642,17 @@ class Client extends EventEmitter { if (name === 'ssh-userauth') tryNextAuth(); }, + EXT_INFO: (p, exts) => { + if (serverSigAlgs === undefined) { + for (const ext of exts) { + if (ext.name === 'server-sig-algs') { + serverSigAlgs = ext.algs; + return; + } + } + serverSigAlgs = null; + } + }, USERAUTH_BANNER: (p, msg) => { this.emit('banner', msg); }, @@ -6960,10 +8665,55 @@ class Client extends EventEmitter { this.emit('ready'); }, USERAUTH_FAILURE: (p, authMethods, partialSuccess) => { - if (curAuth.type === 'agent') { - const pos = curAuth.agentCtx.pos(); - debug && debug(`Client: Agent key #${pos + 1} failed`); - return tryNextAgentKey(); + // For key-based authentication, check if we should retry the current + // key with a different algorithm first + if (curAuth.keyAlgos) { + const oldKeyAlgo = curAuth.keyAlgos[0][0]; + if (debug) + debug(`Client: ${curAuth.type} (${oldKeyAlgo}) auth failed`); + curAuth.keyAlgos.shift(); + if (curAuth.keyAlgos.length) { + const [keyAlgo, hashAlgo] = curAuth.keyAlgos[0]; + switch (curAuth.type) { + case 'agent': + proto.authPK( + curAuth.username, + curAuth.agentCtx.currentKey(), + keyAlgo + ); + return; + case 'publickey': + proto.authPK(curAuth.username, curAuth.key, keyAlgo); + return; + case 'hostbased': + proto.authHostbased(curAuth.username, + curAuth.key, + curAuth.localHostname, + curAuth.localUsername, + keyAlgo, + (buf, cb) => { + const signature = curAuth.key.sign(buf, hashAlgo); + if (signature instanceof Error) { + signature.message = + `Error while signing with key: ${signature.message}`; + signature.level = 'client-authentication'; + this.emit('error', signature); + return tryNextAuth(); + } + + cb(signature); + }); + return; + } + } else { + curAuth.keyAlgos = undefined; + } + } + + if (curAuth.type === 'agent') { + const pos = curAuth.agentCtx.pos(); + debug && debug(`Client: Agent key #${pos + 1} failed`); + return tryNextAgentKey(); } debug && debug(`Client: ${curAuth.type} auth failed`); @@ -6986,10 +8736,15 @@ class Client extends EventEmitter { } }, USERAUTH_PK_OK: (p) => { + let keyAlgo; + let hashAlgo; + if (curAuth.keyAlgos) + [keyAlgo, hashAlgo] = curAuth.keyAlgos[0]; if (curAuth.type === 'agent') { const key = curAuth.agentCtx.currentKey(); - proto.authPK(curAuth.username, key, (buf, cb) => { - curAuth.agentCtx.sign(key, buf, {}, (err, signed) => { + proto.authPK(curAuth.username, key, keyAlgo, (buf, cb) => { + const opts = { hash: hashAlgo }; + curAuth.agentCtx.sign(key, buf, opts, (err, signed) => { if (err) { err.level = 'agent'; this.emit('error', err); @@ -7001,8 +8756,8 @@ class Client extends EventEmitter { }); }); } else if (curAuth.type === 'publickey') { - proto.authPK(curAuth.username, curAuth.key, (buf, cb) => { - const signature = curAuth.key.sign(buf); + proto.authPK(curAuth.username, curAuth.key, keyAlgo, (buf, cb) => { + const signature = curAuth.key.sign(buf, hashAlgo); if (signature instanceof Error) { signature.message = `Error signing data with key: ${signature.message}`; @@ -7537,16 +9292,42 @@ class Client extends EventEmitter { case 'password': proto.authPassword(username, curAuth.password); break; - case 'publickey': - proto.authPK(username, curAuth.key); + case 'publickey': { + let keyAlgo; + curAuth.keyAlgos = getKeyAlgos(this, curAuth.key, serverSigAlgs); + if (curAuth.keyAlgos) { + if (curAuth.keyAlgos.length) { + keyAlgo = curAuth.keyAlgos[0][0]; + } else { + return skipAuth( + 'Skipping key authentication (no mutual hash algorithm)' + ); + } + } + proto.authPK(username, curAuth.key, keyAlgo); break; - case 'hostbased': + } + case 'hostbased': { + let keyAlgo; + let hashAlgo; + curAuth.keyAlgos = getKeyAlgos(this, curAuth.key, serverSigAlgs); + if (curAuth.keyAlgos) { + if (curAuth.keyAlgos.length) { + [keyAlgo, hashAlgo] = curAuth.keyAlgos[0]; + } else { + return skipAuth( + 'Skipping hostbased authentication (no mutual hash algorithm)' + ); + } + } + proto.authHostbased(username, curAuth.key, curAuth.localHostname, curAuth.localUsername, + keyAlgo, (buf, cb) => { - const signature = curAuth.key.sign(buf); + const signature = curAuth.key.sign(buf, hashAlgo); if (signature instanceof Error) { signature.message = `Error while signing with key: ${signature.message}`; @@ -7558,6 +9339,7 @@ class Client extends EventEmitter { cb(signature); }); break; + } case 'agent': curAuth.agentCtx.init((err) => { if (err) { @@ -7602,8 +9384,21 @@ class Client extends EventEmitter { tryNextAuth(); } else { const pos = curAuth.agentCtx.pos(); + let keyAlgo; + curAuth.keyAlgos = getKeyAlgos(this, key, serverSigAlgs); + if (curAuth.keyAlgos) { + if (curAuth.keyAlgos.length) { + keyAlgo = curAuth.keyAlgos[0][0]; + } else { + debug && debug( + `Agent: Skipping key #${pos + 1} (no mutual hash algorithm)` + ); + tryNextAgentKey(); + return; + } + } debug && debug(`Agent: Trying key #${pos + 1}`); - proto.authPK(curAuth.username, key); + proto.authPK(curAuth.username, key, keyAlgo); } } }; @@ -7634,7 +9429,6 @@ class Client extends EventEmitter { localAddress: this.config.localAddress, localPort: this.config.localPort }); - sock.setNoDelay(true); sock.setMaxListeners(0); sock.setTimeout(typeof cfg.timeout === 'number' ? cfg.timeout : 0); }; @@ -8053,17 +9847,22 @@ class Client extends EventEmitter { return this; } - sftp(cb) { + sftp(env, cb) { if (!this._sock || !isWritable(this._sock)) throw new Error('Not connected'); + if (typeof env === 'function') { + cb = env; + env = undefined; + } + openChannel(this, 'sftp', (err, sftp) => { if (err) { cb(err); return; } - reqSubsystem(sftp, 'sftp', (err, sftp_) => { + const reqSubsystemCb = (err, sftp_) => { if (err) { cb(err); return; @@ -8109,11 +9908,31 @@ class Client extends EventEmitter { .on('close', onExit); sftp._init(); - }); + }; + + if (typeof env === 'object' && env !== null) { + reqEnv(sftp, env, (err) => { + if (err) { + cb(err); + return; + } + + reqSubsystem(sftp, 'sftp', reqSubsystemCb); + }); + } else { + reqSubsystem(sftp, 'sftp', reqSubsystemCb); + } }); return this; } + + setNoDelay(noDelay) { + if (this._sock && typeof this._sock.setNoDelay === 'function') + this._sock.setNoDelay(noDelay); + + return this; + } } function openChannel(self, type, opts, cb) { @@ -8336,16 +10155,33 @@ function reqExec(chan, cmd, opts, cb) { chan._client._protocol.exec(chan.outgoing.id, cmd, true); } -function reqEnv(chan, env) { - if (chan.outgoing.state !== 'open') +function reqEnv(chan, env, cb) { + const wantReply = (typeof cb === 'function'); + + if (chan.outgoing.state !== 'open') { + if (wantReply) + cb(new Error('Channel is not open')); return; + } + + if (wantReply) { + chan._callbacks.push((had_err) => { + if (had_err) { + cb(had_err !== true + ? had_err + : new Error('Unable to set environment')); + return; + } + cb(); + }); + } const keys = Object.keys(env || {}); for (let i = 0; i < keys.length; ++i) { const key = keys[i]; const val = env[key]; - chan._client._protocol.env(chan.outgoing.id, key, val, false); + chan._client._protocol.env(chan.outgoing.id, key, val, wantReply); } } @@ -8611,20 +10447,41 @@ function hostKeysProve(client, keys_, cb) { ); } +function getKeyAlgos(client, key, serverSigAlgs) { + switch (key.type) { + case 'ssh-rsa': + if (client._protocol._compatFlags & COMPAT.IMPLY_RSA_SHA2_SIGALGS) { + if (!Array.isArray(serverSigAlgs)) + serverSigAlgs = ['rsa-sha2-256', 'rsa-sha2-512']; + else + serverSigAlgs = ['rsa-sha2-256', 'rsa-sha2-512', ...serverSigAlgs]; + } + if (Array.isArray(serverSigAlgs)) { + if (serverSigAlgs.indexOf('rsa-sha2-256') !== -1) + return [['rsa-sha2-256', 'sha256']]; + if (serverSigAlgs.indexOf('rsa-sha2-512') !== -1) + return [['rsa-sha2-512', 'sha512']]; + if (serverSigAlgs.indexOf('ssh-rsa') === -1) + return []; + } + return [['ssh-rsa', 'sha1']]; + } +} + module.exports = Client; /***/ }), -/***/ 2994: +/***/ 137: /***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { "use strict"; -const { Agent: HttpAgent } = __nccwpck_require__(3685); -const { Agent: HttpsAgent } = __nccwpck_require__(5687); -const { connect: tlsConnect } = __nccwpck_require__(4404); +const { Agent: HttpAgent } = __nccwpck_require__(8611); +const { Agent: HttpsAgent } = __nccwpck_require__(5692); +const { connect: tlsConnect } = __nccwpck_require__(4756); let Client; @@ -8644,7 +10501,7 @@ for (const ctor of [HttpAgent, HttpsAgent]) { const dstPort = options.port; if (Client === undefined) - Client = __nccwpck_require__(6063); + Client = __nccwpck_require__(6297); const client = new Client(); let triedForward = false; @@ -8708,7 +10565,7 @@ function decorateStream(stream, ctor, options) { /***/ }), -/***/ 5869: +/***/ 5472: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -8721,32 +10578,33 @@ const { CygwinAgent, OpenSSHAgent, PageantAgent, -} = __nccwpck_require__(9054); +} = __nccwpck_require__(3849); const { SSHTTPAgent: HTTPAgent, SSHTTPSAgent: HTTPSAgent, -} = __nccwpck_require__(2994); -const { parseKey } = __nccwpck_require__(2218); +} = __nccwpck_require__(137); +const { parseKey } = __nccwpck_require__(1789); const { flagsToString, OPEN_MODE, STATUS_CODE, stringToFlags, -} = __nccwpck_require__(2026); +} = __nccwpck_require__(4996); module.exports = { AgentProtocol, BaseAgent, createAgent, - Client: __nccwpck_require__(6063), + Client: __nccwpck_require__(6297), CygwinAgent, HTTPAgent, HTTPSAgent, OpenSSHAgent, PageantAgent, - Server: __nccwpck_require__(2986), + Server: __nccwpck_require__(2605), utils: { parseKey, + ...__nccwpck_require__(3489), sftp: { flagsToString, OPEN_MODE, @@ -8759,7 +10617,597 @@ module.exports = { /***/ }), -/***/ 9031: +/***/ 3489: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + createCipheriv, + generateKeyPair: generateKeyPair_, + generateKeyPairSync: generateKeyPairSync_, + getCurves, + randomBytes, +} = __nccwpck_require__(6982); + +const { Ber } = __nccwpck_require__(9837); +const bcrypt_pbkdf = (__nccwpck_require__(686).pbkdf); + +const { CIPHER_INFO } = __nccwpck_require__(2888); + +const SALT_LEN = 16; +const DEFAULT_ROUNDS = 16; + +const curves = getCurves(); +const ciphers = new Map(Object.entries(CIPHER_INFO)); + +function makeArgs(type, opts) { + if (typeof type !== 'string') + throw new TypeError('Key type must be a string'); + + const publicKeyEncoding = { type: 'spki', format: 'der' }; + const privateKeyEncoding = { type: 'pkcs8', format: 'der' }; + + switch (type.toLowerCase()) { + case 'rsa': { + if (typeof opts !== 'object' || opts === null) + throw new TypeError('Missing options object for RSA key'); + const modulusLength = opts.bits; + if (!Number.isInteger(modulusLength)) + throw new TypeError('RSA bits must be an integer'); + if (modulusLength <= 0 || modulusLength > 16384) + throw new RangeError('RSA bits must be non-zero and <= 16384'); + return ['rsa', { modulusLength, publicKeyEncoding, privateKeyEncoding }]; + } + case 'ecdsa': { + if (typeof opts !== 'object' || opts === null) + throw new TypeError('Missing options object for ECDSA key'); + if (!Number.isInteger(opts.bits)) + throw new TypeError('ECDSA bits must be an integer'); + let namedCurve; + switch (opts.bits) { + case 256: + namedCurve = 'prime256v1'; + break; + case 384: + namedCurve = 'secp384r1'; + break; + case 521: + namedCurve = 'secp521r1'; + break; + default: + throw new Error('ECDSA bits must be 256, 384, or 521'); + } + if (!curves.includes(namedCurve)) + throw new Error('Unsupported ECDSA bits value'); + return ['ec', { namedCurve, publicKeyEncoding, privateKeyEncoding }]; + } + case 'ed25519': + return ['ed25519', { publicKeyEncoding, privateKeyEncoding }]; + default: + throw new Error(`Unsupported key type: ${type}`); + } +} + +function parseDERs(keyType, pub, priv) { + switch (keyType) { + case 'rsa': { + // Note: we don't need to parse the public key since the PKCS8 private key + // already includes the public key parameters + + // Parse private key + let reader = new Ber.Reader(priv); + reader.readSequence(); + + // - Version + if (reader.readInt() !== 0) + throw new Error('Unsupported version in RSA private key'); + + // - Algorithm + reader.readSequence(); + if (reader.readOID() !== '1.2.840.113549.1.1.1') + throw new Error('Bad RSA private OID'); + // - Algorithm parameters (RSA has none) + if (reader.readByte() !== Ber.Null) + throw new Error('Malformed RSA private key (expected null)'); + if (reader.readByte() !== 0x00) { + throw new Error( + 'Malformed RSA private key (expected zero-length null)' + ); + } + + reader = new Ber.Reader(reader.readString(Ber.OctetString, true)); + reader.readSequence(); + if (reader.readInt() !== 0) + throw new Error('Unsupported version in RSA private key'); + const n = reader.readString(Ber.Integer, true); + const e = reader.readString(Ber.Integer, true); + const d = reader.readString(Ber.Integer, true); + const p = reader.readString(Ber.Integer, true); + const q = reader.readString(Ber.Integer, true); + reader.readString(Ber.Integer, true); // dmp1 + reader.readString(Ber.Integer, true); // dmq1 + const iqmp = reader.readString(Ber.Integer, true); + + /* + OpenSSH RSA private key: + string "ssh-rsa" + string n -- public + string e -- public + string d -- private + string iqmp -- private + string p -- private + string q -- private + */ + const keyName = Buffer.from('ssh-rsa'); + const privBuf = Buffer.allocUnsafe( + 4 + keyName.length + + 4 + n.length + + 4 + e.length + + 4 + d.length + + 4 + iqmp.length + + 4 + p.length + + 4 + q.length + ); + let pos = 0; + + privBuf.writeUInt32BE(keyName.length, pos += 0); + privBuf.set(keyName, pos += 4); + privBuf.writeUInt32BE(n.length, pos += keyName.length); + privBuf.set(n, pos += 4); + privBuf.writeUInt32BE(e.length, pos += n.length); + privBuf.set(e, pos += 4); + privBuf.writeUInt32BE(d.length, pos += e.length); + privBuf.set(d, pos += 4); + privBuf.writeUInt32BE(iqmp.length, pos += d.length); + privBuf.set(iqmp, pos += 4); + privBuf.writeUInt32BE(p.length, pos += iqmp.length); + privBuf.set(p, pos += 4); + privBuf.writeUInt32BE(q.length, pos += p.length); + privBuf.set(q, pos += 4); + + /* + OpenSSH RSA public key: + string "ssh-rsa" + string e -- public + string n -- public + */ + const pubBuf = Buffer.allocUnsafe( + 4 + keyName.length + + 4 + e.length + + 4 + n.length + ); + pos = 0; + + pubBuf.writeUInt32BE(keyName.length, pos += 0); + pubBuf.set(keyName, pos += 4); + pubBuf.writeUInt32BE(e.length, pos += keyName.length); + pubBuf.set(e, pos += 4); + pubBuf.writeUInt32BE(n.length, pos += e.length); + pubBuf.set(n, pos += 4); + + return { sshName: keyName.toString(), priv: privBuf, pub: pubBuf }; + } + case 'ec': { + // Parse public key + let reader = new Ber.Reader(pub); + reader.readSequence(); + + reader.readSequence(); + if (reader.readOID() !== '1.2.840.10045.2.1') + throw new Error('Bad ECDSA public OID'); + // Skip curve OID, we'll get it from the private key + reader.readOID(); + let pubBin = reader.readString(Ber.BitString, true); + { + // Remove leading zero bytes + let i = 0; + for (; i < pubBin.length && pubBin[i] === 0x00; ++i); + if (i > 0) + pubBin = pubBin.slice(i); + } + + // Parse private key + reader = new Ber.Reader(priv); + reader.readSequence(); + + // - Version + if (reader.readInt() !== 0) + throw new Error('Unsupported version in ECDSA private key'); + + reader.readSequence(); + if (reader.readOID() !== '1.2.840.10045.2.1') + throw new Error('Bad ECDSA private OID'); + const curveOID = reader.readOID(); + let sshCurveName; + switch (curveOID) { + case '1.2.840.10045.3.1.7': + // prime256v1/secp256r1 + sshCurveName = 'nistp256'; + break; + case '1.3.132.0.34': + // secp384r1 + sshCurveName = 'nistp384'; + break; + case '1.3.132.0.35': + // secp521r1 + sshCurveName = 'nistp521'; + break; + default: + throw new Error('Unsupported curve in ECDSA private key'); + } + + reader = new Ber.Reader(reader.readString(Ber.OctetString, true)); + reader.readSequence(); + + // - Version + if (reader.readInt() !== 1) + throw new Error('Unsupported version in ECDSA private key'); + + // Add leading zero byte to prevent negative bignum in private key + const privBin = Buffer.concat([ + Buffer.from([0x00]), + reader.readString(Ber.OctetString, true) + ]); + + /* + OpenSSH ECDSA private key: + string "ecdsa-sha2-" + string curve name + string Q -- public + string d -- private + */ + const keyName = Buffer.from(`ecdsa-sha2-${sshCurveName}`); + sshCurveName = Buffer.from(sshCurveName); + const privBuf = Buffer.allocUnsafe( + 4 + keyName.length + + 4 + sshCurveName.length + + 4 + pubBin.length + + 4 + privBin.length + ); + let pos = 0; + + privBuf.writeUInt32BE(keyName.length, pos += 0); + privBuf.set(keyName, pos += 4); + privBuf.writeUInt32BE(sshCurveName.length, pos += keyName.length); + privBuf.set(sshCurveName, pos += 4); + privBuf.writeUInt32BE(pubBin.length, pos += sshCurveName.length); + privBuf.set(pubBin, pos += 4); + privBuf.writeUInt32BE(privBin.length, pos += pubBin.length); + privBuf.set(privBin, pos += 4); + + /* + OpenSSH ECDSA public key: + string "ecdsa-sha2-" + string curve name + string Q -- public + */ + const pubBuf = Buffer.allocUnsafe( + 4 + keyName.length + + 4 + sshCurveName.length + + 4 + pubBin.length + ); + pos = 0; + + pubBuf.writeUInt32BE(keyName.length, pos += 0); + pubBuf.set(keyName, pos += 4); + pubBuf.writeUInt32BE(sshCurveName.length, pos += keyName.length); + pubBuf.set(sshCurveName, pos += 4); + pubBuf.writeUInt32BE(pubBin.length, pos += sshCurveName.length); + pubBuf.set(pubBin, pos += 4); + + return { sshName: keyName.toString(), priv: privBuf, pub: pubBuf }; + } + case 'ed25519': { + // Parse public key + let reader = new Ber.Reader(pub); + reader.readSequence(); + + // - Algorithm + reader.readSequence(); + if (reader.readOID() !== '1.3.101.112') + throw new Error('Bad ED25519 public OID'); + // - Attributes (absent for ED25519) + + let pubBin = reader.readString(Ber.BitString, true); + { + // Remove leading zero bytes + let i = 0; + for (; i < pubBin.length && pubBin[i] === 0x00; ++i); + if (i > 0) + pubBin = pubBin.slice(i); + } + + // Parse private key + reader = new Ber.Reader(priv); + reader.readSequence(); + + // - Version + if (reader.readInt() !== 0) + throw new Error('Unsupported version in ED25519 private key'); + + // - Algorithm + reader.readSequence(); + if (reader.readOID() !== '1.3.101.112') + throw new Error('Bad ED25519 private OID'); + // - Attributes (absent) + + reader = new Ber.Reader(reader.readString(Ber.OctetString, true)); + const privBin = reader.readString(Ber.OctetString, true); + + /* + OpenSSH ed25519 private key: + string "ssh-ed25519" + string public key + string private key + public key + */ + const keyName = Buffer.from('ssh-ed25519'); + const privBuf = Buffer.allocUnsafe( + 4 + keyName.length + + 4 + pubBin.length + + 4 + (privBin.length + pubBin.length) + ); + let pos = 0; + + privBuf.writeUInt32BE(keyName.length, pos += 0); + privBuf.set(keyName, pos += 4); + privBuf.writeUInt32BE(pubBin.length, pos += keyName.length); + privBuf.set(pubBin, pos += 4); + privBuf.writeUInt32BE( + privBin.length + pubBin.length, + pos += pubBin.length + ); + privBuf.set(privBin, pos += 4); + privBuf.set(pubBin, pos += privBin.length); + + /* + OpenSSH ed25519 public key: + string "ssh-ed25519" + string public key + */ + const pubBuf = Buffer.allocUnsafe( + 4 + keyName.length + + 4 + pubBin.length + ); + pos = 0; + + pubBuf.writeUInt32BE(keyName.length, pos += 0); + pubBuf.set(keyName, pos += 4); + pubBuf.writeUInt32BE(pubBin.length, pos += keyName.length); + pubBuf.set(pubBin, pos += 4); + + return { sshName: keyName.toString(), priv: privBuf, pub: pubBuf }; + } + } +} + +function convertKeys(keyType, pub, priv, opts) { + let format = 'new'; + let encrypted; + let comment = ''; + if (typeof opts === 'object' && opts !== null) { + if (typeof opts.comment === 'string' && opts.comment) + comment = opts.comment; + if (typeof opts.format === 'string' && opts.format) + format = opts.format; + if (opts.passphrase) { + let passphrase; + if (typeof opts.passphrase === 'string') + passphrase = Buffer.from(opts.passphrase); + else if (Buffer.isBuffer(opts.passphrase)) + passphrase = opts.passphrase; + else + throw new Error('Invalid passphrase'); + + if (opts.cipher === undefined) + throw new Error('Missing cipher name'); + const cipher = ciphers.get(opts.cipher); + if (cipher === undefined) + throw new Error('Invalid cipher name'); + + if (format === 'new') { + let rounds = DEFAULT_ROUNDS; + if (opts.rounds !== undefined) { + if (!Number.isInteger(opts.rounds)) + throw new TypeError('rounds must be an integer'); + if (opts.rounds > 0) + rounds = opts.rounds; + } + + const gen = Buffer.allocUnsafe(cipher.keyLen + cipher.ivLen); + const salt = randomBytes(SALT_LEN); + const r = bcrypt_pbkdf( + passphrase, + passphrase.length, + salt, + salt.length, + gen, + gen.length, + rounds + ); + if (r !== 0) + return new Error('Failed to generate information to encrypt key'); + + /* + string salt + uint32 rounds + */ + const kdfOptions = Buffer.allocUnsafe(4 + salt.length + 4); + { + let pos = 0; + kdfOptions.writeUInt32BE(salt.length, pos += 0); + kdfOptions.set(salt, pos += 4); + kdfOptions.writeUInt32BE(rounds, pos += salt.length); + } + + encrypted = { + cipher, + cipherName: opts.cipher, + kdfName: 'bcrypt', + kdfOptions, + key: gen.slice(0, cipher.keyLen), + iv: gen.slice(cipher.keyLen), + }; + } + } + } + + switch (format) { + case 'new': { + let privateB64 = '-----BEGIN OPENSSH PRIVATE KEY-----\n'; + let publicB64; + /* + byte[] "openssh-key-v1\0" + string ciphername + string kdfname + string kdfoptions + uint32 number of keys N + string publickey1 + string encrypted, padded list of private keys + uint32 checkint + uint32 checkint + byte[] privatekey1 + string comment1 + byte 1 + byte 2 + byte 3 + ... + byte padlen % 255 + */ + const cipherName = Buffer.from(encrypted ? encrypted.cipherName : 'none'); + const kdfName = Buffer.from(encrypted ? encrypted.kdfName : 'none'); + const kdfOptions = (encrypted ? encrypted.kdfOptions : Buffer.alloc(0)); + const blockLen = (encrypted ? encrypted.cipher.blockLen : 8); + + const parsed = parseDERs(keyType, pub, priv); + + const checkInt = randomBytes(4); + const commentBin = Buffer.from(comment); + const privBlobLen = (4 + 4 + parsed.priv.length + 4 + commentBin.length); + let padding = []; + for (let i = 1; ((privBlobLen + padding.length) % blockLen); ++i) + padding.push(i & 0xFF); + padding = Buffer.from(padding); + + let privBlob = Buffer.allocUnsafe(privBlobLen + padding.length); + let extra; + { + let pos = 0; + privBlob.set(checkInt, pos += 0); + privBlob.set(checkInt, pos += 4); + privBlob.set(parsed.priv, pos += 4); + privBlob.writeUInt32BE(commentBin.length, pos += parsed.priv.length); + privBlob.set(commentBin, pos += 4); + privBlob.set(padding, pos += commentBin.length); + } + + if (encrypted) { + const options = { authTagLength: encrypted.cipher.authLen }; + const cipher = createCipheriv( + encrypted.cipher.sslName, + encrypted.key, + encrypted.iv, + options + ); + cipher.setAutoPadding(false); + privBlob = Buffer.concat([ cipher.update(privBlob), cipher.final() ]); + if (encrypted.cipher.authLen > 0) + extra = cipher.getAuthTag(); + else + extra = Buffer.alloc(0); + encrypted.key.fill(0); + encrypted.iv.fill(0); + } else { + extra = Buffer.alloc(0); + } + + const magicBytes = Buffer.from('openssh-key-v1\0'); + const privBin = Buffer.allocUnsafe( + magicBytes.length + + 4 + cipherName.length + + 4 + kdfName.length + + 4 + kdfOptions.length + + 4 + + 4 + parsed.pub.length + + 4 + privBlob.length + + extra.length + ); + { + let pos = 0; + privBin.set(magicBytes, pos += 0); + privBin.writeUInt32BE(cipherName.length, pos += magicBytes.length); + privBin.set(cipherName, pos += 4); + privBin.writeUInt32BE(kdfName.length, pos += cipherName.length); + privBin.set(kdfName, pos += 4); + privBin.writeUInt32BE(kdfOptions.length, pos += kdfName.length); + privBin.set(kdfOptions, pos += 4); + privBin.writeUInt32BE(1, pos += kdfOptions.length); + privBin.writeUInt32BE(parsed.pub.length, pos += 4); + privBin.set(parsed.pub, pos += 4); + privBin.writeUInt32BE(privBlob.length, pos += parsed.pub.length); + privBin.set(privBlob, pos += 4); + privBin.set(extra, pos += privBlob.length); + } + + { + const b64 = privBin.base64Slice(0, privBin.length); + let formatted = b64.replace(/.{64}/g, '$&\n'); + if (b64.length & 63) + formatted += '\n'; + privateB64 += formatted; + } + + { + const b64 = parsed.pub.base64Slice(0, parsed.pub.length); + publicB64 = `${parsed.sshName} ${b64}${comment ? ` ${comment}` : ''}`; + } + + privateB64 += '-----END OPENSSH PRIVATE KEY-----\n'; + return { + private: privateB64, + public: publicB64, + }; + } + default: + throw new Error('Invalid output key format'); + } +} + +function noop() {} + +module.exports = { + generateKeyPair: (keyType, opts, cb) => { + if (typeof opts === 'function') { + cb = opts; + opts = undefined; + } + if (typeof cb !== 'function') + cb = noop; + const args = makeArgs(keyType, opts); + generateKeyPair_(...args, (err, pub, priv) => { + if (err) + return cb(err); + let ret; + try { + ret = convertKeys(args[0], pub, priv, opts); + } catch (ex) { + return cb(ex); + } + cb(null, ret); + }); + }, + generateKeyPairSync: (keyType, opts) => { + const args = makeArgs(keyType, opts); + const { publicKey: pub, privateKey: priv } = generateKeyPairSync_(...args); + return convertKeys(args[0], pub, priv, opts); + } +}; + + +/***/ }), + +/***/ 7841: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -8803,26 +11251,28 @@ module.exports = { -const { inspect } = __nccwpck_require__(3837); +const { inspect } = __nccwpck_require__(9023); -const { bindingAvailable, NullCipher, NullDecipher } = __nccwpck_require__(5708); +const { bindingAvailable, NullCipher, NullDecipher } = __nccwpck_require__(2888); const { COMPAT_CHECKS, DISCONNECT_REASON, + eddsaSupported, MESSAGE, SIGNALS, TERMINAL_MODE, -} = __nccwpck_require__(6832); +} = __nccwpck_require__(4020); const { - DEFAULT_KEXINIT, + DEFAULT_KEXINIT_CLIENT, + DEFAULT_KEXINIT_SERVER, KexInit, kexinit, onKEXPayload, -} = __nccwpck_require__(4126); +} = __nccwpck_require__(4637); const { parseKey, -} = __nccwpck_require__(2218); -const MESSAGE_HANDLERS = __nccwpck_require__(172); +} = __nccwpck_require__(1789); +const MESSAGE_HANDLERS = __nccwpck_require__(9244); const { bufferCopy, bufferFill, @@ -8830,15 +11280,15 @@ const { convertSignature, sendPacket, writeUInt32BE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); const { PacketReader, PacketWriter, ZlibPacketReader, ZlibPacketWriter, -} = __nccwpck_require__(6715); +} = __nccwpck_require__(4592); -const MODULE_VER = (__nccwpck_require__(6674)/* .version */ .i8); +const MODULE_VER = (__nccwpck_require__(8342)/* .version */ .rE); const VALID_DISCONNECT_REASONS = new Map( Object.values(DISCONNECT_REASON).map((n) => [n, 1]) @@ -8903,8 +11353,13 @@ class Protocol { let onHandshakeComplete = config.onHandshakeComplete; if (typeof onHandshakeComplete !== 'function') onHandshakeComplete = noop; + let firstHandshake; this._onHandshakeComplete = (...args) => { this._debug && this._debug('Handshake completed'); + if (firstHandshake === undefined) + firstHandshake = true; + else + firstHandshake = false; // Process packets queued during a rekey where necessary const oldQueue = this._queue; @@ -8930,6 +11385,9 @@ class Protocol { this._debug && this._debug('... finished draining outbound queue'); } + if (firstHandshake && this._server && this._kex.remoteExtInfoEnabled) + sendExtInfo(this); + onHandshakeComplete(...args); }; this._queue = undefined; @@ -8970,11 +11428,21 @@ class Protocol { } let offer = config.offer; - if (typeof offer !== 'object' || offer === null) - offer = DEFAULT_KEXINIT; - else if (offer.constructor !== KexInit) + if (typeof offer !== 'object' || offer === null) { + offer = (this._server ? DEFAULT_KEXINIT_SERVER : DEFAULT_KEXINIT_CLIENT); + } else if (offer.constructor !== KexInit) { + if (this._server) { + offer.kex = offer.kex.concat(['kex-strict-s-v00@openssh.com']); + } else { + offer.kex = offer.kex.concat([ + 'ext-info-c', + 'kex-strict-c-v00@openssh.com', + ]); + } offer = new KexInit(offer); + } this._kex = undefined; + this._strictMode = undefined; this._kexinit = undefined; this._offer = offer; this._cipher = new NullCipher(0, this._onWrite); @@ -9373,7 +11841,7 @@ class Protocol { sendPacket(this, this._packetRW.write.finalize(packet)); } - authPK(username, pubKey, cbSign) { + authPK(username, pubKey, keyAlgo, cbSign) { if (this._server) throw new Error('Client-only method called in server mode'); @@ -9384,8 +11852,15 @@ class Protocol { const keyType = pubKey.type; pubKey = pubKey.getPublicSSH(); + if (typeof keyAlgo === 'function') { + cbSign = keyAlgo; + keyAlgo = undefined; + } + if (!keyAlgo) + keyAlgo = keyType; + const userLen = Buffer.byteLength(username); - const algoLen = Buffer.byteLength(keyType); + const algoLen = Buffer.byteLength(keyAlgo); const pubKeyLen = pubKey.length; const sessionID = this._kex.sessionID; const sesLen = sessionID.length; @@ -9419,7 +11894,7 @@ class Protocol { packet[p += 9] = (cbSign ? 1 : 0); writeUInt32BE(packet, algoLen, ++p); - packet.utf8Write(keyType, p += 4, algoLen); + packet.utf8Write(keyAlgo, p += 4, algoLen); writeUInt32BE(packet, pubKeyLen, p += algoLen); packet.set(pubKey, p += 4); @@ -9462,7 +11937,7 @@ class Protocol { packet[p += 9] = 1; writeUInt32BE(packet, algoLen, ++p); - packet.utf8Write(keyType, p += 4, algoLen); + packet.utf8Write(keyAlgo, p += 4, algoLen); writeUInt32BE(packet, pubKeyLen, p += algoLen); packet.set(pubKey, p += 4); @@ -9470,7 +11945,7 @@ class Protocol { writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += pubKeyLen); writeUInt32BE(packet, algoLen, p += 4); - packet.utf8Write(keyType, p += 4, algoLen); + packet.utf8Write(keyAlgo, p += 4, algoLen); writeUInt32BE(packet, sigLen, p += algoLen); packet.set(signature, p += 4); @@ -9485,7 +11960,7 @@ class Protocol { sendPacket(this, this._packetRW.write.finalize(packet)); }); } - authHostbased(username, pubKey, hostname, userlocal, cbSign) { + authHostbased(username, pubKey, hostname, userlocal, keyAlgo, cbSign) { // TODO: Make DRY by sharing similar code with authPK() if (this._server) throw new Error('Client-only method called in server mode'); @@ -9497,8 +11972,15 @@ class Protocol { const keyType = pubKey.type; pubKey = pubKey.getPublicSSH(); + if (typeof keyAlgo === 'function') { + cbSign = keyAlgo; + keyAlgo = undefined; + } + if (!keyAlgo) + keyAlgo = keyType; + const userLen = Buffer.byteLength(username); - const algoLen = Buffer.byteLength(keyType); + const algoLen = Buffer.byteLength(keyAlgo); const pubKeyLen = pubKey.length; const sessionID = this._kex.sessionID; const sesLen = sessionID.length; @@ -9525,7 +12007,7 @@ class Protocol { data.utf8Write('hostbased', p += 4, 9); writeUInt32BE(data, algoLen, p += 9); - data.utf8Write(keyType, p += 4, algoLen); + data.utf8Write(keyAlgo, p += 4, algoLen); writeUInt32BE(data, pubKeyLen, p += algoLen); data.set(pubKey, p += 4); @@ -9552,7 +12034,7 @@ class Protocol { writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += reqDataLen); writeUInt32BE(packet, algoLen, p += 4); - packet.utf8Write(keyType, p += 4, algoLen); + packet.utf8Write(keyAlgo, p += 4, algoLen); writeUInt32BE(packet, sigLen, p += algoLen); packet.set(signature, p += 4); @@ -10839,25 +13321,50 @@ function modesToBytes(modes) { return bytes; } +function sendExtInfo(proto) { + let serverSigAlgs = + 'ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521' + + 'rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss'; + if (eddsaSupported) + serverSigAlgs = `ssh-ed25519,${serverSigAlgs}`; + const algsLen = Buffer.byteLength(serverSigAlgs); + + let p = proto._packetRW.write.allocStart; + const packet = proto._packetRW.write.alloc(1 + 4 + 4 + 15 + 4 + algsLen); + + packet[p] = MESSAGE.EXT_INFO; + + writeUInt32BE(packet, 1, ++p); + + writeUInt32BE(packet, 15, p += 4); + packet.utf8Write('server-sig-algs', p += 4, 15); + + writeUInt32BE(packet, algsLen, p += 15); + packet.utf8Write(serverSigAlgs, p += 4, algsLen); + + proto._debug && proto._debug('Outbound: Sending EXT_INFO'); + sendPacket(proto, proto._packetRW.write.finalize(packet)); +} + module.exports = Protocol; /***/ }), -/***/ 2026: +/***/ 4996: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const EventEmitter = __nccwpck_require__(2361); -const fs = __nccwpck_require__(7147); +const EventEmitter = __nccwpck_require__(4434); +const fs = __nccwpck_require__(9896); const { constants } = fs; const { Readable: ReadableStream, Writable: WritableStream -} = __nccwpck_require__(2781); -const { inherits, isDate } = __nccwpck_require__(3837); +} = __nccwpck_require__(2203); +const { inherits, types: { isDate } } = __nccwpck_require__(9023); const FastBuffer = Buffer[Symbol.species]; @@ -10866,7 +13373,7 @@ const { bufferSlice, makeBufferParser, writeUInt32BE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); const ATTR = { SIZE: 0x00000001, @@ -12438,7 +14945,17 @@ class SFTP extends EventEmitter { writeUInt32BE(buf, pathLen, p += 20); buf.utf8Write(path, p += 4, pathLen); - this._requests[reqid] = { cb }; + this._requests[reqid] = { + cb: (err, names) => { + if (typeof cb !== 'function') + return; + if (err) + return cb(err); + if (!names || !names.length) + return cb(new Error('Response missing expanded path')); + cb(undefined, names[0].filename); + } + }; const isBuffered = sendOrBuffer(this, buf); if (this._debug) { @@ -12531,12 +15048,152 @@ class SFTP extends EventEmitter { this._debug(`SFTP: Outbound: ${status} copy-data`); } } - // =========================================================================== - // Server-specific =========================================================== - // =========================================================================== - handle(reqid, handle) { - if (!this.server) - throw new Error('Server-only method called in client mode'); + ext_home_dir(username, cb) { + if (this.server) + throw new Error('Client-only method called in server mode'); + + const ext = this._extensions['home-directory']; + if (ext !== '1') + throw new Error('Server does not support this extended request'); + + if (typeof username !== 'string') + throw new TypeError('username is not a string'); + + /* + uint32 id + string "home-directory" + string username + */ + let p = 0; + const usernameLen = Buffer.byteLength(username); + const buf = Buffer.allocUnsafe( + 4 + 1 + + 4 + + 4 + 14 + + 4 + usernameLen + ); + + writeUInt32BE(buf, buf.length - 4, p); + p += 4; + + buf[p] = REQUEST.EXTENDED; + ++p; + + const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID; + writeUInt32BE(buf, reqid, p); + p += 4; + + writeUInt32BE(buf, 14, p); + p += 4; + buf.utf8Write('home-directory', p, 14); + p += 14; + + writeUInt32BE(buf, usernameLen, p); + p += 4; + buf.utf8Write(username, p, usernameLen); + p += usernameLen; + + this._requests[reqid] = { + cb: (err, names) => { + if (typeof cb !== 'function') + return; + if (err) + return cb(err); + if (!names || !names.length) + return cb(new Error('Response missing home directory')); + cb(undefined, names[0].filename); + } + }; + + const isBuffered = sendOrBuffer(this, buf); + if (this._debug) { + const status = (isBuffered ? 'Buffered' : 'Sending'); + this._debug(`SFTP: Outbound: ${status} home-directory`); + } + } + ext_users_groups(uids, gids, cb) { + if (this.server) + throw new Error('Client-only method called in server mode'); + + const ext = this._extensions['users-groups-by-id@openssh.com']; + if (ext !== '1') + throw new Error('Server does not support this extended request'); + + if (!Array.isArray(uids)) + throw new TypeError('uids is not an array'); + for (const val of uids) { + if (!Number.isInteger(val) || val < 0 || val > (2 ** 32 - 1)) + throw new Error('uid values must all be 32-bit unsigned integers'); + } + if (!Array.isArray(gids)) + throw new TypeError('gids is not an array'); + for (const val of gids) { + if (!Number.isInteger(val) || val < 0 || val > (2 ** 32 - 1)) + throw new Error('gid values must all be 32-bit unsigned integers'); + } + + /* + uint32 id + string "users-groups-by-id@openssh.com" + string uids + uint32 uid1 + ... + string gids + uint32 gid1 + ... + */ + let p = 0; + const buf = Buffer.allocUnsafe( + 4 + 1 + + 4 + + 4 + 30 + + 4 + (4 * uids.length) + + 4 + (4 * gids.length) + ); + + writeUInt32BE(buf, buf.length - 4, p); + p += 4; + + buf[p] = REQUEST.EXTENDED; + ++p; + + const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID; + writeUInt32BE(buf, reqid, p); + p += 4; + + writeUInt32BE(buf, 30, p); + p += 4; + buf.utf8Write('users-groups-by-id@openssh.com', p, 30); + p += 30; + + writeUInt32BE(buf, 4 * uids.length, p); + p += 4; + for (const val of uids) { + writeUInt32BE(buf, val, p); + p += 4; + } + + writeUInt32BE(buf, 4 * gids.length, p); + p += 4; + for (const val of gids) { + writeUInt32BE(buf, val, p); + p += 4; + } + + this._requests[reqid] = { extended: 'users-groups-by-id@openssh.com', cb }; + + const isBuffered = sendOrBuffer(this, buf); + if (this._debug) { + const status = (isBuffered ? 'Buffered' : 'Sending'); + this._debug(`SFTP: Outbound: ${status} users-groups-by-id@openssh.com`); + } + } + // =========================================================================== + // Server-specific =========================================================== + // =========================================================================== + handle(reqid, handle) { + if (!this.server) + throw new Error('Server-only method called in client mode'); if (!Buffer.isBuffer(handle)) throw new Error('handle is not a Buffer'); @@ -13778,6 +16435,44 @@ const CLIENT_HANDLERS = { req.cb(undefined, limits); return; } + case 'users-groups-by-id@openssh.com': { + /* + string usernames + string username1 + ... + string groupnames + string groupname1 + ... + */ + const usernameCount = bufferParser.readUInt32BE(); + if (usernameCount === undefined) + break; + const usernames = new Array(usernameCount); + for (let i = 0; i < usernames.length; ++i) + usernames[i] = bufferParser.readString(true); + + const groupnameCount = bufferParser.readUInt32BE(); + if (groupnameCount === undefined) + break; + const groupnames = new Array(groupnameCount); + for (let i = 0; i < groupnames.length; ++i) + groupnames[i] = bufferParser.readString(true); + if (groupnames.length > 0 + && groupnames[groupnames.length - 1] === undefined) { + break; + } + + if (sftp._debug) { + sftp._debug( + 'SFTP: Inbound: Received EXTENDED_REPLY ' + + `(id:${reqID}, ${req.extended})` + ); + } + bufferParser.clear(); + if (typeof req.cb === 'function') + req.cb(undefined, usernames, groupnames); + return; + } default: // Unknown extended request sftp._debug && sftp._debug( @@ -14258,7 +16953,7 @@ const { ERR_INVALID_ARG_TYPE, ERR_OUT_OF_RANGE, validateNumber -} = __nccwpck_require__(7609); +} = __nccwpck_require__(3208); const kMinPoolSpace = 128; @@ -14716,20 +17411,20 @@ module.exports = { /***/ }), -/***/ 6832: +/***/ 4020: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const crypto = __nccwpck_require__(6113); +const crypto = __nccwpck_require__(6982); let cpuInfo; try { - cpuInfo = __nccwpck_require__(4137)(); + cpuInfo = __nccwpck_require__(4982)(); } catch {} -const { bindingAvailable, CIPHER_INFO, MAC_INFO } = __nccwpck_require__(5708); +const { bindingAvailable, CIPHER_INFO, MAC_INFO } = __nccwpck_require__(2888); const eddsaSupported = (() => { if (typeof crypto.sign === 'function' @@ -14881,6 +17576,7 @@ const COMPAT = { OLD_EXIT: 1 << 1, DYN_RPORT_BUG: 1 << 2, BUG_DHGEX_LARGE: 1 << 3, + IMPLY_RSA_SHA2_SIGALGS: 1 << 4, }; module.exports = { @@ -14892,6 +17588,7 @@ module.exports = { DEBUG: 4, SERVICE_REQUEST: 5, SERVICE_ACCEPT: 6, + EXT_INFO: 7, // RFC 8308 // Transport layer protocol -- algorithm negotiation (20-29) KEXINIT: 20, @@ -15049,9 +17746,10 @@ module.exports = { COMPAT, COMPAT_CHECKS: [ [ 'Cisco-1.25', COMPAT.BAD_DHGEX ], - [ /^Cisco-1\./, COMPAT.BUG_DHGEX_LARGE ], + [ /^Cisco-1[.]/, COMPAT.BUG_DHGEX_LARGE ], [ /^[0-9.]+$/, COMPAT.OLD_EXIT ], // old SSH.com implementations - [ /^OpenSSH_5\.\d+/, COMPAT.DYN_RPORT_BUG ], + [ /^OpenSSH_5[.][0-9]+/, COMPAT.DYN_RPORT_BUG ], + [ /^OpenSSH_7[.]4/, COMPAT.IMPLY_RSA_SHA2_SIGALGS ], ], // KEX proposal-related @@ -15077,7 +17775,7 @@ module.exports.DISCONNECT_REASON_BY_VALUE = /***/ }), -/***/ 5708: +/***/ 2888: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -15091,9 +17789,9 @@ module.exports.DISCONNECT_REASON_BY_VALUE = const { createCipheriv, createDecipheriv, createHmac, randomFillSync, timingSafeEqual -} = __nccwpck_require__(6113); +} = __nccwpck_require__(6982); -const { readUInt32BE, writeUInt32BE } = __nccwpck_require__(9475); +const { readUInt32BE, writeUInt32BE } = __nccwpck_require__(2184); const FastBuffer = Buffer[Symbol.species]; const MAX_SEQNO = 2 ** 32 - 1; @@ -15110,7 +17808,7 @@ let AESGCMDecipher; let ChaChaPolyDecipher; let GenericDecipher; try { - binding = __nccwpck_require__(9041); + binding = __nccwpck_require__(8440); ({ AESGCMCipher, ChaChaPolyCipher, GenericCipher, AESGCMDecipher, ChaChaPolyDecipher, GenericDecipher } = binding); } catch {} @@ -16664,7 +19362,7 @@ module.exports = { // eslint-disable-next-line no-async-promise-executor return new Promise(async (resolve, reject) => { try { - POLY1305_WASM_MODULE = await __nccwpck_require__(4989)(); + POLY1305_WASM_MODULE = await __nccwpck_require__(7830)(); POLY1305_RESULT_MALLOC = POLY1305_WASM_MODULE._malloc(16); poly1305_auth = POLY1305_WASM_MODULE.cwrap( 'poly1305_auth', @@ -16687,7 +19385,7 @@ module.exports = { /***/ }), -/***/ 4989: +/***/ 7830: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { @@ -16700,7 +19398,7 @@ function(createPoly1305) { var b;b||(b=typeof createPoly1305 !== 'undefined' ? createPoly1305 : {});var q,r;b.ready=new Promise(function(a,c){q=a;r=c});var u={},w;for(w in b)b.hasOwnProperty(w)&&(u[w]=b[w]);var x="object"===typeof window,y="function"===typeof importScripts,z="object"===typeof process&&"object"===typeof process.versions&&"string"===typeof process.versions.node,B="",C,D,E,F,G; -if(z)B=y?(__nccwpck_require__(1017).dirname)(B)+"/":__dirname+"/",C=function(a,c){var d=H(a);if(d)return c?d:d.toString();F||(F=__nccwpck_require__(7147));G||(G=__nccwpck_require__(1017));a=G.normalize(a);return F.readFileSync(a,c?null:"utf8")},E=function(a){a=C(a,!0);a.buffer||(a=new Uint8Array(a));assert(a.buffer);return a},D=function(a,c,d){var e=H(a);e&&c(e);F||(F=__nccwpck_require__(7147));G||(G=__nccwpck_require__(1017));a=G.normalize(a);F.readFile(a,function(f,l){f?d(f):c(l.buffer)})},1 { "use strict"; @@ -16742,8 +19440,8 @@ else {} const MESSAGE_HANDLERS = new Array(256); [ - (__nccwpck_require__(4126).HANDLERS), - __nccwpck_require__(6475), + (__nccwpck_require__(4637).HANDLERS), + __nccwpck_require__(9964), ].forEach((handlers) => { // eslint-disable-next-line prefer-const for (let [type, handler] of Object.entries(handlers)) { @@ -16758,7 +19456,7 @@ module.exports = MESSAGE_HANDLERS; /***/ }), -/***/ 6475: +/***/ 9964: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -16770,18 +19468,18 @@ const { doFatalError, sigSSHToASN1, writeUInt32BE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); const { CHANNEL_OPEN_FAILURE, COMPAT, MESSAGE, TERMINAL_MODE, -} = __nccwpck_require__(6832); +} = __nccwpck_require__(4020); const { parseKey, -} = __nccwpck_require__(2218); +} = __nccwpck_require__(1789); const TERMINAL_MODE_BY_VALUE = Array.from(Object.entries(TERMINAL_MODE)) @@ -16910,6 +19608,48 @@ module.exports = { const handler = self._handlers.SERVICE_ACCEPT; handler && handler(self, name); }, + [MESSAGE.EXT_INFO]: (self, payload) => { + /* + byte SSH_MSG_EXT_INFO + uint32 nr-extensions + repeat the following 2 fields "nr-extensions" times: + string extension-name + string extension-value (binary) + */ + bufferParser.init(payload, 1); + const numExts = bufferParser.readUInt32BE(); + let exts; + if (numExts !== undefined) { + exts = []; + for (let i = 0; i < numExts; ++i) { + const name = bufferParser.readString(true); + const data = bufferParser.readString(); + if (data !== undefined) { + switch (name) { + case 'server-sig-algs': { + const algs = data.latin1Slice(0, data.length).split(','); + exts.push({ name, algs }); + continue; + } + default: + continue; + } + } + // Malformed + exts = undefined; + break; + } + } + bufferParser.clear(); + + if (exts === undefined) + return doFatalError(self, 'Inbound: Malformed EXT_INFO packet'); + + self._debug && self._debug('Inbound: Received EXT_INFO'); + + const handler = self._handlers.EXT_INFO; + handler && handler(self, exts); + }, // User auth protocol -- generic ============================================= [MESSAGE.USERAUTH_REQUEST]: (self, payload) => { @@ -16959,7 +19699,21 @@ module.exports = { const hasSig = bufferParser.readBool(); if (hasSig !== undefined) { const keyAlgo = bufferParser.readString(true); + let realKeyAlgo = keyAlgo; const key = bufferParser.readString(); + + let hashAlgo; + switch (keyAlgo) { + case 'rsa-sha2-256': + realKeyAlgo = 'ssh-rsa'; + hashAlgo = 'sha256'; + break; + case 'rsa-sha2-512': + realKeyAlgo = 'ssh-rsa'; + hashAlgo = 'sha512'; + break; + } + if (hasSig) { const blobEnd = bufferParser.pos(); let signature = bufferParser.readString(); @@ -16970,7 +19724,7 @@ module.exports = { signature = bufferSlice(signature, 4 + keyAlgo.length + 4); } - signature = sigSSHToASN1(signature, keyAlgo); + signature = sigSSHToASN1(signature, realKeyAlgo); if (signature) { const sessionID = self._kex.sessionID; const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd); @@ -16981,15 +19735,16 @@ module.exports = { 4 + sessionID.length ); methodData = { - keyAlgo, + keyAlgo: realKeyAlgo, key, signature, blob, + hashAlgo, }; } } } else { - methodData = { keyAlgo, key }; + methodData = { keyAlgo: realKeyAlgo, key, hashAlgo }; methodDesc = 'publickey -- check'; } } @@ -17005,10 +19760,23 @@ module.exports = { string signature */ const keyAlgo = bufferParser.readString(true); + let realKeyAlgo = keyAlgo; const key = bufferParser.readString(); const localHostname = bufferParser.readString(true); const localUsername = bufferParser.readString(true); + let hashAlgo; + switch (keyAlgo) { + case 'rsa-sha2-256': + realKeyAlgo = 'ssh-rsa'; + hashAlgo = 'sha256'; + break; + case 'rsa-sha2-512': + realKeyAlgo = 'ssh-rsa'; + hashAlgo = 'sha512'; + break; + } + const blobEnd = bufferParser.pos(); let signature = bufferParser.readString(); if (signature !== undefined) { @@ -17018,7 +19786,7 @@ module.exports = { signature = bufferSlice(signature, 4 + keyAlgo.length + 4); } - signature = sigSSHToASN1(signature, keyAlgo); + signature = sigSSHToASN1(signature, realKeyAlgo); if (signature !== undefined) { const sessionID = self._kex.sessionID; const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd); @@ -17029,12 +19797,13 @@ module.exports = { 4 + sessionID.length ); methodData = { - keyAlgo, + keyAlgo: realKeyAlgo, key, signature, blob, localHostname, localUsername, + hashAlgo }; } } @@ -17980,7 +20749,7 @@ module.exports = { /***/ }), -/***/ 4126: +/***/ 4637: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -17995,9 +20764,9 @@ const { diffieHellman, generateKeyPairSync, randomFillSync, -} = __nccwpck_require__(6113); +} = __nccwpck_require__(6982); -const { Ber } = __nccwpck_require__(970); +const { Ber } = __nccwpck_require__(9837); const { COMPAT, @@ -18009,14 +20778,14 @@ const { DEFAULT_COMPRESSION, DISCONNECT_REASON, MESSAGE, -} = __nccwpck_require__(6832); +} = __nccwpck_require__(4020); const { CIPHER_INFO, createCipher, createDecipher, MAC_INFO, -} = __nccwpck_require__(5708); -const { parseDERKey } = __nccwpck_require__(2218); +} = __nccwpck_require__(2888); +const { parseDERKey } = __nccwpck_require__(1789); const { bufferFill, bufferParser, @@ -18025,13 +20794,13 @@ const { FastBuffer, sigSSHToASN1, writeUInt32BE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); const { PacketReader, PacketWriter, ZlibPacketReader, ZlibPacketWriter, -} = __nccwpck_require__(6715); +} = __nccwpck_require__(4592); let MESSAGE_HANDLERS; @@ -18208,12 +20977,39 @@ function handleKexInit(self, payload) { // Key exchange method ======================================================= debug && debug(`Handshake: (local) KEX method: ${localKex}`); debug && debug(`Handshake: (remote) KEX method: ${remote.kex}`); + let remoteExtInfoEnabled; if (self._server) { serverList = localKex; clientList = remote.kex; + remoteExtInfoEnabled = (clientList.indexOf('ext-info-c') !== -1); } else { serverList = remote.kex; clientList = localKex; + remoteExtInfoEnabled = (serverList.indexOf('ext-info-s') !== -1); + } + if (self._strictMode === undefined) { + if (self._server) { + self._strictMode = + (clientList.indexOf('kex-strict-c-v00@openssh.com') !== -1); + } else { + self._strictMode = + (serverList.indexOf('kex-strict-s-v00@openssh.com') !== -1); + } + // Note: We check for seqno of 1 instead of 0 since we increment before + // calling the packet handler + if (self._strictMode) { + debug && debug('Handshake: strict KEX mode enabled'); + if (self._decipher.inSeqno !== 1) { + if (debug) + debug('Handshake: KEXINIT not first packet in strict KEX mode'); + return doFatalError( + self, + 'Handshake failed: KEXINIT not first packet in strict KEX mode', + 'handshake', + DISCONNECT_REASON.KEY_EXCHANGE_FAILED + ); + } + } } // Check for agreeable key exchange algorithm for (i = 0; @@ -18221,7 +21017,7 @@ function handleKexInit(self, payload) { ++i); if (i === clientList.length) { // No suitable match found! - debug && debug('Handshake: No matching key exchange algorithm'); + debug && debug('Handshake: no matching key exchange algorithm'); return doFatalError( self, 'Handshake failed: no matching key exchange algorithm', @@ -18465,6 +21261,7 @@ function handleKexInit(self, payload) { } self._kex = createKeyExchange(init, self, payload); + self._kex.remoteExtInfoEnabled = remoteExtInfoEnabled; self._kex.start(); } @@ -18496,6 +21293,7 @@ const createKeyExchange = (() => { this.sessionID = (protocol._kex ? protocol._kex.sessionID : undefined); this.negotiated = negotiated; + this.remoteExtInfoEnabled = false; this._step = 1; this._public = null; this._dh = null; @@ -18513,7 +21311,7 @@ const createKeyExchange = (() => { this._dhData = undefined; this._sig = undefined; } - finish() { + finish(scOnly) { if (this._finished) return false; this._finished = true; @@ -18764,9 +21562,26 @@ const createKeyExchange = (() => { this._protocol._packetRW.write.finalize(packet, true) ); } - trySendNEWKEYS(this); - const completeHandshake = () => { + if (isServer || !scOnly) + trySendNEWKEYS(this); + + let hsCipherConfig; + let hsWrite; + const completeHandshake = (partial) => { + if (hsCipherConfig) { + trySendNEWKEYS(this); + hsCipherConfig.outbound.seqno = this._protocol._cipher.outSeqno; + this._protocol._cipher.free(); + this._protocol._cipher = createCipher(hsCipherConfig); + this._protocol._packetRW.write = hsWrite; + hsCipherConfig = undefined; + hsWrite = undefined; + this._protocol._onHandshakeComplete(negotiated); + + return false; + } + if (!this.sessionID) this.sessionID = exchangeHash; @@ -18849,9 +21664,8 @@ const createKeyExchange = (() => { macKey: (isServer ? scMacKey : csMacKey), }, }; - this._protocol._cipher && this._protocol._cipher.free(); - this._protocol._decipher && this._protocol._decipher.free(); - this._protocol._cipher = createCipher(config); + this._protocol._decipher.free(); + hsCipherConfig = config; this._protocol._decipher = createDecipher(config); const rw = { @@ -18918,7 +21732,8 @@ const createKeyExchange = (() => { } this._protocol._packetRW.read.cleanup(); this._protocol._packetRW.write.cleanup(); - this._protocol._packetRW = rw; + this._protocol._packetRW.read = rw.read; + hsWrite = rw.write; // Cleanup/reset various state this._public = null; @@ -18931,13 +21746,16 @@ const createKeyExchange = (() => { this._dhData = undefined; this._sig = undefined; - this._protocol._onHandshakeComplete(negotiated); - + if (!partial) + return completeHandshake(); return false; }; + + if (isServer || scOnly) + this.finish = completeHandshake; + if (!isServer) - return completeHandshake(); - this.finish = completeHandshake; + return completeHandshake(scOnly); } start() { @@ -19197,13 +22015,11 @@ const createKeyExchange = (() => { 'Inbound: NEWKEYS' ); this._receivedNEWKEYS = true; + if (this._protocol._strictMode) + this._protocol._decipher.inSeqno = 0; ++this._step; - if (this._protocol._server || this._hostVerified) - return this.finish(); - // Signal to current decipher that we need to change to a new decipher - // for the next packet - return false; + return this.finish(!this._protocol._server && !this._hostVerified); default: return doFatalError( this._protocol, @@ -19364,7 +22180,7 @@ const createKeyExchange = (() => { parse(payload) { const type = payload[0]; switch (this._step) { - case 1: + case 1: { if (this._protocol._server) { if (type !== MESSAGE.KEXDH_GEX_REQUEST) { return doFatalError( @@ -19439,6 +22255,7 @@ const createKeyExchange = (() => { ++this._step; break; + } case 2: if (this._protocol._server) { if (type !== MESSAGE.KEXDH_GEX_INIT) { @@ -19720,13 +22537,22 @@ function onKEXPayload(state, payload) { payload = this._packetRW.read.read(payload); const type = payload[0]; + + if (!this._strictMode) { + switch (type) { + case MESSAGE.IGNORE: + case MESSAGE.UNIMPLEMENTED: + case MESSAGE.DEBUG: + if (!MESSAGE_HANDLERS) + MESSAGE_HANDLERS = __nccwpck_require__(9244); + return MESSAGE_HANDLERS[type](this, payload); + } + } + switch (type) { case MESSAGE.DISCONNECT: - case MESSAGE.IGNORE: - case MESSAGE.UNIMPLEMENTED: - case MESSAGE.DEBUG: if (!MESSAGE_HANDLERS) - MESSAGE_HANDLERS = __nccwpck_require__(172); + MESSAGE_HANDLERS = __nccwpck_require__(9244); return MESSAGE_HANDLERS[type](this, payload); case MESSAGE.KEXINIT: if (!state.firstPacket) { @@ -19740,6 +22566,8 @@ function onKEXPayload(state, payload) { state.firstPacket = false; return handleKexInit(this, payload); default: + // Ensure packet is either an algorithm negotiation or KEX + // algorithm-specific packet if (type < 20 || type > 49) { return doFatalError( this, @@ -19788,6 +22616,8 @@ function trySendNEWKEYS(kex) { kex._protocol._packetRW.write.finalize(packet, true) ); kex._sentNEWKEYS = true; + if (kex._protocol._strictMode) + kex._protocol._cipher.outSeqno = 0; } } @@ -19795,8 +22625,24 @@ module.exports = { KexInit, kexinit, onKEXPayload, - DEFAULT_KEXINIT: new KexInit({ - kex: DEFAULT_KEX, + DEFAULT_KEXINIT_CLIENT: new KexInit({ + kex: DEFAULT_KEX.concat(['ext-info-c', 'kex-strict-c-v00@openssh.com']), + serverHostKey: DEFAULT_SERVER_HOST_KEY, + cs: { + cipher: DEFAULT_CIPHER, + mac: DEFAULT_MAC, + compress: DEFAULT_COMPRESSION, + lang: [], + }, + sc: { + cipher: DEFAULT_CIPHER, + mac: DEFAULT_MAC, + compress: DEFAULT_COMPRESSION, + lang: [], + }, + }), + DEFAULT_KEXINIT_SERVER: new KexInit({ + kex: DEFAULT_KEX.concat(['kex-strict-s-v00@openssh.com']), serverHostKey: DEFAULT_SERVER_HOST_KEY, cs: { cipher: DEFAULT_CIPHER, @@ -19819,7 +22665,7 @@ module.exports = { /***/ }), -/***/ 2218: +/***/ 1789: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -19839,21 +22685,21 @@ const { getCiphers, sign: sign_, verify: verify_, -} = __nccwpck_require__(6113); +} = __nccwpck_require__(6982); const supportedOpenSSLCiphers = getCiphers(); -const { Ber } = __nccwpck_require__(970); -const bcrypt_pbkdf = (__nccwpck_require__(5447).pbkdf); +const { Ber } = __nccwpck_require__(9837); +const bcrypt_pbkdf = (__nccwpck_require__(686).pbkdf); -const { CIPHER_INFO } = __nccwpck_require__(5708); -const { eddsaSupported, SUPPORTED_CIPHER } = __nccwpck_require__(6832); +const { CIPHER_INFO } = __nccwpck_require__(2888); +const { eddsaSupported, SUPPORTED_CIPHER } = __nccwpck_require__(4020); const { bufferSlice, makeBufferParser, readString, readUInt32BE, writeUInt32BE, -} = __nccwpck_require__(9475); +} = __nccwpck_require__(2184); const SYM_HASH_ALGO = Symbol('Hash Algorithm'); const SYM_PRIV_PEM = Symbol('Private key PEM'); @@ -20271,7 +23117,7 @@ const BaseKey = { this.type === parsed.type && this[SYM_PRIV_PEM] === parsed[SYM_PRIV_PEM] && this[SYM_PUB_PEM] === parsed[SYM_PUB_PEM] - && this[SYM_PUB_SSH] === parsed[SYM_PUB_SSH] + && this[SYM_PUB_SSH].equals(parsed[SYM_PUB_SSH]) ); }, }; @@ -20337,7 +23183,7 @@ OpenSSH_Private.prototype = BaseKey; switch (kdfName) { case 'none': return new Error('Malformed OpenSSH private key'); - case 'bcrypt': + case 'bcrypt': { /* string salt uint32 rounds @@ -20359,6 +23205,7 @@ OpenSSH_Private.prototype = BaseKey; cipherKey = bufferSlice(gen, 0, encInfo.keyLen); cipherIV = bufferSlice(gen, encInfo.keyLen, gen.length); break; + } } } else if (kdfName !== 'none') { return new Error('Malformed OpenSSH private key'); @@ -20398,6 +23245,7 @@ OpenSSH_Private.prototype = BaseKey; cipherKey, cipherIV, options); + decipher.setAutoPadding(false); if (encInfo.authLen > 0) { if (data.length - data._pos < encInfo.authLen) return new Error('Malformed OpenSSH private key'); @@ -20757,7 +23605,7 @@ OpenSSH_Old_Private.prototype = BaseKey; } algo = 'sha1'; break; - case 'EC': + case 'EC': { let ecSSLName; let ecPriv; let ecOID; @@ -20806,6 +23654,7 @@ OpenSSH_Old_Private.prototype = BaseKey; pubPEM = genOpenSSLECDSAPub(ecOID, pubBlob); pubSSH = genOpenSSHECDSAPub(ecOID, pubBlob); break; + } } return new OpenSSH_Old_Private(type, '', privPEM, pubPEM, pubSSH, algo, @@ -20881,9 +23730,7 @@ PPK_Private.prototype = BaseKey; if (cipherKey.length > encInfo.keyLen) cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen); try { - const decipher = createDecipheriv(encInfo.sslName, - cipherKey, - PPK_IV); + const decipher = createDecipheriv(encInfo.sslName, cipherKey, PPK_IV); decipher.setAutoPadding(false); privBlob = combineBuffers(decipher.update(privBlob), decipher.final()); @@ -21310,14 +24157,14 @@ module.exports = { /***/ }), -/***/ 7609: +/***/ 3208: /***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { "use strict"; -const assert = __nccwpck_require__(9491); -const { inspect } = __nccwpck_require__(3837); +const assert = __nccwpck_require__(2613); +const { inspect } = __nccwpck_require__(9023); // Only use this for integers! Decimal numbers do not work with this function. function addNumericalSeparator(val) { @@ -21433,13 +24280,13 @@ exports.validateNumber = function validateNumber(value, name) { /***/ }), -/***/ 9475: +/***/ 2184: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const Ber = (__nccwpck_require__(970).Ber); +const Ber = (__nccwpck_require__(9837).Ber); let DISCONNECT_REASON; @@ -21610,7 +24457,7 @@ module.exports = { doFatalError: (protocol, msg, level, reason) => { let err; if (DISCONNECT_REASON === undefined) - ({ DISCONNECT_REASON } = __nccwpck_require__(6832)); + ({ DISCONNECT_REASON } = __nccwpck_require__(4020)); if (msg instanceof Error) { // doFatalError(protocol, err[, reason]) err = msg; @@ -21797,13 +24644,13 @@ module.exports = { /***/ }), -/***/ 6715: +/***/ 4592: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const { kMaxLength } = __nccwpck_require__(4300); +const { kMaxLength } = __nccwpck_require__(181); const { createInflate, constants: { @@ -21816,7 +24663,7 @@ const { Z_DEFAULT_WINDOWBITS, Z_PARTIAL_FLUSH, } -} = __nccwpck_require__(9796); +} = __nccwpck_require__(3106); const ZlibHandle = createInflate()._handle.constructor; function processCallback() { @@ -22060,7 +24907,7 @@ module.exports = { /***/ }), -/***/ 2986: +/***/ 2605: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; @@ -22071,8 +24918,8 @@ module.exports = { // immediate connection status checking -const { Server: netServer } = __nccwpck_require__(1808); -const EventEmitter = __nccwpck_require__(2361); +const { Server: netServer } = __nccwpck_require__(9278); +const EventEmitter = __nccwpck_require__(4434); const { listenerCount } = EventEmitter; const { @@ -22089,13 +24936,13 @@ const { SUPPORTED_KEX, SUPPORTED_MAC, SUPPORTED_SERVER_HOST_KEY, -} = __nccwpck_require__(6832); -const { init: cryptoInit } = __nccwpck_require__(5708); -const { KexInit } = __nccwpck_require__(4126); -const { parseKey } = __nccwpck_require__(2218); -const Protocol = __nccwpck_require__(9031); -const { SFTP } = __nccwpck_require__(2026); -const { writeUInt32BE } = __nccwpck_require__(9475); +} = __nccwpck_require__(4020); +const { init: cryptoInit } = __nccwpck_require__(2888); +const { KexInit } = __nccwpck_require__(4637); +const { parseKey } = __nccwpck_require__(1789); +const Protocol = __nccwpck_require__(7841); +const { SFTP } = __nccwpck_require__(4996); +const { writeUInt32BE } = __nccwpck_require__(2184); const { Channel, @@ -22103,7 +24950,7 @@ const { PACKET_SIZE, windowAdjust, WINDOW_THRESHOLD, -} = __nccwpck_require__(3204); +} = __nccwpck_require__(5683); const { ChannelManager, @@ -22111,7 +24958,7 @@ const { isWritable, onChannelOpenFailure, onCHANNEL_CLOSE, -} = __nccwpck_require__(834); +} = __nccwpck_require__(2137); const MAX_PENDING_AUTHS = 10; @@ -22202,6 +25049,7 @@ class PKAuthContext extends AuthContext { super(protocol, username, service, method, cb); this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key }; + this.hashAlgo = pkInfo.hashAlgo; this.signature = pkInfo.signature; this.blob = pkInfo.blob; } @@ -22221,6 +25069,7 @@ class HostbasedAuthContext extends AuthContext { super(protocol, username, service, method, cb); this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key }; + this.hashAlgo = pkInfo.hashAlgo; this.signature = pkInfo.signature; this.blob = pkInfo.blob; this.localHostname = pkInfo.localHostname; @@ -22358,7 +25207,11 @@ class Server extends EventEmitter { } const algorithms = { - kex: generateAlgorithmList(cfgAlgos.kex, DEFAULT_KEX, SUPPORTED_KEX), + kex: generateAlgorithmList( + cfgAlgos.kex, + DEFAULT_KEX, + SUPPORTED_KEX + ).concat(['kex-strict-s-v00@openssh.com']), serverHostKey: hostKeyAlgoOrder, cs: { cipher: generateAlgorithmList( @@ -23382,6 +26235,13 @@ class Client extends EventEmitter { this.once('rekey', cb); } } + + setNoDelay(noDelay) { + if (this._sock && typeof this._sock.setNoDelay === 'function') + this._sock.setNoDelay(noDelay); + + return this; + } } @@ -23435,13 +26295,13 @@ module.exports.IncomingClient = Client; /***/ }), -/***/ 834: +/***/ 2137: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -const { SFTP } = __nccwpck_require__(2026); +const { SFTP } = __nccwpck_require__(4996); const MAX_CHANNEL = 2 ** 32 - 1; @@ -23779,27 +26639,27 @@ module.exports = { /***/ }), -/***/ 4294: +/***/ 770: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -module.exports = __nccwpck_require__(4219); +module.exports = __nccwpck_require__(218); /***/ }), -/***/ 4219: +/***/ 218: /***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { "use strict"; -var net = __nccwpck_require__(1808); -var tls = __nccwpck_require__(4404); -var http = __nccwpck_require__(3685); -var https = __nccwpck_require__(5687); -var events = __nccwpck_require__(2361); -var assert = __nccwpck_require__(9491); -var util = __nccwpck_require__(3837); +var net = __nccwpck_require__(9278); +var tls = __nccwpck_require__(4756); +var http = __nccwpck_require__(8611); +var https = __nccwpck_require__(5692); +var events = __nccwpck_require__(4434); +var assert = __nccwpck_require__(2613); +var util = __nccwpck_require__(9023); exports.httpOverHttp = httpOverHttp; @@ -24059,7 +26919,7 @@ exports.debug = debug; // for test /***/ }), -/***/ 8729: +/***/ 668: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { (function(nacl) { @@ -26438,7 +29298,7 @@ nacl.setPRNG = function(fn) { }); } else if (true) { // Node.js. - crypto = __nccwpck_require__(6113); + crypto = __nccwpck_require__(6982); if (crypto && crypto.randomBytes) { nacl.setPRNG(function(x, n) { var i, v = crypto.randomBytes(n); @@ -26454,771 +29314,27792 @@ nacl.setPRNG = function(fn) { /***/ }), -/***/ 5840: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +/***/ 6752: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -Object.defineProperty(exports, "v1", ({ - enumerable: true, - get: function () { - return _v.default; - } -})); -Object.defineProperty(exports, "v3", ({ - enumerable: true, - get: function () { - return _v2.default; - } -})); -Object.defineProperty(exports, "v4", ({ - enumerable: true, - get: function () { - return _v3.default; - } -})); -Object.defineProperty(exports, "v5", ({ - enumerable: true, - get: function () { - return _v4.default; - } -})); -Object.defineProperty(exports, "NIL", ({ - enumerable: true, - get: function () { - return _nil.default; - } -})); -Object.defineProperty(exports, "version", ({ - enumerable: true, - get: function () { - return _version.default; - } -})); -Object.defineProperty(exports, "validate", ({ - enumerable: true, - get: function () { - return _validate.default; - } -})); -Object.defineProperty(exports, "stringify", ({ - enumerable: true, - get: function () { - return _stringify.default; - } -})); -Object.defineProperty(exports, "parse", ({ - enumerable: true, - get: function () { - return _parse.default; - } -})); +const Client = __nccwpck_require__(3701) +const Dispatcher = __nccwpck_require__(883) +const Pool = __nccwpck_require__(628) +const BalancedPool = __nccwpck_require__(837) +const Agent = __nccwpck_require__(7405) +const ProxyAgent = __nccwpck_require__(6672) +const EnvHttpProxyAgent = __nccwpck_require__(3137) +const RetryAgent = __nccwpck_require__(50) +const errors = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { InvalidArgumentError } = errors +const api = __nccwpck_require__(6615) +const buildConnector = __nccwpck_require__(9136) +const MockClient = __nccwpck_require__(7365) +const MockAgent = __nccwpck_require__(7501) +const MockPool = __nccwpck_require__(4004) +const mockErrors = __nccwpck_require__(2429) +const RetryHandler = __nccwpck_require__(7816) +const { getGlobalDispatcher, setGlobalDispatcher } = __nccwpck_require__(2581) +const DecoratorHandler = __nccwpck_require__(8155) +const RedirectHandler = __nccwpck_require__(8754) +const createRedirectInterceptor = __nccwpck_require__(5092) + +Object.assign(Dispatcher.prototype, api) + +module.exports.Dispatcher = Dispatcher +module.exports.Client = Client +module.exports.Pool = Pool +module.exports.BalancedPool = BalancedPool +module.exports.Agent = Agent +module.exports.ProxyAgent = ProxyAgent +module.exports.EnvHttpProxyAgent = EnvHttpProxyAgent +module.exports.RetryAgent = RetryAgent +module.exports.RetryHandler = RetryHandler + +module.exports.DecoratorHandler = DecoratorHandler +module.exports.RedirectHandler = RedirectHandler +module.exports.createRedirectInterceptor = createRedirectInterceptor +module.exports.interceptors = { + redirect: __nccwpck_require__(1514), + retry: __nccwpck_require__(2026), + dump: __nccwpck_require__(8060), + dns: __nccwpck_require__(379) +} + +module.exports.buildConnector = buildConnector +module.exports.errors = errors +module.exports.util = { + parseHeaders: util.parseHeaders, + headerNameToString: util.headerNameToString +} + +function makeDispatcher (fn) { + return (url, opts, handler) => { + if (typeof opts === 'function') { + handler = opts + opts = null + } + + if (!url || (typeof url !== 'string' && typeof url !== 'object' && !(url instanceof URL))) { + throw new InvalidArgumentError('invalid url') + } -var _v = _interopRequireDefault(__nccwpck_require__(8628)); + if (opts != null && typeof opts !== 'object') { + throw new InvalidArgumentError('invalid opts') + } -var _v2 = _interopRequireDefault(__nccwpck_require__(6409)); + if (opts && opts.path != null) { + if (typeof opts.path !== 'string') { + throw new InvalidArgumentError('invalid opts.path') + } -var _v3 = _interopRequireDefault(__nccwpck_require__(5122)); + let path = opts.path + if (!opts.path.startsWith('/')) { + path = `/${path}` + } -var _v4 = _interopRequireDefault(__nccwpck_require__(9120)); + url = new URL(util.parseOrigin(url).origin + path) + } else { + if (!opts) { + opts = typeof url === 'object' ? url : {} + } -var _nil = _interopRequireDefault(__nccwpck_require__(5332)); + url = util.parseURL(url) + } -var _version = _interopRequireDefault(__nccwpck_require__(1595)); + const { agent, dispatcher = getGlobalDispatcher() } = opts -var _validate = _interopRequireDefault(__nccwpck_require__(6900)); + if (agent) { + throw new InvalidArgumentError('unsupported opts.agent. Did you mean opts.client?') + } -var _stringify = _interopRequireDefault(__nccwpck_require__(8950)); + return fn.call(dispatcher, { + ...opts, + origin: url.origin, + path: url.search ? `${url.pathname}${url.search}` : url.pathname, + method: opts.method || (opts.body ? 'PUT' : 'GET') + }, handler) + } +} -var _parse = _interopRequireDefault(__nccwpck_require__(2746)); +module.exports.setGlobalDispatcher = setGlobalDispatcher +module.exports.getGlobalDispatcher = getGlobalDispatcher -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +const fetchImpl = (__nccwpck_require__(4398).fetch) +module.exports.fetch = async function fetch (init, options = undefined) { + try { + return await fetchImpl(init, options) + } catch (err) { + if (err && typeof err === 'object') { + Error.captureStackTrace(err) + } -/***/ }), + throw err + } +} +module.exports.Headers = __nccwpck_require__(660).Headers +module.exports.Response = __nccwpck_require__(9051).Response +module.exports.Request = __nccwpck_require__(9967).Request +module.exports.FormData = __nccwpck_require__(5910).FormData +module.exports.File = globalThis.File ?? (__nccwpck_require__(4573).File) +module.exports.FileReader = __nccwpck_require__(8355).FileReader -/***/ 4569: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +const { setGlobalOrigin, getGlobalOrigin } = __nccwpck_require__(1059) -"use strict"; +module.exports.setGlobalOrigin = setGlobalOrigin +module.exports.getGlobalOrigin = getGlobalOrigin +const { CacheStorage } = __nccwpck_require__(3245) +const { kConstruct } = __nccwpck_require__(109) -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; +// Cache & CacheStorage are tightly coupled with fetch. Even if it may run +// in an older version of Node, it doesn't have any use without fetch. +module.exports.caches = new CacheStorage(kConstruct) -var _crypto = _interopRequireDefault(__nccwpck_require__(6113)); +const { deleteCookie, getCookies, getSetCookies, setCookie } = __nccwpck_require__(9061) -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +module.exports.deleteCookie = deleteCookie +module.exports.getCookies = getCookies +module.exports.getSetCookies = getSetCookies +module.exports.setCookie = setCookie -function md5(bytes) { - if (Array.isArray(bytes)) { - bytes = Buffer.from(bytes); - } else if (typeof bytes === 'string') { - bytes = Buffer.from(bytes, 'utf8'); - } +const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(1900) - return _crypto.default.createHash('md5').update(bytes).digest(); -} +module.exports.parseMIMEType = parseMIMEType +module.exports.serializeAMimeType = serializeAMimeType -var _default = md5; -exports["default"] = _default; +const { CloseEvent, ErrorEvent, MessageEvent } = __nccwpck_require__(5188) +module.exports.WebSocket = __nccwpck_require__(3726).WebSocket +module.exports.CloseEvent = CloseEvent +module.exports.ErrorEvent = ErrorEvent +module.exports.MessageEvent = MessageEvent -/***/ }), +module.exports.request = makeDispatcher(api.request) +module.exports.stream = makeDispatcher(api.stream) +module.exports.pipeline = makeDispatcher(api.pipeline) +module.exports.connect = makeDispatcher(api.connect) +module.exports.upgrade = makeDispatcher(api.upgrade) -/***/ 5332: -/***/ ((__unused_webpack_module, exports) => { +module.exports.MockClient = MockClient +module.exports.MockPool = MockPool +module.exports.MockAgent = MockAgent +module.exports.mockErrors = mockErrors -"use strict"; +const { EventSource } = __nccwpck_require__(1238) +module.exports.EventSource = EventSource -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; -var _default = '00000000-0000-0000-0000-000000000000'; -exports["default"] = _default; /***/ }), -/***/ 2746: +/***/ 158: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +const { addAbortListener } = __nccwpck_require__(3440) +const { RequestAbortedError } = __nccwpck_require__(8707) + +const kListener = Symbol('kListener') +const kSignal = Symbol('kSignal') + +function abort (self) { + if (self.abort) { + self.abort(self[kSignal]?.reason) + } else { + self.reason = self[kSignal]?.reason ?? new RequestAbortedError() + } + removeSignal(self) +} + +function addSignal (self, signal) { + self.reason = null + + self[kSignal] = null + self[kListener] = null + + if (!signal) { + return + } + + if (signal.aborted) { + abort(self) + return + } + + self[kSignal] = signal + self[kListener] = () => { + abort(self) + } + + addAbortListener(self[kSignal], self[kListener]) +} + +function removeSignal (self) { + if (!self[kSignal]) { + return + } + + if ('removeEventListener' in self[kSignal]) { + self[kSignal].removeEventListener('abort', self[kListener]) + } else { + self[kSignal].removeListener('abort', self[kListener]) + } + + self[kSignal] = null + self[kListener] = null +} + +module.exports = { + addSignal, + removeSignal +} + + +/***/ }), + +/***/ 2279: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) +const { AsyncResource } = __nccwpck_require__(6698) +const { InvalidArgumentError, SocketError } = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { addSignal, removeSignal } = __nccwpck_require__(158) + +class ConnectHandler extends AsyncResource { + constructor (opts, callback) { + if (!opts || typeof opts !== 'object') { + throw new InvalidArgumentError('invalid opts') + } + + if (typeof callback !== 'function') { + throw new InvalidArgumentError('invalid callback') + } + + const { signal, opaque, responseHeaders } = opts + + if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') { + throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget') + } + + super('UNDICI_CONNECT') + + this.opaque = opaque || null + this.responseHeaders = responseHeaders || null + this.callback = callback + this.abort = null + + addSignal(this, signal) + } + + onConnect (abort, context) { + if (this.reason) { + abort(this.reason) + return + } + + assert(this.callback) + + this.abort = abort + this.context = context + } + + onHeaders () { + throw new SocketError('bad connect', null) + } + + onUpgrade (statusCode, rawHeaders, socket) { + const { callback, opaque, context } = this + + removeSignal(this) + + this.callback = null + + let headers = rawHeaders + // Indicates is an HTTP2Session + if (headers != null) { + headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders) + } + + this.runInAsyncScope(callback, null, null, { + statusCode, + headers, + socket, + opaque, + context + }) + } + + onError (err) { + const { callback, opaque } = this + + removeSignal(this) + + if (callback) { + this.callback = null + queueMicrotask(() => { + this.runInAsyncScope(callback, null, err, { opaque }) + }) + } + } +} + +function connect (opts, callback) { + if (callback === undefined) { + return new Promise((resolve, reject) => { + connect.call(this, opts, (err, data) => { + return err ? reject(err) : resolve(data) + }) + }) + } + + try { + const connectHandler = new ConnectHandler(opts, callback) + this.dispatch({ ...opts, method: 'CONNECT' }, connectHandler) + } catch (err) { + if (typeof callback !== 'function') { + throw err + } + const opaque = opts?.opaque + queueMicrotask(() => callback(err, { opaque })) + } +} + +module.exports = connect + + +/***/ }), + +/***/ 6862: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + Readable, + Duplex, + PassThrough +} = __nccwpck_require__(7075) +const { + InvalidArgumentError, + InvalidReturnValueError, + RequestAbortedError +} = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { AsyncResource } = __nccwpck_require__(6698) +const { addSignal, removeSignal } = __nccwpck_require__(158) +const assert = __nccwpck_require__(4589) + +const kResume = Symbol('resume') + +class PipelineRequest extends Readable { + constructor () { + super({ autoDestroy: true }) + + this[kResume] = null + } + + _read () { + const { [kResume]: resume } = this + + if (resume) { + this[kResume] = null + resume() + } + } + + _destroy (err, callback) { + this._read() + + callback(err) + } +} + +class PipelineResponse extends Readable { + constructor (resume) { + super({ autoDestroy: true }) + this[kResume] = resume + } + + _read () { + this[kResume]() + } + + _destroy (err, callback) { + if (!err && !this._readableState.endEmitted) { + err = new RequestAbortedError() + } + + callback(err) + } +} + +class PipelineHandler extends AsyncResource { + constructor (opts, handler) { + if (!opts || typeof opts !== 'object') { + throw new InvalidArgumentError('invalid opts') + } + + if (typeof handler !== 'function') { + throw new InvalidArgumentError('invalid handler') + } + + const { signal, method, opaque, onInfo, responseHeaders } = opts + + if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') { + throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget') + } + + if (method === 'CONNECT') { + throw new InvalidArgumentError('invalid method') + } + + if (onInfo && typeof onInfo !== 'function') { + throw new InvalidArgumentError('invalid onInfo callback') + } + + super('UNDICI_PIPELINE') + + this.opaque = opaque || null + this.responseHeaders = responseHeaders || null + this.handler = handler + this.abort = null + this.context = null + this.onInfo = onInfo || null + + this.req = new PipelineRequest().on('error', util.nop) + + this.ret = new Duplex({ + readableObjectMode: opts.objectMode, + autoDestroy: true, + read: () => { + const { body } = this + + if (body?.resume) { + body.resume() + } + }, + write: (chunk, encoding, callback) => { + const { req } = this + + if (req.push(chunk, encoding) || req._readableState.destroyed) { + callback() + } else { + req[kResume] = callback + } + }, + destroy: (err, callback) => { + const { body, req, res, ret, abort } = this + + if (!err && !ret._readableState.endEmitted) { + err = new RequestAbortedError() + } + + if (abort && err) { + abort() + } + + util.destroy(body, err) + util.destroy(req, err) + util.destroy(res, err) + + removeSignal(this) + + callback(err) + } + }).on('prefinish', () => { + const { req } = this + + // Node < 15 does not call _final in same tick. + req.push(null) + }) + + this.res = null + + addSignal(this, signal) + } + + onConnect (abort, context) { + const { ret, res } = this + + if (this.reason) { + abort(this.reason) + return + } + + assert(!res, 'pipeline cannot be retried') + assert(!ret.destroyed) + + this.abort = abort + this.context = context + } + + onHeaders (statusCode, rawHeaders, resume) { + const { opaque, handler, context } = this + + if (statusCode < 200) { + if (this.onInfo) { + const headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders) + this.onInfo({ statusCode, headers }) + } + return + } + + this.res = new PipelineResponse(resume) + + let body + try { + this.handler = null + const headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders) + body = this.runInAsyncScope(handler, null, { + statusCode, + headers, + opaque, + body: this.res, + context + }) + } catch (err) { + this.res.on('error', util.nop) + throw err + } + + if (!body || typeof body.on !== 'function') { + throw new InvalidReturnValueError('expected Readable') + } + + body + .on('data', (chunk) => { + const { ret, body } = this + + if (!ret.push(chunk) && body.pause) { + body.pause() + } + }) + .on('error', (err) => { + const { ret } = this + + util.destroy(ret, err) + }) + .on('end', () => { + const { ret } = this + + ret.push(null) + }) + .on('close', () => { + const { ret } = this + + if (!ret._readableState.ended) { + util.destroy(ret, new RequestAbortedError()) + } + }) + + this.body = body + } + + onData (chunk) { + const { res } = this + return res.push(chunk) + } + + onComplete (trailers) { + const { res } = this + res.push(null) + } + + onError (err) { + const { ret } = this + this.handler = null + util.destroy(ret, err) + } +} + +function pipeline (opts, handler) { + try { + const pipelineHandler = new PipelineHandler(opts, handler) + this.dispatch({ ...opts, body: pipelineHandler.req }, pipelineHandler) + return pipelineHandler.ret + } catch (err) { + return new PassThrough().destroy(err) + } +} + +module.exports = pipeline + + +/***/ }), + +/***/ 4043: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) +const { Readable } = __nccwpck_require__(9927) +const { InvalidArgumentError, RequestAbortedError } = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { getResolveErrorBodyCallback } = __nccwpck_require__(7655) +const { AsyncResource } = __nccwpck_require__(6698) + +class RequestHandler extends AsyncResource { + constructor (opts, callback) { + if (!opts || typeof opts !== 'object') { + throw new InvalidArgumentError('invalid opts') + } + + const { signal, method, opaque, body, onInfo, responseHeaders, throwOnError, highWaterMark } = opts + + try { + if (typeof callback !== 'function') { + throw new InvalidArgumentError('invalid callback') + } + + if (highWaterMark && (typeof highWaterMark !== 'number' || highWaterMark < 0)) { + throw new InvalidArgumentError('invalid highWaterMark') + } + + if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') { + throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget') + } + + if (method === 'CONNECT') { + throw new InvalidArgumentError('invalid method') + } + + if (onInfo && typeof onInfo !== 'function') { + throw new InvalidArgumentError('invalid onInfo callback') + } + + super('UNDICI_REQUEST') + } catch (err) { + if (util.isStream(body)) { + util.destroy(body.on('error', util.nop), err) + } + throw err + } + + this.method = method + this.responseHeaders = responseHeaders || null + this.opaque = opaque || null + this.callback = callback + this.res = null + this.abort = null + this.body = body + this.trailers = {} + this.context = null + this.onInfo = onInfo || null + this.throwOnError = throwOnError + this.highWaterMark = highWaterMark + this.signal = signal + this.reason = null + this.removeAbortListener = null + + if (util.isStream(body)) { + body.on('error', (err) => { + this.onError(err) + }) + } + + if (this.signal) { + if (this.signal.aborted) { + this.reason = this.signal.reason ?? new RequestAbortedError() + } else { + this.removeAbortListener = util.addAbortListener(this.signal, () => { + this.reason = this.signal.reason ?? new RequestAbortedError() + if (this.res) { + util.destroy(this.res.on('error', util.nop), this.reason) + } else if (this.abort) { + this.abort(this.reason) + } + + if (this.removeAbortListener) { + this.res?.off('close', this.removeAbortListener) + this.removeAbortListener() + this.removeAbortListener = null + } + }) + } + } + } + + onConnect (abort, context) { + if (this.reason) { + abort(this.reason) + return + } + + assert(this.callback) + + this.abort = abort + this.context = context + } + + onHeaders (statusCode, rawHeaders, resume, statusMessage) { + const { callback, opaque, abort, context, responseHeaders, highWaterMark } = this + + const headers = responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders) + + if (statusCode < 200) { + if (this.onInfo) { + this.onInfo({ statusCode, headers }) + } + return + } + + const parsedHeaders = responseHeaders === 'raw' ? util.parseHeaders(rawHeaders) : headers + const contentType = parsedHeaders['content-type'] + const contentLength = parsedHeaders['content-length'] + const res = new Readable({ + resume, + abort, + contentType, + contentLength: this.method !== 'HEAD' && contentLength + ? Number(contentLength) + : null, + highWaterMark + }) + + if (this.removeAbortListener) { + res.on('close', this.removeAbortListener) + } + + this.callback = null + this.res = res + if (callback !== null) { + if (this.throwOnError && statusCode >= 400) { + this.runInAsyncScope(getResolveErrorBodyCallback, null, + { callback, body: res, contentType, statusCode, statusMessage, headers } + ) + } else { + this.runInAsyncScope(callback, null, null, { + statusCode, + headers, + trailers: this.trailers, + opaque, + body: res, + context + }) + } + } + } + + onData (chunk) { + return this.res.push(chunk) + } + + onComplete (trailers) { + util.parseHeaders(trailers, this.trailers) + this.res.push(null) + } + + onError (err) { + const { res, callback, body, opaque } = this + + if (callback) { + // TODO: Does this need queueMicrotask? + this.callback = null + queueMicrotask(() => { + this.runInAsyncScope(callback, null, err, { opaque }) + }) + } + + if (res) { + this.res = null + // Ensure all queued handlers are invoked before destroying res. + queueMicrotask(() => { + util.destroy(res, err) + }) + } + + if (body) { + this.body = null + util.destroy(body, err) + } + + if (this.removeAbortListener) { + res?.off('close', this.removeAbortListener) + this.removeAbortListener() + this.removeAbortListener = null + } + } +} + +function request (opts, callback) { + if (callback === undefined) { + return new Promise((resolve, reject) => { + request.call(this, opts, (err, data) => { + return err ? reject(err) : resolve(data) + }) + }) + } + + try { + this.dispatch(opts, new RequestHandler(opts, callback)) + } catch (err) { + if (typeof callback !== 'function') { + throw err + } + const opaque = opts?.opaque + queueMicrotask(() => callback(err, { opaque })) + } +} + +module.exports = request +module.exports.RequestHandler = RequestHandler + + +/***/ }), + +/***/ 3560: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) +const { finished, PassThrough } = __nccwpck_require__(7075) +const { InvalidArgumentError, InvalidReturnValueError } = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { getResolveErrorBodyCallback } = __nccwpck_require__(7655) +const { AsyncResource } = __nccwpck_require__(6698) +const { addSignal, removeSignal } = __nccwpck_require__(158) + +class StreamHandler extends AsyncResource { + constructor (opts, factory, callback) { + if (!opts || typeof opts !== 'object') { + throw new InvalidArgumentError('invalid opts') + } + + const { signal, method, opaque, body, onInfo, responseHeaders, throwOnError } = opts + + try { + if (typeof callback !== 'function') { + throw new InvalidArgumentError('invalid callback') + } + + if (typeof factory !== 'function') { + throw new InvalidArgumentError('invalid factory') + } + + if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') { + throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget') + } + + if (method === 'CONNECT') { + throw new InvalidArgumentError('invalid method') + } + + if (onInfo && typeof onInfo !== 'function') { + throw new InvalidArgumentError('invalid onInfo callback') + } + + super('UNDICI_STREAM') + } catch (err) { + if (util.isStream(body)) { + util.destroy(body.on('error', util.nop), err) + } + throw err + } + + this.responseHeaders = responseHeaders || null + this.opaque = opaque || null + this.factory = factory + this.callback = callback + this.res = null + this.abort = null + this.context = null + this.trailers = null + this.body = body + this.onInfo = onInfo || null + this.throwOnError = throwOnError || false + + if (util.isStream(body)) { + body.on('error', (err) => { + this.onError(err) + }) + } + + addSignal(this, signal) + } + + onConnect (abort, context) { + if (this.reason) { + abort(this.reason) + return + } + + assert(this.callback) + + this.abort = abort + this.context = context + } + + onHeaders (statusCode, rawHeaders, resume, statusMessage) { + const { factory, opaque, context, callback, responseHeaders } = this + + const headers = responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders) + + if (statusCode < 200) { + if (this.onInfo) { + this.onInfo({ statusCode, headers }) + } + return + } + + this.factory = null + + let res + + if (this.throwOnError && statusCode >= 400) { + const parsedHeaders = responseHeaders === 'raw' ? util.parseHeaders(rawHeaders) : headers + const contentType = parsedHeaders['content-type'] + res = new PassThrough() + + this.callback = null + this.runInAsyncScope(getResolveErrorBodyCallback, null, + { callback, body: res, contentType, statusCode, statusMessage, headers } + ) + } else { + if (factory === null) { + return + } + + res = this.runInAsyncScope(factory, null, { + statusCode, + headers, + opaque, + context + }) + + if ( + !res || + typeof res.write !== 'function' || + typeof res.end !== 'function' || + typeof res.on !== 'function' + ) { + throw new InvalidReturnValueError('expected Writable') + } + + // TODO: Avoid finished. It registers an unnecessary amount of listeners. + finished(res, { readable: false }, (err) => { + const { callback, res, opaque, trailers, abort } = this + + this.res = null + if (err || !res.readable) { + util.destroy(res, err) + } + + this.callback = null + this.runInAsyncScope(callback, null, err || null, { opaque, trailers }) + + if (err) { + abort() + } + }) + } + + res.on('drain', resume) + + this.res = res + + const needDrain = res.writableNeedDrain !== undefined + ? res.writableNeedDrain + : res._writableState?.needDrain + + return needDrain !== true + } + + onData (chunk) { + const { res } = this + + return res ? res.write(chunk) : true + } + + onComplete (trailers) { + const { res } = this + + removeSignal(this) + + if (!res) { + return + } + + this.trailers = util.parseHeaders(trailers) + + res.end() + } + + onError (err) { + const { res, callback, opaque, body } = this + + removeSignal(this) + + this.factory = null + + if (res) { + this.res = null + util.destroy(res, err) + } else if (callback) { + this.callback = null + queueMicrotask(() => { + this.runInAsyncScope(callback, null, err, { opaque }) + }) + } + + if (body) { + this.body = null + util.destroy(body, err) + } + } +} + +function stream (opts, factory, callback) { + if (callback === undefined) { + return new Promise((resolve, reject) => { + stream.call(this, opts, factory, (err, data) => { + return err ? reject(err) : resolve(data) + }) + }) + } + + try { + this.dispatch(opts, new StreamHandler(opts, factory, callback)) + } catch (err) { + if (typeof callback !== 'function') { + throw err + } + const opaque = opts?.opaque + queueMicrotask(() => callback(err, { opaque })) + } +} + +module.exports = stream + + +/***/ }), + +/***/ 1882: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { InvalidArgumentError, SocketError } = __nccwpck_require__(8707) +const { AsyncResource } = __nccwpck_require__(6698) +const util = __nccwpck_require__(3440) +const { addSignal, removeSignal } = __nccwpck_require__(158) +const assert = __nccwpck_require__(4589) + +class UpgradeHandler extends AsyncResource { + constructor (opts, callback) { + if (!opts || typeof opts !== 'object') { + throw new InvalidArgumentError('invalid opts') + } + + if (typeof callback !== 'function') { + throw new InvalidArgumentError('invalid callback') + } + + const { signal, opaque, responseHeaders } = opts + + if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') { + throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget') + } + + super('UNDICI_UPGRADE') + + this.responseHeaders = responseHeaders || null + this.opaque = opaque || null + this.callback = callback + this.abort = null + this.context = null + + addSignal(this, signal) + } + + onConnect (abort, context) { + if (this.reason) { + abort(this.reason) + return + } + + assert(this.callback) + + this.abort = abort + this.context = null + } + + onHeaders () { + throw new SocketError('bad upgrade', null) + } + + onUpgrade (statusCode, rawHeaders, socket) { + assert(statusCode === 101) + + const { callback, opaque, context } = this + + removeSignal(this) + + this.callback = null + const headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders) + this.runInAsyncScope(callback, null, null, { + headers, + socket, + opaque, + context + }) + } + + onError (err) { + const { callback, opaque } = this + + removeSignal(this) + + if (callback) { + this.callback = null + queueMicrotask(() => { + this.runInAsyncScope(callback, null, err, { opaque }) + }) + } + } +} + +function upgrade (opts, callback) { + if (callback === undefined) { + return new Promise((resolve, reject) => { + upgrade.call(this, opts, (err, data) => { + return err ? reject(err) : resolve(data) + }) + }) + } + + try { + const upgradeHandler = new UpgradeHandler(opts, callback) + this.dispatch({ + ...opts, + method: opts.method || 'GET', + upgrade: opts.protocol || 'Websocket' + }, upgradeHandler) + } catch (err) { + if (typeof callback !== 'function') { + throw err + } + const opaque = opts?.opaque + queueMicrotask(() => callback(err, { opaque })) + } +} + +module.exports = upgrade + + +/***/ }), + +/***/ 6615: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +module.exports.request = __nccwpck_require__(4043) +module.exports.stream = __nccwpck_require__(3560) +module.exports.pipeline = __nccwpck_require__(6862) +module.exports.upgrade = __nccwpck_require__(1882) +module.exports.connect = __nccwpck_require__(2279) + + +/***/ }), + +/***/ 9927: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; +// Ported from https://github.com/nodejs/undici/pull/907 + + + +const assert = __nccwpck_require__(4589) +const { Readable } = __nccwpck_require__(7075) +const { RequestAbortedError, NotSupportedError, InvalidArgumentError, AbortError } = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { ReadableStreamFrom } = __nccwpck_require__(3440) + +const kConsume = Symbol('kConsume') +const kReading = Symbol('kReading') +const kBody = Symbol('kBody') +const kAbort = Symbol('kAbort') +const kContentType = Symbol('kContentType') +const kContentLength = Symbol('kContentLength') + +const noop = () => {} + +class BodyReadable extends Readable { + constructor ({ + resume, + abort, + contentType = '', + contentLength, + highWaterMark = 64 * 1024 // Same as nodejs fs streams. + }) { + super({ + autoDestroy: true, + read: resume, + highWaterMark + }) + + this._readableState.dataEmitted = false + + this[kAbort] = abort + this[kConsume] = null + this[kBody] = null + this[kContentType] = contentType + this[kContentLength] = contentLength + + // Is stream being consumed through Readable API? + // This is an optimization so that we avoid checking + // for 'data' and 'readable' listeners in the hot path + // inside push(). + this[kReading] = false + } + + destroy (err) { + if (!err && !this._readableState.endEmitted) { + err = new RequestAbortedError() + } + + if (err) { + this[kAbort]() + } + + return super.destroy(err) + } + + _destroy (err, callback) { + // Workaround for Node "bug". If the stream is destroyed in same + // tick as it is created, then a user who is waiting for a + // promise (i.e micro tick) for installing a 'error' listener will + // never get a chance and will always encounter an unhandled exception. + if (!this[kReading]) { + setImmediate(() => { + callback(err) + }) + } else { + callback(err) + } + } + + on (ev, ...args) { + if (ev === 'data' || ev === 'readable') { + this[kReading] = true + } + return super.on(ev, ...args) + } + + addListener (ev, ...args) { + return this.on(ev, ...args) + } + + off (ev, ...args) { + const ret = super.off(ev, ...args) + if (ev === 'data' || ev === 'readable') { + this[kReading] = ( + this.listenerCount('data') > 0 || + this.listenerCount('readable') > 0 + ) + } + return ret + } + + removeListener (ev, ...args) { + return this.off(ev, ...args) + } + + push (chunk) { + if (this[kConsume] && chunk !== null) { + consumePush(this[kConsume], chunk) + return this[kReading] ? super.push(chunk) : true + } + return super.push(chunk) + } + + // https://fetch.spec.whatwg.org/#dom-body-text + async text () { + return consume(this, 'text') + } + + // https://fetch.spec.whatwg.org/#dom-body-json + async json () { + return consume(this, 'json') + } + + // https://fetch.spec.whatwg.org/#dom-body-blob + async blob () { + return consume(this, 'blob') + } + + // https://fetch.spec.whatwg.org/#dom-body-bytes + async bytes () { + return consume(this, 'bytes') + } + + // https://fetch.spec.whatwg.org/#dom-body-arraybuffer + async arrayBuffer () { + return consume(this, 'arrayBuffer') + } + + // https://fetch.spec.whatwg.org/#dom-body-formdata + async formData () { + // TODO: Implement. + throw new NotSupportedError() + } + + // https://fetch.spec.whatwg.org/#dom-body-bodyused + get bodyUsed () { + return util.isDisturbed(this) + } + + // https://fetch.spec.whatwg.org/#dom-body-body + get body () { + if (!this[kBody]) { + this[kBody] = ReadableStreamFrom(this) + if (this[kConsume]) { + // TODO: Is this the best way to force a lock? + this[kBody].getReader() // Ensure stream is locked. + assert(this[kBody].locked) + } + } + return this[kBody] + } + + async dump (opts) { + let limit = Number.isFinite(opts?.limit) ? opts.limit : 128 * 1024 + const signal = opts?.signal + + if (signal != null && (typeof signal !== 'object' || !('aborted' in signal))) { + throw new InvalidArgumentError('signal must be an AbortSignal') + } + + signal?.throwIfAborted() + + if (this._readableState.closeEmitted) { + return null + } + + return await new Promise((resolve, reject) => { + if (this[kContentLength] > limit) { + this.destroy(new AbortError()) + } + + const onAbort = () => { + this.destroy(signal.reason ?? new AbortError()) + } + signal?.addEventListener('abort', onAbort) + + this + .on('close', function () { + signal?.removeEventListener('abort', onAbort) + if (signal?.aborted) { + reject(signal.reason ?? new AbortError()) + } else { + resolve(null) + } + }) + .on('error', noop) + .on('data', function (chunk) { + limit -= chunk.length + if (limit <= 0) { + this.destroy() + } + }) + .resume() + }) + } +} + +// https://streams.spec.whatwg.org/#readablestream-locked +function isLocked (self) { + // Consume is an implicit lock. + return (self[kBody] && self[kBody].locked === true) || self[kConsume] +} + +// https://fetch.spec.whatwg.org/#body-unusable +function isUnusable (self) { + return util.isDisturbed(self) || isLocked(self) +} + +async function consume (stream, type) { + assert(!stream[kConsume]) + + return new Promise((resolve, reject) => { + if (isUnusable(stream)) { + const rState = stream._readableState + if (rState.destroyed && rState.closeEmitted === false) { + stream + .on('error', err => { + reject(err) + }) + .on('close', () => { + reject(new TypeError('unusable')) + }) + } else { + reject(rState.errored ?? new TypeError('unusable')) + } + } else { + queueMicrotask(() => { + stream[kConsume] = { + type, + stream, + resolve, + reject, + length: 0, + body: [] + } + + stream + .on('error', function (err) { + consumeFinish(this[kConsume], err) + }) + .on('close', function () { + if (this[kConsume].body !== null) { + consumeFinish(this[kConsume], new RequestAbortedError()) + } + }) + + consumeStart(stream[kConsume]) + }) + } + }) +} + +function consumeStart (consume) { + if (consume.body === null) { + return + } + + const { _readableState: state } = consume.stream + + if (state.bufferIndex) { + const start = state.bufferIndex + const end = state.buffer.length + for (let n = start; n < end; n++) { + consumePush(consume, state.buffer[n]) + } + } else { + for (const chunk of state.buffer) { + consumePush(consume, chunk) + } + } + + if (state.endEmitted) { + consumeEnd(this[kConsume]) + } else { + consume.stream.on('end', function () { + consumeEnd(this[kConsume]) + }) + } + + consume.stream.resume() + + while (consume.stream.read() != null) { + // Loop + } +} + +/** + * @param {Buffer[]} chunks + * @param {number} length + */ +function chunksDecode (chunks, length) { + if (chunks.length === 0 || length === 0) { + return '' + } + const buffer = chunks.length === 1 ? chunks[0] : Buffer.concat(chunks, length) + const bufferLength = buffer.length + + // Skip BOM. + const start = + bufferLength > 2 && + buffer[0] === 0xef && + buffer[1] === 0xbb && + buffer[2] === 0xbf + ? 3 + : 0 + return buffer.utf8Slice(start, bufferLength) +} + +/** + * @param {Buffer[]} chunks + * @param {number} length + * @returns {Uint8Array} + */ +function chunksConcat (chunks, length) { + if (chunks.length === 0 || length === 0) { + return new Uint8Array(0) + } + if (chunks.length === 1) { + // fast-path + return new Uint8Array(chunks[0]) + } + const buffer = new Uint8Array(Buffer.allocUnsafeSlow(length).buffer) + + let offset = 0 + for (let i = 0; i < chunks.length; ++i) { + const chunk = chunks[i] + buffer.set(chunk, offset) + offset += chunk.length + } + + return buffer +} + +function consumeEnd (consume) { + const { type, body, resolve, stream, length } = consume + + try { + if (type === 'text') { + resolve(chunksDecode(body, length)) + } else if (type === 'json') { + resolve(JSON.parse(chunksDecode(body, length))) + } else if (type === 'arrayBuffer') { + resolve(chunksConcat(body, length).buffer) + } else if (type === 'blob') { + resolve(new Blob(body, { type: stream[kContentType] })) + } else if (type === 'bytes') { + resolve(chunksConcat(body, length)) + } + + consumeFinish(consume) + } catch (err) { + stream.destroy(err) + } +} + +function consumePush (consume, chunk) { + consume.length += chunk.length + consume.body.push(chunk) +} + +function consumeFinish (consume, err) { + if (consume.body === null) { + return + } + + if (err) { + consume.reject(err) + } else { + consume.resolve() + } + + consume.type = null + consume.stream = null + consume.resolve = null + consume.reject = null + consume.length = 0 + consume.body = null +} + +module.exports = { Readable: BodyReadable, chunksDecode } + + +/***/ }), + +/***/ 7655: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +const assert = __nccwpck_require__(4589) +const { + ResponseStatusCodeError +} = __nccwpck_require__(8707) + +const { chunksDecode } = __nccwpck_require__(9927) +const CHUNK_LIMIT = 128 * 1024 + +async function getResolveErrorBodyCallback ({ callback, body, contentType, statusCode, statusMessage, headers }) { + assert(body) + + let chunks = [] + let length = 0 + + try { + for await (const chunk of body) { + chunks.push(chunk) + length += chunk.length + if (length > CHUNK_LIMIT) { + chunks = [] + length = 0 + break + } + } + } catch { + chunks = [] + length = 0 + // Do nothing.... + } + + const message = `Response status code ${statusCode}${statusMessage ? `: ${statusMessage}` : ''}` + + if (statusCode === 204 || !contentType || !length) { + queueMicrotask(() => callback(new ResponseStatusCodeError(message, statusCode, headers))) + return + } + + const stackTraceLimit = Error.stackTraceLimit + Error.stackTraceLimit = 0 + let payload + + try { + if (isContentTypeApplicationJson(contentType)) { + payload = JSON.parse(chunksDecode(chunks, length)) + } else if (isContentTypeText(contentType)) { + payload = chunksDecode(chunks, length) + } + } catch { + // process in a callback to avoid throwing in the microtask queue + } finally { + Error.stackTraceLimit = stackTraceLimit + } + queueMicrotask(() => callback(new ResponseStatusCodeError(message, statusCode, headers, payload))) +} + +const isContentTypeApplicationJson = (contentType) => { + return ( + contentType.length > 15 && + contentType[11] === '/' && + contentType[0] === 'a' && + contentType[1] === 'p' && + contentType[2] === 'p' && + contentType[3] === 'l' && + contentType[4] === 'i' && + contentType[5] === 'c' && + contentType[6] === 'a' && + contentType[7] === 't' && + contentType[8] === 'i' && + contentType[9] === 'o' && + contentType[10] === 'n' && + contentType[12] === 'j' && + contentType[13] === 's' && + contentType[14] === 'o' && + contentType[15] === 'n' + ) +} + +const isContentTypeText = (contentType) => { + return ( + contentType.length > 4 && + contentType[4] === '/' && + contentType[0] === 't' && + contentType[1] === 'e' && + contentType[2] === 'x' && + contentType[3] === 't' + ) +} + +module.exports = { + getResolveErrorBodyCallback, + isContentTypeApplicationJson, + isContentTypeText +} + + +/***/ }), + +/***/ 9136: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const net = __nccwpck_require__(7030) +const assert = __nccwpck_require__(4589) +const util = __nccwpck_require__(3440) +const { InvalidArgumentError, ConnectTimeoutError } = __nccwpck_require__(8707) +const timers = __nccwpck_require__(6603) + +function noop () {} + +let tls // include tls conditionally since it is not always available + +// TODO: session re-use does not wait for the first +// connection to resolve the session and might therefore +// resolve the same servername multiple times even when +// re-use is enabled. + +let SessionCache +// FIXME: remove workaround when the Node bug is fixed +// https://github.com/nodejs/node/issues/49344#issuecomment-1741776308 +if (global.FinalizationRegistry && !(process.env.NODE_V8_COVERAGE || process.env.UNDICI_NO_FG)) { + SessionCache = class WeakSessionCache { + constructor (maxCachedSessions) { + this._maxCachedSessions = maxCachedSessions + this._sessionCache = new Map() + this._sessionRegistry = new global.FinalizationRegistry((key) => { + if (this._sessionCache.size < this._maxCachedSessions) { + return + } + + const ref = this._sessionCache.get(key) + if (ref !== undefined && ref.deref() === undefined) { + this._sessionCache.delete(key) + } + }) + } + + get (sessionKey) { + const ref = this._sessionCache.get(sessionKey) + return ref ? ref.deref() : null + } + + set (sessionKey, session) { + if (this._maxCachedSessions === 0) { + return + } + + this._sessionCache.set(sessionKey, new WeakRef(session)) + this._sessionRegistry.register(session, sessionKey) + } + } +} else { + SessionCache = class SimpleSessionCache { + constructor (maxCachedSessions) { + this._maxCachedSessions = maxCachedSessions + this._sessionCache = new Map() + } + + get (sessionKey) { + return this._sessionCache.get(sessionKey) + } + + set (sessionKey, session) { + if (this._maxCachedSessions === 0) { + return + } + + if (this._sessionCache.size >= this._maxCachedSessions) { + // remove the oldest session + const { value: oldestKey } = this._sessionCache.keys().next() + this._sessionCache.delete(oldestKey) + } + + this._sessionCache.set(sessionKey, session) + } + } +} + +function buildConnector ({ allowH2, maxCachedSessions, socketPath, timeout, session: customSession, ...opts }) { + if (maxCachedSessions != null && (!Number.isInteger(maxCachedSessions) || maxCachedSessions < 0)) { + throw new InvalidArgumentError('maxCachedSessions must be a positive integer or zero') + } + + const options = { path: socketPath, ...opts } + const sessionCache = new SessionCache(maxCachedSessions == null ? 100 : maxCachedSessions) + timeout = timeout == null ? 10e3 : timeout + allowH2 = allowH2 != null ? allowH2 : false + return function connect ({ hostname, host, protocol, port, servername, localAddress, httpSocket }, callback) { + let socket + if (protocol === 'https:') { + if (!tls) { + tls = __nccwpck_require__(1692) + } + servername = servername || options.servername || util.getServerName(host) || null + + const sessionKey = servername || hostname + assert(sessionKey) + + const session = customSession || sessionCache.get(sessionKey) || null + + port = port || 443 + + socket = tls.connect({ + highWaterMark: 16384, // TLS in node can't have bigger HWM anyway... + ...options, + servername, + session, + localAddress, + // TODO(HTTP/2): Add support for h2c + ALPNProtocols: allowH2 ? ['http/1.1', 'h2'] : ['http/1.1'], + socket: httpSocket, // upgrade socket connection + port, + host: hostname + }) + + socket + .on('session', function (session) { + // TODO (fix): Can a session become invalid once established? Don't think so? + sessionCache.set(sessionKey, session) + }) + } else { + assert(!httpSocket, 'httpSocket can only be sent on TLS update') + + port = port || 80 + + socket = net.connect({ + highWaterMark: 64 * 1024, // Same as nodejs fs streams. + ...options, + localAddress, + port, + host: hostname + }) + } + + // Set TCP keep alive options on the socket here instead of in connect() for the case of assigning the socket + if (options.keepAlive == null || options.keepAlive) { + const keepAliveInitialDelay = options.keepAliveInitialDelay === undefined ? 60e3 : options.keepAliveInitialDelay + socket.setKeepAlive(true, keepAliveInitialDelay) + } + + const clearConnectTimeout = setupConnectTimeout(new WeakRef(socket), { timeout, hostname, port }) + + socket + .setNoDelay(true) + .once(protocol === 'https:' ? 'secureConnect' : 'connect', function () { + queueMicrotask(clearConnectTimeout) + + if (callback) { + const cb = callback + callback = null + cb(null, this) + } + }) + .on('error', function (err) { + queueMicrotask(clearConnectTimeout) + + if (callback) { + const cb = callback + callback = null + cb(err) + } + }) + + return socket + } +} + +/** + * @param {WeakRef} socketWeakRef + * @param {object} opts + * @param {number} opts.timeout + * @param {string} opts.hostname + * @param {number} opts.port + * @returns {() => void} + */ +const setupConnectTimeout = process.platform === 'win32' + ? (socketWeakRef, opts) => { + if (!opts.timeout) { + return noop + } + + let s1 = null + let s2 = null + const fastTimer = timers.setFastTimeout(() => { + // setImmediate is added to make sure that we prioritize socket error events over timeouts + s1 = setImmediate(() => { + // Windows needs an extra setImmediate probably due to implementation differences in the socket logic + s2 = setImmediate(() => onConnectTimeout(socketWeakRef.deref(), opts)) + }) + }, opts.timeout) + return () => { + timers.clearFastTimeout(fastTimer) + clearImmediate(s1) + clearImmediate(s2) + } + } + : (socketWeakRef, opts) => { + if (!opts.timeout) { + return noop + } + + let s1 = null + const fastTimer = timers.setFastTimeout(() => { + // setImmediate is added to make sure that we prioritize socket error events over timeouts + s1 = setImmediate(() => { + onConnectTimeout(socketWeakRef.deref(), opts) + }) + }, opts.timeout) + return () => { + timers.clearFastTimeout(fastTimer) + clearImmediate(s1) + } + } + +/** + * @param {net.Socket} socket + * @param {object} opts + * @param {number} opts.timeout + * @param {string} opts.hostname + * @param {number} opts.port + */ +function onConnectTimeout (socket, opts) { + // The socket could be already garbage collected + if (socket == null) { + return + } + + let message = 'Connect Timeout Error' + if (Array.isArray(socket.autoSelectFamilyAttemptedAddresses)) { + message += ` (attempted addresses: ${socket.autoSelectFamilyAttemptedAddresses.join(', ')},` + } else { + message += ` (attempted address: ${opts.hostname}:${opts.port},` + } + + message += ` timeout: ${opts.timeout}ms)` + + util.destroy(socket, new ConnectTimeoutError(message)) +} + +module.exports = buildConnector + + +/***/ }), + +/***/ 735: +/***/ ((module) => { + +"use strict"; + + +/** @type {Record} */ +const headerNameLowerCasedRecord = {} + +// https://developer.mozilla.org/docs/Web/HTTP/Headers +const wellknownHeaderNames = [ + 'Accept', + 'Accept-Encoding', + 'Accept-Language', + 'Accept-Ranges', + 'Access-Control-Allow-Credentials', + 'Access-Control-Allow-Headers', + 'Access-Control-Allow-Methods', + 'Access-Control-Allow-Origin', + 'Access-Control-Expose-Headers', + 'Access-Control-Max-Age', + 'Access-Control-Request-Headers', + 'Access-Control-Request-Method', + 'Age', + 'Allow', + 'Alt-Svc', + 'Alt-Used', + 'Authorization', + 'Cache-Control', + 'Clear-Site-Data', + 'Connection', + 'Content-Disposition', + 'Content-Encoding', + 'Content-Language', + 'Content-Length', + 'Content-Location', + 'Content-Range', + 'Content-Security-Policy', + 'Content-Security-Policy-Report-Only', + 'Content-Type', + 'Cookie', + 'Cross-Origin-Embedder-Policy', + 'Cross-Origin-Opener-Policy', + 'Cross-Origin-Resource-Policy', + 'Date', + 'Device-Memory', + 'Downlink', + 'ECT', + 'ETag', + 'Expect', + 'Expect-CT', + 'Expires', + 'Forwarded', + 'From', + 'Host', + 'If-Match', + 'If-Modified-Since', + 'If-None-Match', + 'If-Range', + 'If-Unmodified-Since', + 'Keep-Alive', + 'Last-Modified', + 'Link', + 'Location', + 'Max-Forwards', + 'Origin', + 'Permissions-Policy', + 'Pragma', + 'Proxy-Authenticate', + 'Proxy-Authorization', + 'RTT', + 'Range', + 'Referer', + 'Referrer-Policy', + 'Refresh', + 'Retry-After', + 'Sec-WebSocket-Accept', + 'Sec-WebSocket-Extensions', + 'Sec-WebSocket-Key', + 'Sec-WebSocket-Protocol', + 'Sec-WebSocket-Version', + 'Server', + 'Server-Timing', + 'Service-Worker-Allowed', + 'Service-Worker-Navigation-Preload', + 'Set-Cookie', + 'SourceMap', + 'Strict-Transport-Security', + 'Supports-Loading-Mode', + 'TE', + 'Timing-Allow-Origin', + 'Trailer', + 'Transfer-Encoding', + 'Upgrade', + 'Upgrade-Insecure-Requests', + 'User-Agent', + 'Vary', + 'Via', + 'WWW-Authenticate', + 'X-Content-Type-Options', + 'X-DNS-Prefetch-Control', + 'X-Frame-Options', + 'X-Permitted-Cross-Domain-Policies', + 'X-Powered-By', + 'X-Requested-With', + 'X-XSS-Protection' +] + +for (let i = 0; i < wellknownHeaderNames.length; ++i) { + const key = wellknownHeaderNames[i] + const lowerCasedKey = key.toLowerCase() + headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] = + lowerCasedKey +} + +// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`. +Object.setPrototypeOf(headerNameLowerCasedRecord, null) + +module.exports = { + wellknownHeaderNames, + headerNameLowerCasedRecord +} + + +/***/ }), + +/***/ 2414: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const diagnosticsChannel = __nccwpck_require__(3053) +const util = __nccwpck_require__(7975) + +const undiciDebugLog = util.debuglog('undici') +const fetchDebuglog = util.debuglog('fetch') +const websocketDebuglog = util.debuglog('websocket') +let isClientSet = false +const channels = { + // Client + beforeConnect: diagnosticsChannel.channel('undici:client:beforeConnect'), + connected: diagnosticsChannel.channel('undici:client:connected'), + connectError: diagnosticsChannel.channel('undici:client:connectError'), + sendHeaders: diagnosticsChannel.channel('undici:client:sendHeaders'), + // Request + create: diagnosticsChannel.channel('undici:request:create'), + bodySent: diagnosticsChannel.channel('undici:request:bodySent'), + headers: diagnosticsChannel.channel('undici:request:headers'), + trailers: diagnosticsChannel.channel('undici:request:trailers'), + error: diagnosticsChannel.channel('undici:request:error'), + // WebSocket + open: diagnosticsChannel.channel('undici:websocket:open'), + close: diagnosticsChannel.channel('undici:websocket:close'), + socketError: diagnosticsChannel.channel('undici:websocket:socket_error'), + ping: diagnosticsChannel.channel('undici:websocket:ping'), + pong: diagnosticsChannel.channel('undici:websocket:pong') +} + +if (undiciDebugLog.enabled || fetchDebuglog.enabled) { + const debuglog = fetchDebuglog.enabled ? fetchDebuglog : undiciDebugLog + + // Track all Client events + diagnosticsChannel.channel('undici:client:beforeConnect').subscribe(evt => { + const { + connectParams: { version, protocol, port, host } + } = evt + debuglog( + 'connecting to %s using %s%s', + `${host}${port ? `:${port}` : ''}`, + protocol, + version + ) + }) + + diagnosticsChannel.channel('undici:client:connected').subscribe(evt => { + const { + connectParams: { version, protocol, port, host } + } = evt + debuglog( + 'connected to %s using %s%s', + `${host}${port ? `:${port}` : ''}`, + protocol, + version + ) + }) + + diagnosticsChannel.channel('undici:client:connectError').subscribe(evt => { + const { + connectParams: { version, protocol, port, host }, + error + } = evt + debuglog( + 'connection to %s using %s%s errored - %s', + `${host}${port ? `:${port}` : ''}`, + protocol, + version, + error.message + ) + }) + + diagnosticsChannel.channel('undici:client:sendHeaders').subscribe(evt => { + const { + request: { method, path, origin } + } = evt + debuglog('sending request to %s %s/%s', method, origin, path) + }) + + // Track Request events + diagnosticsChannel.channel('undici:request:headers').subscribe(evt => { + const { + request: { method, path, origin }, + response: { statusCode } + } = evt + debuglog( + 'received response to %s %s/%s - HTTP %d', + method, + origin, + path, + statusCode + ) + }) + + diagnosticsChannel.channel('undici:request:trailers').subscribe(evt => { + const { + request: { method, path, origin } + } = evt + debuglog('trailers received from %s %s/%s', method, origin, path) + }) + + diagnosticsChannel.channel('undici:request:error').subscribe(evt => { + const { + request: { method, path, origin }, + error + } = evt + debuglog( + 'request to %s %s/%s errored - %s', + method, + origin, + path, + error.message + ) + }) + + isClientSet = true +} + +if (websocketDebuglog.enabled) { + if (!isClientSet) { + const debuglog = undiciDebugLog.enabled ? undiciDebugLog : websocketDebuglog + diagnosticsChannel.channel('undici:client:beforeConnect').subscribe(evt => { + const { + connectParams: { version, protocol, port, host } + } = evt + debuglog( + 'connecting to %s%s using %s%s', + host, + port ? `:${port}` : '', + protocol, + version + ) + }) + + diagnosticsChannel.channel('undici:client:connected').subscribe(evt => { + const { + connectParams: { version, protocol, port, host } + } = evt + debuglog( + 'connected to %s%s using %s%s', + host, + port ? `:${port}` : '', + protocol, + version + ) + }) + + diagnosticsChannel.channel('undici:client:connectError').subscribe(evt => { + const { + connectParams: { version, protocol, port, host }, + error + } = evt + debuglog( + 'connection to %s%s using %s%s errored - %s', + host, + port ? `:${port}` : '', + protocol, + version, + error.message + ) + }) + + diagnosticsChannel.channel('undici:client:sendHeaders').subscribe(evt => { + const { + request: { method, path, origin } + } = evt + debuglog('sending request to %s %s/%s', method, origin, path) + }) + } + + // Track all WebSocket events + diagnosticsChannel.channel('undici:websocket:open').subscribe(evt => { + const { + address: { address, port } + } = evt + websocketDebuglog('connection opened %s%s', address, port ? `:${port}` : '') + }) + + diagnosticsChannel.channel('undici:websocket:close').subscribe(evt => { + const { websocket, code, reason } = evt + websocketDebuglog( + 'closed connection to %s - %s %s', + websocket.url, + code, + reason + ) + }) + + diagnosticsChannel.channel('undici:websocket:socket_error').subscribe(err => { + websocketDebuglog('connection errored - %s', err.message) + }) + + diagnosticsChannel.channel('undici:websocket:ping').subscribe(evt => { + websocketDebuglog('ping received') + }) + + diagnosticsChannel.channel('undici:websocket:pong').subscribe(evt => { + websocketDebuglog('pong received') + }) +} + +module.exports = { + channels +} + + +/***/ }), + +/***/ 8707: +/***/ ((module) => { + +"use strict"; + + +const kUndiciError = Symbol.for('undici.error.UND_ERR') +class UndiciError extends Error { + constructor (message) { + super(message) + this.name = 'UndiciError' + this.code = 'UND_ERR' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kUndiciError] === true + } + + [kUndiciError] = true +} + +const kConnectTimeoutError = Symbol.for('undici.error.UND_ERR_CONNECT_TIMEOUT') +class ConnectTimeoutError extends UndiciError { + constructor (message) { + super(message) + this.name = 'ConnectTimeoutError' + this.message = message || 'Connect Timeout Error' + this.code = 'UND_ERR_CONNECT_TIMEOUT' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kConnectTimeoutError] === true + } + + [kConnectTimeoutError] = true +} + +const kHeadersTimeoutError = Symbol.for('undici.error.UND_ERR_HEADERS_TIMEOUT') +class HeadersTimeoutError extends UndiciError { + constructor (message) { + super(message) + this.name = 'HeadersTimeoutError' + this.message = message || 'Headers Timeout Error' + this.code = 'UND_ERR_HEADERS_TIMEOUT' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kHeadersTimeoutError] === true + } + + [kHeadersTimeoutError] = true +} + +const kHeadersOverflowError = Symbol.for('undici.error.UND_ERR_HEADERS_OVERFLOW') +class HeadersOverflowError extends UndiciError { + constructor (message) { + super(message) + this.name = 'HeadersOverflowError' + this.message = message || 'Headers Overflow Error' + this.code = 'UND_ERR_HEADERS_OVERFLOW' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kHeadersOverflowError] === true + } + + [kHeadersOverflowError] = true +} + +const kBodyTimeoutError = Symbol.for('undici.error.UND_ERR_BODY_TIMEOUT') +class BodyTimeoutError extends UndiciError { + constructor (message) { + super(message) + this.name = 'BodyTimeoutError' + this.message = message || 'Body Timeout Error' + this.code = 'UND_ERR_BODY_TIMEOUT' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kBodyTimeoutError] === true + } + + [kBodyTimeoutError] = true +} + +const kResponseStatusCodeError = Symbol.for('undici.error.UND_ERR_RESPONSE_STATUS_CODE') +class ResponseStatusCodeError extends UndiciError { + constructor (message, statusCode, headers, body) { + super(message) + this.name = 'ResponseStatusCodeError' + this.message = message || 'Response Status Code Error' + this.code = 'UND_ERR_RESPONSE_STATUS_CODE' + this.body = body + this.status = statusCode + this.statusCode = statusCode + this.headers = headers + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kResponseStatusCodeError] === true + } + + [kResponseStatusCodeError] = true +} + +const kInvalidArgumentError = Symbol.for('undici.error.UND_ERR_INVALID_ARG') +class InvalidArgumentError extends UndiciError { + constructor (message) { + super(message) + this.name = 'InvalidArgumentError' + this.message = message || 'Invalid Argument Error' + this.code = 'UND_ERR_INVALID_ARG' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kInvalidArgumentError] === true + } + + [kInvalidArgumentError] = true +} + +const kInvalidReturnValueError = Symbol.for('undici.error.UND_ERR_INVALID_RETURN_VALUE') +class InvalidReturnValueError extends UndiciError { + constructor (message) { + super(message) + this.name = 'InvalidReturnValueError' + this.message = message || 'Invalid Return Value Error' + this.code = 'UND_ERR_INVALID_RETURN_VALUE' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kInvalidReturnValueError] === true + } + + [kInvalidReturnValueError] = true +} + +const kAbortError = Symbol.for('undici.error.UND_ERR_ABORT') +class AbortError extends UndiciError { + constructor (message) { + super(message) + this.name = 'AbortError' + this.message = message || 'The operation was aborted' + this.code = 'UND_ERR_ABORT' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kAbortError] === true + } + + [kAbortError] = true +} + +const kRequestAbortedError = Symbol.for('undici.error.UND_ERR_ABORTED') +class RequestAbortedError extends AbortError { + constructor (message) { + super(message) + this.name = 'AbortError' + this.message = message || 'Request aborted' + this.code = 'UND_ERR_ABORTED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kRequestAbortedError] === true + } + + [kRequestAbortedError] = true +} + +const kInformationalError = Symbol.for('undici.error.UND_ERR_INFO') +class InformationalError extends UndiciError { + constructor (message) { + super(message) + this.name = 'InformationalError' + this.message = message || 'Request information' + this.code = 'UND_ERR_INFO' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kInformationalError] === true + } + + [kInformationalError] = true +} + +const kRequestContentLengthMismatchError = Symbol.for('undici.error.UND_ERR_REQ_CONTENT_LENGTH_MISMATCH') +class RequestContentLengthMismatchError extends UndiciError { + constructor (message) { + super(message) + this.name = 'RequestContentLengthMismatchError' + this.message = message || 'Request body length does not match content-length header' + this.code = 'UND_ERR_REQ_CONTENT_LENGTH_MISMATCH' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kRequestContentLengthMismatchError] === true + } + + [kRequestContentLengthMismatchError] = true +} + +const kResponseContentLengthMismatchError = Symbol.for('undici.error.UND_ERR_RES_CONTENT_LENGTH_MISMATCH') +class ResponseContentLengthMismatchError extends UndiciError { + constructor (message) { + super(message) + this.name = 'ResponseContentLengthMismatchError' + this.message = message || 'Response body length does not match content-length header' + this.code = 'UND_ERR_RES_CONTENT_LENGTH_MISMATCH' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kResponseContentLengthMismatchError] === true + } + + [kResponseContentLengthMismatchError] = true +} + +const kClientDestroyedError = Symbol.for('undici.error.UND_ERR_DESTROYED') +class ClientDestroyedError extends UndiciError { + constructor (message) { + super(message) + this.name = 'ClientDestroyedError' + this.message = message || 'The client is destroyed' + this.code = 'UND_ERR_DESTROYED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kClientDestroyedError] === true + } + + [kClientDestroyedError] = true +} + +const kClientClosedError = Symbol.for('undici.error.UND_ERR_CLOSED') +class ClientClosedError extends UndiciError { + constructor (message) { + super(message) + this.name = 'ClientClosedError' + this.message = message || 'The client is closed' + this.code = 'UND_ERR_CLOSED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kClientClosedError] === true + } + + [kClientClosedError] = true +} + +const kSocketError = Symbol.for('undici.error.UND_ERR_SOCKET') +class SocketError extends UndiciError { + constructor (message, socket) { + super(message) + this.name = 'SocketError' + this.message = message || 'Socket error' + this.code = 'UND_ERR_SOCKET' + this.socket = socket + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kSocketError] === true + } + + [kSocketError] = true +} + +const kNotSupportedError = Symbol.for('undici.error.UND_ERR_NOT_SUPPORTED') +class NotSupportedError extends UndiciError { + constructor (message) { + super(message) + this.name = 'NotSupportedError' + this.message = message || 'Not supported error' + this.code = 'UND_ERR_NOT_SUPPORTED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kNotSupportedError] === true + } + + [kNotSupportedError] = true +} + +const kBalancedPoolMissingUpstreamError = Symbol.for('undici.error.UND_ERR_BPL_MISSING_UPSTREAM') +class BalancedPoolMissingUpstreamError extends UndiciError { + constructor (message) { + super(message) + this.name = 'MissingUpstreamError' + this.message = message || 'No upstream has been added to the BalancedPool' + this.code = 'UND_ERR_BPL_MISSING_UPSTREAM' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kBalancedPoolMissingUpstreamError] === true + } + + [kBalancedPoolMissingUpstreamError] = true +} + +const kHTTPParserError = Symbol.for('undici.error.UND_ERR_HTTP_PARSER') +class HTTPParserError extends Error { + constructor (message, code, data) { + super(message) + this.name = 'HTTPParserError' + this.code = code ? `HPE_${code}` : undefined + this.data = data ? data.toString() : undefined + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kHTTPParserError] === true + } + + [kHTTPParserError] = true +} + +const kResponseExceededMaxSizeError = Symbol.for('undici.error.UND_ERR_RES_EXCEEDED_MAX_SIZE') +class ResponseExceededMaxSizeError extends UndiciError { + constructor (message) { + super(message) + this.name = 'ResponseExceededMaxSizeError' + this.message = message || 'Response content exceeded max size' + this.code = 'UND_ERR_RES_EXCEEDED_MAX_SIZE' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kResponseExceededMaxSizeError] === true + } + + [kResponseExceededMaxSizeError] = true +} + +const kRequestRetryError = Symbol.for('undici.error.UND_ERR_REQ_RETRY') +class RequestRetryError extends UndiciError { + constructor (message, code, { headers, data }) { + super(message) + this.name = 'RequestRetryError' + this.message = message || 'Request retry error' + this.code = 'UND_ERR_REQ_RETRY' + this.statusCode = code + this.data = data + this.headers = headers + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kRequestRetryError] === true + } + + [kRequestRetryError] = true +} + +const kResponseError = Symbol.for('undici.error.UND_ERR_RESPONSE') +class ResponseError extends UndiciError { + constructor (message, code, { headers, data }) { + super(message) + this.name = 'ResponseError' + this.message = message || 'Response error' + this.code = 'UND_ERR_RESPONSE' + this.statusCode = code + this.data = data + this.headers = headers + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kResponseError] === true + } + + [kResponseError] = true +} + +const kSecureProxyConnectionError = Symbol.for('undici.error.UND_ERR_PRX_TLS') +class SecureProxyConnectionError extends UndiciError { + constructor (cause, message, options) { + super(message, { cause, ...(options ?? {}) }) + this.name = 'SecureProxyConnectionError' + this.message = message || 'Secure Proxy Connection failed' + this.code = 'UND_ERR_PRX_TLS' + this.cause = cause + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kSecureProxyConnectionError] === true + } + + [kSecureProxyConnectionError] = true +} + +const kMessageSizeExceededError = Symbol.for('undici.error.UND_ERR_WS_MESSAGE_SIZE_EXCEEDED') +class MessageSizeExceededError extends UndiciError { + constructor (message) { + super(message) + this.name = 'MessageSizeExceededError' + this.message = message || 'Max decompressed message size exceeded' + this.code = 'UND_ERR_WS_MESSAGE_SIZE_EXCEEDED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kMessageSizeExceededError] === true + } + + get [kMessageSizeExceededError] () { + return true + } +} + +module.exports = { + AbortError, + HTTPParserError, + UndiciError, + HeadersTimeoutError, + HeadersOverflowError, + BodyTimeoutError, + RequestContentLengthMismatchError, + ConnectTimeoutError, + ResponseStatusCodeError, + InvalidArgumentError, + InvalidReturnValueError, + RequestAbortedError, + ClientDestroyedError, + ClientClosedError, + InformationalError, + SocketError, + NotSupportedError, + ResponseContentLengthMismatchError, + BalancedPoolMissingUpstreamError, + ResponseExceededMaxSizeError, + RequestRetryError, + ResponseError, + SecureProxyConnectionError, + MessageSizeExceededError +} + + +/***/ }), + +/***/ 4655: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + InvalidArgumentError, + NotSupportedError +} = __nccwpck_require__(8707) +const assert = __nccwpck_require__(4589) +const { + isValidHTTPToken, + isValidHeaderValue, + isStream, + destroy, + isBuffer, + isFormDataLike, + isIterable, + isBlobLike, + buildURL, + validateHandler, + getServerName, + normalizedMethodRecords +} = __nccwpck_require__(3440) +const { channels } = __nccwpck_require__(2414) +const { headerNameLowerCasedRecord } = __nccwpck_require__(735) + +// Verifies that a given path is valid does not contain control chars \x00 to \x20 +const invalidPathRegex = /[^\u0021-\u00ff]/ + +const kHandler = Symbol('handler') + +class Request { + constructor (origin, { + path, + method, + body, + headers, + query, + idempotent, + blocking, + upgrade, + headersTimeout, + bodyTimeout, + reset, + throwOnError, + expectContinue, + servername + }, handler) { + if (typeof path !== 'string') { + throw new InvalidArgumentError('path must be a string') + } else if ( + path[0] !== '/' && + !(path.startsWith('http://') || path.startsWith('https://')) && + method !== 'CONNECT' + ) { + throw new InvalidArgumentError('path must be an absolute URL or start with a slash') + } else if (invalidPathRegex.test(path)) { + throw new InvalidArgumentError('invalid request path') + } + + if (typeof method !== 'string') { + throw new InvalidArgumentError('method must be a string') + } else if (normalizedMethodRecords[method] === undefined && !isValidHTTPToken(method)) { + throw new InvalidArgumentError('invalid request method') + } + + if (upgrade && typeof upgrade !== 'string') { + throw new InvalidArgumentError('upgrade must be a string') + } + + if (upgrade && !isValidHeaderValue(upgrade)) { + throw new InvalidArgumentError('invalid upgrade header') + } + + if (headersTimeout != null && (!Number.isFinite(headersTimeout) || headersTimeout < 0)) { + throw new InvalidArgumentError('invalid headersTimeout') + } + + if (bodyTimeout != null && (!Number.isFinite(bodyTimeout) || bodyTimeout < 0)) { + throw new InvalidArgumentError('invalid bodyTimeout') + } + + if (reset != null && typeof reset !== 'boolean') { + throw new InvalidArgumentError('invalid reset') + } + + if (expectContinue != null && typeof expectContinue !== 'boolean') { + throw new InvalidArgumentError('invalid expectContinue') + } + + this.headersTimeout = headersTimeout + + this.bodyTimeout = bodyTimeout + + this.throwOnError = throwOnError === true + + this.method = method + + this.abort = null + + if (body == null) { + this.body = null + } else if (isStream(body)) { + this.body = body + + const rState = this.body._readableState + if (!rState || !rState.autoDestroy) { + this.endHandler = function autoDestroy () { + destroy(this) + } + this.body.on('end', this.endHandler) + } + + this.errorHandler = err => { + if (this.abort) { + this.abort(err) + } else { + this.error = err + } + } + this.body.on('error', this.errorHandler) + } else if (isBuffer(body)) { + this.body = body.byteLength ? body : null + } else if (ArrayBuffer.isView(body)) { + this.body = body.buffer.byteLength ? Buffer.from(body.buffer, body.byteOffset, body.byteLength) : null + } else if (body instanceof ArrayBuffer) { + this.body = body.byteLength ? Buffer.from(body) : null + } else if (typeof body === 'string') { + this.body = body.length ? Buffer.from(body) : null + } else if (isFormDataLike(body) || isIterable(body) || isBlobLike(body)) { + this.body = body + } else { + throw new InvalidArgumentError('body must be a string, a Buffer, a Readable stream, an iterable, or an async iterable') + } + + this.completed = false + + this.aborted = false + + this.upgrade = upgrade || null + + this.path = query ? buildURL(path, query) : path + + this.origin = origin + + this.idempotent = idempotent == null + ? method === 'HEAD' || method === 'GET' + : idempotent + + this.blocking = blocking == null ? false : blocking + + this.reset = reset == null ? null : reset + + this.host = null + + this.contentLength = null + + this.contentType = null + + this.headers = [] + + // Only for H2 + this.expectContinue = expectContinue != null ? expectContinue : false + + if (Array.isArray(headers)) { + if (headers.length % 2 !== 0) { + throw new InvalidArgumentError('headers array must be even') + } + for (let i = 0; i < headers.length; i += 2) { + processHeader(this, headers[i], headers[i + 1]) + } + } else if (headers && typeof headers === 'object') { + if (headers[Symbol.iterator]) { + for (const header of headers) { + if (!Array.isArray(header) || header.length !== 2) { + throw new InvalidArgumentError('headers must be in key-value pair format') + } + processHeader(this, header[0], header[1]) + } + } else { + const keys = Object.keys(headers) + for (let i = 0; i < keys.length; ++i) { + processHeader(this, keys[i], headers[keys[i]]) + } + } + } else if (headers != null) { + throw new InvalidArgumentError('headers must be an object or an array') + } + + validateHandler(handler, method, upgrade) + + this.servername = servername || getServerName(this.host) + + this[kHandler] = handler + + if (channels.create.hasSubscribers) { + channels.create.publish({ request: this }) + } + } + + onBodySent (chunk) { + if (this[kHandler].onBodySent) { + try { + return this[kHandler].onBodySent(chunk) + } catch (err) { + this.abort(err) + } + } + } + + onRequestSent () { + if (channels.bodySent.hasSubscribers) { + channels.bodySent.publish({ request: this }) + } + + if (this[kHandler].onRequestSent) { + try { + return this[kHandler].onRequestSent() + } catch (err) { + this.abort(err) + } + } + } + + onConnect (abort) { + assert(!this.aborted) + assert(!this.completed) + + if (this.error) { + abort(this.error) + } else { + this.abort = abort + return this[kHandler].onConnect(abort) + } + } + + onResponseStarted () { + return this[kHandler].onResponseStarted?.() + } + + onHeaders (statusCode, headers, resume, statusText) { + assert(!this.aborted) + assert(!this.completed) + + if (channels.headers.hasSubscribers) { + channels.headers.publish({ request: this, response: { statusCode, headers, statusText } }) + } + + try { + return this[kHandler].onHeaders(statusCode, headers, resume, statusText) + } catch (err) { + this.abort(err) + } + } + + onData (chunk) { + assert(!this.aborted) + assert(!this.completed) + + try { + return this[kHandler].onData(chunk) + } catch (err) { + this.abort(err) + return false + } + } + + onUpgrade (statusCode, headers, socket) { + assert(!this.aborted) + assert(!this.completed) + + return this[kHandler].onUpgrade(statusCode, headers, socket) + } + + onComplete (trailers) { + this.onFinally() + + assert(!this.aborted) + + this.completed = true + if (channels.trailers.hasSubscribers) { + channels.trailers.publish({ request: this, trailers }) + } + + try { + return this[kHandler].onComplete(trailers) + } catch (err) { + // TODO (fix): This might be a bad idea? + this.onError(err) + } + } + + onError (error) { + this.onFinally() + + if (channels.error.hasSubscribers) { + channels.error.publish({ request: this, error }) + } + + if (this.aborted) { + return + } + this.aborted = true + + return this[kHandler].onError(error) + } + + onFinally () { + if (this.errorHandler) { + this.body.off('error', this.errorHandler) + this.errorHandler = null + } + + if (this.endHandler) { + this.body.off('end', this.endHandler) + this.endHandler = null + } + } + + addHeader (key, value) { + processHeader(this, key, value) + return this + } +} + +function processHeader (request, key, val) { + if (val && (typeof val === 'object' && !Array.isArray(val))) { + throw new InvalidArgumentError(`invalid ${key} header`) + } else if (val === undefined) { + return + } + + let headerName = headerNameLowerCasedRecord[key] + + if (headerName === undefined) { + headerName = key.toLowerCase() + if (headerNameLowerCasedRecord[headerName] === undefined && !isValidHTTPToken(headerName)) { + throw new InvalidArgumentError('invalid header key') + } + } + + if (Array.isArray(val)) { + const arr = [] + for (let i = 0; i < val.length; i++) { + if (typeof val[i] === 'string') { + if (!isValidHeaderValue(val[i])) { + throw new InvalidArgumentError(`invalid ${key} header`) + } + arr.push(val[i]) + } else if (val[i] === null) { + arr.push('') + } else if (typeof val[i] === 'object') { + throw new InvalidArgumentError(`invalid ${key} header`) + } else { + arr.push(`${val[i]}`) + } + } + val = arr + } else if (typeof val === 'string') { + if (!isValidHeaderValue(val)) { + throw new InvalidArgumentError(`invalid ${key} header`) + } + } else if (val === null) { + val = '' + } else { + val = `${val}` + } + + if (headerName === 'host') { + if (request.host !== null) { + throw new InvalidArgumentError('duplicate host header') + } + if (typeof val !== 'string') { + throw new InvalidArgumentError('invalid host header') + } + // Consumed by Client + request.host = val + } else if (headerName === 'content-length') { + if (request.contentLength !== null) { + throw new InvalidArgumentError('duplicate content-length header') + } + request.contentLength = parseInt(val, 10) + if (!Number.isFinite(request.contentLength)) { + throw new InvalidArgumentError('invalid content-length header') + } + } else if (request.contentType === null && headerName === 'content-type') { + request.contentType = val + request.headers.push(key, val) + } else if (headerName === 'transfer-encoding' || headerName === 'keep-alive' || headerName === 'upgrade') { + throw new InvalidArgumentError(`invalid ${headerName} header`) + } else if (headerName === 'connection') { + const value = typeof val === 'string' ? val.toLowerCase() : null + if (value !== 'close' && value !== 'keep-alive') { + throw new InvalidArgumentError('invalid connection header') + } + + if (value === 'close') { + request.reset = true + } + } else if (headerName === 'expect') { + throw new NotSupportedError('expect header not supported') + } else { + request.headers.push(key, val) + } +} + +module.exports = Request + + +/***/ }), + +/***/ 6443: +/***/ ((module) => { + +module.exports = { + kClose: Symbol('close'), + kDestroy: Symbol('destroy'), + kDispatch: Symbol('dispatch'), + kUrl: Symbol('url'), + kWriting: Symbol('writing'), + kResuming: Symbol('resuming'), + kQueue: Symbol('queue'), + kConnect: Symbol('connect'), + kConnecting: Symbol('connecting'), + kKeepAliveDefaultTimeout: Symbol('default keep alive timeout'), + kKeepAliveMaxTimeout: Symbol('max keep alive timeout'), + kKeepAliveTimeoutThreshold: Symbol('keep alive timeout threshold'), + kKeepAliveTimeoutValue: Symbol('keep alive timeout'), + kKeepAlive: Symbol('keep alive'), + kHeadersTimeout: Symbol('headers timeout'), + kBodyTimeout: Symbol('body timeout'), + kServerName: Symbol('server name'), + kLocalAddress: Symbol('local address'), + kHost: Symbol('host'), + kNoRef: Symbol('no ref'), + kBodyUsed: Symbol('used'), + kBody: Symbol('abstracted request body'), + kRunning: Symbol('running'), + kBlocking: Symbol('blocking'), + kPending: Symbol('pending'), + kSize: Symbol('size'), + kBusy: Symbol('busy'), + kQueued: Symbol('queued'), + kFree: Symbol('free'), + kConnected: Symbol('connected'), + kClosed: Symbol('closed'), + kNeedDrain: Symbol('need drain'), + kReset: Symbol('reset'), + kDestroyed: Symbol.for('nodejs.stream.destroyed'), + kResume: Symbol('resume'), + kOnError: Symbol('on error'), + kMaxHeadersSize: Symbol('max headers size'), + kRunningIdx: Symbol('running index'), + kPendingIdx: Symbol('pending index'), + kError: Symbol('error'), + kClients: Symbol('clients'), + kClient: Symbol('client'), + kParser: Symbol('parser'), + kOnDestroyed: Symbol('destroy callbacks'), + kPipelining: Symbol('pipelining'), + kSocket: Symbol('socket'), + kHostHeader: Symbol('host header'), + kConnector: Symbol('connector'), + kStrictContentLength: Symbol('strict content length'), + kMaxRedirections: Symbol('maxRedirections'), + kMaxRequests: Symbol('maxRequestsPerClient'), + kProxy: Symbol('proxy agent options'), + kCounter: Symbol('socket request counter'), + kInterceptors: Symbol('dispatch interceptors'), + kMaxResponseSize: Symbol('max response size'), + kHTTP2Session: Symbol('http2Session'), + kHTTP2SessionState: Symbol('http2Session state'), + kRetryHandlerDefaultRetry: Symbol('retry agent default retry'), + kConstruct: Symbol('constructable'), + kListeners: Symbol('listeners'), + kHTTPContext: Symbol('http context'), + kMaxConcurrentStreams: Symbol('max concurrent streams'), + kNoProxyAgent: Symbol('no proxy agent'), + kHttpProxyAgent: Symbol('http proxy agent'), + kHttpsProxyAgent: Symbol('https proxy agent') +} + + +/***/ }), + +/***/ 7752: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + wellknownHeaderNames, + headerNameLowerCasedRecord +} = __nccwpck_require__(735) + +class TstNode { + /** @type {any} */ + value = null + /** @type {null | TstNode} */ + left = null + /** @type {null | TstNode} */ + middle = null + /** @type {null | TstNode} */ + right = null + /** @type {number} */ + code + /** + * @param {string} key + * @param {any} value + * @param {number} index + */ + constructor (key, value, index) { + if (index === undefined || index >= key.length) { + throw new TypeError('Unreachable') + } + const code = this.code = key.charCodeAt(index) + // check code is ascii string + if (code > 0x7F) { + throw new TypeError('key must be ascii string') + } + if (key.length !== ++index) { + this.middle = new TstNode(key, value, index) + } else { + this.value = value + } + } + + /** + * @param {string} key + * @param {any} value + */ + add (key, value) { + const length = key.length + if (length === 0) { + throw new TypeError('Unreachable') + } + let index = 0 + let node = this + while (true) { + const code = key.charCodeAt(index) + // check code is ascii string + if (code > 0x7F) { + throw new TypeError('key must be ascii string') + } + if (node.code === code) { + if (length === ++index) { + node.value = value + break + } else if (node.middle !== null) { + node = node.middle + } else { + node.middle = new TstNode(key, value, index) + break + } + } else if (node.code < code) { + if (node.left !== null) { + node = node.left + } else { + node.left = new TstNode(key, value, index) + break + } + } else if (node.right !== null) { + node = node.right + } else { + node.right = new TstNode(key, value, index) + break + } + } + } + + /** + * @param {Uint8Array} key + * @return {TstNode | null} + */ + search (key) { + const keylength = key.length + let index = 0 + let node = this + while (node !== null && index < keylength) { + let code = key[index] + // A-Z + // First check if it is bigger than 0x5a. + // Lowercase letters have higher char codes than uppercase ones. + // Also we assume that headers will mostly contain lowercase characters. + if (code <= 0x5a && code >= 0x41) { + // Lowercase for uppercase. + code |= 32 + } + while (node !== null) { + if (code === node.code) { + if (keylength === ++index) { + // Returns Node since it is the last key. + return node + } + node = node.middle + break + } + node = node.code < code ? node.left : node.right + } + } + return null + } +} + +class TernarySearchTree { + /** @type {TstNode | null} */ + node = null + + /** + * @param {string} key + * @param {any} value + * */ + insert (key, value) { + if (this.node === null) { + this.node = new TstNode(key, value, 0) + } else { + this.node.add(key, value) + } + } + + /** + * @param {Uint8Array} key + * @return {any} + */ + lookup (key) { + return this.node?.search(key)?.value ?? null + } +} + +const tree = new TernarySearchTree() + +for (let i = 0; i < wellknownHeaderNames.length; ++i) { + const key = headerNameLowerCasedRecord[wellknownHeaderNames[i]] + tree.insert(key, key) +} + +module.exports = { + TernarySearchTree, + tree +} + + +/***/ }), + +/***/ 3440: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) +const { kDestroyed, kBodyUsed, kListeners, kBody } = __nccwpck_require__(6443) +const { IncomingMessage } = __nccwpck_require__(7067) +const stream = __nccwpck_require__(7075) +const net = __nccwpck_require__(7030) +const { Blob } = __nccwpck_require__(4573) +const nodeUtil = __nccwpck_require__(7975) +const { stringify } = __nccwpck_require__(1792) +const { EventEmitter: EE } = __nccwpck_require__(8474) +const { InvalidArgumentError } = __nccwpck_require__(8707) +const { headerNameLowerCasedRecord } = __nccwpck_require__(735) +const { tree } = __nccwpck_require__(7752) + +const [nodeMajor, nodeMinor] = process.versions.node.split('.').map(v => Number(v)) + +class BodyAsyncIterable { + constructor (body) { + this[kBody] = body + this[kBodyUsed] = false + } + + async * [Symbol.asyncIterator] () { + assert(!this[kBodyUsed], 'disturbed') + this[kBodyUsed] = true + yield * this[kBody] + } +} + +function wrapRequestBody (body) { + if (isStream(body)) { + // TODO (fix): Provide some way for the user to cache the file to e.g. /tmp + // so that it can be dispatched again? + // TODO (fix): Do we need 100-expect support to provide a way to do this properly? + if (bodyLength(body) === 0) { + body + .on('data', function () { + assert(false) + }) + } + + if (typeof body.readableDidRead !== 'boolean') { + body[kBodyUsed] = false + EE.prototype.on.call(body, 'data', function () { + this[kBodyUsed] = true + }) + } + + return body + } else if (body && typeof body.pipeTo === 'function') { + // TODO (fix): We can't access ReadableStream internal state + // to determine whether or not it has been disturbed. This is just + // a workaround. + return new BodyAsyncIterable(body) + } else if ( + body && + typeof body !== 'string' && + !ArrayBuffer.isView(body) && + isIterable(body) + ) { + // TODO: Should we allow re-using iterable if !this.opts.idempotent + // or through some other flag? + return new BodyAsyncIterable(body) + } else { + return body + } +} + +function nop () {} + +function isStream (obj) { + return obj && typeof obj === 'object' && typeof obj.pipe === 'function' && typeof obj.on === 'function' +} + +// based on https://github.com/node-fetch/fetch-blob/blob/8ab587d34080de94140b54f07168451e7d0b655e/index.js#L229-L241 (MIT License) +function isBlobLike (object) { + if (object === null) { + return false + } else if (object instanceof Blob) { + return true + } else if (typeof object !== 'object') { + return false + } else { + const sTag = object[Symbol.toStringTag] + + return (sTag === 'Blob' || sTag === 'File') && ( + ('stream' in object && typeof object.stream === 'function') || + ('arrayBuffer' in object && typeof object.arrayBuffer === 'function') + ) + } +} + +function buildURL (url, queryParams) { + if (url.includes('?') || url.includes('#')) { + throw new Error('Query params cannot be passed when url already contains "?" or "#".') + } + + const stringified = stringify(queryParams) + + if (stringified) { + url += '?' + stringified + } + + return url +} + +function isValidPort (port) { + const value = parseInt(port, 10) + return ( + value === Number(port) && + value >= 0 && + value <= 65535 + ) +} + +function isHttpOrHttpsPrefixed (value) { + return ( + value != null && + value[0] === 'h' && + value[1] === 't' && + value[2] === 't' && + value[3] === 'p' && + ( + value[4] === ':' || + ( + value[4] === 's' && + value[5] === ':' + ) + ) + ) +} + +function parseURL (url) { + if (typeof url === 'string') { + url = new URL(url) + + if (!isHttpOrHttpsPrefixed(url.origin || url.protocol)) { + throw new InvalidArgumentError('Invalid URL protocol: the URL must start with `http:` or `https:`.') + } + + return url + } + + if (!url || typeof url !== 'object') { + throw new InvalidArgumentError('Invalid URL: The URL argument must be a non-null object.') + } + + if (!(url instanceof URL)) { + if (url.port != null && url.port !== '' && isValidPort(url.port) === false) { + throw new InvalidArgumentError('Invalid URL: port must be a valid integer or a string representation of an integer.') + } + + if (url.path != null && typeof url.path !== 'string') { + throw new InvalidArgumentError('Invalid URL path: the path must be a string or null/undefined.') + } + + if (url.pathname != null && typeof url.pathname !== 'string') { + throw new InvalidArgumentError('Invalid URL pathname: the pathname must be a string or null/undefined.') + } + + if (url.hostname != null && typeof url.hostname !== 'string') { + throw new InvalidArgumentError('Invalid URL hostname: the hostname must be a string or null/undefined.') + } + + if (url.origin != null && typeof url.origin !== 'string') { + throw new InvalidArgumentError('Invalid URL origin: the origin must be a string or null/undefined.') + } + + if (!isHttpOrHttpsPrefixed(url.origin || url.protocol)) { + throw new InvalidArgumentError('Invalid URL protocol: the URL must start with `http:` or `https:`.') + } + + const port = url.port != null + ? url.port + : (url.protocol === 'https:' ? 443 : 80) + let origin = url.origin != null + ? url.origin + : `${url.protocol || ''}//${url.hostname || ''}:${port}` + let path = url.path != null + ? url.path + : `${url.pathname || ''}${url.search || ''}` + + if (origin[origin.length - 1] === '/') { + origin = origin.slice(0, origin.length - 1) + } + + if (path && path[0] !== '/') { + path = `/${path}` + } + // new URL(path, origin) is unsafe when `path` contains an absolute URL + // From https://developer.mozilla.org/en-US/docs/Web/API/URL/URL: + // If first parameter is a relative URL, second param is required, and will be used as the base URL. + // If first parameter is an absolute URL, a given second param will be ignored. + return new URL(`${origin}${path}`) + } + + if (!isHttpOrHttpsPrefixed(url.origin || url.protocol)) { + throw new InvalidArgumentError('Invalid URL protocol: the URL must start with `http:` or `https:`.') + } + + return url +} + +function parseOrigin (url) { + url = parseURL(url) + + if (url.pathname !== '/' || url.search || url.hash) { + throw new InvalidArgumentError('invalid url') + } + + return url +} + +function getHostname (host) { + if (host[0] === '[') { + const idx = host.indexOf(']') + + assert(idx !== -1) + return host.substring(1, idx) + } + + const idx = host.indexOf(':') + if (idx === -1) return host + + return host.substring(0, idx) +} + +// IP addresses are not valid server names per RFC6066 +// > Currently, the only server names supported are DNS hostnames +function getServerName (host) { + if (!host) { + return null + } + + assert(typeof host === 'string') + + const servername = getHostname(host) + if (net.isIP(servername)) { + return '' + } + + return servername +} + +function deepClone (obj) { + return JSON.parse(JSON.stringify(obj)) +} + +function isAsyncIterable (obj) { + return !!(obj != null && typeof obj[Symbol.asyncIterator] === 'function') +} + +function isIterable (obj) { + return !!(obj != null && (typeof obj[Symbol.iterator] === 'function' || typeof obj[Symbol.asyncIterator] === 'function')) +} + +function bodyLength (body) { + if (body == null) { + return 0 + } else if (isStream(body)) { + const state = body._readableState + return state && state.objectMode === false && state.ended === true && Number.isFinite(state.length) + ? state.length + : null + } else if (isBlobLike(body)) { + return body.size != null ? body.size : null + } else if (isBuffer(body)) { + return body.byteLength + } + + return null +} + +function isDestroyed (body) { + return body && !!(body.destroyed || body[kDestroyed] || (stream.isDestroyed?.(body))) +} + +function destroy (stream, err) { + if (stream == null || !isStream(stream) || isDestroyed(stream)) { + return + } + + if (typeof stream.destroy === 'function') { + if (Object.getPrototypeOf(stream).constructor === IncomingMessage) { + // See: https://github.com/nodejs/node/pull/38505/files + stream.socket = null + } + + stream.destroy(err) + } else if (err) { + queueMicrotask(() => { + stream.emit('error', err) + }) + } + + if (stream.destroyed !== true) { + stream[kDestroyed] = true + } +} + +const KEEPALIVE_TIMEOUT_EXPR = /timeout=(\d+)/ +function parseKeepAliveTimeout (val) { + const m = val.toString().match(KEEPALIVE_TIMEOUT_EXPR) + return m ? parseInt(m[1], 10) * 1000 : null +} + +/** + * Retrieves a header name and returns its lowercase value. + * @param {string | Buffer} value Header name + * @returns {string} + */ +function headerNameToString (value) { + return typeof value === 'string' + ? headerNameLowerCasedRecord[value] ?? value.toLowerCase() + : tree.lookup(value) ?? value.toString('latin1').toLowerCase() +} + +/** + * Receive the buffer as a string and return its lowercase value. + * @param {Buffer} value Header name + * @returns {string} + */ +function bufferToLowerCasedHeaderName (value) { + return tree.lookup(value) ?? value.toString('latin1').toLowerCase() +} + +/** + * @param {Record | (Buffer | string | (Buffer | string)[])[]} headers + * @param {Record} [obj] + * @returns {Record} + */ +function parseHeaders (headers, obj) { + if (obj === undefined) obj = {} + for (let i = 0; i < headers.length; i += 2) { + const key = headerNameToString(headers[i]) + let val = obj[key] + + if (val) { + if (typeof val === 'string') { + val = [val] + obj[key] = val + } + val.push(headers[i + 1].toString('utf8')) + } else { + const headersValue = headers[i + 1] + if (typeof headersValue === 'string') { + obj[key] = headersValue + } else { + obj[key] = Array.isArray(headersValue) ? headersValue.map(x => x.toString('utf8')) : headersValue.toString('utf8') + } + } + } + + // See https://github.com/nodejs/node/pull/46528 + if ('content-length' in obj && 'content-disposition' in obj) { + obj['content-disposition'] = Buffer.from(obj['content-disposition']).toString('latin1') + } + + return obj +} + +function parseRawHeaders (headers) { + const len = headers.length + const ret = new Array(len) + + let hasContentLength = false + let contentDispositionIdx = -1 + let key + let val + let kLen = 0 + + for (let n = 0; n < headers.length; n += 2) { + key = headers[n] + val = headers[n + 1] + + typeof key !== 'string' && (key = key.toString()) + typeof val !== 'string' && (val = val.toString('utf8')) + + kLen = key.length + if (kLen === 14 && key[7] === '-' && (key === 'content-length' || key.toLowerCase() === 'content-length')) { + hasContentLength = true + } else if (kLen === 19 && key[7] === '-' && (key === 'content-disposition' || key.toLowerCase() === 'content-disposition')) { + contentDispositionIdx = n + 1 + } + ret[n] = key + ret[n + 1] = val + } + + // See https://github.com/nodejs/node/pull/46528 + if (hasContentLength && contentDispositionIdx !== -1) { + ret[contentDispositionIdx] = Buffer.from(ret[contentDispositionIdx]).toString('latin1') + } + + return ret +} + +function isBuffer (buffer) { + // See, https://github.com/mcollina/undici/pull/319 + return buffer instanceof Uint8Array || Buffer.isBuffer(buffer) +} + +function validateHandler (handler, method, upgrade) { + if (!handler || typeof handler !== 'object') { + throw new InvalidArgumentError('handler must be an object') + } + + if (typeof handler.onConnect !== 'function') { + throw new InvalidArgumentError('invalid onConnect method') + } + + if (typeof handler.onError !== 'function') { + throw new InvalidArgumentError('invalid onError method') + } + + if (typeof handler.onBodySent !== 'function' && handler.onBodySent !== undefined) { + throw new InvalidArgumentError('invalid onBodySent method') + } + + if (upgrade || method === 'CONNECT') { + if (typeof handler.onUpgrade !== 'function') { + throw new InvalidArgumentError('invalid onUpgrade method') + } + } else { + if (typeof handler.onHeaders !== 'function') { + throw new InvalidArgumentError('invalid onHeaders method') + } + + if (typeof handler.onData !== 'function') { + throw new InvalidArgumentError('invalid onData method') + } + + if (typeof handler.onComplete !== 'function') { + throw new InvalidArgumentError('invalid onComplete method') + } + } +} + +// A body is disturbed if it has been read from and it cannot +// be re-used without losing state or data. +function isDisturbed (body) { + // TODO (fix): Why is body[kBodyUsed] needed? + return !!(body && (stream.isDisturbed(body) || body[kBodyUsed])) +} + +function isErrored (body) { + return !!(body && stream.isErrored(body)) +} + +function isReadable (body) { + return !!(body && stream.isReadable(body)) +} + +function getSocketInfo (socket) { + return { + localAddress: socket.localAddress, + localPort: socket.localPort, + remoteAddress: socket.remoteAddress, + remotePort: socket.remotePort, + remoteFamily: socket.remoteFamily, + timeout: socket.timeout, + bytesWritten: socket.bytesWritten, + bytesRead: socket.bytesRead + } +} + +/** @type {globalThis['ReadableStream']} */ +function ReadableStreamFrom (iterable) { + // We cannot use ReadableStream.from here because it does not return a byte stream. + + let iterator + return new ReadableStream( + { + async start () { + iterator = iterable[Symbol.asyncIterator]() + }, + async pull (controller) { + const { done, value } = await iterator.next() + if (done) { + queueMicrotask(() => { + controller.close() + controller.byobRequest?.respond(0) + }) + } else { + const buf = Buffer.isBuffer(value) ? value : Buffer.from(value) + if (buf.byteLength) { + controller.enqueue(new Uint8Array(buf)) + } + } + return controller.desiredSize > 0 + }, + async cancel (reason) { + await iterator.return() + }, + type: 'bytes' + } + ) +} + +// The chunk should be a FormData instance and contains +// all the required methods. +function isFormDataLike (object) { + return ( + object && + typeof object === 'object' && + typeof object.append === 'function' && + typeof object.delete === 'function' && + typeof object.get === 'function' && + typeof object.getAll === 'function' && + typeof object.has === 'function' && + typeof object.set === 'function' && + object[Symbol.toStringTag] === 'FormData' + ) +} + +function addAbortListener (signal, listener) { + if ('addEventListener' in signal) { + signal.addEventListener('abort', listener, { once: true }) + return () => signal.removeEventListener('abort', listener) + } + signal.addListener('abort', listener) + return () => signal.removeListener('abort', listener) +} + +const hasToWellFormed = typeof String.prototype.toWellFormed === 'function' +const hasIsWellFormed = typeof String.prototype.isWellFormed === 'function' + +/** + * @param {string} val + */ +function toUSVString (val) { + return hasToWellFormed ? `${val}`.toWellFormed() : nodeUtil.toUSVString(val) +} + +/** + * @param {string} val + */ +// TODO: move this to webidl +function isUSVString (val) { + return hasIsWellFormed ? `${val}`.isWellFormed() : toUSVString(val) === `${val}` +} + +/** + * @see https://tools.ietf.org/html/rfc7230#section-3.2.6 + * @param {number} c + */ +function isTokenCharCode (c) { + switch (c) { + case 0x22: + case 0x28: + case 0x29: + case 0x2c: + case 0x2f: + case 0x3a: + case 0x3b: + case 0x3c: + case 0x3d: + case 0x3e: + case 0x3f: + case 0x40: + case 0x5b: + case 0x5c: + case 0x5d: + case 0x7b: + case 0x7d: + // DQUOTE and "(),/:;<=>?@[\]{}" + return false + default: + // VCHAR %x21-7E + return c >= 0x21 && c <= 0x7e + } +} + +/** + * @param {string} characters + */ +function isValidHTTPToken (characters) { + if (characters.length === 0) { + return false + } + for (let i = 0; i < characters.length; ++i) { + if (!isTokenCharCode(characters.charCodeAt(i))) { + return false + } + } + return true +} + +// headerCharRegex have been lifted from +// https://github.com/nodejs/node/blob/main/lib/_http_common.js + +/** + * Matches if val contains an invalid field-vchar + * field-value = *( field-content / obs-fold ) + * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] + * field-vchar = VCHAR / obs-text + */ +const headerCharRegex = /[^\t\x20-\x7e\x80-\xff]/ + +/** + * @param {string} characters + */ +function isValidHeaderValue (characters) { + return !headerCharRegex.test(characters) +} + +// Parsed accordingly to RFC 9110 +// https://www.rfc-editor.org/rfc/rfc9110#field.content-range +function parseRangeHeader (range) { + if (range == null || range === '') return { start: 0, end: null, size: null } + + const m = range ? range.match(/^bytes (\d+)-(\d+)\/(\d+)?$/) : null + return m + ? { + start: parseInt(m[1]), + end: m[2] ? parseInt(m[2]) : null, + size: m[3] ? parseInt(m[3]) : null + } + : null +} + +function addListener (obj, name, listener) { + const listeners = (obj[kListeners] ??= []) + listeners.push([name, listener]) + obj.on(name, listener) + return obj +} + +function removeAllListeners (obj) { + for (const [name, listener] of obj[kListeners] ?? []) { + obj.removeListener(name, listener) + } + obj[kListeners] = null +} + +function errorRequest (client, request, err) { + try { + request.onError(err) + assert(request.aborted) + } catch (err) { + client.emit('error', err) + } +} + +const kEnumerableProperty = Object.create(null) +kEnumerableProperty.enumerable = true + +const normalizedMethodRecordsBase = { + delete: 'DELETE', + DELETE: 'DELETE', + get: 'GET', + GET: 'GET', + head: 'HEAD', + HEAD: 'HEAD', + options: 'OPTIONS', + OPTIONS: 'OPTIONS', + post: 'POST', + POST: 'POST', + put: 'PUT', + PUT: 'PUT' +} + +const normalizedMethodRecords = { + ...normalizedMethodRecordsBase, + patch: 'patch', + PATCH: 'PATCH' +} + +// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`. +Object.setPrototypeOf(normalizedMethodRecordsBase, null) +Object.setPrototypeOf(normalizedMethodRecords, null) + +module.exports = { + kEnumerableProperty, + nop, + isDisturbed, + isErrored, + isReadable, + toUSVString, + isUSVString, + isBlobLike, + parseOrigin, + parseURL, + getServerName, + isStream, + isIterable, + isAsyncIterable, + isDestroyed, + headerNameToString, + bufferToLowerCasedHeaderName, + addListener, + removeAllListeners, + errorRequest, + parseRawHeaders, + parseHeaders, + parseKeepAliveTimeout, + destroy, + bodyLength, + deepClone, + ReadableStreamFrom, + isBuffer, + validateHandler, + getSocketInfo, + isFormDataLike, + buildURL, + addAbortListener, + isValidHTTPToken, + isValidHeaderValue, + isTokenCharCode, + parseRangeHeader, + normalizedMethodRecordsBase, + normalizedMethodRecords, + isValidPort, + isHttpOrHttpsPrefixed, + nodeMajor, + nodeMinor, + safeHTTPMethods: ['GET', 'HEAD', 'OPTIONS', 'TRACE'], + wrapRequestBody +} + + +/***/ }), + +/***/ 7405: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { InvalidArgumentError } = __nccwpck_require__(8707) +const { kClients, kRunning, kClose, kDestroy, kDispatch, kInterceptors } = __nccwpck_require__(6443) +const DispatcherBase = __nccwpck_require__(1841) +const Pool = __nccwpck_require__(628) +const Client = __nccwpck_require__(3701) +const util = __nccwpck_require__(3440) +const createRedirectInterceptor = __nccwpck_require__(5092) + +const kOnConnect = Symbol('onConnect') +const kOnDisconnect = Symbol('onDisconnect') +const kOnConnectionError = Symbol('onConnectionError') +const kMaxRedirections = Symbol('maxRedirections') +const kOnDrain = Symbol('onDrain') +const kFactory = Symbol('factory') +const kOptions = Symbol('options') + +function defaultFactory (origin, opts) { + return opts && opts.connections === 1 + ? new Client(origin, opts) + : new Pool(origin, opts) +} + +class Agent extends DispatcherBase { + constructor ({ factory = defaultFactory, maxRedirections = 0, connect, ...options } = {}) { + super() + + if (typeof factory !== 'function') { + throw new InvalidArgumentError('factory must be a function.') + } + + if (connect != null && typeof connect !== 'function' && typeof connect !== 'object') { + throw new InvalidArgumentError('connect must be a function or an object') + } + + if (!Number.isInteger(maxRedirections) || maxRedirections < 0) { + throw new InvalidArgumentError('maxRedirections must be a positive number') + } + + if (connect && typeof connect !== 'function') { + connect = { ...connect } + } + + this[kInterceptors] = options.interceptors?.Agent && Array.isArray(options.interceptors.Agent) + ? options.interceptors.Agent + : [createRedirectInterceptor({ maxRedirections })] + + this[kOptions] = { ...util.deepClone(options), connect } + this[kOptions].interceptors = options.interceptors + ? { ...options.interceptors } + : undefined + this[kMaxRedirections] = maxRedirections + this[kFactory] = factory + this[kClients] = new Map() + + this[kOnDrain] = (origin, targets) => { + this.emit('drain', origin, [this, ...targets]) + } + + this[kOnConnect] = (origin, targets) => { + this.emit('connect', origin, [this, ...targets]) + } + + this[kOnDisconnect] = (origin, targets, err) => { + this.emit('disconnect', origin, [this, ...targets], err) + } + + this[kOnConnectionError] = (origin, targets, err) => { + this.emit('connectionError', origin, [this, ...targets], err) + } + } + + get [kRunning] () { + let ret = 0 + for (const client of this[kClients].values()) { + ret += client[kRunning] + } + return ret + } + + [kDispatch] (opts, handler) { + let key + if (opts.origin && (typeof opts.origin === 'string' || opts.origin instanceof URL)) { + key = String(opts.origin) + } else { + throw new InvalidArgumentError('opts.origin must be a non-empty string or URL.') + } + + let dispatcher = this[kClients].get(key) + + if (!dispatcher) { + dispatcher = this[kFactory](opts.origin, this[kOptions]) + .on('drain', this[kOnDrain]) + .on('connect', this[kOnConnect]) + .on('disconnect', this[kOnDisconnect]) + .on('connectionError', this[kOnConnectionError]) + + // This introduces a tiny memory leak, as dispatchers are never removed from the map. + // TODO(mcollina): remove te timer when the client/pool do not have any more + // active connections. + this[kClients].set(key, dispatcher) + } + + return dispatcher.dispatch(opts, handler) + } + + async [kClose] () { + const closePromises = [] + for (const client of this[kClients].values()) { + closePromises.push(client.close()) + } + this[kClients].clear() + + await Promise.all(closePromises) + } + + async [kDestroy] (err) { + const destroyPromises = [] + for (const client of this[kClients].values()) { + destroyPromises.push(client.destroy(err)) + } + this[kClients].clear() + + await Promise.all(destroyPromises) + } +} + +module.exports = Agent + + +/***/ }), + +/***/ 837: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + BalancedPoolMissingUpstreamError, + InvalidArgumentError +} = __nccwpck_require__(8707) +const { + PoolBase, + kClients, + kNeedDrain, + kAddClient, + kRemoveClient, + kGetDispatcher +} = __nccwpck_require__(2128) +const Pool = __nccwpck_require__(628) +const { kUrl, kInterceptors } = __nccwpck_require__(6443) +const { parseOrigin } = __nccwpck_require__(3440) +const kFactory = Symbol('factory') + +const kOptions = Symbol('options') +const kGreatestCommonDivisor = Symbol('kGreatestCommonDivisor') +const kCurrentWeight = Symbol('kCurrentWeight') +const kIndex = Symbol('kIndex') +const kWeight = Symbol('kWeight') +const kMaxWeightPerServer = Symbol('kMaxWeightPerServer') +const kErrorPenalty = Symbol('kErrorPenalty') + +/** + * Calculate the greatest common divisor of two numbers by + * using the Euclidean algorithm. + * + * @param {number} a + * @param {number} b + * @returns {number} + */ +function getGreatestCommonDivisor (a, b) { + if (a === 0) return b + + while (b !== 0) { + const t = b + b = a % b + a = t + } + return a +} + +function defaultFactory (origin, opts) { + return new Pool(origin, opts) +} + +class BalancedPool extends PoolBase { + constructor (upstreams = [], { factory = defaultFactory, ...opts } = {}) { + super() + + this[kOptions] = opts + this[kIndex] = -1 + this[kCurrentWeight] = 0 + + this[kMaxWeightPerServer] = this[kOptions].maxWeightPerServer || 100 + this[kErrorPenalty] = this[kOptions].errorPenalty || 15 + + if (!Array.isArray(upstreams)) { + upstreams = [upstreams] + } + + if (typeof factory !== 'function') { + throw new InvalidArgumentError('factory must be a function.') + } + + this[kInterceptors] = opts.interceptors?.BalancedPool && Array.isArray(opts.interceptors.BalancedPool) + ? opts.interceptors.BalancedPool + : [] + this[kFactory] = factory + + for (const upstream of upstreams) { + this.addUpstream(upstream) + } + this._updateBalancedPoolStats() + } + + addUpstream (upstream) { + const upstreamOrigin = parseOrigin(upstream).origin + + if (this[kClients].find((pool) => ( + pool[kUrl].origin === upstreamOrigin && + pool.closed !== true && + pool.destroyed !== true + ))) { + return this + } + const pool = this[kFactory](upstreamOrigin, Object.assign({}, this[kOptions])) + + this[kAddClient](pool) + pool.on('connect', () => { + pool[kWeight] = Math.min(this[kMaxWeightPerServer], pool[kWeight] + this[kErrorPenalty]) + }) + + pool.on('connectionError', () => { + pool[kWeight] = Math.max(1, pool[kWeight] - this[kErrorPenalty]) + this._updateBalancedPoolStats() + }) + + pool.on('disconnect', (...args) => { + const err = args[2] + if (err && err.code === 'UND_ERR_SOCKET') { + // decrease the weight of the pool. + pool[kWeight] = Math.max(1, pool[kWeight] - this[kErrorPenalty]) + this._updateBalancedPoolStats() + } + }) + + for (const client of this[kClients]) { + client[kWeight] = this[kMaxWeightPerServer] + } + + this._updateBalancedPoolStats() + + return this + } + + _updateBalancedPoolStats () { + let result = 0 + for (let i = 0; i < this[kClients].length; i++) { + result = getGreatestCommonDivisor(this[kClients][i][kWeight], result) + } + + this[kGreatestCommonDivisor] = result + } + + removeUpstream (upstream) { + const upstreamOrigin = parseOrigin(upstream).origin + + const pool = this[kClients].find((pool) => ( + pool[kUrl].origin === upstreamOrigin && + pool.closed !== true && + pool.destroyed !== true + )) + + if (pool) { + this[kRemoveClient](pool) + } + + return this + } + + get upstreams () { + return this[kClients] + .filter(dispatcher => dispatcher.closed !== true && dispatcher.destroyed !== true) + .map((p) => p[kUrl].origin) + } + + [kGetDispatcher] () { + // We validate that pools is greater than 0, + // otherwise we would have to wait until an upstream + // is added, which might never happen. + if (this[kClients].length === 0) { + throw new BalancedPoolMissingUpstreamError() + } + + const dispatcher = this[kClients].find(dispatcher => ( + !dispatcher[kNeedDrain] && + dispatcher.closed !== true && + dispatcher.destroyed !== true + )) + + if (!dispatcher) { + return + } + + const allClientsBusy = this[kClients].map(pool => pool[kNeedDrain]).reduce((a, b) => a && b, true) + + if (allClientsBusy) { + return + } + + let counter = 0 + + let maxWeightIndex = this[kClients].findIndex(pool => !pool[kNeedDrain]) + + while (counter++ < this[kClients].length) { + this[kIndex] = (this[kIndex] + 1) % this[kClients].length + const pool = this[kClients][this[kIndex]] + + // find pool index with the largest weight + if (pool[kWeight] > this[kClients][maxWeightIndex][kWeight] && !pool[kNeedDrain]) { + maxWeightIndex = this[kIndex] + } + + // decrease the current weight every `this[kClients].length`. + if (this[kIndex] === 0) { + // Set the current weight to the next lower weight. + this[kCurrentWeight] = this[kCurrentWeight] - this[kGreatestCommonDivisor] + + if (this[kCurrentWeight] <= 0) { + this[kCurrentWeight] = this[kMaxWeightPerServer] + } + } + if (pool[kWeight] >= this[kCurrentWeight] && (!pool[kNeedDrain])) { + return pool + } + } + + this[kCurrentWeight] = this[kClients][maxWeightIndex][kWeight] + this[kIndex] = maxWeightIndex + return this[kClients][maxWeightIndex] + } +} + +module.exports = BalancedPool + + +/***/ }), + +/***/ 637: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +/* global WebAssembly */ + +const assert = __nccwpck_require__(4589) +const util = __nccwpck_require__(3440) +const { channels } = __nccwpck_require__(2414) +const timers = __nccwpck_require__(6603) +const { + RequestContentLengthMismatchError, + ResponseContentLengthMismatchError, + RequestAbortedError, + HeadersTimeoutError, + HeadersOverflowError, + SocketError, + InformationalError, + BodyTimeoutError, + HTTPParserError, + ResponseExceededMaxSizeError +} = __nccwpck_require__(8707) +const { + kUrl, + kReset, + kClient, + kParser, + kBlocking, + kRunning, + kPending, + kSize, + kWriting, + kQueue, + kNoRef, + kKeepAliveDefaultTimeout, + kHostHeader, + kPendingIdx, + kRunningIdx, + kError, + kPipelining, + kSocket, + kKeepAliveTimeoutValue, + kMaxHeadersSize, + kKeepAliveMaxTimeout, + kKeepAliveTimeoutThreshold, + kHeadersTimeout, + kBodyTimeout, + kStrictContentLength, + kMaxRequests, + kCounter, + kMaxResponseSize, + kOnError, + kResume, + kHTTPContext +} = __nccwpck_require__(6443) + +const constants = __nccwpck_require__(2824) +const EMPTY_BUF = Buffer.alloc(0) +const FastBuffer = Buffer[Symbol.species] +const addListener = util.addListener +const removeAllListeners = util.removeAllListeners + +let extractBody + +async function lazyllhttp () { + const llhttpWasmData = process.env.JEST_WORKER_ID ? __nccwpck_require__(3870) : undefined + + let mod + try { + mod = await WebAssembly.compile(__nccwpck_require__(3434)) + } catch (e) { + /* istanbul ignore next */ + + // We could check if the error was caused by the simd option not + // being enabled, but the occurring of this other error + // * https://github.com/emscripten-core/emscripten/issues/11495 + // got me to remove that check to avoid breaking Node 12. + mod = await WebAssembly.compile(llhttpWasmData || __nccwpck_require__(3870)) + } + + return await WebAssembly.instantiate(mod, { + env: { + /* eslint-disable camelcase */ + + wasm_on_url: (p, at, len) => { + /* istanbul ignore next */ + return 0 + }, + wasm_on_status: (p, at, len) => { + assert(currentParser.ptr === p) + const start = at - currentBufferPtr + currentBufferRef.byteOffset + return currentParser.onStatus(new FastBuffer(currentBufferRef.buffer, start, len)) || 0 + }, + wasm_on_message_begin: (p) => { + assert(currentParser.ptr === p) + return currentParser.onMessageBegin() || 0 + }, + wasm_on_header_field: (p, at, len) => { + assert(currentParser.ptr === p) + const start = at - currentBufferPtr + currentBufferRef.byteOffset + return currentParser.onHeaderField(new FastBuffer(currentBufferRef.buffer, start, len)) || 0 + }, + wasm_on_header_value: (p, at, len) => { + assert(currentParser.ptr === p) + const start = at - currentBufferPtr + currentBufferRef.byteOffset + return currentParser.onHeaderValue(new FastBuffer(currentBufferRef.buffer, start, len)) || 0 + }, + wasm_on_headers_complete: (p, statusCode, upgrade, shouldKeepAlive) => { + assert(currentParser.ptr === p) + return currentParser.onHeadersComplete(statusCode, Boolean(upgrade), Boolean(shouldKeepAlive)) || 0 + }, + wasm_on_body: (p, at, len) => { + assert(currentParser.ptr === p) + const start = at - currentBufferPtr + currentBufferRef.byteOffset + return currentParser.onBody(new FastBuffer(currentBufferRef.buffer, start, len)) || 0 + }, + wasm_on_message_complete: (p) => { + assert(currentParser.ptr === p) + return currentParser.onMessageComplete() || 0 + } + + /* eslint-enable camelcase */ + } + }) +} + +let llhttpInstance = null +let llhttpPromise = lazyllhttp() +llhttpPromise.catch() + +let currentParser = null +let currentBufferRef = null +let currentBufferSize = 0 +let currentBufferPtr = null + +const USE_NATIVE_TIMER = 0 +const USE_FAST_TIMER = 1 + +// Use fast timers for headers and body to take eventual event loop +// latency into account. +const TIMEOUT_HEADERS = 2 | USE_FAST_TIMER +const TIMEOUT_BODY = 4 | USE_FAST_TIMER + +// Use native timers to ignore event loop latency for keep-alive +// handling. +const TIMEOUT_KEEP_ALIVE = 8 | USE_NATIVE_TIMER + +class Parser { + constructor (client, socket, { exports }) { + assert(Number.isFinite(client[kMaxHeadersSize]) && client[kMaxHeadersSize] > 0) + + this.llhttp = exports + this.ptr = this.llhttp.llhttp_alloc(constants.TYPE.RESPONSE) + this.client = client + this.socket = socket + this.timeout = null + this.timeoutValue = null + this.timeoutType = null + this.statusCode = null + this.statusText = '' + this.upgrade = false + this.headers = [] + this.headersSize = 0 + this.headersMaxSize = client[kMaxHeadersSize] + this.shouldKeepAlive = false + this.paused = false + this.resume = this.resume.bind(this) + + this.bytesRead = 0 + + this.keepAlive = '' + this.contentLength = '' + this.connection = '' + this.maxResponseSize = client[kMaxResponseSize] + } + + setTimeout (delay, type) { + // If the existing timer and the new timer are of different timer type + // (fast or native) or have different delay, we need to clear the existing + // timer and set a new one. + if ( + delay !== this.timeoutValue || + (type & USE_FAST_TIMER) ^ (this.timeoutType & USE_FAST_TIMER) + ) { + // If a timeout is already set, clear it with clearTimeout of the fast + // timer implementation, as it can clear fast and native timers. + if (this.timeout) { + timers.clearTimeout(this.timeout) + this.timeout = null + } + + if (delay) { + if (type & USE_FAST_TIMER) { + this.timeout = timers.setFastTimeout(onParserTimeout, delay, new WeakRef(this)) + } else { + this.timeout = setTimeout(onParserTimeout, delay, new WeakRef(this)) + this.timeout.unref() + } + } + + this.timeoutValue = delay + } else if (this.timeout) { + // istanbul ignore else: only for jest + if (this.timeout.refresh) { + this.timeout.refresh() + } + } + + this.timeoutType = type + } + + resume () { + if (this.socket.destroyed || !this.paused) { + return + } + + assert(this.ptr != null) + assert(currentParser == null) + + this.llhttp.llhttp_resume(this.ptr) + + assert(this.timeoutType === TIMEOUT_BODY) + if (this.timeout) { + // istanbul ignore else: only for jest + if (this.timeout.refresh) { + this.timeout.refresh() + } + } + + this.paused = false + this.execute(this.socket.read() || EMPTY_BUF) // Flush parser. + this.readMore() + } + + readMore () { + while (!this.paused && this.ptr) { + const chunk = this.socket.read() + if (chunk === null) { + break + } + this.execute(chunk) + } + } + + execute (data) { + assert(this.ptr != null) + assert(currentParser == null) + assert(!this.paused) + + const { socket, llhttp } = this + + if (data.length > currentBufferSize) { + if (currentBufferPtr) { + llhttp.free(currentBufferPtr) + } + currentBufferSize = Math.ceil(data.length / 4096) * 4096 + currentBufferPtr = llhttp.malloc(currentBufferSize) + } + + new Uint8Array(llhttp.memory.buffer, currentBufferPtr, currentBufferSize).set(data) + + // Call `execute` on the wasm parser. + // We pass the `llhttp_parser` pointer address, the pointer address of buffer view data, + // and finally the length of bytes to parse. + // The return value is an error code or `constants.ERROR.OK`. + try { + let ret + + try { + currentBufferRef = data + currentParser = this + ret = llhttp.llhttp_execute(this.ptr, currentBufferPtr, data.length) + /* eslint-disable-next-line no-useless-catch */ + } catch (err) { + /* istanbul ignore next: difficult to make a test case for */ + throw err + } finally { + currentParser = null + currentBufferRef = null + } + + const offset = llhttp.llhttp_get_error_pos(this.ptr) - currentBufferPtr + + if (ret === constants.ERROR.PAUSED_UPGRADE) { + this.onUpgrade(data.slice(offset)) + } else if (ret === constants.ERROR.PAUSED) { + this.paused = true + socket.unshift(data.slice(offset)) + } else if (ret !== constants.ERROR.OK) { + const ptr = llhttp.llhttp_get_error_reason(this.ptr) + let message = '' + /* istanbul ignore else: difficult to make a test case for */ + if (ptr) { + const len = new Uint8Array(llhttp.memory.buffer, ptr).indexOf(0) + message = + 'Response does not match the HTTP/1.1 protocol (' + + Buffer.from(llhttp.memory.buffer, ptr, len).toString() + + ')' + } + throw new HTTPParserError(message, constants.ERROR[ret], data.slice(offset)) + } + } catch (err) { + util.destroy(socket, err) + } + } + + destroy () { + assert(this.ptr != null) + assert(currentParser == null) + + this.llhttp.llhttp_free(this.ptr) + this.ptr = null + + this.timeout && timers.clearTimeout(this.timeout) + this.timeout = null + this.timeoutValue = null + this.timeoutType = null + + this.paused = false + } + + onStatus (buf) { + this.statusText = buf.toString() + } + + onMessageBegin () { + const { socket, client } = this + + /* istanbul ignore next: difficult to make a test case for */ + if (socket.destroyed) { + return -1 + } + + const request = client[kQueue][client[kRunningIdx]] + if (!request) { + return -1 + } + request.onResponseStarted() + } + + onHeaderField (buf) { + const len = this.headers.length + + if ((len & 1) === 0) { + this.headers.push(buf) + } else { + this.headers[len - 1] = Buffer.concat([this.headers[len - 1], buf]) + } + + this.trackHeader(buf.length) + } + + onHeaderValue (buf) { + let len = this.headers.length + + if ((len & 1) === 1) { + this.headers.push(buf) + len += 1 + } else { + this.headers[len - 1] = Buffer.concat([this.headers[len - 1], buf]) + } + + const key = this.headers[len - 2] + if (key.length === 10) { + const headerName = util.bufferToLowerCasedHeaderName(key) + if (headerName === 'keep-alive') { + this.keepAlive += buf.toString() + } else if (headerName === 'connection') { + this.connection += buf.toString() + } + } else if (key.length === 14 && util.bufferToLowerCasedHeaderName(key) === 'content-length') { + this.contentLength += buf.toString() + } + + this.trackHeader(buf.length) + } + + trackHeader (len) { + this.headersSize += len + if (this.headersSize >= this.headersMaxSize) { + util.destroy(this.socket, new HeadersOverflowError()) + } + } + + onUpgrade (head) { + const { upgrade, client, socket, headers, statusCode } = this + + assert(upgrade) + assert(client[kSocket] === socket) + assert(!socket.destroyed) + assert(!this.paused) + assert((headers.length & 1) === 0) + + const request = client[kQueue][client[kRunningIdx]] + assert(request) + assert(request.upgrade || request.method === 'CONNECT') + + this.statusCode = null + this.statusText = '' + this.shouldKeepAlive = null + + this.headers = [] + this.headersSize = 0 + + socket.unshift(head) + + socket[kParser].destroy() + socket[kParser] = null + + socket[kClient] = null + socket[kError] = null + + removeAllListeners(socket) + + client[kSocket] = null + client[kHTTPContext] = null // TODO (fix): This is hacky... + client[kQueue][client[kRunningIdx]++] = null + client.emit('disconnect', client[kUrl], [client], new InformationalError('upgrade')) + + try { + request.onUpgrade(statusCode, headers, socket) + } catch (err) { + util.destroy(socket, err) + } + + client[kResume]() + } + + onHeadersComplete (statusCode, upgrade, shouldKeepAlive) { + const { client, socket, headers, statusText } = this + + /* istanbul ignore next: difficult to make a test case for */ + if (socket.destroyed) { + return -1 + } + + const request = client[kQueue][client[kRunningIdx]] + + /* istanbul ignore next: difficult to make a test case for */ + if (!request) { + return -1 + } + + assert(!this.upgrade) + assert(this.statusCode < 200) + + if (statusCode === 100) { + util.destroy(socket, new SocketError('bad response', util.getSocketInfo(socket))) + return -1 + } + + /* this can only happen if server is misbehaving */ + if (upgrade && !request.upgrade) { + util.destroy(socket, new SocketError('bad upgrade', util.getSocketInfo(socket))) + return -1 + } + + assert(this.timeoutType === TIMEOUT_HEADERS) + + this.statusCode = statusCode + this.shouldKeepAlive = ( + shouldKeepAlive || + // Override llhttp value which does not allow keepAlive for HEAD. + (request.method === 'HEAD' && !socket[kReset] && this.connection.toLowerCase() === 'keep-alive') + ) + + if (this.statusCode >= 200) { + const bodyTimeout = request.bodyTimeout != null + ? request.bodyTimeout + : client[kBodyTimeout] + this.setTimeout(bodyTimeout, TIMEOUT_BODY) + } else if (this.timeout) { + // istanbul ignore else: only for jest + if (this.timeout.refresh) { + this.timeout.refresh() + } + } + + if (request.method === 'CONNECT') { + assert(client[kRunning] === 1) + this.upgrade = true + return 2 + } + + if (upgrade) { + assert(client[kRunning] === 1) + this.upgrade = true + return 2 + } + + assert((this.headers.length & 1) === 0) + this.headers = [] + this.headersSize = 0 + + if (this.shouldKeepAlive && client[kPipelining]) { + const keepAliveTimeout = this.keepAlive ? util.parseKeepAliveTimeout(this.keepAlive) : null + + if (keepAliveTimeout != null) { + const timeout = Math.min( + keepAliveTimeout - client[kKeepAliveTimeoutThreshold], + client[kKeepAliveMaxTimeout] + ) + if (timeout <= 0) { + socket[kReset] = true + } else { + client[kKeepAliveTimeoutValue] = timeout + } + } else { + client[kKeepAliveTimeoutValue] = client[kKeepAliveDefaultTimeout] + } + } else { + // Stop more requests from being dispatched. + socket[kReset] = true + } + + const pause = request.onHeaders(statusCode, headers, this.resume, statusText) === false + + if (request.aborted) { + return -1 + } + + if (request.method === 'HEAD') { + return 1 + } + + if (statusCode < 200) { + return 1 + } + + if (socket[kBlocking]) { + socket[kBlocking] = false + client[kResume]() + } + + return pause ? constants.ERROR.PAUSED : 0 + } + + onBody (buf) { + const { client, socket, statusCode, maxResponseSize } = this + + if (socket.destroyed) { + return -1 + } + + const request = client[kQueue][client[kRunningIdx]] + assert(request) + + assert(this.timeoutType === TIMEOUT_BODY) + if (this.timeout) { + // istanbul ignore else: only for jest + if (this.timeout.refresh) { + this.timeout.refresh() + } + } + + assert(statusCode >= 200) + + if (maxResponseSize > -1 && this.bytesRead + buf.length > maxResponseSize) { + util.destroy(socket, new ResponseExceededMaxSizeError()) + return -1 + } + + this.bytesRead += buf.length + + if (request.onData(buf) === false) { + return constants.ERROR.PAUSED + } + } + + onMessageComplete () { + const { client, socket, statusCode, upgrade, headers, contentLength, bytesRead, shouldKeepAlive } = this + + if (socket.destroyed && (!statusCode || shouldKeepAlive)) { + return -1 + } + + if (upgrade) { + return + } + + assert(statusCode >= 100) + assert((this.headers.length & 1) === 0) + + const request = client[kQueue][client[kRunningIdx]] + assert(request) + + this.statusCode = null + this.statusText = '' + this.bytesRead = 0 + this.contentLength = '' + this.keepAlive = '' + this.connection = '' + + this.headers = [] + this.headersSize = 0 + + if (statusCode < 200) { + return + } + + /* istanbul ignore next: should be handled by llhttp? */ + if (request.method !== 'HEAD' && contentLength && bytesRead !== parseInt(contentLength, 10)) { + util.destroy(socket, new ResponseContentLengthMismatchError()) + return -1 + } + + request.onComplete(headers) + + client[kQueue][client[kRunningIdx]++] = null + + if (socket[kWriting]) { + assert(client[kRunning] === 0) + // Response completed before request. + util.destroy(socket, new InformationalError('reset')) + return constants.ERROR.PAUSED + } else if (!shouldKeepAlive) { + util.destroy(socket, new InformationalError('reset')) + return constants.ERROR.PAUSED + } else if (socket[kReset] && client[kRunning] === 0) { + // Destroy socket once all requests have completed. + // The request at the tail of the pipeline is the one + // that requested reset and no further requests should + // have been queued since then. + util.destroy(socket, new InformationalError('reset')) + return constants.ERROR.PAUSED + } else if (client[kPipelining] == null || client[kPipelining] === 1) { + // We must wait a full event loop cycle to reuse this socket to make sure + // that non-spec compliant servers are not closing the connection even if they + // said they won't. + setImmediate(() => client[kResume]()) + } else { + client[kResume]() + } + } +} + +function onParserTimeout (parser) { + const { socket, timeoutType, client, paused } = parser.deref() + + /* istanbul ignore else */ + if (timeoutType === TIMEOUT_HEADERS) { + if (!socket[kWriting] || socket.writableNeedDrain || client[kRunning] > 1) { + assert(!paused, 'cannot be paused while waiting for headers') + util.destroy(socket, new HeadersTimeoutError()) + } + } else if (timeoutType === TIMEOUT_BODY) { + if (!paused) { + util.destroy(socket, new BodyTimeoutError()) + } + } else if (timeoutType === TIMEOUT_KEEP_ALIVE) { + assert(client[kRunning] === 0 && client[kKeepAliveTimeoutValue]) + util.destroy(socket, new InformationalError('socket idle timeout')) + } +} + +async function connectH1 (client, socket) { + client[kSocket] = socket + + if (!llhttpInstance) { + llhttpInstance = await llhttpPromise + llhttpPromise = null + } + + socket[kNoRef] = false + socket[kWriting] = false + socket[kReset] = false + socket[kBlocking] = false + socket[kParser] = new Parser(client, socket, llhttpInstance) + + addListener(socket, 'error', function (err) { + assert(err.code !== 'ERR_TLS_CERT_ALTNAME_INVALID') + + const parser = this[kParser] + + // On Mac OS, we get an ECONNRESET even if there is a full body to be forwarded + // to the user. + if (err.code === 'ECONNRESET' && parser.statusCode && !parser.shouldKeepAlive) { + // We treat all incoming data so for as a valid response. + parser.onMessageComplete() + return + } + + this[kError] = err + + this[kClient][kOnError](err) + }) + addListener(socket, 'readable', function () { + const parser = this[kParser] + + if (parser) { + parser.readMore() + } + }) + addListener(socket, 'end', function () { + const parser = this[kParser] + + if (parser.statusCode && !parser.shouldKeepAlive) { + // We treat all incoming data so far as a valid response. + parser.onMessageComplete() + return + } + + util.destroy(this, new SocketError('other side closed', util.getSocketInfo(this))) + }) + addListener(socket, 'close', function () { + const client = this[kClient] + const parser = this[kParser] + + if (parser) { + if (!this[kError] && parser.statusCode && !parser.shouldKeepAlive) { + // We treat all incoming data so far as a valid response. + parser.onMessageComplete() + } + + this[kParser].destroy() + this[kParser] = null + } + + const err = this[kError] || new SocketError('closed', util.getSocketInfo(this)) + + client[kSocket] = null + client[kHTTPContext] = null // TODO (fix): This is hacky... + + if (client.destroyed) { + assert(client[kPending] === 0) + + // Fail entire queue. + const requests = client[kQueue].splice(client[kRunningIdx]) + for (let i = 0; i < requests.length; i++) { + const request = requests[i] + util.errorRequest(client, request, err) + } + } else if (client[kRunning] > 0 && err.code !== 'UND_ERR_INFO') { + // Fail head of pipeline. + const request = client[kQueue][client[kRunningIdx]] + client[kQueue][client[kRunningIdx]++] = null + + util.errorRequest(client, request, err) + } + + client[kPendingIdx] = client[kRunningIdx] + + assert(client[kRunning] === 0) + + client.emit('disconnect', client[kUrl], [client], err) + + client[kResume]() + }) + + let closed = false + socket.on('close', () => { + closed = true + }) + + return { + version: 'h1', + defaultPipelining: 1, + write (...args) { + return writeH1(client, ...args) + }, + resume () { + resumeH1(client) + }, + destroy (err, callback) { + if (closed) { + queueMicrotask(callback) + } else { + socket.destroy(err).on('close', callback) + } + }, + get destroyed () { + return socket.destroyed + }, + busy (request) { + if (socket[kWriting] || socket[kReset] || socket[kBlocking]) { + return true + } + + if (request) { + if (client[kRunning] > 0 && !request.idempotent) { + // Non-idempotent request cannot be retried. + // Ensure that no other requests are inflight and + // could cause failure. + return true + } + + if (client[kRunning] > 0 && (request.upgrade || request.method === 'CONNECT')) { + // Don't dispatch an upgrade until all preceding requests have completed. + // A misbehaving server might upgrade the connection before all pipelined + // request has completed. + return true + } + + if (client[kRunning] > 0 && util.bodyLength(request.body) !== 0 && + (util.isStream(request.body) || util.isAsyncIterable(request.body) || util.isFormDataLike(request.body))) { + // Request with stream or iterator body can error while other requests + // are inflight and indirectly error those as well. + // Ensure this doesn't happen by waiting for inflight + // to complete before dispatching. + + // Request with stream or iterator body cannot be retried. + // Ensure that no other requests are inflight and + // could cause failure. + return true + } + } + + return false + } + } +} + +function resumeH1 (client) { + const socket = client[kSocket] + + if (socket && !socket.destroyed) { + if (client[kSize] === 0) { + if (!socket[kNoRef] && socket.unref) { + socket.unref() + socket[kNoRef] = true + } + } else if (socket[kNoRef] && socket.ref) { + socket.ref() + socket[kNoRef] = false + } + + if (client[kSize] === 0) { + if (socket[kParser].timeoutType !== TIMEOUT_KEEP_ALIVE) { + socket[kParser].setTimeout(client[kKeepAliveTimeoutValue], TIMEOUT_KEEP_ALIVE) + } + } else if (client[kRunning] > 0 && socket[kParser].statusCode < 200) { + if (socket[kParser].timeoutType !== TIMEOUT_HEADERS) { + const request = client[kQueue][client[kRunningIdx]] + const headersTimeout = request.headersTimeout != null + ? request.headersTimeout + : client[kHeadersTimeout] + socket[kParser].setTimeout(headersTimeout, TIMEOUT_HEADERS) + } + } + } +} + +// https://www.rfc-editor.org/rfc/rfc7230#section-3.3.2 +function shouldSendContentLength (method) { + return method !== 'GET' && method !== 'HEAD' && method !== 'OPTIONS' && method !== 'TRACE' && method !== 'CONNECT' +} + +function writeH1 (client, request) { + const { method, path, host, upgrade, blocking, reset } = request + + let { body, headers, contentLength } = request + + // https://tools.ietf.org/html/rfc7231#section-4.3.1 + // https://tools.ietf.org/html/rfc7231#section-4.3.2 + // https://tools.ietf.org/html/rfc7231#section-4.3.5 + + // Sending a payload body on a request that does not + // expect it can cause undefined behavior on some + // servers and corrupt connection state. Do not + // re-use the connection for further requests. + + const expectsPayload = ( + method === 'PUT' || + method === 'POST' || + method === 'PATCH' || + method === 'QUERY' || + method === 'PROPFIND' || + method === 'PROPPATCH' + ) + + if (util.isFormDataLike(body)) { + if (!extractBody) { + extractBody = (__nccwpck_require__(4492).extractBody) + } + + const [bodyStream, contentType] = extractBody(body) + if (request.contentType == null) { + headers.push('content-type', contentType) + } + body = bodyStream.stream + contentLength = bodyStream.length + } else if (util.isBlobLike(body) && request.contentType == null && body.type) { + headers.push('content-type', body.type) + } + + if (body && typeof body.read === 'function') { + // Try to read EOF in order to get length. + body.read(0) + } + + const bodyLength = util.bodyLength(body) + + contentLength = bodyLength ?? contentLength + + if (contentLength === null) { + contentLength = request.contentLength + } + + if (contentLength === 0 && !expectsPayload) { + // https://tools.ietf.org/html/rfc7230#section-3.3.2 + // A user agent SHOULD NOT send a Content-Length header field when + // the request message does not contain a payload body and the method + // semantics do not anticipate such a body. + + contentLength = null + } + + // https://github.com/nodejs/undici/issues/2046 + // A user agent may send a Content-Length header with 0 value, this should be allowed. + if (shouldSendContentLength(method) && contentLength > 0 && request.contentLength !== null && request.contentLength !== contentLength) { + if (client[kStrictContentLength]) { + util.errorRequest(client, request, new RequestContentLengthMismatchError()) + return false + } + + process.emitWarning(new RequestContentLengthMismatchError()) + } + + const socket = client[kSocket] + + const abort = (err) => { + if (request.aborted || request.completed) { + return + } + + util.errorRequest(client, request, err || new RequestAbortedError()) + + util.destroy(body) + util.destroy(socket, new InformationalError('aborted')) + } + + try { + request.onConnect(abort) + } catch (err) { + util.errorRequest(client, request, err) + } + + if (request.aborted) { + return false + } + + if (method === 'HEAD') { + // https://github.com/mcollina/undici/issues/258 + // Close after a HEAD request to interop with misbehaving servers + // that may send a body in the response. + + socket[kReset] = true + } + + if (upgrade || method === 'CONNECT') { + // On CONNECT or upgrade, block pipeline from dispatching further + // requests on this connection. + + socket[kReset] = true + } + + if (reset != null) { + socket[kReset] = reset + } + + if (client[kMaxRequests] && socket[kCounter]++ >= client[kMaxRequests]) { + socket[kReset] = true + } + + if (blocking) { + socket[kBlocking] = true + } + + let header = `${method} ${path} HTTP/1.1\r\n` + + if (typeof host === 'string') { + header += `host: ${host}\r\n` + } else { + header += client[kHostHeader] + } + + if (upgrade) { + header += `connection: upgrade\r\nupgrade: ${upgrade}\r\n` + } else if (client[kPipelining] && !socket[kReset]) { + header += 'connection: keep-alive\r\n' + } else { + header += 'connection: close\r\n' + } + + if (Array.isArray(headers)) { + for (let n = 0; n < headers.length; n += 2) { + const key = headers[n + 0] + const val = headers[n + 1] + + if (Array.isArray(val)) { + for (let i = 0; i < val.length; i++) { + header += `${key}: ${val[i]}\r\n` + } + } else { + header += `${key}: ${val}\r\n` + } + } + } + + if (channels.sendHeaders.hasSubscribers) { + channels.sendHeaders.publish({ request, headers: header, socket }) + } + + /* istanbul ignore else: assertion */ + if (!body || bodyLength === 0) { + writeBuffer(abort, null, client, request, socket, contentLength, header, expectsPayload) + } else if (util.isBuffer(body)) { + writeBuffer(abort, body, client, request, socket, contentLength, header, expectsPayload) + } else if (util.isBlobLike(body)) { + if (typeof body.stream === 'function') { + writeIterable(abort, body.stream(), client, request, socket, contentLength, header, expectsPayload) + } else { + writeBlob(abort, body, client, request, socket, contentLength, header, expectsPayload) + } + } else if (util.isStream(body)) { + writeStream(abort, body, client, request, socket, contentLength, header, expectsPayload) + } else if (util.isIterable(body)) { + writeIterable(abort, body, client, request, socket, contentLength, header, expectsPayload) + } else { + assert(false) + } + + return true +} + +function writeStream (abort, body, client, request, socket, contentLength, header, expectsPayload) { + assert(contentLength !== 0 || client[kRunning] === 0, 'stream body cannot be pipelined') + + let finished = false + + const writer = new AsyncWriter({ abort, socket, request, contentLength, client, expectsPayload, header }) + + const onData = function (chunk) { + if (finished) { + return + } + + try { + if (!writer.write(chunk) && this.pause) { + this.pause() + } + } catch (err) { + util.destroy(this, err) + } + } + const onDrain = function () { + if (finished) { + return + } + + if (body.resume) { + body.resume() + } + } + const onClose = function () { + // 'close' might be emitted *before* 'error' for + // broken streams. Wait a tick to avoid this case. + queueMicrotask(() => { + // It's only safe to remove 'error' listener after + // 'close'. + body.removeListener('error', onFinished) + }) + + if (!finished) { + const err = new RequestAbortedError() + queueMicrotask(() => onFinished(err)) + } + } + const onFinished = function (err) { + if (finished) { + return + } + + finished = true + + assert(socket.destroyed || (socket[kWriting] && client[kRunning] <= 1)) + + socket + .off('drain', onDrain) + .off('error', onFinished) + + body + .removeListener('data', onData) + .removeListener('end', onFinished) + .removeListener('close', onClose) + + if (!err) { + try { + writer.end() + } catch (er) { + err = er + } + } + + writer.destroy(err) + + if (err && (err.code !== 'UND_ERR_INFO' || err.message !== 'reset')) { + util.destroy(body, err) + } else { + util.destroy(body) + } + } + + body + .on('data', onData) + .on('end', onFinished) + .on('error', onFinished) + .on('close', onClose) + + if (body.resume) { + body.resume() + } + + socket + .on('drain', onDrain) + .on('error', onFinished) + + if (body.errorEmitted ?? body.errored) { + setImmediate(() => onFinished(body.errored)) + } else if (body.endEmitted ?? body.readableEnded) { + setImmediate(() => onFinished(null)) + } + + if (body.closeEmitted ?? body.closed) { + setImmediate(onClose) + } +} + +function writeBuffer (abort, body, client, request, socket, contentLength, header, expectsPayload) { + try { + if (!body) { + if (contentLength === 0) { + socket.write(`${header}content-length: 0\r\n\r\n`, 'latin1') + } else { + assert(contentLength === null, 'no body must not have content length') + socket.write(`${header}\r\n`, 'latin1') + } + } else if (util.isBuffer(body)) { + assert(contentLength === body.byteLength, 'buffer body must have content length') + + socket.cork() + socket.write(`${header}content-length: ${contentLength}\r\n\r\n`, 'latin1') + socket.write(body) + socket.uncork() + request.onBodySent(body) + + if (!expectsPayload && request.reset !== false) { + socket[kReset] = true + } + } + request.onRequestSent() + + client[kResume]() + } catch (err) { + abort(err) + } +} + +async function writeBlob (abort, body, client, request, socket, contentLength, header, expectsPayload) { + assert(contentLength === body.size, 'blob body must have content length') + + try { + if (contentLength != null && contentLength !== body.size) { + throw new RequestContentLengthMismatchError() + } + + const buffer = Buffer.from(await body.arrayBuffer()) + + socket.cork() + socket.write(`${header}content-length: ${contentLength}\r\n\r\n`, 'latin1') + socket.write(buffer) + socket.uncork() + + request.onBodySent(buffer) + request.onRequestSent() + + if (!expectsPayload && request.reset !== false) { + socket[kReset] = true + } + + client[kResume]() + } catch (err) { + abort(err) + } +} + +async function writeIterable (abort, body, client, request, socket, contentLength, header, expectsPayload) { + assert(contentLength !== 0 || client[kRunning] === 0, 'iterator body cannot be pipelined') + + let callback = null + function onDrain () { + if (callback) { + const cb = callback + callback = null + cb() + } + } + + const waitForDrain = () => new Promise((resolve, reject) => { + assert(callback === null) + + if (socket[kError]) { + reject(socket[kError]) + } else { + callback = resolve + } + }) + + socket + .on('close', onDrain) + .on('drain', onDrain) + + const writer = new AsyncWriter({ abort, socket, request, contentLength, client, expectsPayload, header }) + try { + // It's up to the user to somehow abort the async iterable. + for await (const chunk of body) { + if (socket[kError]) { + throw socket[kError] + } + + if (!writer.write(chunk)) { + await waitForDrain() + } + } + + writer.end() + } catch (err) { + writer.destroy(err) + } finally { + socket + .off('close', onDrain) + .off('drain', onDrain) + } +} + +class AsyncWriter { + constructor ({ abort, socket, request, contentLength, client, expectsPayload, header }) { + this.socket = socket + this.request = request + this.contentLength = contentLength + this.client = client + this.bytesWritten = 0 + this.expectsPayload = expectsPayload + this.header = header + this.abort = abort + + socket[kWriting] = true + } + + write (chunk) { + const { socket, request, contentLength, client, bytesWritten, expectsPayload, header } = this + + if (socket[kError]) { + throw socket[kError] + } + + if (socket.destroyed) { + return false + } + + const len = Buffer.byteLength(chunk) + if (!len) { + return true + } + + // We should defer writing chunks. + if (contentLength !== null && bytesWritten + len > contentLength) { + if (client[kStrictContentLength]) { + throw new RequestContentLengthMismatchError() + } + + process.emitWarning(new RequestContentLengthMismatchError()) + } + + socket.cork() + + if (bytesWritten === 0) { + if (!expectsPayload && request.reset !== false) { + socket[kReset] = true + } + + if (contentLength === null) { + socket.write(`${header}transfer-encoding: chunked\r\n`, 'latin1') + } else { + socket.write(`${header}content-length: ${contentLength}\r\n\r\n`, 'latin1') + } + } + + if (contentLength === null) { + socket.write(`\r\n${len.toString(16)}\r\n`, 'latin1') + } + + this.bytesWritten += len + + const ret = socket.write(chunk) + + socket.uncork() + + request.onBodySent(chunk) + + if (!ret) { + if (socket[kParser].timeout && socket[kParser].timeoutType === TIMEOUT_HEADERS) { + // istanbul ignore else: only for jest + if (socket[kParser].timeout.refresh) { + socket[kParser].timeout.refresh() + } + } + } + + return ret + } + + end () { + const { socket, contentLength, client, bytesWritten, expectsPayload, header, request } = this + request.onRequestSent() + + socket[kWriting] = false + + if (socket[kError]) { + throw socket[kError] + } + + if (socket.destroyed) { + return + } + + if (bytesWritten === 0) { + if (expectsPayload) { + // https://tools.ietf.org/html/rfc7230#section-3.3.2 + // A user agent SHOULD send a Content-Length in a request message when + // no Transfer-Encoding is sent and the request method defines a meaning + // for an enclosed payload body. + + socket.write(`${header}content-length: 0\r\n\r\n`, 'latin1') + } else { + socket.write(`${header}\r\n`, 'latin1') + } + } else if (contentLength === null) { + socket.write('\r\n0\r\n\r\n', 'latin1') + } + + if (contentLength !== null && bytesWritten !== contentLength) { + if (client[kStrictContentLength]) { + throw new RequestContentLengthMismatchError() + } else { + process.emitWarning(new RequestContentLengthMismatchError()) + } + } + + if (socket[kParser].timeout && socket[kParser].timeoutType === TIMEOUT_HEADERS) { + // istanbul ignore else: only for jest + if (socket[kParser].timeout.refresh) { + socket[kParser].timeout.refresh() + } + } + + client[kResume]() + } + + destroy (err) { + const { socket, client, abort } = this + + socket[kWriting] = false + + if (err) { + assert(client[kRunning] <= 1, 'pipeline should only contain this request') + abort(err) + } + } +} + +module.exports = connectH1 + + +/***/ }), + +/***/ 8788: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) +const { pipeline } = __nccwpck_require__(7075) +const util = __nccwpck_require__(3440) +const { + RequestContentLengthMismatchError, + RequestAbortedError, + SocketError, + InformationalError +} = __nccwpck_require__(8707) +const { + kUrl, + kReset, + kClient, + kRunning, + kPending, + kQueue, + kPendingIdx, + kRunningIdx, + kError, + kSocket, + kStrictContentLength, + kOnError, + kMaxConcurrentStreams, + kHTTP2Session, + kResume, + kSize, + kHTTPContext +} = __nccwpck_require__(6443) + +const kOpenStreams = Symbol('open streams') + +let extractBody + +// Experimental +let h2ExperimentalWarned = false + +/** @type {import('http2')} */ +let http2 +try { + http2 = __nccwpck_require__(2467) +} catch { + // @ts-ignore + http2 = { constants: {} } +} + +const { + constants: { + HTTP2_HEADER_AUTHORITY, + HTTP2_HEADER_METHOD, + HTTP2_HEADER_PATH, + HTTP2_HEADER_SCHEME, + HTTP2_HEADER_CONTENT_LENGTH, + HTTP2_HEADER_EXPECT, + HTTP2_HEADER_STATUS + } +} = http2 + +function parseH2Headers (headers) { + const result = [] + + for (const [name, value] of Object.entries(headers)) { + // h2 may concat the header value by array + // e.g. Set-Cookie + if (Array.isArray(value)) { + for (const subvalue of value) { + // we need to provide each header value of header name + // because the headers handler expect name-value pair + result.push(Buffer.from(name), Buffer.from(subvalue)) + } + } else { + result.push(Buffer.from(name), Buffer.from(value)) + } + } + + return result +} + +async function connectH2 (client, socket) { + client[kSocket] = socket + + if (!h2ExperimentalWarned) { + h2ExperimentalWarned = true + process.emitWarning('H2 support is experimental, expect them to change at any time.', { + code: 'UNDICI-H2' + }) + } + + const session = http2.connect(client[kUrl], { + createConnection: () => socket, + peerMaxConcurrentStreams: client[kMaxConcurrentStreams] + }) + + session[kOpenStreams] = 0 + session[kClient] = client + session[kSocket] = socket + + util.addListener(session, 'error', onHttp2SessionError) + util.addListener(session, 'frameError', onHttp2FrameError) + util.addListener(session, 'end', onHttp2SessionEnd) + util.addListener(session, 'goaway', onHTTP2GoAway) + util.addListener(session, 'close', function () { + const { [kClient]: client } = this + const { [kSocket]: socket } = client + + const err = this[kSocket][kError] || this[kError] || new SocketError('closed', util.getSocketInfo(socket)) + + client[kHTTP2Session] = null + + if (client.destroyed) { + assert(client[kPending] === 0) + + // Fail entire queue. + const requests = client[kQueue].splice(client[kRunningIdx]) + for (let i = 0; i < requests.length; i++) { + const request = requests[i] + util.errorRequest(client, request, err) + } + } + }) + + session.unref() + + client[kHTTP2Session] = session + socket[kHTTP2Session] = session + + util.addListener(socket, 'error', function (err) { + assert(err.code !== 'ERR_TLS_CERT_ALTNAME_INVALID') + + this[kError] = err + + this[kClient][kOnError](err) + }) + + util.addListener(socket, 'end', function () { + util.destroy(this, new SocketError('other side closed', util.getSocketInfo(this))) + }) + + util.addListener(socket, 'close', function () { + const err = this[kError] || new SocketError('closed', util.getSocketInfo(this)) + + client[kSocket] = null + + if (this[kHTTP2Session] != null) { + this[kHTTP2Session].destroy(err) + } + + client[kPendingIdx] = client[kRunningIdx] + + assert(client[kRunning] === 0) + + client.emit('disconnect', client[kUrl], [client], err) + + client[kResume]() + }) + + let closed = false + socket.on('close', () => { + closed = true + }) + + return { + version: 'h2', + defaultPipelining: Infinity, + write (...args) { + return writeH2(client, ...args) + }, + resume () { + resumeH2(client) + }, + destroy (err, callback) { + if (closed) { + queueMicrotask(callback) + } else { + // Destroying the socket will trigger the session close + socket.destroy(err).on('close', callback) + } + }, + get destroyed () { + return socket.destroyed + }, + busy () { + return false + } + } +} + +function resumeH2 (client) { + const socket = client[kSocket] + + if (socket?.destroyed === false) { + if (client[kSize] === 0 && client[kMaxConcurrentStreams] === 0) { + socket.unref() + client[kHTTP2Session].unref() + } else { + socket.ref() + client[kHTTP2Session].ref() + } + } +} + +function onHttp2SessionError (err) { + assert(err.code !== 'ERR_TLS_CERT_ALTNAME_INVALID') + + this[kSocket][kError] = err + this[kClient][kOnError](err) +} + +function onHttp2FrameError (type, code, id) { + if (id === 0) { + const err = new InformationalError(`HTTP/2: "frameError" received - type ${type}, code ${code}`) + this[kSocket][kError] = err + this[kClient][kOnError](err) + } +} + +function onHttp2SessionEnd () { + const err = new SocketError('other side closed', util.getSocketInfo(this[kSocket])) + this.destroy(err) + util.destroy(this[kSocket], err) +} + +/** + * This is the root cause of #3011 + * We need to handle GOAWAY frames properly, and trigger the session close + * along with the socket right away + */ +function onHTTP2GoAway (code) { + // We cannot recover, so best to close the session and the socket + const err = this[kError] || new SocketError(`HTTP/2: "GOAWAY" frame received with code ${code}`, util.getSocketInfo(this)) + const client = this[kClient] + + client[kSocket] = null + client[kHTTPContext] = null + + if (this[kHTTP2Session] != null) { + this[kHTTP2Session].destroy(err) + this[kHTTP2Session] = null + } + + util.destroy(this[kSocket], err) + + // Fail head of pipeline. + if (client[kRunningIdx] < client[kQueue].length) { + const request = client[kQueue][client[kRunningIdx]] + client[kQueue][client[kRunningIdx]++] = null + util.errorRequest(client, request, err) + client[kPendingIdx] = client[kRunningIdx] + } + + assert(client[kRunning] === 0) + + client.emit('disconnect', client[kUrl], [client], err) + + client[kResume]() +} + +// https://www.rfc-editor.org/rfc/rfc7230#section-3.3.2 +function shouldSendContentLength (method) { + return method !== 'GET' && method !== 'HEAD' && method !== 'OPTIONS' && method !== 'TRACE' && method !== 'CONNECT' +} + +function writeH2 (client, request) { + const session = client[kHTTP2Session] + const { method, path, host, upgrade, expectContinue, signal, headers: reqHeaders } = request + let { body } = request + + if (upgrade) { + util.errorRequest(client, request, new Error('Upgrade not supported for H2')) + return false + } + + const headers = {} + for (let n = 0; n < reqHeaders.length; n += 2) { + const key = reqHeaders[n + 0] + const val = reqHeaders[n + 1] + + if (Array.isArray(val)) { + for (let i = 0; i < val.length; i++) { + if (headers[key]) { + headers[key] += `,${val[i]}` + } else { + headers[key] = val[i] + } + } + } else { + headers[key] = val + } + } + + /** @type {import('node:http2').ClientHttp2Stream} */ + let stream + + const { hostname, port } = client[kUrl] + + headers[HTTP2_HEADER_AUTHORITY] = host || `${hostname}${port ? `:${port}` : ''}` + headers[HTTP2_HEADER_METHOD] = method + + const abort = (err) => { + if (request.aborted || request.completed) { + return + } + + err = err || new RequestAbortedError() + + util.errorRequest(client, request, err) + + if (stream != null) { + util.destroy(stream, err) + } + + // We do not destroy the socket as we can continue using the session + // the stream get's destroyed and the session remains to create new streams + util.destroy(body, err) + client[kQueue][client[kRunningIdx]++] = null + client[kResume]() + } + + try { + // We are already connected, streams are pending. + // We can call on connect, and wait for abort + request.onConnect(abort) + } catch (err) { + util.errorRequest(client, request, err) + } + + if (request.aborted) { + return false + } + + if (method === 'CONNECT') { + session.ref() + // We are already connected, streams are pending, first request + // will create a new stream. We trigger a request to create the stream and wait until + // `ready` event is triggered + // We disabled endStream to allow the user to write to the stream + stream = session.request(headers, { endStream: false, signal }) + + if (stream.id && !stream.pending) { + request.onUpgrade(null, null, stream) + ++session[kOpenStreams] + client[kQueue][client[kRunningIdx]++] = null + } else { + stream.once('ready', () => { + request.onUpgrade(null, null, stream) + ++session[kOpenStreams] + client[kQueue][client[kRunningIdx]++] = null + }) + } + + stream.once('close', () => { + session[kOpenStreams] -= 1 + if (session[kOpenStreams] === 0) session.unref() + }) + + return true + } + + // https://tools.ietf.org/html/rfc7540#section-8.3 + // :path and :scheme headers must be omitted when sending CONNECT + + headers[HTTP2_HEADER_PATH] = path + headers[HTTP2_HEADER_SCHEME] = 'https' + + // https://tools.ietf.org/html/rfc7231#section-4.3.1 + // https://tools.ietf.org/html/rfc7231#section-4.3.2 + // https://tools.ietf.org/html/rfc7231#section-4.3.5 + + // Sending a payload body on a request that does not + // expect it can cause undefined behavior on some + // servers and corrupt connection state. Do not + // re-use the connection for further requests. + + const expectsPayload = ( + method === 'PUT' || + method === 'POST' || + method === 'PATCH' + ) + + if (body && typeof body.read === 'function') { + // Try to read EOF in order to get length. + body.read(0) + } + + let contentLength = util.bodyLength(body) + + if (util.isFormDataLike(body)) { + extractBody ??= (__nccwpck_require__(4492).extractBody) + + const [bodyStream, contentType] = extractBody(body) + headers['content-type'] = contentType + + body = bodyStream.stream + contentLength = bodyStream.length + } + + if (contentLength == null) { + contentLength = request.contentLength + } + + if (contentLength === 0 || !expectsPayload) { + // https://tools.ietf.org/html/rfc7230#section-3.3.2 + // A user agent SHOULD NOT send a Content-Length header field when + // the request message does not contain a payload body and the method + // semantics do not anticipate such a body. + + contentLength = null + } + + // https://github.com/nodejs/undici/issues/2046 + // A user agent may send a Content-Length header with 0 value, this should be allowed. + if (shouldSendContentLength(method) && contentLength > 0 && request.contentLength != null && request.contentLength !== contentLength) { + if (client[kStrictContentLength]) { + util.errorRequest(client, request, new RequestContentLengthMismatchError()) + return false + } + + process.emitWarning(new RequestContentLengthMismatchError()) + } + + if (contentLength != null) { + assert(body, 'no body must not have content length') + headers[HTTP2_HEADER_CONTENT_LENGTH] = `${contentLength}` + } + + session.ref() + + const shouldEndStream = method === 'GET' || method === 'HEAD' || body === null + if (expectContinue) { + headers[HTTP2_HEADER_EXPECT] = '100-continue' + stream = session.request(headers, { endStream: shouldEndStream, signal }) + + stream.once('continue', writeBodyH2) + } else { + stream = session.request(headers, { + endStream: shouldEndStream, + signal + }) + writeBodyH2() + } + + // Increment counter as we have new streams open + ++session[kOpenStreams] + + stream.once('response', headers => { + const { [HTTP2_HEADER_STATUS]: statusCode, ...realHeaders } = headers + request.onResponseStarted() + + // Due to the stream nature, it is possible we face a race condition + // where the stream has been assigned, but the request has been aborted + // the request remains in-flight and headers hasn't been received yet + // for those scenarios, best effort is to destroy the stream immediately + // as there's no value to keep it open. + if (request.aborted) { + const err = new RequestAbortedError() + util.errorRequest(client, request, err) + util.destroy(stream, err) + return + } + + if (request.onHeaders(Number(statusCode), parseH2Headers(realHeaders), stream.resume.bind(stream), '') === false) { + stream.pause() + } + + stream.on('data', (chunk) => { + if (request.onData(chunk) === false) { + stream.pause() + } + }) + }) + + stream.once('end', () => { + // When state is null, it means we haven't consumed body and the stream still do not have + // a state. + // Present specially when using pipeline or stream + if (stream.state?.state == null || stream.state.state < 6) { + request.onComplete([]) + } + + if (session[kOpenStreams] === 0) { + // Stream is closed or half-closed-remote (6), decrement counter and cleanup + // It does not have sense to continue working with the stream as we do not + // have yet RST_STREAM support on client-side + + session.unref() + } + + abort(new InformationalError('HTTP/2: stream half-closed (remote)')) + client[kQueue][client[kRunningIdx]++] = null + client[kPendingIdx] = client[kRunningIdx] + client[kResume]() + }) + + stream.once('close', () => { + session[kOpenStreams] -= 1 + if (session[kOpenStreams] === 0) { + session.unref() + } + }) + + stream.once('error', function (err) { + abort(err) + }) + + stream.once('frameError', (type, code) => { + abort(new InformationalError(`HTTP/2: "frameError" received - type ${type}, code ${code}`)) + }) + + // stream.on('aborted', () => { + // // TODO(HTTP/2): Support aborted + // }) + + // stream.on('timeout', () => { + // // TODO(HTTP/2): Support timeout + // }) + + // stream.on('push', headers => { + // // TODO(HTTP/2): Support push + // }) + + // stream.on('trailers', headers => { + // // TODO(HTTP/2): Support trailers + // }) + + return true + + function writeBodyH2 () { + /* istanbul ignore else: assertion */ + if (!body || contentLength === 0) { + writeBuffer( + abort, + stream, + null, + client, + request, + client[kSocket], + contentLength, + expectsPayload + ) + } else if (util.isBuffer(body)) { + writeBuffer( + abort, + stream, + body, + client, + request, + client[kSocket], + contentLength, + expectsPayload + ) + } else if (util.isBlobLike(body)) { + if (typeof body.stream === 'function') { + writeIterable( + abort, + stream, + body.stream(), + client, + request, + client[kSocket], + contentLength, + expectsPayload + ) + } else { + writeBlob( + abort, + stream, + body, + client, + request, + client[kSocket], + contentLength, + expectsPayload + ) + } + } else if (util.isStream(body)) { + writeStream( + abort, + client[kSocket], + expectsPayload, + stream, + body, + client, + request, + contentLength + ) + } else if (util.isIterable(body)) { + writeIterable( + abort, + stream, + body, + client, + request, + client[kSocket], + contentLength, + expectsPayload + ) + } else { + assert(false) + } + } +} + +function writeBuffer (abort, h2stream, body, client, request, socket, contentLength, expectsPayload) { + try { + if (body != null && util.isBuffer(body)) { + assert(contentLength === body.byteLength, 'buffer body must have content length') + h2stream.cork() + h2stream.write(body) + h2stream.uncork() + h2stream.end() + + request.onBodySent(body) + } + + if (!expectsPayload) { + socket[kReset] = true + } + + request.onRequestSent() + client[kResume]() + } catch (error) { + abort(error) + } +} + +function writeStream (abort, socket, expectsPayload, h2stream, body, client, request, contentLength) { + assert(contentLength !== 0 || client[kRunning] === 0, 'stream body cannot be pipelined') + + // For HTTP/2, is enough to pipe the stream + const pipe = pipeline( + body, + h2stream, + (err) => { + if (err) { + util.destroy(pipe, err) + abort(err) + } else { + util.removeAllListeners(pipe) + request.onRequestSent() + + if (!expectsPayload) { + socket[kReset] = true + } + + client[kResume]() + } + } + ) + + util.addListener(pipe, 'data', onPipeData) + + function onPipeData (chunk) { + request.onBodySent(chunk) + } +} + +async function writeBlob (abort, h2stream, body, client, request, socket, contentLength, expectsPayload) { + assert(contentLength === body.size, 'blob body must have content length') + + try { + if (contentLength != null && contentLength !== body.size) { + throw new RequestContentLengthMismatchError() + } + + const buffer = Buffer.from(await body.arrayBuffer()) + + h2stream.cork() + h2stream.write(buffer) + h2stream.uncork() + h2stream.end() + + request.onBodySent(buffer) + request.onRequestSent() + + if (!expectsPayload) { + socket[kReset] = true + } + + client[kResume]() + } catch (err) { + abort(err) + } +} + +async function writeIterable (abort, h2stream, body, client, request, socket, contentLength, expectsPayload) { + assert(contentLength !== 0 || client[kRunning] === 0, 'iterator body cannot be pipelined') + + let callback = null + function onDrain () { + if (callback) { + const cb = callback + callback = null + cb() + } + } + + const waitForDrain = () => new Promise((resolve, reject) => { + assert(callback === null) + + if (socket[kError]) { + reject(socket[kError]) + } else { + callback = resolve + } + }) + + h2stream + .on('close', onDrain) + .on('drain', onDrain) + + try { + // It's up to the user to somehow abort the async iterable. + for await (const chunk of body) { + if (socket[kError]) { + throw socket[kError] + } + + const res = h2stream.write(chunk) + request.onBodySent(chunk) + if (!res) { + await waitForDrain() + } + } + + h2stream.end() + + request.onRequestSent() + + if (!expectsPayload) { + socket[kReset] = true + } + + client[kResume]() + } catch (err) { + abort(err) + } finally { + h2stream + .off('close', onDrain) + .off('drain', onDrain) + } +} + +module.exports = connectH2 + + +/***/ }), + +/***/ 3701: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; +// @ts-check + + + +const assert = __nccwpck_require__(4589) +const net = __nccwpck_require__(7030) +const http = __nccwpck_require__(7067) +const util = __nccwpck_require__(3440) +const { channels } = __nccwpck_require__(2414) +const Request = __nccwpck_require__(4655) +const DispatcherBase = __nccwpck_require__(1841) +const { + InvalidArgumentError, + InformationalError, + ClientDestroyedError +} = __nccwpck_require__(8707) +const buildConnector = __nccwpck_require__(9136) +const { + kUrl, + kServerName, + kClient, + kBusy, + kConnect, + kResuming, + kRunning, + kPending, + kSize, + kQueue, + kConnected, + kConnecting, + kNeedDrain, + kKeepAliveDefaultTimeout, + kHostHeader, + kPendingIdx, + kRunningIdx, + kError, + kPipelining, + kKeepAliveTimeoutValue, + kMaxHeadersSize, + kKeepAliveMaxTimeout, + kKeepAliveTimeoutThreshold, + kHeadersTimeout, + kBodyTimeout, + kStrictContentLength, + kConnector, + kMaxRedirections, + kMaxRequests, + kCounter, + kClose, + kDestroy, + kDispatch, + kInterceptors, + kLocalAddress, + kMaxResponseSize, + kOnError, + kHTTPContext, + kMaxConcurrentStreams, + kResume +} = __nccwpck_require__(6443) +const connectH1 = __nccwpck_require__(637) +const connectH2 = __nccwpck_require__(8788) +let deprecatedInterceptorWarned = false + +const kClosedResolve = Symbol('kClosedResolve') + +const noop = () => {} + +function getPipelining (client) { + return client[kPipelining] ?? client[kHTTPContext]?.defaultPipelining ?? 1 +} + +/** + * @type {import('../../types/client.js').default} + */ +class Client extends DispatcherBase { + /** + * + * @param {string|URL} url + * @param {import('../../types/client.js').Client.Options} options + */ + constructor (url, { + interceptors, + maxHeaderSize, + headersTimeout, + socketTimeout, + requestTimeout, + connectTimeout, + bodyTimeout, + idleTimeout, + keepAlive, + keepAliveTimeout, + maxKeepAliveTimeout, + keepAliveMaxTimeout, + keepAliveTimeoutThreshold, + socketPath, + pipelining, + tls, + strictContentLength, + maxCachedSessions, + maxRedirections, + connect, + maxRequestsPerClient, + localAddress, + maxResponseSize, + autoSelectFamily, + autoSelectFamilyAttemptTimeout, + // h2 + maxConcurrentStreams, + allowH2 + } = {}) { + super() + + if (keepAlive !== undefined) { + throw new InvalidArgumentError('unsupported keepAlive, use pipelining=0 instead') + } + + if (socketTimeout !== undefined) { + throw new InvalidArgumentError('unsupported socketTimeout, use headersTimeout & bodyTimeout instead') + } + + if (requestTimeout !== undefined) { + throw new InvalidArgumentError('unsupported requestTimeout, use headersTimeout & bodyTimeout instead') + } + + if (idleTimeout !== undefined) { + throw new InvalidArgumentError('unsupported idleTimeout, use keepAliveTimeout instead') + } + + if (maxKeepAliveTimeout !== undefined) { + throw new InvalidArgumentError('unsupported maxKeepAliveTimeout, use keepAliveMaxTimeout instead') + } + + if (maxHeaderSize != null && !Number.isFinite(maxHeaderSize)) { + throw new InvalidArgumentError('invalid maxHeaderSize') + } + + if (socketPath != null && typeof socketPath !== 'string') { + throw new InvalidArgumentError('invalid socketPath') + } + + if (connectTimeout != null && (!Number.isFinite(connectTimeout) || connectTimeout < 0)) { + throw new InvalidArgumentError('invalid connectTimeout') + } + + if (keepAliveTimeout != null && (!Number.isFinite(keepAliveTimeout) || keepAliveTimeout <= 0)) { + throw new InvalidArgumentError('invalid keepAliveTimeout') + } + + if (keepAliveMaxTimeout != null && (!Number.isFinite(keepAliveMaxTimeout) || keepAliveMaxTimeout <= 0)) { + throw new InvalidArgumentError('invalid keepAliveMaxTimeout') + } + + if (keepAliveTimeoutThreshold != null && !Number.isFinite(keepAliveTimeoutThreshold)) { + throw new InvalidArgumentError('invalid keepAliveTimeoutThreshold') + } + + if (headersTimeout != null && (!Number.isInteger(headersTimeout) || headersTimeout < 0)) { + throw new InvalidArgumentError('headersTimeout must be a positive integer or zero') + } + + if (bodyTimeout != null && (!Number.isInteger(bodyTimeout) || bodyTimeout < 0)) { + throw new InvalidArgumentError('bodyTimeout must be a positive integer or zero') + } + + if (connect != null && typeof connect !== 'function' && typeof connect !== 'object') { + throw new InvalidArgumentError('connect must be a function or an object') + } + + if (maxRedirections != null && (!Number.isInteger(maxRedirections) || maxRedirections < 0)) { + throw new InvalidArgumentError('maxRedirections must be a positive number') + } + + if (maxRequestsPerClient != null && (!Number.isInteger(maxRequestsPerClient) || maxRequestsPerClient < 0)) { + throw new InvalidArgumentError('maxRequestsPerClient must be a positive number') + } + + if (localAddress != null && (typeof localAddress !== 'string' || net.isIP(localAddress) === 0)) { + throw new InvalidArgumentError('localAddress must be valid string IP address') + } + + if (maxResponseSize != null && (!Number.isInteger(maxResponseSize) || maxResponseSize < -1)) { + throw new InvalidArgumentError('maxResponseSize must be a positive number') + } + + if ( + autoSelectFamilyAttemptTimeout != null && + (!Number.isInteger(autoSelectFamilyAttemptTimeout) || autoSelectFamilyAttemptTimeout < -1) + ) { + throw new InvalidArgumentError('autoSelectFamilyAttemptTimeout must be a positive number') + } + + // h2 + if (allowH2 != null && typeof allowH2 !== 'boolean') { + throw new InvalidArgumentError('allowH2 must be a valid boolean value') + } + + if (maxConcurrentStreams != null && (typeof maxConcurrentStreams !== 'number' || maxConcurrentStreams < 1)) { + throw new InvalidArgumentError('maxConcurrentStreams must be a positive integer, greater than 0') + } + + if (typeof connect !== 'function') { + connect = buildConnector({ + ...tls, + maxCachedSessions, + allowH2, + socketPath, + timeout: connectTimeout, + ...(autoSelectFamily ? { autoSelectFamily, autoSelectFamilyAttemptTimeout } : undefined), + ...connect + }) + } + + if (interceptors?.Client && Array.isArray(interceptors.Client)) { + this[kInterceptors] = interceptors.Client + if (!deprecatedInterceptorWarned) { + deprecatedInterceptorWarned = true + process.emitWarning('Client.Options#interceptor is deprecated. Use Dispatcher#compose instead.', { + code: 'UNDICI-CLIENT-INTERCEPTOR-DEPRECATED' + }) + } + } else { + this[kInterceptors] = [createRedirectInterceptor({ maxRedirections })] + } + + this[kUrl] = util.parseOrigin(url) + this[kConnector] = connect + this[kPipelining] = pipelining != null ? pipelining : 1 + this[kMaxHeadersSize] = maxHeaderSize || http.maxHeaderSize + this[kKeepAliveDefaultTimeout] = keepAliveTimeout == null ? 4e3 : keepAliveTimeout + this[kKeepAliveMaxTimeout] = keepAliveMaxTimeout == null ? 600e3 : keepAliveMaxTimeout + this[kKeepAliveTimeoutThreshold] = keepAliveTimeoutThreshold == null ? 2e3 : keepAliveTimeoutThreshold + this[kKeepAliveTimeoutValue] = this[kKeepAliveDefaultTimeout] + this[kServerName] = null + this[kLocalAddress] = localAddress != null ? localAddress : null + this[kResuming] = 0 // 0, idle, 1, scheduled, 2 resuming + this[kNeedDrain] = 0 // 0, idle, 1, scheduled, 2 resuming + this[kHostHeader] = `host: ${this[kUrl].hostname}${this[kUrl].port ? `:${this[kUrl].port}` : ''}\r\n` + this[kBodyTimeout] = bodyTimeout != null ? bodyTimeout : 300e3 + this[kHeadersTimeout] = headersTimeout != null ? headersTimeout : 300e3 + this[kStrictContentLength] = strictContentLength == null ? true : strictContentLength + this[kMaxRedirections] = maxRedirections + this[kMaxRequests] = maxRequestsPerClient + this[kClosedResolve] = null + this[kMaxResponseSize] = maxResponseSize > -1 ? maxResponseSize : -1 + this[kMaxConcurrentStreams] = maxConcurrentStreams != null ? maxConcurrentStreams : 100 // Max peerConcurrentStreams for a Node h2 server + this[kHTTPContext] = null + + // kQueue is built up of 3 sections separated by + // the kRunningIdx and kPendingIdx indices. + // | complete | running | pending | + // ^ kRunningIdx ^ kPendingIdx ^ kQueue.length + // kRunningIdx points to the first running element. + // kPendingIdx points to the first pending element. + // This implements a fast queue with an amortized + // time of O(1). + + this[kQueue] = [] + this[kRunningIdx] = 0 + this[kPendingIdx] = 0 + + this[kResume] = (sync) => resume(this, sync) + this[kOnError] = (err) => onError(this, err) + } + + get pipelining () { + return this[kPipelining] + } + + set pipelining (value) { + this[kPipelining] = value + this[kResume](true) + } + + get [kPending] () { + return this[kQueue].length - this[kPendingIdx] + } + + get [kRunning] () { + return this[kPendingIdx] - this[kRunningIdx] + } + + get [kSize] () { + return this[kQueue].length - this[kRunningIdx] + } + + get [kConnected] () { + return !!this[kHTTPContext] && !this[kConnecting] && !this[kHTTPContext].destroyed + } + + get [kBusy] () { + return Boolean( + this[kHTTPContext]?.busy(null) || + (this[kSize] >= (getPipelining(this) || 1)) || + this[kPending] > 0 + ) + } + + /* istanbul ignore: only used for test */ + [kConnect] (cb) { + connect(this) + this.once('connect', cb) + } + + [kDispatch] (opts, handler) { + const origin = opts.origin || this[kUrl].origin + const request = new Request(origin, opts, handler) + + this[kQueue].push(request) + if (this[kResuming]) { + // Do nothing. + } else if (util.bodyLength(request.body) == null && util.isIterable(request.body)) { + // Wait a tick in case stream/iterator is ended in the same tick. + this[kResuming] = 1 + queueMicrotask(() => resume(this)) + } else { + this[kResume](true) + } + + if (this[kResuming] && this[kNeedDrain] !== 2 && this[kBusy]) { + this[kNeedDrain] = 2 + } + + return this[kNeedDrain] < 2 + } + + async [kClose] () { + // TODO: for H2 we need to gracefully flush the remaining enqueued + // request and close each stream. + return new Promise((resolve) => { + if (this[kSize]) { + this[kClosedResolve] = resolve + } else { + resolve(null) + } + }) + } + + async [kDestroy] (err) { + return new Promise((resolve) => { + const requests = this[kQueue].splice(this[kPendingIdx]) + for (let i = 0; i < requests.length; i++) { + const request = requests[i] + util.errorRequest(this, request, err) + } + + const callback = () => { + if (this[kClosedResolve]) { + // TODO (fix): Should we error here with ClientDestroyedError? + this[kClosedResolve]() + this[kClosedResolve] = null + } + resolve(null) + } + + if (this[kHTTPContext]) { + this[kHTTPContext].destroy(err, callback) + this[kHTTPContext] = null + } else { + queueMicrotask(callback) + } + + this[kResume]() + }) + } +} + +const createRedirectInterceptor = __nccwpck_require__(5092) + +function onError (client, err) { + if ( + client[kRunning] === 0 && + err.code !== 'UND_ERR_INFO' && + err.code !== 'UND_ERR_SOCKET' + ) { + // Error is not caused by running request and not a recoverable + // socket error. + + assert(client[kPendingIdx] === client[kRunningIdx]) + + const requests = client[kQueue].splice(client[kRunningIdx]) + + for (let i = 0; i < requests.length; i++) { + const request = requests[i] + util.errorRequest(client, request, err) + } + assert(client[kSize] === 0) + } +} + +/** + * @param {Client} client + * @returns + */ +async function connect (client) { + assert(!client[kConnecting]) + assert(!client[kHTTPContext]) + + let { host, hostname, protocol, port } = client[kUrl] + + // Resolve ipv6 + if (hostname[0] === '[') { + const idx = hostname.indexOf(']') + + assert(idx !== -1) + const ip = hostname.substring(1, idx) + + assert(net.isIP(ip)) + hostname = ip + } + + client[kConnecting] = true + + if (channels.beforeConnect.hasSubscribers) { + channels.beforeConnect.publish({ + connectParams: { + host, + hostname, + protocol, + port, + version: client[kHTTPContext]?.version, + servername: client[kServerName], + localAddress: client[kLocalAddress] + }, + connector: client[kConnector] + }) + } + + try { + const socket = await new Promise((resolve, reject) => { + client[kConnector]({ + host, + hostname, + protocol, + port, + servername: client[kServerName], + localAddress: client[kLocalAddress] + }, (err, socket) => { + if (err) { + reject(err) + } else { + resolve(socket) + } + }) + }) + + if (client.destroyed) { + util.destroy(socket.on('error', noop), new ClientDestroyedError()) + return + } + + assert(socket) + + try { + client[kHTTPContext] = socket.alpnProtocol === 'h2' + ? await connectH2(client, socket) + : await connectH1(client, socket) + } catch (err) { + socket.destroy().on('error', noop) + throw err + } + + client[kConnecting] = false + + socket[kCounter] = 0 + socket[kMaxRequests] = client[kMaxRequests] + socket[kClient] = client + socket[kError] = null + + if (channels.connected.hasSubscribers) { + channels.connected.publish({ + connectParams: { + host, + hostname, + protocol, + port, + version: client[kHTTPContext]?.version, + servername: client[kServerName], + localAddress: client[kLocalAddress] + }, + connector: client[kConnector], + socket + }) + } + client.emit('connect', client[kUrl], [client]) + } catch (err) { + if (client.destroyed) { + return + } + + client[kConnecting] = false + + if (channels.connectError.hasSubscribers) { + channels.connectError.publish({ + connectParams: { + host, + hostname, + protocol, + port, + version: client[kHTTPContext]?.version, + servername: client[kServerName], + localAddress: client[kLocalAddress] + }, + connector: client[kConnector], + error: err + }) + } + + if (err.code === 'ERR_TLS_CERT_ALTNAME_INVALID') { + assert(client[kRunning] === 0) + while (client[kPending] > 0 && client[kQueue][client[kPendingIdx]].servername === client[kServerName]) { + const request = client[kQueue][client[kPendingIdx]++] + util.errorRequest(client, request, err) + } + } else { + onError(client, err) + } + + client.emit('connectionError', client[kUrl], [client], err) + } + + client[kResume]() +} + +function emitDrain (client) { + client[kNeedDrain] = 0 + client.emit('drain', client[kUrl], [client]) +} + +function resume (client, sync) { + if (client[kResuming] === 2) { + return + } + + client[kResuming] = 2 + + _resume(client, sync) + client[kResuming] = 0 + + if (client[kRunningIdx] > 256) { + client[kQueue].splice(0, client[kRunningIdx]) + client[kPendingIdx] -= client[kRunningIdx] + client[kRunningIdx] = 0 + } +} + +function _resume (client, sync) { + while (true) { + if (client.destroyed) { + assert(client[kPending] === 0) + return + } + + if (client[kClosedResolve] && !client[kSize]) { + client[kClosedResolve]() + client[kClosedResolve] = null + return + } + + if (client[kHTTPContext]) { + client[kHTTPContext].resume() + } + + if (client[kBusy]) { + client[kNeedDrain] = 2 + } else if (client[kNeedDrain] === 2) { + if (sync) { + client[kNeedDrain] = 1 + queueMicrotask(() => emitDrain(client)) + } else { + emitDrain(client) + } + continue + } + + if (client[kPending] === 0) { + return + } + + if (client[kRunning] >= (getPipelining(client) || 1)) { + return + } + + const request = client[kQueue][client[kPendingIdx]] + + if (client[kUrl].protocol === 'https:' && client[kServerName] !== request.servername) { + if (client[kRunning] > 0) { + return + } + + client[kServerName] = request.servername + client[kHTTPContext]?.destroy(new InformationalError('servername changed'), () => { + client[kHTTPContext] = null + resume(client) + }) + } + + if (client[kConnecting]) { + return + } + + if (!client[kHTTPContext]) { + connect(client) + return + } + + if (client[kHTTPContext].destroyed) { + return + } + + if (client[kHTTPContext].busy(request)) { + return + } + + if (!request.aborted && client[kHTTPContext].write(request)) { + client[kPendingIdx]++ + } else { + client[kQueue].splice(client[kPendingIdx], 1) + } + } +} + +module.exports = Client + + +/***/ }), + +/***/ 1841: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const Dispatcher = __nccwpck_require__(883) +const { + ClientDestroyedError, + ClientClosedError, + InvalidArgumentError +} = __nccwpck_require__(8707) +const { kDestroy, kClose, kClosed, kDestroyed, kDispatch, kInterceptors } = __nccwpck_require__(6443) + +const kOnDestroyed = Symbol('onDestroyed') +const kOnClosed = Symbol('onClosed') +const kInterceptedDispatch = Symbol('Intercepted Dispatch') + +class DispatcherBase extends Dispatcher { + constructor () { + super() + + this[kDestroyed] = false + this[kOnDestroyed] = null + this[kClosed] = false + this[kOnClosed] = [] + } + + get destroyed () { + return this[kDestroyed] + } + + get closed () { + return this[kClosed] + } + + get interceptors () { + return this[kInterceptors] + } + + set interceptors (newInterceptors) { + if (newInterceptors) { + for (let i = newInterceptors.length - 1; i >= 0; i--) { + const interceptor = this[kInterceptors][i] + if (typeof interceptor !== 'function') { + throw new InvalidArgumentError('interceptor must be an function') + } + } + } + + this[kInterceptors] = newInterceptors + } + + close (callback) { + if (callback === undefined) { + return new Promise((resolve, reject) => { + this.close((err, data) => { + return err ? reject(err) : resolve(data) + }) + }) + } + + if (typeof callback !== 'function') { + throw new InvalidArgumentError('invalid callback') + } + + if (this[kDestroyed]) { + queueMicrotask(() => callback(new ClientDestroyedError(), null)) + return + } + + if (this[kClosed]) { + if (this[kOnClosed]) { + this[kOnClosed].push(callback) + } else { + queueMicrotask(() => callback(null, null)) + } + return + } + + this[kClosed] = true + this[kOnClosed].push(callback) + + const onClosed = () => { + const callbacks = this[kOnClosed] + this[kOnClosed] = null + for (let i = 0; i < callbacks.length; i++) { + callbacks[i](null, null) + } + } + + // Should not error. + this[kClose]() + .then(() => this.destroy()) + .then(() => { + queueMicrotask(onClosed) + }) + } + + destroy (err, callback) { + if (typeof err === 'function') { + callback = err + err = null + } + + if (callback === undefined) { + return new Promise((resolve, reject) => { + this.destroy(err, (err, data) => { + return err ? /* istanbul ignore next: should never error */ reject(err) : resolve(data) + }) + }) + } + + if (typeof callback !== 'function') { + throw new InvalidArgumentError('invalid callback') + } + + if (this[kDestroyed]) { + if (this[kOnDestroyed]) { + this[kOnDestroyed].push(callback) + } else { + queueMicrotask(() => callback(null, null)) + } + return + } + + if (!err) { + err = new ClientDestroyedError() + } + + this[kDestroyed] = true + this[kOnDestroyed] = this[kOnDestroyed] || [] + this[kOnDestroyed].push(callback) + + const onDestroyed = () => { + const callbacks = this[kOnDestroyed] + this[kOnDestroyed] = null + for (let i = 0; i < callbacks.length; i++) { + callbacks[i](null, null) + } + } + + // Should not error. + this[kDestroy](err).then(() => { + queueMicrotask(onDestroyed) + }) + } + + [kInterceptedDispatch] (opts, handler) { + if (!this[kInterceptors] || this[kInterceptors].length === 0) { + this[kInterceptedDispatch] = this[kDispatch] + return this[kDispatch](opts, handler) + } + + let dispatch = this[kDispatch].bind(this) + for (let i = this[kInterceptors].length - 1; i >= 0; i--) { + dispatch = this[kInterceptors][i](dispatch) + } + this[kInterceptedDispatch] = dispatch + return dispatch(opts, handler) + } + + dispatch (opts, handler) { + if (!handler || typeof handler !== 'object') { + throw new InvalidArgumentError('handler must be an object') + } + + try { + if (!opts || typeof opts !== 'object') { + throw new InvalidArgumentError('opts must be an object.') + } + + if (this[kDestroyed] || this[kOnDestroyed]) { + throw new ClientDestroyedError() + } + + if (this[kClosed]) { + throw new ClientClosedError() + } + + return this[kInterceptedDispatch](opts, handler) + } catch (err) { + if (typeof handler.onError !== 'function') { + throw new InvalidArgumentError('invalid onError method') + } + + handler.onError(err) + + return false + } + } +} + +module.exports = DispatcherBase + + +/***/ }), + +/***/ 883: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const EventEmitter = __nccwpck_require__(8474) + +class Dispatcher extends EventEmitter { + dispatch () { + throw new Error('not implemented') + } + + close () { + throw new Error('not implemented') + } + + destroy () { + throw new Error('not implemented') + } + + compose (...args) { + // So we handle [interceptor1, interceptor2] or interceptor1, interceptor2, ... + const interceptors = Array.isArray(args[0]) ? args[0] : args + let dispatch = this.dispatch.bind(this) + + for (const interceptor of interceptors) { + if (interceptor == null) { + continue + } + + if (typeof interceptor !== 'function') { + throw new TypeError(`invalid interceptor, expected function received ${typeof interceptor}`) + } + + dispatch = interceptor(dispatch) + + if (dispatch == null || typeof dispatch !== 'function' || dispatch.length !== 2) { + throw new TypeError('invalid interceptor') + } + } + + return new ComposedDispatcher(this, dispatch) + } +} + +class ComposedDispatcher extends Dispatcher { + #dispatcher = null + #dispatch = null + + constructor (dispatcher, dispatch) { + super() + this.#dispatcher = dispatcher + this.#dispatch = dispatch + } + + dispatch (...args) { + this.#dispatch(...args) + } + + close (...args) { + return this.#dispatcher.close(...args) + } + + destroy (...args) { + return this.#dispatcher.destroy(...args) + } +} + +module.exports = Dispatcher + + +/***/ }), + +/***/ 3137: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const DispatcherBase = __nccwpck_require__(1841) +const { kClose, kDestroy, kClosed, kDestroyed, kDispatch, kNoProxyAgent, kHttpProxyAgent, kHttpsProxyAgent } = __nccwpck_require__(6443) +const ProxyAgent = __nccwpck_require__(6672) +const Agent = __nccwpck_require__(7405) + +const DEFAULT_PORTS = { + 'http:': 80, + 'https:': 443 +} + +let experimentalWarned = false + +class EnvHttpProxyAgent extends DispatcherBase { + #noProxyValue = null + #noProxyEntries = null + #opts = null + + constructor (opts = {}) { + super() + this.#opts = opts + + if (!experimentalWarned) { + experimentalWarned = true + process.emitWarning('EnvHttpProxyAgent is experimental, expect them to change at any time.', { + code: 'UNDICI-EHPA' + }) + } + + const { httpProxy, httpsProxy, noProxy, ...agentOpts } = opts + + this[kNoProxyAgent] = new Agent(agentOpts) + + const HTTP_PROXY = httpProxy ?? process.env.http_proxy ?? process.env.HTTP_PROXY + if (HTTP_PROXY) { + this[kHttpProxyAgent] = new ProxyAgent({ ...agentOpts, uri: HTTP_PROXY }) + } else { + this[kHttpProxyAgent] = this[kNoProxyAgent] + } + + const HTTPS_PROXY = httpsProxy ?? process.env.https_proxy ?? process.env.HTTPS_PROXY + if (HTTPS_PROXY) { + this[kHttpsProxyAgent] = new ProxyAgent({ ...agentOpts, uri: HTTPS_PROXY }) + } else { + this[kHttpsProxyAgent] = this[kHttpProxyAgent] + } + + this.#parseNoProxy() + } + + [kDispatch] (opts, handler) { + const url = new URL(opts.origin) + const agent = this.#getProxyAgentForUrl(url) + return agent.dispatch(opts, handler) + } + + async [kClose] () { + await this[kNoProxyAgent].close() + if (!this[kHttpProxyAgent][kClosed]) { + await this[kHttpProxyAgent].close() + } + if (!this[kHttpsProxyAgent][kClosed]) { + await this[kHttpsProxyAgent].close() + } + } + + async [kDestroy] (err) { + await this[kNoProxyAgent].destroy(err) + if (!this[kHttpProxyAgent][kDestroyed]) { + await this[kHttpProxyAgent].destroy(err) + } + if (!this[kHttpsProxyAgent][kDestroyed]) { + await this[kHttpsProxyAgent].destroy(err) + } + } + + #getProxyAgentForUrl (url) { + let { protocol, host: hostname, port } = url + + // Stripping ports in this way instead of using parsedUrl.hostname to make + // sure that the brackets around IPv6 addresses are kept. + hostname = hostname.replace(/:\d*$/, '').toLowerCase() + port = Number.parseInt(port, 10) || DEFAULT_PORTS[protocol] || 0 + if (!this.#shouldProxy(hostname, port)) { + return this[kNoProxyAgent] + } + if (protocol === 'https:') { + return this[kHttpsProxyAgent] + } + return this[kHttpProxyAgent] + } + + #shouldProxy (hostname, port) { + if (this.#noProxyChanged) { + this.#parseNoProxy() + } + + if (this.#noProxyEntries.length === 0) { + return true // Always proxy if NO_PROXY is not set or empty. + } + if (this.#noProxyValue === '*') { + return false // Never proxy if wildcard is set. + } + + for (let i = 0; i < this.#noProxyEntries.length; i++) { + const entry = this.#noProxyEntries[i] + if (entry.port && entry.port !== port) { + continue // Skip if ports don't match. + } + if (!/^[.*]/.test(entry.hostname)) { + // No wildcards, so don't proxy only if there is not an exact match. + if (hostname === entry.hostname) { + return false + } + } else { + // Don't proxy if the hostname ends with the no_proxy host. + if (hostname.endsWith(entry.hostname.replace(/^\*/, ''))) { + return false + } + } + } + + return true + } + + #parseNoProxy () { + const noProxyValue = this.#opts.noProxy ?? this.#noProxyEnv + const noProxySplit = noProxyValue.split(/[,\s]/) + const noProxyEntries = [] + + for (let i = 0; i < noProxySplit.length; i++) { + const entry = noProxySplit[i] + if (!entry) { + continue + } + const parsed = entry.match(/^(.+):(\d+)$/) + noProxyEntries.push({ + hostname: (parsed ? parsed[1] : entry).toLowerCase(), + port: parsed ? Number.parseInt(parsed[2], 10) : 0 + }) + } + + this.#noProxyValue = noProxyValue + this.#noProxyEntries = noProxyEntries + } + + get #noProxyChanged () { + if (this.#opts.noProxy !== undefined) { + return false + } + return this.#noProxyValue !== this.#noProxyEnv + } + + get #noProxyEnv () { + return process.env.no_proxy ?? process.env.NO_PROXY ?? '' + } +} + +module.exports = EnvHttpProxyAgent + + +/***/ }), + +/***/ 4660: +/***/ ((module) => { + +"use strict"; +/* eslint-disable */ + + + +// Extracted from node/lib/internal/fixed_queue.js + +// Currently optimal queue size, tested on V8 6.0 - 6.6. Must be power of two. +const kSize = 2048; +const kMask = kSize - 1; + +// The FixedQueue is implemented as a singly-linked list of fixed-size +// circular buffers. It looks something like this: +// +// head tail +// | | +// v v +// +-----------+ <-----\ +-----------+ <------\ +-----------+ +// | [null] | \----- | next | \------- | next | +// +-----------+ +-----------+ +-----------+ +// | item | <-- bottom | item | <-- bottom | [empty] | +// | item | | item | | [empty] | +// | item | | item | | [empty] | +// | item | | item | | [empty] | +// | item | | item | bottom --> | item | +// | item | | item | | item | +// | ... | | ... | | ... | +// | item | | item | | item | +// | item | | item | | item | +// | [empty] | <-- top | item | | item | +// | [empty] | | item | | item | +// | [empty] | | [empty] | <-- top top --> | [empty] | +// +-----------+ +-----------+ +-----------+ +// +// Or, if there is only one circular buffer, it looks something +// like either of these: +// +// head tail head tail +// | | | | +// v v v v +// +-----------+ +-----------+ +// | [null] | | [null] | +// +-----------+ +-----------+ +// | [empty] | | item | +// | [empty] | | item | +// | item | <-- bottom top --> | [empty] | +// | item | | [empty] | +// | [empty] | <-- top bottom --> | item | +// | [empty] | | item | +// +-----------+ +-----------+ +// +// Adding a value means moving `top` forward by one, removing means +// moving `bottom` forward by one. After reaching the end, the queue +// wraps around. +// +// When `top === bottom` the current queue is empty and when +// `top + 1 === bottom` it's full. This wastes a single space of storage +// but allows much quicker checks. + +class FixedCircularBuffer { + constructor() { + this.bottom = 0; + this.top = 0; + this.list = new Array(kSize); + this.next = null; + } + + isEmpty() { + return this.top === this.bottom; + } + + isFull() { + return ((this.top + 1) & kMask) === this.bottom; + } + + push(data) { + this.list[this.top] = data; + this.top = (this.top + 1) & kMask; + } + + shift() { + const nextItem = this.list[this.bottom]; + if (nextItem === undefined) + return null; + this.list[this.bottom] = undefined; + this.bottom = (this.bottom + 1) & kMask; + return nextItem; + } +} + +module.exports = class FixedQueue { + constructor() { + this.head = this.tail = new FixedCircularBuffer(); + } + + isEmpty() { + return this.head.isEmpty(); + } + + push(data) { + if (this.head.isFull()) { + // Head is full: Creates a new queue, sets the old queue's `.next` to it, + // and sets it as the new main queue. + this.head = this.head.next = new FixedCircularBuffer(); + } + this.head.push(data); + } + + shift() { + const tail = this.tail; + const next = tail.shift(); + if (tail.isEmpty() && tail.next !== null) { + // If there is another queue, it forms the new tail. + this.tail = tail.next; + } + return next; + } +}; + + +/***/ }), + +/***/ 2128: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const DispatcherBase = __nccwpck_require__(1841) +const FixedQueue = __nccwpck_require__(4660) +const { kConnected, kSize, kRunning, kPending, kQueued, kBusy, kFree, kUrl, kClose, kDestroy, kDispatch } = __nccwpck_require__(6443) +const PoolStats = __nccwpck_require__(3246) + +const kClients = Symbol('clients') +const kNeedDrain = Symbol('needDrain') +const kQueue = Symbol('queue') +const kClosedResolve = Symbol('closed resolve') +const kOnDrain = Symbol('onDrain') +const kOnConnect = Symbol('onConnect') +const kOnDisconnect = Symbol('onDisconnect') +const kOnConnectionError = Symbol('onConnectionError') +const kGetDispatcher = Symbol('get dispatcher') +const kAddClient = Symbol('add client') +const kRemoveClient = Symbol('remove client') +const kStats = Symbol('stats') + +class PoolBase extends DispatcherBase { + constructor () { + super() + + this[kQueue] = new FixedQueue() + this[kClients] = [] + this[kQueued] = 0 + + const pool = this + + this[kOnDrain] = function onDrain (origin, targets) { + const queue = pool[kQueue] + + let needDrain = false + + while (!needDrain) { + const item = queue.shift() + if (!item) { + break + } + pool[kQueued]-- + needDrain = !this.dispatch(item.opts, item.handler) + } + + this[kNeedDrain] = needDrain + + if (!this[kNeedDrain] && pool[kNeedDrain]) { + pool[kNeedDrain] = false + pool.emit('drain', origin, [pool, ...targets]) + } + + if (pool[kClosedResolve] && queue.isEmpty()) { + Promise + .all(pool[kClients].map(c => c.close())) + .then(pool[kClosedResolve]) + } + } + + this[kOnConnect] = (origin, targets) => { + pool.emit('connect', origin, [pool, ...targets]) + } + + this[kOnDisconnect] = (origin, targets, err) => { + pool.emit('disconnect', origin, [pool, ...targets], err) + } + + this[kOnConnectionError] = (origin, targets, err) => { + pool.emit('connectionError', origin, [pool, ...targets], err) + } + + this[kStats] = new PoolStats(this) + } + + get [kBusy] () { + return this[kNeedDrain] + } + + get [kConnected] () { + return this[kClients].filter(client => client[kConnected]).length + } + + get [kFree] () { + return this[kClients].filter(client => client[kConnected] && !client[kNeedDrain]).length + } + + get [kPending] () { + let ret = this[kQueued] + for (const { [kPending]: pending } of this[kClients]) { + ret += pending + } + return ret + } + + get [kRunning] () { + let ret = 0 + for (const { [kRunning]: running } of this[kClients]) { + ret += running + } + return ret + } + + get [kSize] () { + let ret = this[kQueued] + for (const { [kSize]: size } of this[kClients]) { + ret += size + } + return ret + } + + get stats () { + return this[kStats] + } + + async [kClose] () { + if (this[kQueue].isEmpty()) { + await Promise.all(this[kClients].map(c => c.close())) + } else { + await new Promise((resolve) => { + this[kClosedResolve] = resolve + }) + } + } + + async [kDestroy] (err) { + while (true) { + const item = this[kQueue].shift() + if (!item) { + break + } + item.handler.onError(err) + } + + await Promise.all(this[kClients].map(c => c.destroy(err))) + } + + [kDispatch] (opts, handler) { + const dispatcher = this[kGetDispatcher]() + + if (!dispatcher) { + this[kNeedDrain] = true + this[kQueue].push({ opts, handler }) + this[kQueued]++ + } else if (!dispatcher.dispatch(opts, handler)) { + dispatcher[kNeedDrain] = true + this[kNeedDrain] = !this[kGetDispatcher]() + } + + return !this[kNeedDrain] + } + + [kAddClient] (client) { + client + .on('drain', this[kOnDrain]) + .on('connect', this[kOnConnect]) + .on('disconnect', this[kOnDisconnect]) + .on('connectionError', this[kOnConnectionError]) + + this[kClients].push(client) + + if (this[kNeedDrain]) { + queueMicrotask(() => { + if (this[kNeedDrain]) { + this[kOnDrain](client[kUrl], [this, client]) + } + }) + } + + return this + } + + [kRemoveClient] (client) { + client.close(() => { + const idx = this[kClients].indexOf(client) + if (idx !== -1) { + this[kClients].splice(idx, 1) + } + }) + + this[kNeedDrain] = this[kClients].some(dispatcher => ( + !dispatcher[kNeedDrain] && + dispatcher.closed !== true && + dispatcher.destroyed !== true + )) + } +} + +module.exports = { + PoolBase, + kClients, + kNeedDrain, + kAddClient, + kRemoveClient, + kGetDispatcher +} + + +/***/ }), + +/***/ 3246: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +const { kFree, kConnected, kPending, kQueued, kRunning, kSize } = __nccwpck_require__(6443) +const kPool = Symbol('pool') + +class PoolStats { + constructor (pool) { + this[kPool] = pool + } + + get connected () { + return this[kPool][kConnected] + } + + get free () { + return this[kPool][kFree] + } + + get pending () { + return this[kPool][kPending] + } + + get queued () { + return this[kPool][kQueued] + } + + get running () { + return this[kPool][kRunning] + } + + get size () { + return this[kPool][kSize] + } +} + +module.exports = PoolStats + + +/***/ }), + +/***/ 628: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + PoolBase, + kClients, + kNeedDrain, + kAddClient, + kGetDispatcher +} = __nccwpck_require__(2128) +const Client = __nccwpck_require__(3701) +const { + InvalidArgumentError +} = __nccwpck_require__(8707) +const util = __nccwpck_require__(3440) +const { kUrl, kInterceptors } = __nccwpck_require__(6443) +const buildConnector = __nccwpck_require__(9136) + +const kOptions = Symbol('options') +const kConnections = Symbol('connections') +const kFactory = Symbol('factory') + +function defaultFactory (origin, opts) { + return new Client(origin, opts) +} + +class Pool extends PoolBase { + constructor (origin, { + connections, + factory = defaultFactory, + connect, + connectTimeout, + tls, + maxCachedSessions, + socketPath, + autoSelectFamily, + autoSelectFamilyAttemptTimeout, + allowH2, + ...options + } = {}) { + super() + + if (connections != null && (!Number.isFinite(connections) || connections < 0)) { + throw new InvalidArgumentError('invalid connections') + } + + if (typeof factory !== 'function') { + throw new InvalidArgumentError('factory must be a function.') + } + + if (connect != null && typeof connect !== 'function' && typeof connect !== 'object') { + throw new InvalidArgumentError('connect must be a function or an object') + } + + if (typeof connect !== 'function') { + connect = buildConnector({ + ...tls, + maxCachedSessions, + allowH2, + socketPath, + timeout: connectTimeout, + ...(autoSelectFamily ? { autoSelectFamily, autoSelectFamilyAttemptTimeout } : undefined), + ...connect + }) + } + + this[kInterceptors] = options.interceptors?.Pool && Array.isArray(options.interceptors.Pool) + ? options.interceptors.Pool + : [] + this[kConnections] = connections || null + this[kUrl] = util.parseOrigin(origin) + this[kOptions] = { ...util.deepClone(options), connect, allowH2 } + this[kOptions].interceptors = options.interceptors + ? { ...options.interceptors } + : undefined + this[kFactory] = factory + + this.on('connectionError', (origin, targets, error) => { + // If a connection error occurs, we remove the client from the pool, + // and emit a connectionError event. They will not be re-used. + // Fixes https://github.com/nodejs/undici/issues/3895 + for (const target of targets) { + // Do not use kRemoveClient here, as it will close the client, + // but the client cannot be closed in this state. + const idx = this[kClients].indexOf(target) + if (idx !== -1) { + this[kClients].splice(idx, 1) + } + } + }) + } + + [kGetDispatcher] () { + for (const client of this[kClients]) { + if (!client[kNeedDrain]) { + return client + } + } + + if (!this[kConnections] || this[kClients].length < this[kConnections]) { + const dispatcher = this[kFactory](this[kUrl], this[kOptions]) + this[kAddClient](dispatcher) + return dispatcher + } + } +} + +module.exports = Pool + + +/***/ }), + +/***/ 6672: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { kProxy, kClose, kDestroy, kDispatch, kInterceptors } = __nccwpck_require__(6443) +const { URL } = __nccwpck_require__(3136) +const Agent = __nccwpck_require__(7405) +const Pool = __nccwpck_require__(628) +const DispatcherBase = __nccwpck_require__(1841) +const { InvalidArgumentError, RequestAbortedError, SecureProxyConnectionError } = __nccwpck_require__(8707) +const buildConnector = __nccwpck_require__(9136) +const Client = __nccwpck_require__(3701) + +const kAgent = Symbol('proxy agent') +const kClient = Symbol('proxy client') +const kProxyHeaders = Symbol('proxy headers') +const kRequestTls = Symbol('request tls settings') +const kProxyTls = Symbol('proxy tls settings') +const kConnectEndpoint = Symbol('connect endpoint function') +const kTunnelProxy = Symbol('tunnel proxy') + +function defaultProtocolPort (protocol) { + return protocol === 'https:' ? 443 : 80 +} + +function defaultFactory (origin, opts) { + return new Pool(origin, opts) +} + +const noop = () => {} + +function defaultAgentFactory (origin, opts) { + if (opts.connections === 1) { + return new Client(origin, opts) + } + return new Pool(origin, opts) +} + +class Http1ProxyWrapper extends DispatcherBase { + #client + + constructor (proxyUrl, { headers = {}, connect, factory }) { + super() + if (!proxyUrl) { + throw new InvalidArgumentError('Proxy URL is mandatory') + } + + this[kProxyHeaders] = headers + if (factory) { + this.#client = factory(proxyUrl, { connect }) + } else { + this.#client = new Client(proxyUrl, { connect }) + } + } + + [kDispatch] (opts, handler) { + const onHeaders = handler.onHeaders + handler.onHeaders = function (statusCode, data, resume) { + if (statusCode === 407) { + if (typeof handler.onError === 'function') { + handler.onError(new InvalidArgumentError('Proxy Authentication Required (407)')) + } + return + } + if (onHeaders) onHeaders.call(this, statusCode, data, resume) + } + + // Rewrite request as an HTTP1 Proxy request, without tunneling. + const { + origin, + path = '/', + headers = {} + } = opts + + opts.path = origin + path + + if (!('host' in headers) && !('Host' in headers)) { + const { host } = new URL(origin) + headers.host = host + } + opts.headers = { ...this[kProxyHeaders], ...headers } + + return this.#client[kDispatch](opts, handler) + } + + async [kClose] () { + return this.#client.close() + } + + async [kDestroy] (err) { + return this.#client.destroy(err) + } +} + +class ProxyAgent extends DispatcherBase { + constructor (opts) { + super() + + if (!opts || (typeof opts === 'object' && !(opts instanceof URL) && !opts.uri)) { + throw new InvalidArgumentError('Proxy uri is mandatory') + } + + const { clientFactory = defaultFactory } = opts + if (typeof clientFactory !== 'function') { + throw new InvalidArgumentError('Proxy opts.clientFactory must be a function.') + } + + const { proxyTunnel = true } = opts + + const url = this.#getUrl(opts) + const { href, origin, port, protocol, username, password, hostname: proxyHostname } = url + + this[kProxy] = { uri: href, protocol } + this[kInterceptors] = opts.interceptors?.ProxyAgent && Array.isArray(opts.interceptors.ProxyAgent) + ? opts.interceptors.ProxyAgent + : [] + this[kRequestTls] = opts.requestTls + this[kProxyTls] = opts.proxyTls + this[kProxyHeaders] = opts.headers || {} + this[kTunnelProxy] = proxyTunnel + + if (opts.auth && opts.token) { + throw new InvalidArgumentError('opts.auth cannot be used in combination with opts.token') + } else if (opts.auth) { + /* @deprecated in favour of opts.token */ + this[kProxyHeaders]['proxy-authorization'] = `Basic ${opts.auth}` + } else if (opts.token) { + this[kProxyHeaders]['proxy-authorization'] = opts.token + } else if (username && password) { + this[kProxyHeaders]['proxy-authorization'] = `Basic ${Buffer.from(`${decodeURIComponent(username)}:${decodeURIComponent(password)}`).toString('base64')}` + } + + const connect = buildConnector({ ...opts.proxyTls }) + this[kConnectEndpoint] = buildConnector({ ...opts.requestTls }) + + const agentFactory = opts.factory || defaultAgentFactory + const factory = (origin, options) => { + const { protocol } = new URL(origin) + if (!this[kTunnelProxy] && protocol === 'http:' && this[kProxy].protocol === 'http:') { + return new Http1ProxyWrapper(this[kProxy].uri, { + headers: this[kProxyHeaders], + connect, + factory: agentFactory + }) + } + return agentFactory(origin, options) + } + this[kClient] = clientFactory(url, { connect }) + this[kAgent] = new Agent({ + ...opts, + factory, + connect: async (opts, callback) => { + let requestedPath = opts.host + if (!opts.port) { + requestedPath += `:${defaultProtocolPort(opts.protocol)}` + } + try { + const { socket, statusCode } = await this[kClient].connect({ + origin, + port, + path: requestedPath, + signal: opts.signal, + headers: { + ...this[kProxyHeaders], + host: opts.host + }, + servername: this[kProxyTls]?.servername || proxyHostname + }) + if (statusCode !== 200) { + socket.on('error', noop).destroy() + callback(new RequestAbortedError(`Proxy response (${statusCode}) !== 200 when HTTP Tunneling`)) + } + if (opts.protocol !== 'https:') { + callback(null, socket) + return + } + let servername + if (this[kRequestTls]) { + servername = this[kRequestTls].servername + } else { + servername = opts.servername + } + this[kConnectEndpoint]({ ...opts, servername, httpSocket: socket }, callback) + } catch (err) { + if (err.code === 'ERR_TLS_CERT_ALTNAME_INVALID') { + // Throw a custom error to avoid loop in client.js#connect + callback(new SecureProxyConnectionError(err)) + } else { + callback(err) + } + } + } + }) + } + + dispatch (opts, handler) { + const headers = buildHeaders(opts.headers) + throwIfProxyAuthIsSent(headers) + + if (headers && !('host' in headers) && !('Host' in headers)) { + const { host } = new URL(opts.origin) + headers.host = host + } + + return this[kAgent].dispatch( + { + ...opts, + headers + }, + handler + ) + } + + /** + * @param {import('../types/proxy-agent').ProxyAgent.Options | string | URL} opts + * @returns {URL} + */ + #getUrl (opts) { + if (typeof opts === 'string') { + return new URL(opts) + } else if (opts instanceof URL) { + return opts + } else { + return new URL(opts.uri) + } + } + + async [kClose] () { + await this[kAgent].close() + await this[kClient].close() + } + + async [kDestroy] () { + await this[kAgent].destroy() + await this[kClient].destroy() + } +} + +/** + * @param {string[] | Record} headers + * @returns {Record} + */ +function buildHeaders (headers) { + // When using undici.fetch, the headers list is stored + // as an array. + if (Array.isArray(headers)) { + /** @type {Record} */ + const headersPair = {} + + for (let i = 0; i < headers.length; i += 2) { + headersPair[headers[i]] = headers[i + 1] + } + + return headersPair + } + + return headers +} + +/** + * @param {Record} headers + * + * Previous versions of ProxyAgent suggests the Proxy-Authorization in request headers + * Nevertheless, it was changed and to avoid a security vulnerability by end users + * this check was created. + * It should be removed in the next major version for performance reasons + */ +function throwIfProxyAuthIsSent (headers) { + const existProxyAuth = headers && Object.keys(headers) + .find((key) => key.toLowerCase() === 'proxy-authorization') + if (existProxyAuth) { + throw new InvalidArgumentError('Proxy-Authorization should be sent in ProxyAgent constructor') + } +} + +module.exports = ProxyAgent + + +/***/ }), + +/***/ 50: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const Dispatcher = __nccwpck_require__(883) +const RetryHandler = __nccwpck_require__(7816) + +class RetryAgent extends Dispatcher { + #agent = null + #options = null + constructor (agent, options = {}) { + super(options) + this.#agent = agent + this.#options = options + } + + dispatch (opts, handler) { + const retry = new RetryHandler({ + ...opts, + retryOptions: this.#options + }, { + dispatch: this.#agent.dispatch.bind(this.#agent), + handler + }) + return this.#agent.dispatch(opts, retry) + } + + close () { + return this.#agent.close() + } + + destroy () { + return this.#agent.destroy() + } +} + +module.exports = RetryAgent + + +/***/ }), + +/***/ 2581: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +// We include a version number for the Dispatcher API. In case of breaking changes, +// this version number must be increased to avoid conflicts. +const globalDispatcher = Symbol.for('undici.globalDispatcher.1') +const { InvalidArgumentError } = __nccwpck_require__(8707) +const Agent = __nccwpck_require__(7405) + +if (getGlobalDispatcher() === undefined) { + setGlobalDispatcher(new Agent()) +} + +function setGlobalDispatcher (agent) { + if (!agent || typeof agent.dispatch !== 'function') { + throw new InvalidArgumentError('Argument agent must implement Agent') + } + Object.defineProperty(globalThis, globalDispatcher, { + value: agent, + writable: true, + enumerable: false, + configurable: false + }) +} + +function getGlobalDispatcher () { + return globalThis[globalDispatcher] +} + +module.exports = { + setGlobalDispatcher, + getGlobalDispatcher +} + + +/***/ }), + +/***/ 8155: +/***/ ((module) => { + +"use strict"; + + +module.exports = class DecoratorHandler { + #handler + + constructor (handler) { + if (typeof handler !== 'object' || handler === null) { + throw new TypeError('handler must be an object') + } + this.#handler = handler + } + + onConnect (...args) { + return this.#handler.onConnect?.(...args) + } + + onError (...args) { + return this.#handler.onError?.(...args) + } + + onUpgrade (...args) { + return this.#handler.onUpgrade?.(...args) + } + + onResponseStarted (...args) { + return this.#handler.onResponseStarted?.(...args) + } + + onHeaders (...args) { + return this.#handler.onHeaders?.(...args) + } + + onData (...args) { + return this.#handler.onData?.(...args) + } + + onComplete (...args) { + return this.#handler.onComplete?.(...args) + } + + onBodySent (...args) { + return this.#handler.onBodySent?.(...args) + } +} + + +/***/ }), + +/***/ 8754: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const util = __nccwpck_require__(3440) +const { kBodyUsed } = __nccwpck_require__(6443) +const assert = __nccwpck_require__(4589) +const { InvalidArgumentError } = __nccwpck_require__(8707) +const EE = __nccwpck_require__(8474) + +const redirectableStatusCodes = [300, 301, 302, 303, 307, 308] + +const kBody = Symbol('body') + +class BodyAsyncIterable { + constructor (body) { + this[kBody] = body + this[kBodyUsed] = false + } + + async * [Symbol.asyncIterator] () { + assert(!this[kBodyUsed], 'disturbed') + this[kBodyUsed] = true + yield * this[kBody] + } +} + +class RedirectHandler { + constructor (dispatch, maxRedirections, opts, handler) { + if (maxRedirections != null && (!Number.isInteger(maxRedirections) || maxRedirections < 0)) { + throw new InvalidArgumentError('maxRedirections must be a positive number') + } + + util.validateHandler(handler, opts.method, opts.upgrade) + + this.dispatch = dispatch + this.location = null + this.abort = null + this.opts = { ...opts, maxRedirections: 0 } // opts must be a copy + this.maxRedirections = maxRedirections + this.handler = handler + this.history = [] + this.redirectionLimitReached = false + + if (util.isStream(this.opts.body)) { + // TODO (fix): Provide some way for the user to cache the file to e.g. /tmp + // so that it can be dispatched again? + // TODO (fix): Do we need 100-expect support to provide a way to do this properly? + if (util.bodyLength(this.opts.body) === 0) { + this.opts.body + .on('data', function () { + assert(false) + }) + } + + if (typeof this.opts.body.readableDidRead !== 'boolean') { + this.opts.body[kBodyUsed] = false + EE.prototype.on.call(this.opts.body, 'data', function () { + this[kBodyUsed] = true + }) + } + } else if (this.opts.body && typeof this.opts.body.pipeTo === 'function') { + // TODO (fix): We can't access ReadableStream internal state + // to determine whether or not it has been disturbed. This is just + // a workaround. + this.opts.body = new BodyAsyncIterable(this.opts.body) + } else if ( + this.opts.body && + typeof this.opts.body !== 'string' && + !ArrayBuffer.isView(this.opts.body) && + util.isIterable(this.opts.body) + ) { + // TODO: Should we allow re-using iterable if !this.opts.idempotent + // or through some other flag? + this.opts.body = new BodyAsyncIterable(this.opts.body) + } + } + + onConnect (abort) { + this.abort = abort + this.handler.onConnect(abort, { history: this.history }) + } + + onUpgrade (statusCode, headers, socket) { + this.handler.onUpgrade(statusCode, headers, socket) + } + + onError (error) { + this.handler.onError(error) + } + + onHeaders (statusCode, headers, resume, statusText) { + this.location = this.history.length >= this.maxRedirections || util.isDisturbed(this.opts.body) + ? null + : parseLocation(statusCode, headers) + + if (this.opts.throwOnMaxRedirect && this.history.length >= this.maxRedirections) { + if (this.request) { + this.request.abort(new Error('max redirects')) + } + + this.redirectionLimitReached = true + this.abort(new Error('max redirects')) + return + } + + if (this.opts.origin) { + this.history.push(new URL(this.opts.path, this.opts.origin)) + } + + if (!this.location) { + return this.handler.onHeaders(statusCode, headers, resume, statusText) + } + + const { origin, pathname, search } = util.parseURL(new URL(this.location, this.opts.origin && new URL(this.opts.path, this.opts.origin))) + const path = search ? `${pathname}${search}` : pathname + + // Remove headers referring to the original URL. + // By default it is Host only, unless it's a 303 (see below), which removes also all Content-* headers. + // https://tools.ietf.org/html/rfc7231#section-6.4 + this.opts.headers = cleanRequestHeaders(this.opts.headers, statusCode === 303, this.opts.origin !== origin) + this.opts.path = path + this.opts.origin = origin + this.opts.maxRedirections = 0 + this.opts.query = null + + // https://tools.ietf.org/html/rfc7231#section-6.4.4 + // In case of HTTP 303, always replace method to be either HEAD or GET + if (statusCode === 303 && this.opts.method !== 'HEAD') { + this.opts.method = 'GET' + this.opts.body = null + } + } + + onData (chunk) { + if (this.location) { + /* + https://tools.ietf.org/html/rfc7231#section-6.4 + + TLDR: undici always ignores 3xx response bodies. + + Redirection is used to serve the requested resource from another URL, so it is assumes that + no body is generated (and thus can be ignored). Even though generating a body is not prohibited. + + For status 301, 302, 303, 307 and 308 (the latter from RFC 7238), the specs mention that the body usually + (which means it's optional and not mandated) contain just an hyperlink to the value of + the Location response header, so the body can be ignored safely. + + For status 300, which is "Multiple Choices", the spec mentions both generating a Location + response header AND a response body with the other possible location to follow. + Since the spec explicitly chooses not to specify a format for such body and leave it to + servers and browsers implementors, we ignore the body as there is no specified way to eventually parse it. + */ + } else { + return this.handler.onData(chunk) + } + } + + onComplete (trailers) { + if (this.location) { + /* + https://tools.ietf.org/html/rfc7231#section-6.4 + + TLDR: undici always ignores 3xx response trailers as they are not expected in case of redirections + and neither are useful if present. + + See comment on onData method above for more detailed information. + */ + + this.location = null + this.abort = null + + this.dispatch(this.opts, this) + } else { + this.handler.onComplete(trailers) + } + } + + onBodySent (chunk) { + if (this.handler.onBodySent) { + this.handler.onBodySent(chunk) + } + } +} + +function parseLocation (statusCode, headers) { + if (redirectableStatusCodes.indexOf(statusCode) === -1) { + return null + } + + for (let i = 0; i < headers.length; i += 2) { + if (headers[i].length === 8 && util.headerNameToString(headers[i]) === 'location') { + return headers[i + 1] + } + } +} + +// https://tools.ietf.org/html/rfc7231#section-6.4.4 +function shouldRemoveHeader (header, removeContent, unknownOrigin) { + if (header.length === 4) { + return util.headerNameToString(header) === 'host' + } + if (removeContent && util.headerNameToString(header).startsWith('content-')) { + return true + } + if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) { + const name = util.headerNameToString(header) + return name === 'authorization' || name === 'cookie' || name === 'proxy-authorization' + } + return false +} + +// https://tools.ietf.org/html/rfc7231#section-6.4 +function cleanRequestHeaders (headers, removeContent, unknownOrigin) { + const ret = [] + if (Array.isArray(headers)) { + for (let i = 0; i < headers.length; i += 2) { + if (!shouldRemoveHeader(headers[i], removeContent, unknownOrigin)) { + ret.push(headers[i], headers[i + 1]) + } + } + } else if (headers && typeof headers === 'object') { + for (const key of Object.keys(headers)) { + if (!shouldRemoveHeader(key, removeContent, unknownOrigin)) { + ret.push(key, headers[key]) + } + } + } else { + assert(headers == null, 'headers must be an object or an array') + } + return ret +} + +module.exports = RedirectHandler + + +/***/ }), + +/***/ 7816: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const assert = __nccwpck_require__(4589) + +const { kRetryHandlerDefaultRetry } = __nccwpck_require__(6443) +const { RequestRetryError } = __nccwpck_require__(8707) +const { + isDisturbed, + parseHeaders, + parseRangeHeader, + wrapRequestBody +} = __nccwpck_require__(3440) + +function calculateRetryAfterHeader (retryAfter) { + const current = Date.now() + return new Date(retryAfter).getTime() - current +} + +class RetryHandler { + constructor (opts, handlers) { + const { retryOptions, ...dispatchOpts } = opts + const { + // Retry scoped + retry: retryFn, + maxRetries, + maxTimeout, + minTimeout, + timeoutFactor, + // Response scoped + methods, + errorCodes, + retryAfter, + statusCodes + } = retryOptions ?? {} + + this.dispatch = handlers.dispatch + this.handler = handlers.handler + this.opts = { ...dispatchOpts, body: wrapRequestBody(opts.body) } + this.abort = null + this.aborted = false + this.retryOpts = { + retry: retryFn ?? RetryHandler[kRetryHandlerDefaultRetry], + retryAfter: retryAfter ?? true, + maxTimeout: maxTimeout ?? 30 * 1000, // 30s, + minTimeout: minTimeout ?? 500, // .5s + timeoutFactor: timeoutFactor ?? 2, + maxRetries: maxRetries ?? 5, + // What errors we should retry + methods: methods ?? ['GET', 'HEAD', 'OPTIONS', 'PUT', 'DELETE', 'TRACE'], + // Indicates which errors to retry + statusCodes: statusCodes ?? [500, 502, 503, 504, 429], + // List of errors to retry + errorCodes: errorCodes ?? [ + 'ECONNRESET', + 'ECONNREFUSED', + 'ENOTFOUND', + 'ENETDOWN', + 'ENETUNREACH', + 'EHOSTDOWN', + 'EHOSTUNREACH', + 'EPIPE', + 'UND_ERR_SOCKET' + ] + } + + this.retryCount = 0 + this.retryCountCheckpoint = 0 + this.start = 0 + this.end = null + this.etag = null + this.resume = null + + // Handle possible onConnect duplication + this.handler.onConnect(reason => { + this.aborted = true + if (this.abort) { + this.abort(reason) + } else { + this.reason = reason + } + }) + } + + onRequestSent () { + if (this.handler.onRequestSent) { + this.handler.onRequestSent() + } + } + + onUpgrade (statusCode, headers, socket) { + if (this.handler.onUpgrade) { + this.handler.onUpgrade(statusCode, headers, socket) + } + } + + onConnect (abort) { + if (this.aborted) { + abort(this.reason) + } else { + this.abort = abort + } + } + + onBodySent (chunk) { + if (this.handler.onBodySent) return this.handler.onBodySent(chunk) + } + + static [kRetryHandlerDefaultRetry] (err, { state, opts }, cb) { + const { statusCode, code, headers } = err + const { method, retryOptions } = opts + const { + maxRetries, + minTimeout, + maxTimeout, + timeoutFactor, + statusCodes, + errorCodes, + methods + } = retryOptions + const { counter } = state + + // Any code that is not a Undici's originated and allowed to retry + if (code && code !== 'UND_ERR_REQ_RETRY' && !errorCodes.includes(code)) { + cb(err) + return + } + + // If a set of method are provided and the current method is not in the list + if (Array.isArray(methods) && !methods.includes(method)) { + cb(err) + return + } + + // If a set of status code are provided and the current status code is not in the list + if ( + statusCode != null && + Array.isArray(statusCodes) && + !statusCodes.includes(statusCode) + ) { + cb(err) + return + } + + // If we reached the max number of retries + if (counter > maxRetries) { + cb(err) + return + } + + let retryAfterHeader = headers?.['retry-after'] + if (retryAfterHeader) { + retryAfterHeader = Number(retryAfterHeader) + retryAfterHeader = Number.isNaN(retryAfterHeader) + ? calculateRetryAfterHeader(retryAfterHeader) + : retryAfterHeader * 1e3 // Retry-After is in seconds + } + + const retryTimeout = + retryAfterHeader > 0 + ? Math.min(retryAfterHeader, maxTimeout) + : Math.min(minTimeout * timeoutFactor ** (counter - 1), maxTimeout) + + setTimeout(() => cb(null), retryTimeout) + } + + onHeaders (statusCode, rawHeaders, resume, statusMessage) { + const headers = parseHeaders(rawHeaders) + + this.retryCount += 1 + + if (statusCode >= 300) { + if (this.retryOpts.statusCodes.includes(statusCode) === false) { + return this.handler.onHeaders( + statusCode, + rawHeaders, + resume, + statusMessage + ) + } else { + this.abort( + new RequestRetryError('Request failed', statusCode, { + headers, + data: { + count: this.retryCount + } + }) + ) + return false + } + } + + // Checkpoint for resume from where we left it + if (this.resume != null) { + this.resume = null + + // Only Partial Content 206 supposed to provide Content-Range, + // any other status code that partially consumed the payload + // should not be retry because it would result in downstream + // wrongly concatanete multiple responses. + if (statusCode !== 206 && (this.start > 0 || statusCode !== 200)) { + this.abort( + new RequestRetryError('server does not support the range header and the payload was partially consumed', statusCode, { + headers, + data: { count: this.retryCount } + }) + ) + return false + } + + const contentRange = parseRangeHeader(headers['content-range']) + // If no content range + if (!contentRange) { + this.abort( + new RequestRetryError('Content-Range mismatch', statusCode, { + headers, + data: { count: this.retryCount } + }) + ) + return false + } + + // Let's start with a weak etag check + if (this.etag != null && this.etag !== headers.etag) { + this.abort( + new RequestRetryError('ETag mismatch', statusCode, { + headers, + data: { count: this.retryCount } + }) + ) + return false + } + + const { start, size, end = size - 1 } = contentRange + + assert(this.start === start, 'content-range mismatch') + assert(this.end == null || this.end === end, 'content-range mismatch') + + this.resume = resume + return true + } + + if (this.end == null) { + if (statusCode === 206) { + // First time we receive 206 + const range = parseRangeHeader(headers['content-range']) + + if (range == null) { + return this.handler.onHeaders( + statusCode, + rawHeaders, + resume, + statusMessage + ) + } + + const { start, size, end = size - 1 } = range + assert( + start != null && Number.isFinite(start), + 'content-range mismatch' + ) + assert(end != null && Number.isFinite(end), 'invalid content-length') + + this.start = start + this.end = end + } + + // We make our best to checkpoint the body for further range headers + if (this.end == null) { + const contentLength = headers['content-length'] + this.end = contentLength != null ? Number(contentLength) - 1 : null + } + + assert(Number.isFinite(this.start)) + assert( + this.end == null || Number.isFinite(this.end), + 'invalid content-length' + ) + + this.resume = resume + this.etag = headers.etag != null ? headers.etag : null + + // Weak etags are not useful for comparison nor cache + // for instance not safe to assume if the response is byte-per-byte + // equal + if (this.etag != null && this.etag.startsWith('W/')) { + this.etag = null + } + + return this.handler.onHeaders( + statusCode, + rawHeaders, + resume, + statusMessage + ) + } + + const err = new RequestRetryError('Request failed', statusCode, { + headers, + data: { count: this.retryCount } + }) + + this.abort(err) + + return false + } + + onData (chunk) { + this.start += chunk.length + + return this.handler.onData(chunk) + } + + onComplete (rawTrailers) { + this.retryCount = 0 + return this.handler.onComplete(rawTrailers) + } + + onError (err) { + if (this.aborted || isDisturbed(this.opts.body)) { + return this.handler.onError(err) + } + + // We reconcile in case of a mix between network errors + // and server error response + if (this.retryCount - this.retryCountCheckpoint > 0) { + // We count the difference between the last checkpoint and the current retry count + this.retryCount = + this.retryCountCheckpoint + + (this.retryCount - this.retryCountCheckpoint) + } else { + this.retryCount += 1 + } + + this.retryOpts.retry( + err, + { + state: { counter: this.retryCount }, + opts: { retryOptions: this.retryOpts, ...this.opts } + }, + onRetry.bind(this) + ) + + function onRetry (err) { + if (err != null || this.aborted || isDisturbed(this.opts.body)) { + return this.handler.onError(err) + } + + if (this.start !== 0) { + const headers = { range: `bytes=${this.start}-${this.end ?? ''}` } + + // Weak etag check - weak etags will make comparison algorithms never match + if (this.etag != null) { + headers['if-match'] = this.etag + } + + this.opts = { + ...this.opts, + headers: { + ...this.opts.headers, + ...headers + } + } + } + + try { + this.retryCountCheckpoint = this.retryCount + this.dispatch(this.opts, this) + } catch (err) { + this.handler.onError(err) + } + } + } +} + +module.exports = RetryHandler + + +/***/ }), + +/***/ 379: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const { isIP } = __nccwpck_require__(7030) +const { lookup } = __nccwpck_require__(610) +const DecoratorHandler = __nccwpck_require__(8155) +const { InvalidArgumentError, InformationalError } = __nccwpck_require__(8707) +const maxInt = Math.pow(2, 31) - 1 + +class DNSInstance { + #maxTTL = 0 + #maxItems = 0 + #records = new Map() + dualStack = true + affinity = null + lookup = null + pick = null + + constructor (opts) { + this.#maxTTL = opts.maxTTL + this.#maxItems = opts.maxItems + this.dualStack = opts.dualStack + this.affinity = opts.affinity + this.lookup = opts.lookup ?? this.#defaultLookup + this.pick = opts.pick ?? this.#defaultPick + } + + get full () { + return this.#records.size === this.#maxItems + } + + runLookup (origin, opts, cb) { + const ips = this.#records.get(origin.hostname) + + // If full, we just return the origin + if (ips == null && this.full) { + cb(null, origin.origin) + return + } + + const newOpts = { + affinity: this.affinity, + dualStack: this.dualStack, + lookup: this.lookup, + pick: this.pick, + ...opts.dns, + maxTTL: this.#maxTTL, + maxItems: this.#maxItems + } + + // If no IPs we lookup + if (ips == null) { + this.lookup(origin, newOpts, (err, addresses) => { + if (err || addresses == null || addresses.length === 0) { + cb(err ?? new InformationalError('No DNS entries found')) + return + } + + this.setRecords(origin, addresses) + const records = this.#records.get(origin.hostname) + + const ip = this.pick( + origin, + records, + newOpts.affinity + ) + + let port + if (typeof ip.port === 'number') { + port = `:${ip.port}` + } else if (origin.port !== '') { + port = `:${origin.port}` + } else { + port = '' + } + + cb( + null, + `${origin.protocol}//${ + ip.family === 6 ? `[${ip.address}]` : ip.address + }${port}` + ) + }) + } else { + // If there's IPs we pick + const ip = this.pick( + origin, + ips, + newOpts.affinity + ) + + // If no IPs we lookup - deleting old records + if (ip == null) { + this.#records.delete(origin.hostname) + this.runLookup(origin, opts, cb) + return + } + + let port + if (typeof ip.port === 'number') { + port = `:${ip.port}` + } else if (origin.port !== '') { + port = `:${origin.port}` + } else { + port = '' + } + + cb( + null, + `${origin.protocol}//${ + ip.family === 6 ? `[${ip.address}]` : ip.address + }${port}` + ) + } + } + + #defaultLookup (origin, opts, cb) { + lookup( + origin.hostname, + { + all: true, + family: this.dualStack === false ? this.affinity : 0, + order: 'ipv4first' + }, + (err, addresses) => { + if (err) { + return cb(err) + } + + const results = new Map() + + for (const addr of addresses) { + // On linux we found duplicates, we attempt to remove them with + // the latest record + results.set(`${addr.address}:${addr.family}`, addr) + } + + cb(null, results.values()) + } + ) + } + + #defaultPick (origin, hostnameRecords, affinity) { + let ip = null + const { records, offset } = hostnameRecords + + let family + if (this.dualStack) { + if (affinity == null) { + // Balance between ip families + if (offset == null || offset === maxInt) { + hostnameRecords.offset = 0 + affinity = 4 + } else { + hostnameRecords.offset++ + affinity = (hostnameRecords.offset & 1) === 1 ? 6 : 4 + } + } + + if (records[affinity] != null && records[affinity].ips.length > 0) { + family = records[affinity] + } else { + family = records[affinity === 4 ? 6 : 4] + } + } else { + family = records[affinity] + } + + // If no IPs we return null + if (family == null || family.ips.length === 0) { + return ip + } + + if (family.offset == null || family.offset === maxInt) { + family.offset = 0 + } else { + family.offset++ + } + + const position = family.offset % family.ips.length + ip = family.ips[position] ?? null + + if (ip == null) { + return ip + } + + if (Date.now() - ip.timestamp > ip.ttl) { // record TTL is already in ms + // We delete expired records + // It is possible that they have different TTL, so we manage them individually + family.ips.splice(position, 1) + return this.pick(origin, hostnameRecords, affinity) + } + + return ip + } + + setRecords (origin, addresses) { + const timestamp = Date.now() + const records = { records: { 4: null, 6: null } } + for (const record of addresses) { + record.timestamp = timestamp + if (typeof record.ttl === 'number') { + // The record TTL is expected to be in ms + record.ttl = Math.min(record.ttl, this.#maxTTL) + } else { + record.ttl = this.#maxTTL + } + + const familyRecords = records.records[record.family] ?? { ips: [] } + + familyRecords.ips.push(record) + records.records[record.family] = familyRecords + } + + this.#records.set(origin.hostname, records) + } + + getHandler (meta, opts) { + return new DNSDispatchHandler(this, meta, opts) + } +} + +class DNSDispatchHandler extends DecoratorHandler { + #state = null + #opts = null + #dispatch = null + #handler = null + #origin = null + + constructor (state, { origin, handler, dispatch }, opts) { + super(handler) + this.#origin = origin + this.#handler = handler + this.#opts = { ...opts } + this.#state = state + this.#dispatch = dispatch + } + + onError (err) { + switch (err.code) { + case 'ETIMEDOUT': + case 'ECONNREFUSED': { + if (this.#state.dualStack) { + // We delete the record and retry + this.#state.runLookup(this.#origin, this.#opts, (err, newOrigin) => { + if (err) { + return this.#handler.onError(err) + } + + const dispatchOpts = { + ...this.#opts, + origin: newOrigin + } + + this.#dispatch(dispatchOpts, this) + }) + + // if dual-stack disabled, we error out + return + } + + this.#handler.onError(err) + return + } + case 'ENOTFOUND': + this.#state.deleteRecord(this.#origin) + // eslint-disable-next-line no-fallthrough + default: + this.#handler.onError(err) + break + } + } +} + +module.exports = interceptorOpts => { + if ( + interceptorOpts?.maxTTL != null && + (typeof interceptorOpts?.maxTTL !== 'number' || interceptorOpts?.maxTTL < 0) + ) { + throw new InvalidArgumentError('Invalid maxTTL. Must be a positive number') + } + + if ( + interceptorOpts?.maxItems != null && + (typeof interceptorOpts?.maxItems !== 'number' || + interceptorOpts?.maxItems < 1) + ) { + throw new InvalidArgumentError( + 'Invalid maxItems. Must be a positive number and greater than zero' + ) + } + + if ( + interceptorOpts?.affinity != null && + interceptorOpts?.affinity !== 4 && + interceptorOpts?.affinity !== 6 + ) { + throw new InvalidArgumentError('Invalid affinity. Must be either 4 or 6') + } + + if ( + interceptorOpts?.dualStack != null && + typeof interceptorOpts?.dualStack !== 'boolean' + ) { + throw new InvalidArgumentError('Invalid dualStack. Must be a boolean') + } + + if ( + interceptorOpts?.lookup != null && + typeof interceptorOpts?.lookup !== 'function' + ) { + throw new InvalidArgumentError('Invalid lookup. Must be a function') + } + + if ( + interceptorOpts?.pick != null && + typeof interceptorOpts?.pick !== 'function' + ) { + throw new InvalidArgumentError('Invalid pick. Must be a function') + } + + const dualStack = interceptorOpts?.dualStack ?? true + let affinity + if (dualStack) { + affinity = interceptorOpts?.affinity ?? null + } else { + affinity = interceptorOpts?.affinity ?? 4 + } + + const opts = { + maxTTL: interceptorOpts?.maxTTL ?? 10e3, // Expressed in ms + lookup: interceptorOpts?.lookup ?? null, + pick: interceptorOpts?.pick ?? null, + dualStack, + affinity, + maxItems: interceptorOpts?.maxItems ?? Infinity + } + + const instance = new DNSInstance(opts) + + return dispatch => { + return function dnsInterceptor (origDispatchOpts, handler) { + const origin = + origDispatchOpts.origin.constructor === URL + ? origDispatchOpts.origin + : new URL(origDispatchOpts.origin) + + if (isIP(origin.hostname) !== 0) { + return dispatch(origDispatchOpts, handler) + } + + instance.runLookup(origin, origDispatchOpts, (err, newOrigin) => { + if (err) { + return handler.onError(err) + } + + let dispatchOpts = null + dispatchOpts = { + ...origDispatchOpts, + servername: origin.hostname, // For SNI on TLS + origin: newOrigin, + headers: { + host: origin.hostname, + ...origDispatchOpts.headers + } + } + + dispatch( + dispatchOpts, + instance.getHandler({ origin, dispatch, handler }, origDispatchOpts) + ) + }) + + return true + } + } +} + + +/***/ }), + +/***/ 8060: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const util = __nccwpck_require__(3440) +const { InvalidArgumentError, RequestAbortedError } = __nccwpck_require__(8707) +const DecoratorHandler = __nccwpck_require__(8155) + +class DumpHandler extends DecoratorHandler { + #maxSize = 1024 * 1024 + #abort = null + #dumped = false + #aborted = false + #size = 0 + #reason = null + #handler = null + + constructor ({ maxSize }, handler) { + super(handler) + + if (maxSize != null && (!Number.isFinite(maxSize) || maxSize < 1)) { + throw new InvalidArgumentError('maxSize must be a number greater than 0') + } + + this.#maxSize = maxSize ?? this.#maxSize + this.#handler = handler + } + + onConnect (abort) { + this.#abort = abort + + this.#handler.onConnect(this.#customAbort.bind(this)) + } + + #customAbort (reason) { + this.#aborted = true + this.#reason = reason + } + + // TODO: will require adjustment after new hooks are out + onHeaders (statusCode, rawHeaders, resume, statusMessage) { + const headers = util.parseHeaders(rawHeaders) + const contentLength = headers['content-length'] + + if (contentLength != null && contentLength > this.#maxSize) { + throw new RequestAbortedError( + `Response size (${contentLength}) larger than maxSize (${ + this.#maxSize + })` + ) + } + + if (this.#aborted) { + return true + } + + return this.#handler.onHeaders( + statusCode, + rawHeaders, + resume, + statusMessage + ) + } + + onError (err) { + if (this.#dumped) { + return + } + + err = this.#reason ?? err + + this.#handler.onError(err) + } + + onData (chunk) { + this.#size = this.#size + chunk.length + + if (this.#size >= this.#maxSize) { + this.#dumped = true + + if (this.#aborted) { + this.#handler.onError(this.#reason) + } else { + this.#handler.onComplete([]) + } + } + + return true + } + + onComplete (trailers) { + if (this.#dumped) { + return + } + + if (this.#aborted) { + this.#handler.onError(this.reason) + return + } + + this.#handler.onComplete(trailers) + } +} + +function createDumpInterceptor ( + { maxSize: defaultMaxSize } = { + maxSize: 1024 * 1024 + } +) { + return dispatch => { + return function Intercept (opts, handler) { + const { dumpMaxSize = defaultMaxSize } = + opts + + const dumpHandler = new DumpHandler( + { maxSize: dumpMaxSize }, + handler + ) + + return dispatch(opts, dumpHandler) + } + } +} + +module.exports = createDumpInterceptor + + +/***/ }), + +/***/ 5092: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const RedirectHandler = __nccwpck_require__(8754) + +function createRedirectInterceptor ({ maxRedirections: defaultMaxRedirections }) { + return (dispatch) => { + return function Intercept (opts, handler) { + const { maxRedirections = defaultMaxRedirections } = opts + + if (!maxRedirections) { + return dispatch(opts, handler) + } + + const redirectHandler = new RedirectHandler(dispatch, maxRedirections, opts, handler) + opts = { ...opts, maxRedirections: 0 } // Stop sub dispatcher from also redirecting. + return dispatch(opts, redirectHandler) + } + } +} + +module.exports = createRedirectInterceptor + + +/***/ }), + +/***/ 1514: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const RedirectHandler = __nccwpck_require__(8754) + +module.exports = opts => { + const globalMaxRedirections = opts?.maxRedirections + return dispatch => { + return function redirectInterceptor (opts, handler) { + const { maxRedirections = globalMaxRedirections, ...baseOpts } = opts + + if (!maxRedirections) { + return dispatch(opts, handler) + } + + const redirectHandler = new RedirectHandler( + dispatch, + maxRedirections, + opts, + handler + ) + + return dispatch(baseOpts, redirectHandler) + } + } +} + + +/***/ }), + +/***/ 2026: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const RetryHandler = __nccwpck_require__(7816) + +module.exports = globalOpts => { + return dispatch => { + return function retryInterceptor (opts, handler) { + return dispatch( + opts, + new RetryHandler( + { ...opts, retryOptions: { ...globalOpts, ...opts.retryOptions } }, + { + handler, + dispatch + } + ) + ) + } + } +} + + +/***/ }), + +/***/ 2824: /***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { "use strict"; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.SPECIAL_HEADERS = exports.HEADER_STATE = exports.MINOR = exports.MAJOR = exports.CONNECTION_TOKEN_CHARS = exports.HEADER_CHARS = exports.TOKEN = exports.STRICT_TOKEN = exports.HEX = exports.URL_CHAR = exports.STRICT_URL_CHAR = exports.USERINFO_CHARS = exports.MARK = exports.ALPHANUM = exports.NUM = exports.HEX_MAP = exports.NUM_MAP = exports.ALPHA = exports.FINISH = exports.H_METHOD_MAP = exports.METHOD_MAP = exports.METHODS_RTSP = exports.METHODS_ICE = exports.METHODS_HTTP = exports.METHODS = exports.LENIENT_FLAGS = exports.FLAGS = exports.TYPE = exports.ERROR = void 0; +const utils_1 = __nccwpck_require__(172); +// C headers +var ERROR; +(function (ERROR) { + ERROR[ERROR["OK"] = 0] = "OK"; + ERROR[ERROR["INTERNAL"] = 1] = "INTERNAL"; + ERROR[ERROR["STRICT"] = 2] = "STRICT"; + ERROR[ERROR["LF_EXPECTED"] = 3] = "LF_EXPECTED"; + ERROR[ERROR["UNEXPECTED_CONTENT_LENGTH"] = 4] = "UNEXPECTED_CONTENT_LENGTH"; + ERROR[ERROR["CLOSED_CONNECTION"] = 5] = "CLOSED_CONNECTION"; + ERROR[ERROR["INVALID_METHOD"] = 6] = "INVALID_METHOD"; + ERROR[ERROR["INVALID_URL"] = 7] = "INVALID_URL"; + ERROR[ERROR["INVALID_CONSTANT"] = 8] = "INVALID_CONSTANT"; + ERROR[ERROR["INVALID_VERSION"] = 9] = "INVALID_VERSION"; + ERROR[ERROR["INVALID_HEADER_TOKEN"] = 10] = "INVALID_HEADER_TOKEN"; + ERROR[ERROR["INVALID_CONTENT_LENGTH"] = 11] = "INVALID_CONTENT_LENGTH"; + ERROR[ERROR["INVALID_CHUNK_SIZE"] = 12] = "INVALID_CHUNK_SIZE"; + ERROR[ERROR["INVALID_STATUS"] = 13] = "INVALID_STATUS"; + ERROR[ERROR["INVALID_EOF_STATE"] = 14] = "INVALID_EOF_STATE"; + ERROR[ERROR["INVALID_TRANSFER_ENCODING"] = 15] = "INVALID_TRANSFER_ENCODING"; + ERROR[ERROR["CB_MESSAGE_BEGIN"] = 16] = "CB_MESSAGE_BEGIN"; + ERROR[ERROR["CB_HEADERS_COMPLETE"] = 17] = "CB_HEADERS_COMPLETE"; + ERROR[ERROR["CB_MESSAGE_COMPLETE"] = 18] = "CB_MESSAGE_COMPLETE"; + ERROR[ERROR["CB_CHUNK_HEADER"] = 19] = "CB_CHUNK_HEADER"; + ERROR[ERROR["CB_CHUNK_COMPLETE"] = 20] = "CB_CHUNK_COMPLETE"; + ERROR[ERROR["PAUSED"] = 21] = "PAUSED"; + ERROR[ERROR["PAUSED_UPGRADE"] = 22] = "PAUSED_UPGRADE"; + ERROR[ERROR["PAUSED_H2_UPGRADE"] = 23] = "PAUSED_H2_UPGRADE"; + ERROR[ERROR["USER"] = 24] = "USER"; +})(ERROR = exports.ERROR || (exports.ERROR = {})); +var TYPE; +(function (TYPE) { + TYPE[TYPE["BOTH"] = 0] = "BOTH"; + TYPE[TYPE["REQUEST"] = 1] = "REQUEST"; + TYPE[TYPE["RESPONSE"] = 2] = "RESPONSE"; +})(TYPE = exports.TYPE || (exports.TYPE = {})); +var FLAGS; +(function (FLAGS) { + FLAGS[FLAGS["CONNECTION_KEEP_ALIVE"] = 1] = "CONNECTION_KEEP_ALIVE"; + FLAGS[FLAGS["CONNECTION_CLOSE"] = 2] = "CONNECTION_CLOSE"; + FLAGS[FLAGS["CONNECTION_UPGRADE"] = 4] = "CONNECTION_UPGRADE"; + FLAGS[FLAGS["CHUNKED"] = 8] = "CHUNKED"; + FLAGS[FLAGS["UPGRADE"] = 16] = "UPGRADE"; + FLAGS[FLAGS["CONTENT_LENGTH"] = 32] = "CONTENT_LENGTH"; + FLAGS[FLAGS["SKIPBODY"] = 64] = "SKIPBODY"; + FLAGS[FLAGS["TRAILING"] = 128] = "TRAILING"; + // 1 << 8 is unused + FLAGS[FLAGS["TRANSFER_ENCODING"] = 512] = "TRANSFER_ENCODING"; +})(FLAGS = exports.FLAGS || (exports.FLAGS = {})); +var LENIENT_FLAGS; +(function (LENIENT_FLAGS) { + LENIENT_FLAGS[LENIENT_FLAGS["HEADERS"] = 1] = "HEADERS"; + LENIENT_FLAGS[LENIENT_FLAGS["CHUNKED_LENGTH"] = 2] = "CHUNKED_LENGTH"; + LENIENT_FLAGS[LENIENT_FLAGS["KEEP_ALIVE"] = 4] = "KEEP_ALIVE"; +})(LENIENT_FLAGS = exports.LENIENT_FLAGS || (exports.LENIENT_FLAGS = {})); +var METHODS; +(function (METHODS) { + METHODS[METHODS["DELETE"] = 0] = "DELETE"; + METHODS[METHODS["GET"] = 1] = "GET"; + METHODS[METHODS["HEAD"] = 2] = "HEAD"; + METHODS[METHODS["POST"] = 3] = "POST"; + METHODS[METHODS["PUT"] = 4] = "PUT"; + /* pathological */ + METHODS[METHODS["CONNECT"] = 5] = "CONNECT"; + METHODS[METHODS["OPTIONS"] = 6] = "OPTIONS"; + METHODS[METHODS["TRACE"] = 7] = "TRACE"; + /* WebDAV */ + METHODS[METHODS["COPY"] = 8] = "COPY"; + METHODS[METHODS["LOCK"] = 9] = "LOCK"; + METHODS[METHODS["MKCOL"] = 10] = "MKCOL"; + METHODS[METHODS["MOVE"] = 11] = "MOVE"; + METHODS[METHODS["PROPFIND"] = 12] = "PROPFIND"; + METHODS[METHODS["PROPPATCH"] = 13] = "PROPPATCH"; + METHODS[METHODS["SEARCH"] = 14] = "SEARCH"; + METHODS[METHODS["UNLOCK"] = 15] = "UNLOCK"; + METHODS[METHODS["BIND"] = 16] = "BIND"; + METHODS[METHODS["REBIND"] = 17] = "REBIND"; + METHODS[METHODS["UNBIND"] = 18] = "UNBIND"; + METHODS[METHODS["ACL"] = 19] = "ACL"; + /* subversion */ + METHODS[METHODS["REPORT"] = 20] = "REPORT"; + METHODS[METHODS["MKACTIVITY"] = 21] = "MKACTIVITY"; + METHODS[METHODS["CHECKOUT"] = 22] = "CHECKOUT"; + METHODS[METHODS["MERGE"] = 23] = "MERGE"; + /* upnp */ + METHODS[METHODS["M-SEARCH"] = 24] = "M-SEARCH"; + METHODS[METHODS["NOTIFY"] = 25] = "NOTIFY"; + METHODS[METHODS["SUBSCRIBE"] = 26] = "SUBSCRIBE"; + METHODS[METHODS["UNSUBSCRIBE"] = 27] = "UNSUBSCRIBE"; + /* RFC-5789 */ + METHODS[METHODS["PATCH"] = 28] = "PATCH"; + METHODS[METHODS["PURGE"] = 29] = "PURGE"; + /* CalDAV */ + METHODS[METHODS["MKCALENDAR"] = 30] = "MKCALENDAR"; + /* RFC-2068, section 19.6.1.2 */ + METHODS[METHODS["LINK"] = 31] = "LINK"; + METHODS[METHODS["UNLINK"] = 32] = "UNLINK"; + /* icecast */ + METHODS[METHODS["SOURCE"] = 33] = "SOURCE"; + /* RFC-7540, section 11.6 */ + METHODS[METHODS["PRI"] = 34] = "PRI"; + /* RFC-2326 RTSP */ + METHODS[METHODS["DESCRIBE"] = 35] = "DESCRIBE"; + METHODS[METHODS["ANNOUNCE"] = 36] = "ANNOUNCE"; + METHODS[METHODS["SETUP"] = 37] = "SETUP"; + METHODS[METHODS["PLAY"] = 38] = "PLAY"; + METHODS[METHODS["PAUSE"] = 39] = "PAUSE"; + METHODS[METHODS["TEARDOWN"] = 40] = "TEARDOWN"; + METHODS[METHODS["GET_PARAMETER"] = 41] = "GET_PARAMETER"; + METHODS[METHODS["SET_PARAMETER"] = 42] = "SET_PARAMETER"; + METHODS[METHODS["REDIRECT"] = 43] = "REDIRECT"; + METHODS[METHODS["RECORD"] = 44] = "RECORD"; + /* RAOP */ + METHODS[METHODS["FLUSH"] = 45] = "FLUSH"; +})(METHODS = exports.METHODS || (exports.METHODS = {})); +exports.METHODS_HTTP = [ + METHODS.DELETE, + METHODS.GET, + METHODS.HEAD, + METHODS.POST, + METHODS.PUT, + METHODS.CONNECT, + METHODS.OPTIONS, + METHODS.TRACE, + METHODS.COPY, + METHODS.LOCK, + METHODS.MKCOL, + METHODS.MOVE, + METHODS.PROPFIND, + METHODS.PROPPATCH, + METHODS.SEARCH, + METHODS.UNLOCK, + METHODS.BIND, + METHODS.REBIND, + METHODS.UNBIND, + METHODS.ACL, + METHODS.REPORT, + METHODS.MKACTIVITY, + METHODS.CHECKOUT, + METHODS.MERGE, + METHODS['M-SEARCH'], + METHODS.NOTIFY, + METHODS.SUBSCRIBE, + METHODS.UNSUBSCRIBE, + METHODS.PATCH, + METHODS.PURGE, + METHODS.MKCALENDAR, + METHODS.LINK, + METHODS.UNLINK, + METHODS.PRI, + // TODO(indutny): should we allow it with HTTP? + METHODS.SOURCE, +]; +exports.METHODS_ICE = [ + METHODS.SOURCE, +]; +exports.METHODS_RTSP = [ + METHODS.OPTIONS, + METHODS.DESCRIBE, + METHODS.ANNOUNCE, + METHODS.SETUP, + METHODS.PLAY, + METHODS.PAUSE, + METHODS.TEARDOWN, + METHODS.GET_PARAMETER, + METHODS.SET_PARAMETER, + METHODS.REDIRECT, + METHODS.RECORD, + METHODS.FLUSH, + // For AirPlay + METHODS.GET, + METHODS.POST, +]; +exports.METHOD_MAP = utils_1.enumToMap(METHODS); +exports.H_METHOD_MAP = {}; +Object.keys(exports.METHOD_MAP).forEach((key) => { + if (/^H/.test(key)) { + exports.H_METHOD_MAP[key] = exports.METHOD_MAP[key]; + } +}); +var FINISH; +(function (FINISH) { + FINISH[FINISH["SAFE"] = 0] = "SAFE"; + FINISH[FINISH["SAFE_WITH_CB"] = 1] = "SAFE_WITH_CB"; + FINISH[FINISH["UNSAFE"] = 2] = "UNSAFE"; +})(FINISH = exports.FINISH || (exports.FINISH = {})); +exports.ALPHA = []; +for (let i = 'A'.charCodeAt(0); i <= 'Z'.charCodeAt(0); i++) { + // Upper case + exports.ALPHA.push(String.fromCharCode(i)); + // Lower case + exports.ALPHA.push(String.fromCharCode(i + 0x20)); +} +exports.NUM_MAP = { + 0: 0, 1: 1, 2: 2, 3: 3, 4: 4, + 5: 5, 6: 6, 7: 7, 8: 8, 9: 9, +}; +exports.HEX_MAP = { + 0: 0, 1: 1, 2: 2, 3: 3, 4: 4, + 5: 5, 6: 6, 7: 7, 8: 8, 9: 9, + A: 0XA, B: 0XB, C: 0XC, D: 0XD, E: 0XE, F: 0XF, + a: 0xa, b: 0xb, c: 0xc, d: 0xd, e: 0xe, f: 0xf, +}; +exports.NUM = [ + '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', +]; +exports.ALPHANUM = exports.ALPHA.concat(exports.NUM); +exports.MARK = ['-', '_', '.', '!', '~', '*', '\'', '(', ')']; +exports.USERINFO_CHARS = exports.ALPHANUM + .concat(exports.MARK) + .concat(['%', ';', ':', '&', '=', '+', '$', ',']); +// TODO(indutny): use RFC +exports.STRICT_URL_CHAR = [ + '!', '"', '$', '%', '&', '\'', + '(', ')', '*', '+', ',', '-', '.', '/', + ':', ';', '<', '=', '>', + '@', '[', '\\', ']', '^', '_', + '`', + '{', '|', '}', '~', +].concat(exports.ALPHANUM); +exports.URL_CHAR = exports.STRICT_URL_CHAR + .concat(['\t', '\f']); +// All characters with 0x80 bit set to 1 +for (let i = 0x80; i <= 0xff; i++) { + exports.URL_CHAR.push(i); +} +exports.HEX = exports.NUM.concat(['a', 'b', 'c', 'd', 'e', 'f', 'A', 'B', 'C', 'D', 'E', 'F']); +/* Tokens as defined by rfc 2616. Also lowercases them. + * token = 1* + * separators = "(" | ")" | "<" | ">" | "@" + * | "," | ";" | ":" | "\" | <"> + * | "/" | "[" | "]" | "?" | "=" + * | "{" | "}" | SP | HT + */ +exports.STRICT_TOKEN = [ + '!', '#', '$', '%', '&', '\'', + '*', '+', '-', '.', + '^', '_', '`', + '|', '~', +].concat(exports.ALPHANUM); +exports.TOKEN = exports.STRICT_TOKEN.concat([' ']); +/* + * Verify that a char is a valid visible (printable) US-ASCII + * character or %x80-FF + */ +exports.HEADER_CHARS = ['\t']; +for (let i = 32; i <= 255; i++) { + if (i !== 127) { + exports.HEADER_CHARS.push(i); + } +} +// ',' = \x44 +exports.CONNECTION_TOKEN_CHARS = exports.HEADER_CHARS.filter((c) => c !== 44); +exports.MAJOR = exports.NUM_MAP; +exports.MINOR = exports.MAJOR; +var HEADER_STATE; +(function (HEADER_STATE) { + HEADER_STATE[HEADER_STATE["GENERAL"] = 0] = "GENERAL"; + HEADER_STATE[HEADER_STATE["CONNECTION"] = 1] = "CONNECTION"; + HEADER_STATE[HEADER_STATE["CONTENT_LENGTH"] = 2] = "CONTENT_LENGTH"; + HEADER_STATE[HEADER_STATE["TRANSFER_ENCODING"] = 3] = "TRANSFER_ENCODING"; + HEADER_STATE[HEADER_STATE["UPGRADE"] = 4] = "UPGRADE"; + HEADER_STATE[HEADER_STATE["CONNECTION_KEEP_ALIVE"] = 5] = "CONNECTION_KEEP_ALIVE"; + HEADER_STATE[HEADER_STATE["CONNECTION_CLOSE"] = 6] = "CONNECTION_CLOSE"; + HEADER_STATE[HEADER_STATE["CONNECTION_UPGRADE"] = 7] = "CONNECTION_UPGRADE"; + HEADER_STATE[HEADER_STATE["TRANSFER_ENCODING_CHUNKED"] = 8] = "TRANSFER_ENCODING_CHUNKED"; +})(HEADER_STATE = exports.HEADER_STATE || (exports.HEADER_STATE = {})); +exports.SPECIAL_HEADERS = { + 'connection': HEADER_STATE.CONNECTION, + 'content-length': HEADER_STATE.CONTENT_LENGTH, + 'proxy-connection': HEADER_STATE.CONNECTION, + 'transfer-encoding': HEADER_STATE.TRANSFER_ENCODING, + 'upgrade': HEADER_STATE.UPGRADE, +}; +//# sourceMappingURL=constants.js.map + +/***/ }), + +/***/ 3870: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Buffer } = __nccwpck_require__(4573) + +module.exports = Buffer.from('AGFzbQEAAAABJwdgAX8Bf2ADf39/AX9gAX8AYAJ/fwBgBH9/f38Bf2AAAGADf39/AALLAQgDZW52GHdhc21fb25faGVhZGVyc19jb21wbGV0ZQAEA2VudhV3YXNtX29uX21lc3NhZ2VfYmVnaW4AAANlbnYLd2FzbV9vbl91cmwAAQNlbnYOd2FzbV9vbl9zdGF0dXMAAQNlbnYUd2FzbV9vbl9oZWFkZXJfZmllbGQAAQNlbnYUd2FzbV9vbl9oZWFkZXJfdmFsdWUAAQNlbnYMd2FzbV9vbl9ib2R5AAEDZW52GHdhc21fb25fbWVzc2FnZV9jb21wbGV0ZQAAAy0sBQYAAAIAAAAAAAACAQIAAgICAAADAAAAAAMDAwMBAQEBAQEBAQEAAAIAAAAEBQFwARISBQMBAAIGCAF/AUGA1AQLB9EFIgZtZW1vcnkCAAtfaW5pdGlhbGl6ZQAIGV9faW5kaXJlY3RfZnVuY3Rpb25fdGFibGUBAAtsbGh0dHBfaW5pdAAJGGxsaHR0cF9zaG91bGRfa2VlcF9hbGl2ZQAvDGxsaHR0cF9hbGxvYwALBm1hbGxvYwAxC2xsaHR0cF9mcmVlAAwEZnJlZQAMD2xsaHR0cF9nZXRfdHlwZQANFWxsaHR0cF9nZXRfaHR0cF9tYWpvcgAOFWxsaHR0cF9nZXRfaHR0cF9taW5vcgAPEWxsaHR0cF9nZXRfbWV0aG9kABAWbGxodHRwX2dldF9zdGF0dXNfY29kZQAREmxsaHR0cF9nZXRfdXBncmFkZQASDGxsaHR0cF9yZXNldAATDmxsaHR0cF9leGVjdXRlABQUbGxodHRwX3NldHRpbmdzX2luaXQAFQ1sbGh0dHBfZmluaXNoABYMbGxodHRwX3BhdXNlABcNbGxodHRwX3Jlc3VtZQAYG2xsaHR0cF9yZXN1bWVfYWZ0ZXJfdXBncmFkZQAZEGxsaHR0cF9nZXRfZXJybm8AGhdsbGh0dHBfZ2V0X2Vycm9yX3JlYXNvbgAbF2xsaHR0cF9zZXRfZXJyb3JfcmVhc29uABwUbGxodHRwX2dldF9lcnJvcl9wb3MAHRFsbGh0dHBfZXJybm9fbmFtZQAeEmxsaHR0cF9tZXRob2RfbmFtZQAfEmxsaHR0cF9zdGF0dXNfbmFtZQAgGmxsaHR0cF9zZXRfbGVuaWVudF9oZWFkZXJzACEhbGxodHRwX3NldF9sZW5pZW50X2NodW5rZWRfbGVuZ3RoACIdbGxodHRwX3NldF9sZW5pZW50X2tlZXBfYWxpdmUAIyRsbGh0dHBfc2V0X2xlbmllbnRfdHJhbnNmZXJfZW5jb2RpbmcAJBhsbGh0dHBfbWVzc2FnZV9uZWVkc19lb2YALgkXAQBBAQsRAQIDBAUKBgcrLSwqKSglJyYK07MCLBYAQYjQACgCAARAAAtBiNAAQQE2AgALFAAgABAwIAAgAjYCOCAAIAE6ACgLFAAgACAALwEyIAAtAC4gABAvEAALHgEBf0HAABAyIgEQMCABQYAINgI4IAEgADoAKCABC48MAQd/AkAgAEUNACAAQQhrIgEgAEEEaygCACIAQXhxIgRqIQUCQCAAQQFxDQAgAEEDcUUNASABIAEoAgAiAGsiAUGc0AAoAgBJDQEgACAEaiEEAkACQEGg0AAoAgAgAUcEQCAAQf8BTQRAIABBA3YhAyABKAIIIgAgASgCDCICRgRAQYzQAEGM0AAoAgBBfiADd3E2AgAMBQsgAiAANgIIIAAgAjYCDAwECyABKAIYIQYgASABKAIMIgBHBEAgACABKAIIIgI2AgggAiAANgIMDAMLIAFBFGoiAygCACICRQRAIAEoAhAiAkUNAiABQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFKAIEIgBBA3FBA0cNAiAFIABBfnE2AgRBlNAAIAQ2AgAgBSAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCABKAIcIgJBAnRBvNIAaiIDKAIAIAFGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgAUYbaiAANgIAIABFDQELIAAgBjYCGCABKAIQIgIEQCAAIAI2AhAgAiAANgIYCyABQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAFTw0AIAUoAgQiAEEBcUUNAAJAAkACQAJAIABBAnFFBEBBpNAAKAIAIAVGBEBBpNAAIAE2AgBBmNAAQZjQACgCACAEaiIANgIAIAEgAEEBcjYCBCABQaDQACgCAEcNBkGU0ABBADYCAEGg0ABBADYCAAwGC0Gg0AAoAgAgBUYEQEGg0AAgATYCAEGU0ABBlNAAKAIAIARqIgA2AgAgASAAQQFyNgIEIAAgAWogADYCAAwGCyAAQXhxIARqIQQgAEH/AU0EQCAAQQN2IQMgBSgCCCIAIAUoAgwiAkYEQEGM0ABBjNAAKAIAQX4gA3dxNgIADAULIAIgADYCCCAAIAI2AgwMBAsgBSgCGCEGIAUgBSgCDCIARwRAQZzQACgCABogACAFKAIIIgI2AgggAiAANgIMDAMLIAVBFGoiAygCACICRQRAIAUoAhAiAkUNAiAFQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFIABBfnE2AgQgASAEaiAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCAFKAIcIgJBAnRBvNIAaiIDKAIAIAVGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiAANgIAIABFDQELIAAgBjYCGCAFKAIQIgIEQCAAIAI2AhAgAiAANgIYCyAFQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAEaiAENgIAIAEgBEEBcjYCBCABQaDQACgCAEcNAEGU0AAgBDYCAAwBCyAEQf8BTQRAIARBeHFBtNAAaiEAAn9BjNAAKAIAIgJBASAEQQN2dCIDcUUEQEGM0AAgAiADcjYCACAADAELIAAoAggLIgIgATYCDCAAIAE2AgggASAANgIMIAEgAjYCCAwBC0EfIQIgBEH///8HTQRAIARBJiAEQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAgsgASACNgIcIAFCADcCECACQQJ0QbzSAGohAAJAQZDQACgCACIDQQEgAnQiB3FFBEAgACABNgIAQZDQACADIAdyNgIAIAEgADYCGCABIAE2AgggASABNgIMDAELIARBGSACQQF2a0EAIAJBH0cbdCECIAAoAgAhAAJAA0AgACIDKAIEQXhxIARGDQEgAkEddiEAIAJBAXQhAiADIABBBHFqQRBqIgcoAgAiAA0ACyAHIAE2AgAgASADNgIYIAEgATYCDCABIAE2AggMAQsgAygCCCIAIAE2AgwgAyABNgIIIAFBADYCGCABIAM2AgwgASAANgIIC0Gs0ABBrNAAKAIAQQFrIgBBfyAAGzYCAAsLBwAgAC0AKAsHACAALQAqCwcAIAAtACsLBwAgAC0AKQsHACAALwEyCwcAIAAtAC4LQAEEfyAAKAIYIQEgAC0ALSECIAAtACghAyAAKAI4IQQgABAwIAAgBDYCOCAAIAM6ACggACACOgAtIAAgATYCGAu74gECB38DfiABIAJqIQQCQCAAIgIoAgwiAA0AIAIoAgQEQCACIAE2AgQLIwBBEGsiCCQAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAIoAhwiA0EBaw7dAdoBAdkBAgMEBQYHCAkKCwwNDtgBDxDXARES1gETFBUWFxgZGhvgAd8BHB0e1QEfICEiIyQl1AEmJygpKiss0wHSAS0u0QHQAS8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRtsBR0hJSs8BzgFLzQFMzAFNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AAYEBggGDAYQBhQGGAYcBiAGJAYoBiwGMAY0BjgGPAZABkQGSAZMBlAGVAZYBlwGYAZkBmgGbAZwBnQGeAZ8BoAGhAaIBowGkAaUBpgGnAagBqQGqAasBrAGtAa4BrwGwAbEBsgGzAbQBtQG2AbcBywHKAbgByQG5AcgBugG7AbwBvQG+Ab8BwAHBAcIBwwHEAcUBxgEA3AELQQAMxgELQQ4MxQELQQ0MxAELQQ8MwwELQRAMwgELQRMMwQELQRQMwAELQRUMvwELQRYMvgELQRgMvQELQRkMvAELQRoMuwELQRsMugELQRwMuQELQR0MuAELQQgMtwELQR4MtgELQSAMtQELQR8MtAELQQcMswELQSEMsgELQSIMsQELQSMMsAELQSQMrwELQRIMrgELQREMrQELQSUMrAELQSYMqwELQScMqgELQSgMqQELQcMBDKgBC0EqDKcBC0ErDKYBC0EsDKUBC0EtDKQBC0EuDKMBC0EvDKIBC0HEAQyhAQtBMAygAQtBNAyfAQtBDAyeAQtBMQydAQtBMgycAQtBMwybAQtBOQyaAQtBNQyZAQtBxQEMmAELQQsMlwELQToMlgELQTYMlQELQQoMlAELQTcMkwELQTgMkgELQTwMkQELQTsMkAELQT0MjwELQQkMjgELQSkMjQELQT4MjAELQT8MiwELQcAADIoBC0HBAAyJAQtBwgAMiAELQcMADIcBC0HEAAyGAQtBxQAMhQELQcYADIQBC0EXDIMBC0HHAAyCAQtByAAMgQELQckADIABC0HKAAx/C0HLAAx+C0HNAAx9C0HMAAx8C0HOAAx7C0HPAAx6C0HQAAx5C0HRAAx4C0HSAAx3C0HTAAx2C0HUAAx1C0HWAAx0C0HVAAxzC0EGDHILQdcADHELQQUMcAtB2AAMbwtBBAxuC0HZAAxtC0HaAAxsC0HbAAxrC0HcAAxqC0EDDGkLQd0ADGgLQd4ADGcLQd8ADGYLQeEADGULQeAADGQLQeIADGMLQeMADGILQQIMYQtB5AAMYAtB5QAMXwtB5gAMXgtB5wAMXQtB6AAMXAtB6QAMWwtB6gAMWgtB6wAMWQtB7AAMWAtB7QAMVwtB7gAMVgtB7wAMVQtB8AAMVAtB8QAMUwtB8gAMUgtB8wAMUQtB9AAMUAtB9QAMTwtB9gAMTgtB9wAMTQtB+AAMTAtB+QAMSwtB+gAMSgtB+wAMSQtB/AAMSAtB/QAMRwtB/gAMRgtB/wAMRQtBgAEMRAtBgQEMQwtBggEMQgtBgwEMQQtBhAEMQAtBhQEMPwtBhgEMPgtBhwEMPQtBiAEMPAtBiQEMOwtBigEMOgtBiwEMOQtBjAEMOAtBjQEMNwtBjgEMNgtBjwEMNQtBkAEMNAtBkQEMMwtBkgEMMgtBkwEMMQtBlAEMMAtBlQEMLwtBlgEMLgtBlwEMLQtBmAEMLAtBmQEMKwtBmgEMKgtBmwEMKQtBnAEMKAtBnQEMJwtBngEMJgtBnwEMJQtBoAEMJAtBoQEMIwtBogEMIgtBowEMIQtBpAEMIAtBpQEMHwtBpgEMHgtBpwEMHQtBqAEMHAtBqQEMGwtBqgEMGgtBqwEMGQtBrAEMGAtBrQEMFwtBrgEMFgtBAQwVC0GvAQwUC0GwAQwTC0GxAQwSC0GzAQwRC0GyAQwQC0G0AQwPC0G1AQwOC0G2AQwNC0G3AQwMC0G4AQwLC0G5AQwKC0G6AQwJC0G7AQwIC0HGAQwHC0G8AQwGC0G9AQwFC0G+AQwEC0G/AQwDC0HAAQwCC0HCAQwBC0HBAQshAwNAAkACQAJAAkACQAJAAkACQAJAIAICfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAgJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAn8CQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCADDsYBAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHyAhIyUmKCorLC8wMTIzNDU2Nzk6Ozw9lANAQkRFRklLTk9QUVJTVFVWWFpbXF1eX2BhYmNkZWZnaGpsb3Bxc3V2eHl6e3x/gAGBAYIBgwGEAYUBhgGHAYgBiQGKAYsBjAGNAY4BjwGQAZEBkgGTAZQBlQGWAZcBmAGZAZoBmwGcAZ0BngGfAaABoQGiAaMBpAGlAaYBpwGoAakBqgGrAawBrQGuAa8BsAGxAbIBswG0AbUBtgG3AbgBuQG6AbsBvAG9Ab4BvwHAAcEBwgHDAcQBxQHGAccByAHJAcsBzAHNAc4BzwGKA4kDiAOHA4QDgwOAA/sC+gL5AvgC9wL0AvMC8gLLAsECsALZAQsgASAERw3wAkHdASEDDLMDCyABIARHDcgBQcMBIQMMsgMLIAEgBEcNe0H3ACEDDLEDCyABIARHDXBB7wAhAwywAwsgASAERw1pQeoAIQMMrwMLIAEgBEcNZUHoACEDDK4DCyABIARHDWJB5gAhAwytAwsgASAERw0aQRghAwysAwsgASAERw0VQRIhAwyrAwsgASAERw1CQcUAIQMMqgMLIAEgBEcNNEE/IQMMqQMLIAEgBEcNMkE8IQMMqAMLIAEgBEcNK0ExIQMMpwMLIAItAC5BAUYNnwMMwQILQQAhAAJAAkACQCACLQAqRQ0AIAItACtFDQAgAi8BMCIDQQJxRQ0BDAILIAIvATAiA0EBcUUNAQtBASEAIAItAChBAUYNACACLwEyIgVB5ABrQeQASQ0AIAVBzAFGDQAgBUGwAkYNACADQcAAcQ0AQQAhACADQYgEcUGABEYNACADQShxQQBHIQALIAJBADsBMCACQQA6AC8gAEUN3wIgAkIANwMgDOACC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAARQ3MASAAQRVHDd0CIAJBBDYCHCACIAE2AhQgAkGwGDYCECACQRU2AgxBACEDDKQDCyABIARGBEBBBiEDDKQDCyABQQFqIQFBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAA3ZAgwcCyACQgA3AyBBEiEDDIkDCyABIARHDRZBHSEDDKEDCyABIARHBEAgAUEBaiEBQRAhAwyIAwtBByEDDKADCyACIAIpAyAiCiAEIAFrrSILfSIMQgAgCiAMWhs3AyAgCiALWA3UAkEIIQMMnwMLIAEgBEcEQCACQQk2AgggAiABNgIEQRQhAwyGAwtBCSEDDJ4DCyACKQMgQgBSDccBIAIgAi8BMEGAAXI7ATAMQgsgASAERw0/QdAAIQMMnAMLIAEgBEYEQEELIQMMnAMLIAFBAWohAUEAIQACQCACKAI4IgNFDQAgAygCUCIDRQ0AIAIgAxEAACEACyAADc8CDMYBC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ3GASAAQRVHDc0CIAJBCzYCHCACIAE2AhQgAkGCGTYCECACQRU2AgxBACEDDJoDC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ0MIABBFUcNygIgAkEaNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMmQMLQQAhAAJAIAIoAjgiA0UNACADKAJMIgNFDQAgAiADEQAAIQALIABFDcQBIABBFUcNxwIgAkELNgIcIAIgATYCFCACQZEXNgIQIAJBFTYCDEEAIQMMmAMLIAEgBEYEQEEPIQMMmAMLIAEtAAAiAEE7Rg0HIABBDUcNxAIgAUEBaiEBDMMBC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3DASAAQRVHDcICIAJBDzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJYDCwNAIAEtAABB8DVqLQAAIgBBAUcEQCAAQQJHDcECIAIoAgQhAEEAIQMgAkEANgIEIAIgACABQQFqIgEQLSIADcICDMUBCyAEIAFBAWoiAUcNAAtBEiEDDJUDC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3FASAAQRVHDb0CIAJBGzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJQDCyABIARGBEBBFiEDDJQDCyACQQo2AgggAiABNgIEQQAhAAJAIAIoAjgiA0UNACADKAJIIgNFDQAgAiADEQAAIQALIABFDcIBIABBFUcNuQIgAkEVNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMkwMLIAEgBEcEQANAIAEtAABB8DdqLQAAIgBBAkcEQAJAIABBAWsOBMQCvQIAvgK9AgsgAUEBaiEBQQghAwz8AgsgBCABQQFqIgFHDQALQRUhAwyTAwtBFSEDDJIDCwNAIAEtAABB8DlqLQAAIgBBAkcEQCAAQQFrDgTFArcCwwK4ArcCCyAEIAFBAWoiAUcNAAtBGCEDDJEDCyABIARHBEAgAkELNgIIIAIgATYCBEEHIQMM+AILQRkhAwyQAwsgAUEBaiEBDAILIAEgBEYEQEEaIQMMjwMLAkAgAS0AAEENaw4UtQG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwEAvwELQQAhAyACQQA2AhwgAkGvCzYCECACQQI2AgwgAiABQQFqNgIUDI4DCyABIARGBEBBGyEDDI4DCyABLQAAIgBBO0cEQCAAQQ1HDbECIAFBAWohAQy6AQsgAUEBaiEBC0EiIQMM8wILIAEgBEYEQEEcIQMMjAMLQgAhCgJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAS0AAEEwaw43wQLAAgABAgMEBQYH0AHQAdAB0AHQAdAB0AEICQoLDA3QAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdABDg8QERIT0AELQgIhCgzAAgtCAyEKDL8CC0IEIQoMvgILQgUhCgy9AgtCBiEKDLwCC0IHIQoMuwILQgghCgy6AgtCCSEKDLkCC0IKIQoMuAILQgshCgy3AgtCDCEKDLYCC0INIQoMtQILQg4hCgy0AgtCDyEKDLMCC0IKIQoMsgILQgshCgyxAgtCDCEKDLACC0INIQoMrwILQg4hCgyuAgtCDyEKDK0CC0IAIQoCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAEtAABBMGsON8ACvwIAAQIDBAUGB74CvgK+Ar4CvgK+Ar4CCAkKCwwNvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ag4PEBESE74CC0ICIQoMvwILQgMhCgy+AgtCBCEKDL0CC0IFIQoMvAILQgYhCgy7AgtCByEKDLoCC0IIIQoMuQILQgkhCgy4AgtCCiEKDLcCC0ILIQoMtgILQgwhCgy1AgtCDSEKDLQCC0IOIQoMswILQg8hCgyyAgtCCiEKDLECC0ILIQoMsAILQgwhCgyvAgtCDSEKDK4CC0IOIQoMrQILQg8hCgysAgsgAiACKQMgIgogBCABa60iC30iDEIAIAogDFobNwMgIAogC1gNpwJBHyEDDIkDCyABIARHBEAgAkEJNgIIIAIgATYCBEElIQMM8AILQSAhAwyIAwtBASEFIAIvATAiA0EIcUUEQCACKQMgQgBSIQULAkAgAi0ALgRAQQEhACACLQApQQVGDQEgA0HAAHFFIAVxRQ0BC0EAIQAgA0HAAHENAEECIQAgA0EIcQ0AIANBgARxBEACQCACLQAoQQFHDQAgAi0ALUEKcQ0AQQUhAAwCC0EEIQAMAQsgA0EgcUUEQAJAIAItAChBAUYNACACLwEyIgBB5ABrQeQASQ0AIABBzAFGDQAgAEGwAkYNAEEEIQAgA0EocUUNAiADQYgEcUGABEYNAgtBACEADAELQQBBAyACKQMgUBshAAsgAEEBaw4FvgIAsAEBpAKhAgtBESEDDO0CCyACQQE6AC8MhAMLIAEgBEcNnQJBJCEDDIQDCyABIARHDRxBxgAhAwyDAwtBACEAAkAgAigCOCIDRQ0AIAMoAkQiA0UNACACIAMRAAAhAAsgAEUNJyAAQRVHDZgCIAJB0AA2AhwgAiABNgIUIAJBkRg2AhAgAkEVNgIMQQAhAwyCAwsgASAERgRAQSghAwyCAwtBACEDIAJBADYCBCACQQw2AgggAiABIAEQKiIARQ2UAiACQSc2AhwgAiABNgIUIAIgADYCDAyBAwsgASAERgRAQSkhAwyBAwsgAS0AACIAQSBGDRMgAEEJRw2VAiABQQFqIQEMFAsgASAERwRAIAFBAWohAQwWC0EqIQMM/wILIAEgBEYEQEErIQMM/wILIAEtAAAiAEEJRyAAQSBHcQ2QAiACLQAsQQhHDd0CIAJBADoALAzdAgsgASAERgRAQSwhAwz+AgsgAS0AAEEKRw2OAiABQQFqIQEMsAELIAEgBEcNigJBLyEDDPwCCwNAIAEtAAAiAEEgRwRAIABBCmsOBIQCiAKIAoQChgILIAQgAUEBaiIBRw0AC0ExIQMM+wILQTIhAyABIARGDfoCIAIoAgAiACAEIAFraiEHIAEgAGtBA2ohBgJAA0AgAEHwO2otAAAgAS0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDQEgAEEDRgRAQQYhAQziAgsgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAc2AgAM+wILIAJBADYCAAyGAgtBMyEDIAQgASIARg35AiAEIAFrIAIoAgAiAWohByAAIAFrQQhqIQYCQANAIAFB9DtqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBCEYEQEEFIQEM4QILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPoCCyACQQA2AgAgACEBDIUCC0E0IQMgBCABIgBGDfgCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgJAA0AgAUHQwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBBUYEQEEHIQEM4AILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPkCCyACQQA2AgAgACEBDIQCCyABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRg0JDIECCyAEIAFBAWoiAUcNAAtBMCEDDPgCC0EwIQMM9wILIAEgBEcEQANAIAEtAAAiAEEgRwRAIABBCmsOBP8B/gH+Af8B/gELIAQgAUEBaiIBRw0AC0E4IQMM9wILQTghAwz2AgsDQCABLQAAIgBBIEcgAEEJR3EN9gEgBCABQQFqIgFHDQALQTwhAwz1AgsDQCABLQAAIgBBIEcEQAJAIABBCmsOBPkBBAT5AQALIABBLEYN9QEMAwsgBCABQQFqIgFHDQALQT8hAwz0AgtBwAAhAyABIARGDfMCIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAEGAQGstAAAgAS0AAEEgckcNASAAQQZGDdsCIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPQCCyACQQA2AgALQTYhAwzZAgsgASAERgRAQcEAIQMM8gILIAJBDDYCCCACIAE2AgQgAi0ALEEBaw4E+wHuAewB6wHUAgsgAUEBaiEBDPoBCyABIARHBEADQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxIgBBCUYNACAAQSBGDQACQAJAAkACQCAAQeMAaw4TAAMDAwMDAwMBAwMDAwMDAwMDAgMLIAFBAWohAUExIQMM3AILIAFBAWohAUEyIQMM2wILIAFBAWohAUEzIQMM2gILDP4BCyAEIAFBAWoiAUcNAAtBNSEDDPACC0E1IQMM7wILIAEgBEcEQANAIAEtAABBgDxqLQAAQQFHDfcBIAQgAUEBaiIBRw0AC0E9IQMM7wILQT0hAwzuAgtBACEAAkAgAigCOCIDRQ0AIAMoAkAiA0UNACACIAMRAAAhAAsgAEUNASAAQRVHDeYBIAJBwgA2AhwgAiABNgIUIAJB4xg2AhAgAkEVNgIMQQAhAwztAgsgAUEBaiEBC0E8IQMM0gILIAEgBEYEQEHCACEDDOsCCwJAA0ACQCABLQAAQQlrDhgAAswCzALRAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAgDMAgsgBCABQQFqIgFHDQALQcIAIQMM6wILIAFBAWohASACLQAtQQFxRQ3+AQtBLCEDDNACCyABIARHDd4BQcQAIQMM6AILA0AgAS0AAEGQwABqLQAAQQFHDZwBIAQgAUEBaiIBRw0AC0HFACEDDOcCCyABLQAAIgBBIEYN/gEgAEE6Rw3AAiACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgAN3gEM3QELQccAIQMgBCABIgBGDeUCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFBkMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvwIgAUEFRg3CAiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzlAgtByAAhAyAEIAEiAEYN5AIgBCABayACKAIAIgFqIQcgACABa0EJaiEGA0AgAUGWwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw2+AkECIAFBCUYNwgIaIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOQCCyABIARGBEBByQAhAwzkAgsCQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxQe4Aaw4HAL8CvwK/Ar8CvwIBvwILIAFBAWohAUE+IQMMywILIAFBAWohAUE/IQMMygILQcoAIQMgBCABIgBGDeICIAQgAWsgAigCACIBaiEGIAAgAWtBAWohBwNAIAFBoMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvAIgAUEBRg2+AiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBjYCAAziAgtBywAhAyAEIAEiAEYN4QIgBCABayACKAIAIgFqIQcgACABa0EOaiEGA0AgAUGiwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw27AiABQQ5GDb4CIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOECC0HMACEDIAQgASIARg3gAiAEIAFrIAIoAgAiAWohByAAIAFrQQ9qIQYDQCABQcDCAGotAAAgAC0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDboCQQMgAUEPRg2+AhogAUEBaiEBIAQgAEEBaiIARw0ACyACIAc2AgAM4AILQc0AIQMgBCABIgBGDd8CIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFB0MIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNuQJBBCABQQVGDb0CGiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzfAgsgASAERgRAQc4AIQMM3wILAkACQAJAAkAgAS0AACIAQSByIAAgAEHBAGtB/wFxQRpJG0H/AXFB4wBrDhMAvAK8ArwCvAK8ArwCvAK8ArwCvAK8ArwCAbwCvAK8AgIDvAILIAFBAWohAUHBACEDDMgCCyABQQFqIQFBwgAhAwzHAgsgAUEBaiEBQcMAIQMMxgILIAFBAWohAUHEACEDDMUCCyABIARHBEAgAkENNgIIIAIgATYCBEHFACEDDMUCC0HPACEDDN0CCwJAAkAgAS0AAEEKaw4EAZABkAEAkAELIAFBAWohAQtBKCEDDMMCCyABIARGBEBB0QAhAwzcAgsgAS0AAEEgRw0AIAFBAWohASACLQAtQQFxRQ3QAQtBFyEDDMECCyABIARHDcsBQdIAIQMM2QILQdMAIQMgASAERg3YAiACKAIAIgAgBCABa2ohBiABIABrQQFqIQUDQCABLQAAIABB1sIAai0AAEcNxwEgAEEBRg3KASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBjYCAAzYAgsgASAERgRAQdUAIQMM2AILIAEtAABBCkcNwgEgAUEBaiEBDMoBCyABIARGBEBB1gAhAwzXAgsCQAJAIAEtAABBCmsOBADDAcMBAcMBCyABQQFqIQEMygELIAFBAWohAUHKACEDDL0CC0EAIQACQCACKAI4IgNFDQAgAygCPCIDRQ0AIAIgAxEAACEACyAADb8BQc0AIQMMvAILIAItAClBIkYNzwIMiQELIAQgASIFRgRAQdsAIQMM1AILQQAhAEEBIQFBASEGQQAhAwJAAn8CQAJAAkACQAJAAkACQCAFLQAAQTBrDgrFAcQBAAECAwQFBgjDAQtBAgwGC0EDDAULQQQMBAtBBQwDC0EGDAILQQcMAQtBCAshA0EAIQFBACEGDL0BC0EJIQNBASEAQQAhAUEAIQYMvAELIAEgBEYEQEHdACEDDNMCCyABLQAAQS5HDbgBIAFBAWohAQyIAQsgASAERw22AUHfACEDDNECCyABIARHBEAgAkEONgIIIAIgATYCBEHQACEDDLgCC0HgACEDDNACC0HhACEDIAEgBEYNzwIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGA0AgAS0AACAAQeLCAGotAABHDbEBIABBA0YNswEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMzwILQeIAIQMgASAERg3OAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYDQCABLQAAIABB5sIAai0AAEcNsAEgAEECRg2vASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAzOAgtB4wAhAyABIARGDc0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgNAIAEtAAAgAEHpwgBqLQAARw2vASAAQQNGDa0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADM0CCyABIARGBEBB5QAhAwzNAgsgAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANqgFB1gAhAwyzAgsgASAERwRAA0AgAS0AACIAQSBHBEACQAJAAkAgAEHIAGsOCwABswGzAbMBswGzAbMBswGzAQKzAQsgAUEBaiEBQdIAIQMMtwILIAFBAWohAUHTACEDDLYCCyABQQFqIQFB1AAhAwy1AgsgBCABQQFqIgFHDQALQeQAIQMMzAILQeQAIQMMywILA0AgAS0AAEHwwgBqLQAAIgBBAUcEQCAAQQJrDgOnAaYBpQGkAQsgBCABQQFqIgFHDQALQeYAIQMMygILIAFBAWogASAERw0CGkHnACEDDMkCCwNAIAEtAABB8MQAai0AACIAQQFHBEACQCAAQQJrDgSiAaEBoAEAnwELQdcAIQMMsQILIAQgAUEBaiIBRw0AC0HoACEDDMgCCyABIARGBEBB6QAhAwzIAgsCQCABLQAAIgBBCmsOGrcBmwGbAbQBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBpAGbAZsBAJkBCyABQQFqCyEBQQYhAwytAgsDQCABLQAAQfDGAGotAABBAUcNfSAEIAFBAWoiAUcNAAtB6gAhAwzFAgsgAUEBaiABIARHDQIaQesAIQMMxAILIAEgBEYEQEHsACEDDMQCCyABQQFqDAELIAEgBEYEQEHtACEDDMMCCyABQQFqCyEBQQQhAwyoAgsgASAERgRAQe4AIQMMwQILAkACQAJAIAEtAABB8MgAai0AAEEBaw4HkAGPAY4BAHwBAo0BCyABQQFqIQEMCwsgAUEBagyTAQtBACEDIAJBADYCHCACQZsSNgIQIAJBBzYCDCACIAFBAWo2AhQMwAILAkADQCABLQAAQfDIAGotAAAiAEEERwRAAkACQCAAQQFrDgeUAZMBkgGNAQAEAY0BC0HaACEDDKoCCyABQQFqIQFB3AAhAwypAgsgBCABQQFqIgFHDQALQe8AIQMMwAILIAFBAWoMkQELIAQgASIARgRAQfAAIQMMvwILIAAtAABBL0cNASAAQQFqIQEMBwsgBCABIgBGBEBB8QAhAwy+AgsgAC0AACIBQS9GBEAgAEEBaiEBQd0AIQMMpQILIAFBCmsiA0EWSw0AIAAhAUEBIAN0QYmAgAJxDfkBC0EAIQMgAkEANgIcIAIgADYCFCACQYwcNgIQIAJBBzYCDAy8AgsgASAERwRAIAFBAWohAUHeACEDDKMCC0HyACEDDLsCCyABIARGBEBB9AAhAwy7AgsCQCABLQAAQfDMAGotAABBAWsOA/cBcwCCAQtB4QAhAwyhAgsgASAERwRAA0AgAS0AAEHwygBqLQAAIgBBA0cEQAJAIABBAWsOAvkBAIUBC0HfACEDDKMCCyAEIAFBAWoiAUcNAAtB8wAhAwy6AgtB8wAhAwy5AgsgASAERwRAIAJBDzYCCCACIAE2AgRB4AAhAwygAgtB9QAhAwy4AgsgASAERgRAQfYAIQMMuAILIAJBDzYCCCACIAE2AgQLQQMhAwydAgsDQCABLQAAQSBHDY4CIAQgAUEBaiIBRw0AC0H3ACEDDLUCCyABIARGBEBB+AAhAwy1AgsgAS0AAEEgRw16IAFBAWohAQxbC0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAADXgMgAILIAEgBEYEQEH6ACEDDLMCCyABLQAAQcwARw10IAFBAWohAUETDHYLQfsAIQMgASAERg2xAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYDQCABLQAAIABB8M4Aai0AAEcNcyAAQQVGDXUgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMsQILIAEgBEYEQEH8ACEDDLECCwJAAkAgAS0AAEHDAGsODAB0dHR0dHR0dHR0AXQLIAFBAWohAUHmACEDDJgCCyABQQFqIQFB5wAhAwyXAgtB/QAhAyABIARGDa8CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDXIgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADLACCyACQQA2AgAgBkEBaiEBQRAMcwtB/gAhAyABIARGDa4CIAIoAgAiACAEIAFraiEFIAEgAGtBBWohBgJAA0AgAS0AACAAQfbOAGotAABHDXEgAEEFRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK8CCyACQQA2AgAgBkEBaiEBQRYMcgtB/wAhAyABIARGDa0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQfzOAGotAABHDXAgAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK4CCyACQQA2AgAgBkEBaiEBQQUMcQsgASAERgRAQYABIQMMrQILIAEtAABB2QBHDW4gAUEBaiEBQQgMcAsgASAERgRAQYEBIQMMrAILAkACQCABLQAAQc4Aaw4DAG8BbwsgAUEBaiEBQesAIQMMkwILIAFBAWohAUHsACEDDJICCyABIARGBEBBggEhAwyrAgsCQAJAIAEtAABByABrDggAbm5ubm5uAW4LIAFBAWohAUHqACEDDJICCyABQQFqIQFB7QAhAwyRAgtBgwEhAyABIARGDakCIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQYDPAGotAABHDWwgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKoCCyACQQA2AgAgBkEBaiEBQQAMbQtBhAEhAyABIARGDagCIAIoAgAiACAEIAFraiEFIAEgAGtBBGohBgJAA0AgAS0AACAAQYPPAGotAABHDWsgAEEERg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKkCCyACQQA2AgAgBkEBaiEBQSMMbAsgASAERgRAQYUBIQMMqAILAkACQCABLQAAQcwAaw4IAGtra2trawFrCyABQQFqIQFB7wAhAwyPAgsgAUEBaiEBQfAAIQMMjgILIAEgBEYEQEGGASEDDKcCCyABLQAAQcUARw1oIAFBAWohAQxgC0GHASEDIAEgBEYNpQIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGAkADQCABLQAAIABBiM8Aai0AAEcNaCAAQQNGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpgILIAJBADYCACAGQQFqIQFBLQxpC0GIASEDIAEgBEYNpAIgAigCACIAIAQgAWtqIQUgASAAa0EIaiEGAkADQCABLQAAIABB0M8Aai0AAEcNZyAAQQhGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpQILIAJBADYCACAGQQFqIQFBKQxoCyABIARGBEBBiQEhAwykAgtBASABLQAAQd8ARw1nGiABQQFqIQEMXgtBigEhAyABIARGDaICIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgNAIAEtAAAgAEGMzwBqLQAARw1kIABBAUYN+gEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMogILQYsBIQMgASAERg2hAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGOzwBqLQAARw1kIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyiAgsgAkEANgIAIAZBAWohAUECDGULQYwBIQMgASAERg2gAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHwzwBqLQAARw1jIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyhAgsgAkEANgIAIAZBAWohAUEfDGQLQY0BIQMgASAERg2fAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHyzwBqLQAARw1iIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAygAgsgAkEANgIAIAZBAWohAUEJDGMLIAEgBEYEQEGOASEDDJ8CCwJAAkAgAS0AAEHJAGsOBwBiYmJiYgFiCyABQQFqIQFB+AAhAwyGAgsgAUEBaiEBQfkAIQMMhQILQY8BIQMgASAERg2dAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGRzwBqLQAARw1gIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyeAgsgAkEANgIAIAZBAWohAUEYDGELQZABIQMgASAERg2cAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGXzwBqLQAARw1fIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAydAgsgAkEANgIAIAZBAWohAUEXDGALQZEBIQMgASAERg2bAiACKAIAIgAgBCABa2ohBSABIABrQQZqIQYCQANAIAEtAAAgAEGazwBqLQAARw1eIABBBkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAycAgsgAkEANgIAIAZBAWohAUEVDF8LQZIBIQMgASAERg2aAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGhzwBqLQAARw1dIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAybAgsgAkEANgIAIAZBAWohAUEeDF4LIAEgBEYEQEGTASEDDJoCCyABLQAAQcwARw1bIAFBAWohAUEKDF0LIAEgBEYEQEGUASEDDJkCCwJAAkAgAS0AAEHBAGsODwBcXFxcXFxcXFxcXFxcAVwLIAFBAWohAUH+ACEDDIACCyABQQFqIQFB/wAhAwz/AQsgASAERgRAQZUBIQMMmAILAkACQCABLQAAQcEAaw4DAFsBWwsgAUEBaiEBQf0AIQMM/wELIAFBAWohAUGAASEDDP4BC0GWASEDIAEgBEYNlgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBp88Aai0AAEcNWSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlwILIAJBADYCACAGQQFqIQFBCwxaCyABIARGBEBBlwEhAwyWAgsCQAJAAkACQCABLQAAQS1rDiMAW1tbW1tbW1tbW1tbW1tbW1tbW1tbW1sBW1tbW1sCW1tbA1sLIAFBAWohAUH7ACEDDP8BCyABQQFqIQFB/AAhAwz+AQsgAUEBaiEBQYEBIQMM/QELIAFBAWohAUGCASEDDPwBC0GYASEDIAEgBEYNlAIgAigCACIAIAQgAWtqIQUgASAAa0EEaiEGAkADQCABLQAAIABBqc8Aai0AAEcNVyAAQQRGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlQILIAJBADYCACAGQQFqIQFBGQxYC0GZASEDIAEgBEYNkwIgAigCACIAIAQgAWtqIQUgASAAa0EFaiEGAkADQCABLQAAIABBrs8Aai0AAEcNViAAQQVGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlAILIAJBADYCACAGQQFqIQFBBgxXC0GaASEDIAEgBEYNkgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBtM8Aai0AAEcNVSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkwILIAJBADYCACAGQQFqIQFBHAxWC0GbASEDIAEgBEYNkQIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBts8Aai0AAEcNVCAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkgILIAJBADYCACAGQQFqIQFBJwxVCyABIARGBEBBnAEhAwyRAgsCQAJAIAEtAABB1ABrDgIAAVQLIAFBAWohAUGGASEDDPgBCyABQQFqIQFBhwEhAwz3AQtBnQEhAyABIARGDY8CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbjPAGotAABHDVIgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADJACCyACQQA2AgAgBkEBaiEBQSYMUwtBngEhAyABIARGDY4CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbrPAGotAABHDVEgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI8CCyACQQA2AgAgBkEBaiEBQQMMUgtBnwEhAyABIARGDY0CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDVAgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI4CCyACQQA2AgAgBkEBaiEBQQwMUQtBoAEhAyABIARGDYwCIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQbzPAGotAABHDU8gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI0CCyACQQA2AgAgBkEBaiEBQQ0MUAsgASAERgRAQaEBIQMMjAILAkACQCABLQAAQcYAaw4LAE9PT09PT09PTwFPCyABQQFqIQFBiwEhAwzzAQsgAUEBaiEBQYwBIQMM8gELIAEgBEYEQEGiASEDDIsCCyABLQAAQdAARw1MIAFBAWohAQxGCyABIARGBEBBowEhAwyKAgsCQAJAIAEtAABByQBrDgcBTU1NTU0ATQsgAUEBaiEBQY4BIQMM8QELIAFBAWohAUEiDE0LQaQBIQMgASAERg2IAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHAzwBqLQAARw1LIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyJAgsgAkEANgIAIAZBAWohAUEdDEwLIAEgBEYEQEGlASEDDIgCCwJAAkAgAS0AAEHSAGsOAwBLAUsLIAFBAWohAUGQASEDDO8BCyABQQFqIQFBBAxLCyABIARGBEBBpgEhAwyHAgsCQAJAAkACQAJAIAEtAABBwQBrDhUATU1NTU1NTU1NTQFNTQJNTQNNTQRNCyABQQFqIQFBiAEhAwzxAQsgAUEBaiEBQYkBIQMM8AELIAFBAWohAUGKASEDDO8BCyABQQFqIQFBjwEhAwzuAQsgAUEBaiEBQZEBIQMM7QELQacBIQMgASAERg2FAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHtzwBqLQAARw1IIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyGAgsgAkEANgIAIAZBAWohAUERDEkLQagBIQMgASAERg2EAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHCzwBqLQAARw1HIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyFAgsgAkEANgIAIAZBAWohAUEsDEgLQakBIQMgASAERg2DAiACKAIAIgAgBCABa2ohBSABIABrQQRqIQYCQANAIAEtAAAgAEHFzwBqLQAARw1GIABBBEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyEAgsgAkEANgIAIAZBAWohAUErDEcLQaoBIQMgASAERg2CAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHKzwBqLQAARw1FIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyDAgsgAkEANgIAIAZBAWohAUEUDEYLIAEgBEYEQEGrASEDDIICCwJAAkACQAJAIAEtAABBwgBrDg8AAQJHR0dHR0dHR0dHRwNHCyABQQFqIQFBkwEhAwzrAQsgAUEBaiEBQZQBIQMM6gELIAFBAWohAUGVASEDDOkBCyABQQFqIQFBlgEhAwzoAQsgASAERgRAQawBIQMMgQILIAEtAABBxQBHDUIgAUEBaiEBDD0LQa0BIQMgASAERg3/ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHNzwBqLQAARw1CIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyAAgsgAkEANgIAIAZBAWohAUEODEMLIAEgBEYEQEGuASEDDP8BCyABLQAAQdAARw1AIAFBAWohAUElDEILQa8BIQMgASAERg39ASACKAIAIgAgBCABa2ohBSABIABrQQhqIQYCQANAIAEtAAAgAEHQzwBqLQAARw1AIABBCEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz+AQsgAkEANgIAIAZBAWohAUEqDEELIAEgBEYEQEGwASEDDP0BCwJAAkAgAS0AAEHVAGsOCwBAQEBAQEBAQEABQAsgAUEBaiEBQZoBIQMM5AELIAFBAWohAUGbASEDDOMBCyABIARGBEBBsQEhAwz8AQsCQAJAIAEtAABBwQBrDhQAPz8/Pz8/Pz8/Pz8/Pz8/Pz8/AT8LIAFBAWohAUGZASEDDOMBCyABQQFqIQFBnAEhAwziAQtBsgEhAyABIARGDfoBIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQdnPAGotAABHDT0gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPsBCyACQQA2AgAgBkEBaiEBQSEMPgtBswEhAyABIARGDfkBIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAS0AACAAQd3PAGotAABHDTwgAEEGRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPoBCyACQQA2AgAgBkEBaiEBQRoMPQsgASAERgRAQbQBIQMM+QELAkACQAJAIAEtAABBxQBrDhEAPT09PT09PT09AT09PT09Aj0LIAFBAWohAUGdASEDDOEBCyABQQFqIQFBngEhAwzgAQsgAUEBaiEBQZ8BIQMM3wELQbUBIQMgASAERg33ASACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEHkzwBqLQAARw06IABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz4AQsgAkEANgIAIAZBAWohAUEoDDsLQbYBIQMgASAERg32ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHqzwBqLQAARw05IABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz3AQsgAkEANgIAIAZBAWohAUEHDDoLIAEgBEYEQEG3ASEDDPYBCwJAAkAgAS0AAEHFAGsODgA5OTk5OTk5OTk5OTkBOQsgAUEBaiEBQaEBIQMM3QELIAFBAWohAUGiASEDDNwBC0G4ASEDIAEgBEYN9AEgAigCACIAIAQgAWtqIQUgASAAa0ECaiEGAkADQCABLQAAIABB7c8Aai0AAEcNNyAAQQJGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9QELIAJBADYCACAGQQFqIQFBEgw4C0G5ASEDIAEgBEYN8wEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8M8Aai0AAEcNNiAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9AELIAJBADYCACAGQQFqIQFBIAw3C0G6ASEDIAEgBEYN8gEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8s8Aai0AAEcNNSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8wELIAJBADYCACAGQQFqIQFBDww2CyABIARGBEBBuwEhAwzyAQsCQAJAIAEtAABByQBrDgcANTU1NTUBNQsgAUEBaiEBQaUBIQMM2QELIAFBAWohAUGmASEDDNgBC0G8ASEDIAEgBEYN8AEgAigCACIAIAQgAWtqIQUgASAAa0EHaiEGAkADQCABLQAAIABB9M8Aai0AAEcNMyAAQQdGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8QELIAJBADYCACAGQQFqIQFBGww0CyABIARGBEBBvQEhAwzwAQsCQAJAAkAgAS0AAEHCAGsOEgA0NDQ0NDQ0NDQBNDQ0NDQ0AjQLIAFBAWohAUGkASEDDNgBCyABQQFqIQFBpwEhAwzXAQsgAUEBaiEBQagBIQMM1gELIAEgBEYEQEG+ASEDDO8BCyABLQAAQc4ARw0wIAFBAWohAQwsCyABIARGBEBBvwEhAwzuAQsCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCABLQAAQcEAaw4VAAECAz8EBQY/Pz8HCAkKCz8MDQ4PPwsgAUEBaiEBQegAIQMM4wELIAFBAWohAUHpACEDDOIBCyABQQFqIQFB7gAhAwzhAQsgAUEBaiEBQfIAIQMM4AELIAFBAWohAUHzACEDDN8BCyABQQFqIQFB9gAhAwzeAQsgAUEBaiEBQfcAIQMM3QELIAFBAWohAUH6ACEDDNwBCyABQQFqIQFBgwEhAwzbAQsgAUEBaiEBQYQBIQMM2gELIAFBAWohAUGFASEDDNkBCyABQQFqIQFBkgEhAwzYAQsgAUEBaiEBQZgBIQMM1wELIAFBAWohAUGgASEDDNYBCyABQQFqIQFBowEhAwzVAQsgAUEBaiEBQaoBIQMM1AELIAEgBEcEQCACQRA2AgggAiABNgIEQasBIQMM1AELQcABIQMM7AELQQAhAAJAIAIoAjgiA0UNACADKAI0IgNFDQAgAiADEQAAIQALIABFDV4gAEEVRw0HIAJB0QA2AhwgAiABNgIUIAJBsBc2AhAgAkEVNgIMQQAhAwzrAQsgAUEBaiABIARHDQgaQcIBIQMM6gELA0ACQCABLQAAQQprDgQIAAALAAsgBCABQQFqIgFHDQALQcMBIQMM6QELIAEgBEcEQCACQRE2AgggAiABNgIEQQEhAwzQAQtBxAEhAwzoAQsgASAERgRAQcUBIQMM6AELAkACQCABLQAAQQprDgQBKCgAKAsgAUEBagwJCyABQQFqDAULIAEgBEYEQEHGASEDDOcBCwJAAkAgAS0AAEEKaw4XAQsLAQsLCwsLCwsLCwsLCwsLCwsLCwALCyABQQFqIQELQbABIQMMzQELIAEgBEYEQEHIASEDDOYBCyABLQAAQSBHDQkgAkEAOwEyIAFBAWohAUGzASEDDMwBCwNAIAEhAAJAIAEgBEcEQCABLQAAQTBrQf8BcSIDQQpJDQEMJwtBxwEhAwzmAQsCQCACLwEyIgFBmTNLDQAgAiABQQpsIgU7ATIgBUH+/wNxIANB//8Dc0sNACAAQQFqIQEgAiADIAVqIgM7ATIgA0H//wNxQegHSQ0BCwtBACEDIAJBADYCHCACQcEJNgIQIAJBDTYCDCACIABBAWo2AhQM5AELIAJBADYCHCACIAE2AhQgAkHwDDYCECACQRs2AgxBACEDDOMBCyACKAIEIQAgAkEANgIEIAIgACABECYiAA0BIAFBAWoLIQFBrQEhAwzIAQsgAkHBATYCHCACIAA2AgwgAiABQQFqNgIUQQAhAwzgAQsgAigCBCEAIAJBADYCBCACIAAgARAmIgANASABQQFqCyEBQa4BIQMMxQELIAJBwgE2AhwgAiAANgIMIAIgAUEBajYCFEEAIQMM3QELIAJBADYCHCACIAE2AhQgAkGXCzYCECACQQ02AgxBACEDDNwBCyACQQA2AhwgAiABNgIUIAJB4xA2AhAgAkEJNgIMQQAhAwzbAQsgAkECOgAoDKwBC0EAIQMgAkEANgIcIAJBrws2AhAgAkECNgIMIAIgAUEBajYCFAzZAQtBAiEDDL8BC0ENIQMMvgELQSYhAwy9AQtBFSEDDLwBC0EWIQMMuwELQRghAwy6AQtBHCEDDLkBC0EdIQMMuAELQSAhAwy3AQtBISEDDLYBC0EjIQMMtQELQcYAIQMMtAELQS4hAwyzAQtBPSEDDLIBC0HLACEDDLEBC0HOACEDDLABC0HYACEDDK8BC0HZACEDDK4BC0HbACEDDK0BC0HxACEDDKwBC0H0ACEDDKsBC0GNASEDDKoBC0GXASEDDKkBC0GpASEDDKgBC0GvASEDDKcBC0GxASEDDKYBCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB8Rs2AhAgAkEGNgIMDL0BCyACQQA2AgAgBkEBaiEBQSQLOgApIAIoAgQhACACQQA2AgQgAiAAIAEQJyIARQRAQeUAIQMMowELIAJB+QA2AhwgAiABNgIUIAIgADYCDEEAIQMMuwELIABBFUcEQCACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwy7AQsgAkH4ADYCHCACIAE2AhQgAkHKGDYCECACQRU2AgxBACEDDLoBCyACQQA2AhwgAiABNgIUIAJBjhs2AhAgAkEGNgIMQQAhAwy5AQsgAkEANgIcIAIgATYCFCACQf4RNgIQIAJBBzYCDEEAIQMMuAELIAJBADYCHCACIAE2AhQgAkGMHDYCECACQQc2AgxBACEDDLcBCyACQQA2AhwgAiABNgIUIAJBww82AhAgAkEHNgIMQQAhAwy2AQsgAkEANgIcIAIgATYCFCACQcMPNgIQIAJBBzYCDEEAIQMMtQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0RIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMtAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0gIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMswELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0iIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMsgELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0OIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMsQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0dIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMsAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0fIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMrwELIABBP0cNASABQQFqCyEBQQUhAwyUAQtBACEDIAJBADYCHCACIAE2AhQgAkH9EjYCECACQQc2AgwMrAELIAJBADYCHCACIAE2AhQgAkHcCDYCECACQQc2AgxBACEDDKsBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNByACQeUANgIcIAIgATYCFCACIAA2AgxBACEDDKoBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNFiACQdMANgIcIAIgATYCFCACIAA2AgxBACEDDKkBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNGCACQdIANgIcIAIgATYCFCACIAA2AgxBACEDDKgBCyACQQA2AhwgAiABNgIUIAJBxgo2AhAgAkEHNgIMQQAhAwynAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQMgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwymAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRIgAkHTADYCHCACIAE2AhQgAiAANgIMQQAhAwylAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRQgAkHSADYCHCACIAE2AhQgAiAANgIMQQAhAwykAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQAgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwyjAQtB1QAhAwyJAQsgAEEVRwRAIAJBADYCHCACIAE2AhQgAkG5DTYCECACQRo2AgxBACEDDKIBCyACQeQANgIcIAIgATYCFCACQeMXNgIQIAJBFTYCDEEAIQMMoQELIAJBADYCACAGQQFqIQEgAi0AKSIAQSNrQQtJDQQCQCAAQQZLDQBBASAAdEHKAHFFDQAMBQtBACEDIAJBADYCHCACIAE2AhQgAkH3CTYCECACQQg2AgwMoAELIAJBADYCACAGQQFqIQEgAi0AKUEhRg0DIAJBADYCHCACIAE2AhQgAkGbCjYCECACQQg2AgxBACEDDJ8BCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJBkDM2AhAgAkEINgIMDJ0BCyACQQA2AgAgBkEBaiEBIAItAClBI0kNACACQQA2AhwgAiABNgIUIAJB0wk2AhAgAkEINgIMQQAhAwycAQtB0QAhAwyCAQsgAS0AAEEwayIAQf8BcUEKSQRAIAIgADoAKiABQQFqIQFBzwAhAwyCAQsgAigCBCEAIAJBADYCBCACIAAgARAoIgBFDYYBIAJB3gA2AhwgAiABNgIUIAIgADYCDEEAIQMMmgELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ2GASACQdwANgIcIAIgATYCFCACIAA2AgxBACEDDJkBCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMhwELIAJB2gA2AhwgAiAFNgIUIAIgADYCDAyYAQtBACEBQQEhAwsgAiADOgArIAVBAWohAwJAAkACQCACLQAtQRBxDQACQAJAAkAgAi0AKg4DAQACBAsgBkUNAwwCCyAADQEMAgsgAUUNAQsgAigCBCEAIAJBADYCBCACIAAgAxAoIgBFBEAgAyEBDAILIAJB2AA2AhwgAiADNgIUIAIgADYCDEEAIQMMmAELIAIoAgQhACACQQA2AgQgAiAAIAMQKCIARQRAIAMhAQyHAQsgAkHZADYCHCACIAM2AhQgAiAANgIMQQAhAwyXAQtBzAAhAwx9CyAAQRVHBEAgAkEANgIcIAIgATYCFCACQZQNNgIQIAJBITYCDEEAIQMMlgELIAJB1wA2AhwgAiABNgIUIAJByRc2AhAgAkEVNgIMQQAhAwyVAQtBACEDIAJBADYCHCACIAE2AhQgAkGAETYCECACQQk2AgwMlAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0AIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMkwELQckAIQMMeQsgAkEANgIcIAIgATYCFCACQcEoNgIQIAJBBzYCDCACQQA2AgBBACEDDJEBCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAlIgBFDQAgAkHSADYCHCACIAE2AhQgAiAANgIMDJABC0HIACEDDHYLIAJBADYCACAFIQELIAJBgBI7ASogAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANAQtBxwAhAwxzCyAAQRVGBEAgAkHRADYCHCACIAE2AhQgAkHjFzYCECACQRU2AgxBACEDDIwBC0EAIQMgAkEANgIcIAIgATYCFCACQbkNNgIQIAJBGjYCDAyLAQtBACEDIAJBADYCHCACIAE2AhQgAkGgGTYCECACQR42AgwMigELIAEtAABBOkYEQCACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgBFDQEgAkHDADYCHCACIAA2AgwgAiABQQFqNgIUDIoBC0EAIQMgAkEANgIcIAIgATYCFCACQbERNgIQIAJBCjYCDAyJAQsgAUEBaiEBQTshAwxvCyACQcMANgIcIAIgADYCDCACIAFBAWo2AhQMhwELQQAhAyACQQA2AhwgAiABNgIUIAJB8A42AhAgAkEcNgIMDIYBCyACIAIvATBBEHI7ATAMZgsCQCACLwEwIgBBCHFFDQAgAi0AKEEBRw0AIAItAC1BCHFFDQMLIAIgAEH3+wNxQYAEcjsBMAwECyABIARHBEACQANAIAEtAABBMGsiAEH/AXFBCk8EQEE1IQMMbgsgAikDICIKQpmz5syZs+bMGVYNASACIApCCn4iCjcDICAKIACtQv8BgyILQn+FVg0BIAIgCiALfDcDICAEIAFBAWoiAUcNAAtBOSEDDIUBCyACKAIEIQBBACEDIAJBADYCBCACIAAgAUEBaiIBECoiAA0MDHcLQTkhAwyDAQsgAi0AMEEgcQ0GQcUBIQMMaQtBACEDIAJBADYCBCACIAEgARAqIgBFDQQgAkE6NgIcIAIgADYCDCACIAFBAWo2AhQMgQELIAItAChBAUcNACACLQAtQQhxRQ0BC0E3IQMMZgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIABEAgAkE7NgIcIAIgADYCDCACIAFBAWo2AhQMfwsgAUEBaiEBDG4LIAJBCDoALAwECyABQQFqIQEMbQtBACEDIAJBADYCHCACIAE2AhQgAkHkEjYCECACQQQ2AgwMewsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ1sIAJBNzYCHCACIAE2AhQgAiAANgIMDHoLIAIgAi8BMEEgcjsBMAtBMCEDDF8LIAJBNjYCHCACIAE2AhQgAiAANgIMDHcLIABBLEcNASABQQFqIQBBASEBAkACQAJAAkACQCACLQAsQQVrDgQDAQIEAAsgACEBDAQLQQIhAQwBC0EEIQELIAJBAToALCACIAIvATAgAXI7ATAgACEBDAELIAIgAi8BMEEIcjsBMCAAIQELQTkhAwxcCyACQQA6ACwLQTQhAwxaCyABIARGBEBBLSEDDHMLAkACQANAAkAgAS0AAEEKaw4EAgAAAwALIAQgAUEBaiIBRw0AC0EtIQMMdAsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ0CIAJBLDYCHCACIAE2AhQgAiAANgIMDHMLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAS0AAEENRgRAIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAi0ALUEBcQRAQcQBIQMMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIADQEMZQtBLyEDDFcLIAJBLjYCHCACIAE2AhQgAiAANgIMDG8LQQAhAyACQQA2AhwgAiABNgIUIAJB8BQ2AhAgAkEDNgIMDG4LQQEhAwJAAkACQAJAIAItACxBBWsOBAMBAgAECyACIAIvATBBCHI7ATAMAwtBAiEDDAELQQQhAwsgAkEBOgAsIAIgAi8BMCADcjsBMAtBKiEDDFMLQQAhAyACQQA2AhwgAiABNgIUIAJB4Q82AhAgAkEKNgIMDGsLQQEhAwJAAkACQAJAAkACQCACLQAsQQJrDgcFBAQDAQIABAsgAiACLwEwQQhyOwEwDAMLQQIhAwwBC0EEIQMLIAJBAToALCACIAIvATAgA3I7ATALQSshAwxSC0EAIQMgAkEANgIcIAIgATYCFCACQasSNgIQIAJBCzYCDAxqC0EAIQMgAkEANgIcIAIgATYCFCACQf0NNgIQIAJBHTYCDAxpCyABIARHBEADQCABLQAAQSBHDUggBCABQQFqIgFHDQALQSUhAwxpC0ElIQMMaAsgAi0ALUEBcQRAQcMBIQMMTwsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKSIABEAgAkEmNgIcIAIgADYCDCACIAFBAWo2AhQMaAsgAUEBaiEBDFwLIAFBAWohASACLwEwIgBBgAFxBEBBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAEUNBiAAQRVHDR8gAkEFNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMZwsCQCAAQaAEcUGgBEcNACACLQAtQQJxDQBBACEDIAJBADYCHCACIAE2AhQgAkGWEzYCECACQQQ2AgwMZwsgAgJ/IAIvATBBFHFBFEYEQEEBIAItAChBAUYNARogAi8BMkHlAEYMAQsgAi0AKUEFRgs6AC5BACEAAkAgAigCOCIDRQ0AIAMoAiQiA0UNACACIAMRAAAhAAsCQAJAAkACQAJAIAAOFgIBAAQEBAQEBAQEBAQEBAQEBAQEBAMECyACQQE6AC4LIAIgAi8BMEHAAHI7ATALQSchAwxPCyACQSM2AhwgAiABNgIUIAJBpRY2AhAgAkEVNgIMQQAhAwxnC0EAIQMgAkEANgIcIAIgATYCFCACQdULNgIQIAJBETYCDAxmC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAADQELQQ4hAwxLCyAAQRVGBEAgAkECNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMZAtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMYwtBACEDIAJBADYCHCACIAE2AhQgAkGqHDYCECACQQ82AgwMYgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEgCqdqIgEQKyIARQ0AIAJBBTYCHCACIAE2AhQgAiAANgIMDGELQQ8hAwxHC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxfC0IBIQoLIAFBAWohAQJAIAIpAyAiC0L//////////w9YBEAgAiALQgSGIAqENwMgDAELQQAhAyACQQA2AhwgAiABNgIUIAJBrQk2AhAgAkEMNgIMDF4LQSQhAwxEC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxcCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAsIgBFBEAgAUEBaiEBDFILIAJBFzYCHCACIAA2AgwgAiABQQFqNgIUDFsLIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQRY2AhwgAiAANgIMIAIgAUEBajYCFAxbC0EfIQMMQQtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQLSIARQRAIAFBAWohAQxQCyACQRQ2AhwgAiAANgIMIAIgAUEBajYCFAxYCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABEC0iAEUEQCABQQFqIQEMAQsgAkETNgIcIAIgADYCDCACIAFBAWo2AhQMWAtBHiEDDD4LQQAhAyACQQA2AhwgAiABNgIUIAJBxgw2AhAgAkEjNgIMDFYLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABEC0iAEUEQCABQQFqIQEMTgsgAkERNgIcIAIgADYCDCACIAFBAWo2AhQMVQsgAkEQNgIcIAIgATYCFCACIAA2AgwMVAtBACEDIAJBADYCHCACIAE2AhQgAkHGDDYCECACQSM2AgwMUwtBACEDIAJBADYCHCACIAE2AhQgAkHAFTYCECACQQI2AgwMUgsgAigCBCEAQQAhAyACQQA2AgQCQCACIAAgARAtIgBFBEAgAUEBaiEBDAELIAJBDjYCHCACIAA2AgwgAiABQQFqNgIUDFILQRshAww4C0EAIQMgAkEANgIcIAIgATYCFCACQcYMNgIQIAJBIzYCDAxQCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABECwiAEUEQCABQQFqIQEMAQsgAkENNgIcIAIgADYCDCACIAFBAWo2AhQMUAtBGiEDDDYLQQAhAyACQQA2AhwgAiABNgIUIAJBmg82AhAgAkEiNgIMDE4LIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQQw2AhwgAiAANgIMIAIgAUEBajYCFAxOC0EZIQMMNAtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMTAsgAEEVRwRAQQAhAyACQQA2AhwgAiABNgIUIAJBgww2AhAgAkETNgIMDEwLIAJBCjYCHCACIAE2AhQgAkHkFjYCECACQRU2AgxBACEDDEsLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABIAqnaiIBECsiAARAIAJBBzYCHCACIAE2AhQgAiAANgIMDEsLQRMhAwwxCyAAQRVHBEBBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMSgsgAkEeNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMSQtBACEAAkAgAigCOCIDRQ0AIAMoAiwiA0UNACACIAMRAAAhAAsgAEUNQSAAQRVGBEAgAkEDNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMSQtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMSAtBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMRwtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMRgsgAkEAOgAvIAItAC1BBHFFDT8LIAJBADoALyACQQE6ADRBACEDDCsLQQAhAyACQQA2AhwgAkHkETYCECACQQc2AgwgAiABQQFqNgIUDEMLAkADQAJAIAEtAABBCmsOBAACAgACCyAEIAFBAWoiAUcNAAtB3QEhAwxDCwJAAkAgAi0ANEEBRw0AQQAhAAJAIAIoAjgiA0UNACADKAJYIgNFDQAgAiADEQAAIQALIABFDQAgAEEVRw0BIAJB3AE2AhwgAiABNgIUIAJB1RY2AhAgAkEVNgIMQQAhAwxEC0HBASEDDCoLIAJBADYCHCACIAE2AhQgAkHpCzYCECACQR82AgxBACEDDEILAkACQCACLQAoQQFrDgIEAQALQcABIQMMKQtBuQEhAwwoCyACQQI6AC9BACEAAkAgAigCOCIDRQ0AIAMoAgAiA0UNACACIAMRAAAhAAsgAEUEQEHCASEDDCgLIABBFUcEQCACQQA2AhwgAiABNgIUIAJBpAw2AhAgAkEQNgIMQQAhAwxBCyACQdsBNgIcIAIgATYCFCACQfoWNgIQIAJBFTYCDEEAIQMMQAsgASAERgRAQdoBIQMMQAsgAS0AAEHIAEYNASACQQE6ACgLQawBIQMMJQtBvwEhAwwkCyABIARHBEAgAkEQNgIIIAIgATYCBEG+ASEDDCQLQdkBIQMMPAsgASAERgRAQdgBIQMMPAsgAS0AAEHIAEcNBCABQQFqIQFBvQEhAwwiCyABIARGBEBB1wEhAww7CwJAAkAgAS0AAEHFAGsOEAAFBQUFBQUFBQUFBQUFBQEFCyABQQFqIQFBuwEhAwwiCyABQQFqIQFBvAEhAwwhC0HWASEDIAEgBEYNOSACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGD0ABqLQAARw0DIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw6CyACKAIEIQAgAkIANwMAIAIgACAGQQFqIgEQJyIARQRAQcYBIQMMIQsgAkHVATYCHCACIAE2AhQgAiAANgIMQQAhAww5C0HUASEDIAEgBEYNOCACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEGB0ABqLQAARw0CIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw5CyACQYEEOwEoIAIoAgQhACACQgA3AwAgAiAAIAZBAWoiARAnIgANAwwCCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB2Bs2AhAgAkEINgIMDDYLQboBIQMMHAsgAkHTATYCHCACIAE2AhQgAiAANgIMQQAhAww0C0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAARQ0AIABBFUYNASACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwwzC0HkACEDDBkLIAJB+AA2AhwgAiABNgIUIAJByhg2AhAgAkEVNgIMQQAhAwwxC0HSASEDIAQgASIARg0wIAQgAWsgAigCACIBaiEFIAAgAWtBBGohBgJAA0AgAC0AACABQfzPAGotAABHDQEgAUEERg0DIAFBAWohASAEIABBAWoiAEcNAAsgAiAFNgIADDELIAJBADYCHCACIAA2AhQgAkGQMzYCECACQQg2AgwgAkEANgIAQQAhAwwwCyABIARHBEAgAkEONgIIIAIgATYCBEG3ASEDDBcLQdEBIQMMLwsgAkEANgIAIAZBAWohAQtBuAEhAwwUCyABIARGBEBB0AEhAwwtCyABLQAAQTBrIgBB/wFxQQpJBEAgAiAAOgAqIAFBAWohAUG2ASEDDBQLIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0UIAJBzwE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAsgASAERgRAQc4BIQMMLAsCQCABLQAAQS5GBEAgAUEBaiEBDAELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0VIAJBzQE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAtBtQEhAwwSCyAEIAEiBUYEQEHMASEDDCsLQQAhAEEBIQFBASEGQQAhAwJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAIAUtAABBMGsOCgoJAAECAwQFBggLC0ECDAYLQQMMBQtBBAwEC0EFDAMLQQYMAgtBBwwBC0EICyEDQQAhAUEAIQYMAgtBCSEDQQEhAEEAIQFBACEGDAELQQAhAUEBIQMLIAIgAzoAKyAFQQFqIQMCQAJAIAItAC1BEHENAAJAAkACQCACLQAqDgMBAAIECyAGRQ0DDAILIAANAQwCCyABRQ0BCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMAwsgAkHJATYCHCACIAM2AhQgAiAANgIMQQAhAwwtCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMGAsgAkHKATYCHCACIAM2AhQgAiAANgIMQQAhAwwsCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMFgsgAkHLATYCHCACIAU2AhQgAiAANgIMDCsLQbQBIQMMEQtBACEAAkAgAigCOCIDRQ0AIAMoAjwiA0UNACACIAMRAAAhAAsCQCAABEAgAEEVRg0BIAJBADYCHCACIAE2AhQgAkGUDTYCECACQSE2AgxBACEDDCsLQbIBIQMMEQsgAkHIATYCHCACIAE2AhQgAkHJFzYCECACQRU2AgxBACEDDCkLIAJBADYCACAGQQFqIQFB9QAhAwwPCyACLQApQQVGBEBB4wAhAwwPC0HiACEDDA4LIAAhASACQQA2AgALIAJBADoALEEJIQMMDAsgAkEANgIAIAdBAWohAUHAACEDDAsLQQELOgAsIAJBADYCACAGQQFqIQELQSkhAwwIC0E4IQMMBwsCQCABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRw0DIAFBAWohAQwFCyAEIAFBAWoiAUcNAAtBPiEDDCELQT4hAwwgCwsgAkEAOgAsDAELQQshAwwEC0E6IQMMAwsgAUEBaiEBQS0hAwwCCyACIAE6ACwgAkEANgIAIAZBAWohAUEMIQMMAQsgAkEANgIAIAZBAWohAUEKIQMMAAsAC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwXC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwWC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwVC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwUC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwTC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwSC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwRC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwQC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwPC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwOC0EAIQMgAkEANgIcIAIgATYCFCACQcASNgIQIAJBCzYCDAwNC0EAIQMgAkEANgIcIAIgATYCFCACQZUJNgIQIAJBCzYCDAwMC0EAIQMgAkEANgIcIAIgATYCFCACQeEPNgIQIAJBCjYCDAwLC0EAIQMgAkEANgIcIAIgATYCFCACQfsPNgIQIAJBCjYCDAwKC0EAIQMgAkEANgIcIAIgATYCFCACQfEZNgIQIAJBAjYCDAwJC0EAIQMgAkEANgIcIAIgATYCFCACQcQUNgIQIAJBAjYCDAwIC0EAIQMgAkEANgIcIAIgATYCFCACQfIVNgIQIAJBAjYCDAwHCyACQQI2AhwgAiABNgIUIAJBnBo2AhAgAkEWNgIMQQAhAwwGC0EBIQMMBQtB1AAhAyABIARGDQQgCEEIaiEJIAIoAgAhBQJAAkAgASAERwRAIAVB2MIAaiEHIAQgBWogAWshACAFQX9zQQpqIgUgAWohBgNAIAEtAAAgBy0AAEcEQEECIQcMAwsgBUUEQEEAIQcgBiEBDAMLIAVBAWshBSAHQQFqIQcgBCABQQFqIgFHDQALIAAhBSAEIQELIAlBATYCACACIAU2AgAMAQsgAkEANgIAIAkgBzYCAAsgCSABNgIEIAgoAgwhACAIKAIIDgMBBAIACwALIAJBADYCHCACQbUaNgIQIAJBFzYCDCACIABBAWo2AhRBACEDDAILIAJBADYCHCACIAA2AhQgAkHKGjYCECACQQk2AgxBACEDDAELIAEgBEYEQEEiIQMMAQsgAkEJNgIIIAIgATYCBEEhIQMLIAhBEGokACADRQRAIAIoAgwhAAwBCyACIAM2AhxBACEAIAIoAgQiAUUNACACIAEgBCACKAIIEQEAIgFFDQAgAiAENgIUIAIgATYCDCABIQALIAALvgIBAn8gAEEAOgAAIABB3ABqIgFBAWtBADoAACAAQQA6AAIgAEEAOgABIAFBA2tBADoAACABQQJrQQA6AAAgAEEAOgADIAFBBGtBADoAAEEAIABrQQNxIgEgAGoiAEEANgIAQdwAIAFrQXxxIgIgAGoiAUEEa0EANgIAAkAgAkEJSQ0AIABBADYCCCAAQQA2AgQgAUEIa0EANgIAIAFBDGtBADYCACACQRlJDQAgAEEANgIYIABBADYCFCAAQQA2AhAgAEEANgIMIAFBEGtBADYCACABQRRrQQA2AgAgAUEYa0EANgIAIAFBHGtBADYCACACIABBBHFBGHIiAmsiAUEgSQ0AIAAgAmohAANAIABCADcDGCAAQgA3AxAgAEIANwMIIABCADcDACAAQSBqIQAgAUEgayIBQR9LDQALCwtWAQF/AkAgACgCDA0AAkACQAJAAkAgAC0ALw4DAQADAgsgACgCOCIBRQ0AIAEoAiwiAUUNACAAIAERAAAiAQ0DC0EADwsACyAAQcMWNgIQQQ4hAQsgAQsaACAAKAIMRQRAIABB0Rs2AhAgAEEVNgIMCwsUACAAKAIMQRVGBEAgAEEANgIMCwsUACAAKAIMQRZGBEAgAEEANgIMCwsHACAAKAIMCwcAIAAoAhALCQAgACABNgIQCwcAIAAoAhQLFwAgAEEkTwRAAAsgAEECdEGgM2ooAgALFwAgAEEuTwRAAAsgAEECdEGwNGooAgALvwkBAX9B6yghAQJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIABB5ABrDvQDY2IAAWFhYWFhYQIDBAVhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhBgcICQoLDA0OD2FhYWFhEGFhYWFhYWFhYWFhEWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYRITFBUWFxgZGhthYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2YTc4OTphYWFhYWFhYTthYWE8YWFhYT0+P2FhYWFhYWFhQGFhQWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYUJDREVGR0hJSktMTU5PUFFSU2FhYWFhYWFhVFVWV1hZWlthXF1hYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFeYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhX2BhC0HhJw8LQaQhDwtByywPC0H+MQ8LQcAkDwtBqyQPC0GNKA8LQeImDwtBgDAPC0G5Lw8LQdckDwtB7x8PC0HhHw8LQfofDwtB8iAPC0GoLw8LQa4yDwtBiDAPC0HsJw8LQYIiDwtBjh0PC0HQLg8LQcojDwtBxTIPC0HfHA8LQdIcDwtBxCAPC0HXIA8LQaIfDwtB7S4PC0GrMA8LQdQlDwtBzC4PC0H6Lg8LQfwrDwtB0jAPC0HxHQ8LQbsgDwtB9ysPC0GQMQ8LQdcxDwtBoi0PC0HUJw8LQeArDwtBnywPC0HrMQ8LQdUfDwtByjEPC0HeJQ8LQdQeDwtB9BwPC0GnMg8LQbEdDwtBoB0PC0G5MQ8LQbwwDwtBkiEPC0GzJg8LQeksDwtBrB4PC0HUKw8LQfcmDwtBgCYPC0GwIQ8LQf4eDwtBjSMPC0GJLQ8LQfciDwtBoDEPC0GuHw8LQcYlDwtB6B4PC0GTIg8LQcIvDwtBwx0PC0GLLA8LQeEdDwtBjS8PC0HqIQ8LQbQtDwtB0i8PC0HfMg8LQdIyDwtB8DAPC0GpIg8LQfkjDwtBmR4PC0G1LA8LQZswDwtBkjIPC0G2Kw8LQcIiDwtB+DIPC0GeJQ8LQdAiDwtBuh4PC0GBHg8LAAtB1iEhAQsgAQsWACAAIAAtAC1B/gFxIAFBAEdyOgAtCxkAIAAgAC0ALUH9AXEgAUEAR0EBdHI6AC0LGQAgACAALQAtQfsBcSABQQBHQQJ0cjoALQsZACAAIAAtAC1B9wFxIAFBAEdBA3RyOgAtCz4BAn8CQCAAKAI4IgNFDQAgAygCBCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBxhE2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCCCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9go2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCDCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7Ro2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCECIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlRA2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCFCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBqhs2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCGCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7RM2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCKCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9gg2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCHCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBwhk2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCICIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlBQ2AhBBGCEECyAEC1kBAn8CQCAALQAoQQFGDQAgAC8BMiIBQeQAa0HkAEkNACABQcwBRg0AIAFBsAJGDQAgAC8BMCIAQcAAcQ0AQQEhAiAAQYgEcUGABEYNACAAQShxRSECCyACC4wBAQJ/AkACQAJAIAAtACpFDQAgAC0AK0UNACAALwEwIgFBAnFFDQEMAgsgAC8BMCIBQQFxRQ0BC0EBIQIgAC0AKEEBRg0AIAAvATIiAEHkAGtB5ABJDQAgAEHMAUYNACAAQbACRg0AIAFBwABxDQBBACECIAFBiARxQYAERg0AIAFBKHFBAEchAgsgAgtXACAAQRhqQgA3AwAgAEIANwMAIABBOGpCADcDACAAQTBqQgA3AwAgAEEoakIANwMAIABBIGpCADcDACAAQRBqQgA3AwAgAEEIakIANwMAIABB3QE2AhwLBgAgABAyC5otAQt/IwBBEGsiCiQAQaTQACgCACIJRQRAQeTTACgCACIFRQRAQfDTAEJ/NwIAQejTAEKAgISAgIDAADcCAEHk0wAgCkEIakFwcUHYqtWqBXMiBTYCAEH40wBBADYCAEHI0wBBADYCAAtBzNMAQYDUBDYCAEGc0ABBgNQENgIAQbDQACAFNgIAQazQAEF/NgIAQdDTAEGArAM2AgADQCABQcjQAGogAUG80ABqIgI2AgAgAiABQbTQAGoiAzYCACABQcDQAGogAzYCACABQdDQAGogAUHE0ABqIgM2AgAgAyACNgIAIAFB2NAAaiABQczQAGoiAjYCACACIAM2AgAgAUHU0ABqIAI2AgAgAUEgaiIBQYACRw0AC0GM1ARBwasDNgIAQajQAEH00wAoAgA2AgBBmNAAQcCrAzYCAEGk0ABBiNQENgIAQcz/B0E4NgIAQYjUBCEJCwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIABB7AFNBEBBjNAAKAIAIgZBECAAQRNqQXBxIABBC0kbIgRBA3YiAHYiAUEDcQRAAkAgAUEBcSAAckEBcyICQQN0IgBBtNAAaiIBIABBvNAAaigCACIAKAIIIgNGBEBBjNAAIAZBfiACd3E2AgAMAQsgASADNgIIIAMgATYCDAsgAEEIaiEBIAAgAkEDdCICQQNyNgIEIAAgAmoiACAAKAIEQQFyNgIEDBELQZTQACgCACIIIARPDQEgAQRAAkBBAiAAdCICQQAgAmtyIAEgAHRxaCIAQQN0IgJBtNAAaiIBIAJBvNAAaigCACICKAIIIgNGBEBBjNAAIAZBfiAAd3EiBjYCAAwBCyABIAM2AgggAyABNgIMCyACIARBA3I2AgQgAEEDdCIAIARrIQUgACACaiAFNgIAIAIgBGoiBCAFQQFyNgIEIAgEQCAIQXhxQbTQAGohAEGg0AAoAgAhAwJ/QQEgCEEDdnQiASAGcUUEQEGM0AAgASAGcjYCACAADAELIAAoAggLIgEgAzYCDCAAIAM2AgggAyAANgIMIAMgATYCCAsgAkEIaiEBQaDQACAENgIAQZTQACAFNgIADBELQZDQACgCACILRQ0BIAtoQQJ0QbzSAGooAgAiACgCBEF4cSAEayEFIAAhAgNAAkAgAigCECIBRQRAIAJBFGooAgAiAUUNAQsgASgCBEF4cSAEayIDIAVJIQIgAyAFIAIbIQUgASAAIAIbIQAgASECDAELCyAAKAIYIQkgACgCDCIDIABHBEBBnNAAKAIAGiADIAAoAggiATYCCCABIAM2AgwMEAsgAEEUaiICKAIAIgFFBEAgACgCECIBRQ0DIABBEGohAgsDQCACIQcgASIDQRRqIgIoAgAiAQ0AIANBEGohAiADKAIQIgENAAsgB0EANgIADA8LQX8hBCAAQb9/Sw0AIABBE2oiAUFwcSEEQZDQACgCACIIRQ0AQQAgBGshBQJAAkACQAJ/QQAgBEGAAkkNABpBHyAEQf///wdLDQAaIARBJiABQQh2ZyIAa3ZBAXEgAEEBdGtBPmoLIgZBAnRBvNIAaigCACICRQRAQQAhAUEAIQMMAQtBACEBIARBGSAGQQF2a0EAIAZBH0cbdCEAQQAhAwNAAkAgAigCBEF4cSAEayIHIAVPDQAgAiEDIAciBQ0AQQAhBSACIQEMAwsgASACQRRqKAIAIgcgByACIABBHXZBBHFqQRBqKAIAIgJGGyABIAcbIQEgAEEBdCEAIAINAAsLIAEgA3JFBEBBACEDQQIgBnQiAEEAIABrciAIcSIARQ0DIABoQQJ0QbzSAGooAgAhAQsgAUUNAQsDQCABKAIEQXhxIARrIgIgBUkhACACIAUgABshBSABIAMgABshAyABKAIQIgAEfyAABSABQRRqKAIACyIBDQALCyADRQ0AIAVBlNAAKAIAIARrTw0AIAMoAhghByADIAMoAgwiAEcEQEGc0AAoAgAaIAAgAygCCCIBNgIIIAEgADYCDAwOCyADQRRqIgIoAgAiAUUEQCADKAIQIgFFDQMgA0EQaiECCwNAIAIhBiABIgBBFGoiAigCACIBDQAgAEEQaiECIAAoAhAiAQ0ACyAGQQA2AgAMDQtBlNAAKAIAIgMgBE8EQEGg0AAoAgAhAQJAIAMgBGsiAkEQTwRAIAEgBGoiACACQQFyNgIEIAEgA2ogAjYCACABIARBA3I2AgQMAQsgASADQQNyNgIEIAEgA2oiACAAKAIEQQFyNgIEQQAhAEEAIQILQZTQACACNgIAQaDQACAANgIAIAFBCGohAQwPC0GY0AAoAgAiAyAESwRAIAQgCWoiACADIARrIgFBAXI2AgRBpNAAIAA2AgBBmNAAIAE2AgAgCSAEQQNyNgIEIAlBCGohAQwPC0EAIQEgBAJ/QeTTACgCAARAQezTACgCAAwBC0Hw0wBCfzcCAEHo0wBCgICEgICAwAA3AgBB5NMAIApBDGpBcHFB2KrVqgVzNgIAQfjTAEEANgIAQcjTAEEANgIAQYCABAsiACAEQccAaiIFaiIGQQAgAGsiB3EiAk8EQEH80wBBMDYCAAwPCwJAQcTTACgCACIBRQ0AQbzTACgCACIIIAJqIQAgACABTSAAIAhLcQ0AQQAhAUH80wBBMDYCAAwPC0HI0wAtAABBBHENBAJAAkAgCQRAQczTACEBA0AgASgCACIAIAlNBEAgACABKAIEaiAJSw0DCyABKAIIIgENAAsLQQAQMyIAQX9GDQUgAiEGQejTACgCACIBQQFrIgMgAHEEQCACIABrIAAgA2pBACABa3FqIQYLIAQgBk8NBSAGQf7///8HSw0FQcTTACgCACIDBEBBvNMAKAIAIgcgBmohASABIAdNDQYgASADSw0GCyAGEDMiASAARw0BDAcLIAYgA2sgB3EiBkH+////B0sNBCAGEDMhACAAIAEoAgAgASgCBGpGDQMgACEBCwJAIAYgBEHIAGpPDQAgAUF/Rg0AQezTACgCACIAIAUgBmtqQQAgAGtxIgBB/v///wdLBEAgASEADAcLIAAQM0F/RwRAIAAgBmohBiABIQAMBwtBACAGaxAzGgwECyABIgBBf0cNBQwDC0EAIQMMDAtBACEADAoLIABBf0cNAgtByNMAQcjTACgCAEEEcjYCAAsgAkH+////B0sNASACEDMhAEEAEDMhASAAQX9GDQEgAUF/Rg0BIAAgAU8NASABIABrIgYgBEE4ak0NAQtBvNMAQbzTACgCACAGaiIBNgIAQcDTACgCACABSQRAQcDTACABNgIACwJAAkACQEGk0AAoAgAiAgRAQczTACEBA0AgACABKAIAIgMgASgCBCIFakYNAiABKAIIIgENAAsMAgtBnNAAKAIAIgFBAEcgACABT3FFBEBBnNAAIAA2AgALQQAhAUHQ0wAgBjYCAEHM0wAgADYCAEGs0ABBfzYCAEGw0ABB5NMAKAIANgIAQdjTAEEANgIAA0AgAUHI0ABqIAFBvNAAaiICNgIAIAIgAUG00ABqIgM2AgAgAUHA0ABqIAM2AgAgAUHQ0ABqIAFBxNAAaiIDNgIAIAMgAjYCACABQdjQAGogAUHM0ABqIgI2AgAgAiADNgIAIAFB1NAAaiACNgIAIAFBIGoiAUGAAkcNAAtBeCAAa0EPcSIBIABqIgIgBkE4ayIDIAFrIgFBAXI2AgRBqNAAQfTTACgCADYCAEGY0AAgATYCAEGk0AAgAjYCACAAIANqQTg2AgQMAgsgACACTQ0AIAIgA0kNACABKAIMQQhxDQBBeCACa0EPcSIAIAJqIgNBmNAAKAIAIAZqIgcgAGsiAEEBcjYCBCABIAUgBmo2AgRBqNAAQfTTACgCADYCAEGY0AAgADYCAEGk0AAgAzYCACACIAdqQTg2AgQMAQsgAEGc0AAoAgBJBEBBnNAAIAA2AgALIAAgBmohA0HM0wAhAQJAAkACQANAIAMgASgCAEcEQCABKAIIIgENAQwCCwsgAS0ADEEIcUUNAQtBzNMAIQEDQCABKAIAIgMgAk0EQCADIAEoAgRqIgUgAksNAwsgASgCCCEBDAALAAsgASAANgIAIAEgASgCBCAGajYCBCAAQXggAGtBD3FqIgkgBEEDcjYCBCADQXggA2tBD3FqIgYgBCAJaiIEayEBIAIgBkYEQEGk0AAgBDYCAEGY0ABBmNAAKAIAIAFqIgA2AgAgBCAAQQFyNgIEDAgLQaDQACgCACAGRgRAQaDQACAENgIAQZTQAEGU0AAoAgAgAWoiADYCACAEIABBAXI2AgQgACAEaiAANgIADAgLIAYoAgQiBUEDcUEBRw0GIAVBeHEhCCAFQf8BTQRAIAVBA3YhAyAGKAIIIgAgBigCDCICRgRAQYzQAEGM0AAoAgBBfiADd3E2AgAMBwsgAiAANgIIIAAgAjYCDAwGCyAGKAIYIQcgBiAGKAIMIgBHBEAgACAGKAIIIgI2AgggAiAANgIMDAULIAZBFGoiAigCACIFRQRAIAYoAhAiBUUNBCAGQRBqIQILA0AgAiEDIAUiAEEUaiICKAIAIgUNACAAQRBqIQIgACgCECIFDQALIANBADYCAAwEC0F4IABrQQ9xIgEgAGoiByAGQThrIgMgAWsiAUEBcjYCBCAAIANqQTg2AgQgAiAFQTcgBWtBD3FqQT9rIgMgAyACQRBqSRsiA0EjNgIEQajQAEH00wAoAgA2AgBBmNAAIAE2AgBBpNAAIAc2AgAgA0EQakHU0wApAgA3AgAgA0HM0wApAgA3AghB1NMAIANBCGo2AgBB0NMAIAY2AgBBzNMAIAA2AgBB2NMAQQA2AgAgA0EkaiEBA0AgAUEHNgIAIAUgAUEEaiIBSw0ACyACIANGDQAgAyADKAIEQX5xNgIEIAMgAyACayIFNgIAIAIgBUEBcjYCBCAFQf8BTQRAIAVBeHFBtNAAaiEAAn9BjNAAKAIAIgFBASAFQQN2dCIDcUUEQEGM0AAgASADcjYCACAADAELIAAoAggLIgEgAjYCDCAAIAI2AgggAiAANgIMIAIgATYCCAwBC0EfIQEgBUH///8HTQRAIAVBJiAFQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAQsgAiABNgIcIAJCADcCECABQQJ0QbzSAGohAEGQ0AAoAgAiA0EBIAF0IgZxRQRAIAAgAjYCAEGQ0AAgAyAGcjYCACACIAA2AhggAiACNgIIIAIgAjYCDAwBCyAFQRkgAUEBdmtBACABQR9HG3QhASAAKAIAIQMCQANAIAMiACgCBEF4cSAFRg0BIAFBHXYhAyABQQF0IQEgACADQQRxakEQaiIGKAIAIgMNAAsgBiACNgIAIAIgADYCGCACIAI2AgwgAiACNgIIDAELIAAoAggiASACNgIMIAAgAjYCCCACQQA2AhggAiAANgIMIAIgATYCCAtBmNAAKAIAIgEgBE0NAEGk0AAoAgAiACAEaiICIAEgBGsiAUEBcjYCBEGY0AAgATYCAEGk0AAgAjYCACAAIARBA3I2AgQgAEEIaiEBDAgLQQAhAUH80wBBMDYCAAwHC0EAIQALIAdFDQACQCAGKAIcIgJBAnRBvNIAaiIDKAIAIAZGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAdBEEEUIAcoAhAgBkYbaiAANgIAIABFDQELIAAgBzYCGCAGKAIQIgIEQCAAIAI2AhAgAiAANgIYCyAGQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAIaiEBIAYgCGoiBigCBCEFCyAGIAVBfnE2AgQgASAEaiABNgIAIAQgAUEBcjYCBCABQf8BTQRAIAFBeHFBtNAAaiEAAn9BjNAAKAIAIgJBASABQQN2dCIBcUUEQEGM0AAgASACcjYCACAADAELIAAoAggLIgEgBDYCDCAAIAQ2AgggBCAANgIMIAQgATYCCAwBC0EfIQUgAUH///8HTQRAIAFBJiABQQh2ZyIAa3ZBAXEgAEEBdGtBPmohBQsgBCAFNgIcIARCADcCECAFQQJ0QbzSAGohAEGQ0AAoAgAiAkEBIAV0IgNxRQRAIAAgBDYCAEGQ0AAgAiADcjYCACAEIAA2AhggBCAENgIIIAQgBDYCDAwBCyABQRkgBUEBdmtBACAFQR9HG3QhBSAAKAIAIQACQANAIAAiAigCBEF4cSABRg0BIAVBHXYhACAFQQF0IQUgAiAAQQRxakEQaiIDKAIAIgANAAsgAyAENgIAIAQgAjYCGCAEIAQ2AgwgBCAENgIIDAELIAIoAggiACAENgIMIAIgBDYCCCAEQQA2AhggBCACNgIMIAQgADYCCAsgCUEIaiEBDAILAkAgB0UNAAJAIAMoAhwiAUECdEG80gBqIgIoAgAgA0YEQCACIAA2AgAgAA0BQZDQACAIQX4gAXdxIgg2AgAMAgsgB0EQQRQgBygCECADRhtqIAA2AgAgAEUNAQsgACAHNgIYIAMoAhAiAQRAIAAgATYCECABIAA2AhgLIANBFGooAgAiAUUNACAAQRRqIAE2AgAgASAANgIYCwJAIAVBD00EQCADIAQgBWoiAEEDcjYCBCAAIANqIgAgACgCBEEBcjYCBAwBCyADIARqIgIgBUEBcjYCBCADIARBA3I2AgQgAiAFaiAFNgIAIAVB/wFNBEAgBUF4cUG00ABqIQACf0GM0AAoAgAiAUEBIAVBA3Z0IgVxRQRAQYzQACABIAVyNgIAIAAMAQsgACgCCAsiASACNgIMIAAgAjYCCCACIAA2AgwgAiABNgIIDAELQR8hASAFQf///wdNBEAgBUEmIAVBCHZnIgBrdkEBcSAAQQF0a0E+aiEBCyACIAE2AhwgAkIANwIQIAFBAnRBvNIAaiEAQQEgAXQiBCAIcUUEQCAAIAI2AgBBkNAAIAQgCHI2AgAgAiAANgIYIAIgAjYCCCACIAI2AgwMAQsgBUEZIAFBAXZrQQAgAUEfRxt0IQEgACgCACEEAkADQCAEIgAoAgRBeHEgBUYNASABQR12IQQgAUEBdCEBIAAgBEEEcWpBEGoiBigCACIEDQALIAYgAjYCACACIAA2AhggAiACNgIMIAIgAjYCCAwBCyAAKAIIIgEgAjYCDCAAIAI2AgggAkEANgIYIAIgADYCDCACIAE2AggLIANBCGohAQwBCwJAIAlFDQACQCAAKAIcIgFBAnRBvNIAaiICKAIAIABGBEAgAiADNgIAIAMNAUGQ0AAgC0F+IAF3cTYCAAwCCyAJQRBBFCAJKAIQIABGG2ogAzYCACADRQ0BCyADIAk2AhggACgCECIBBEAgAyABNgIQIAEgAzYCGAsgAEEUaigCACIBRQ0AIANBFGogATYCACABIAM2AhgLAkAgBUEPTQRAIAAgBCAFaiIBQQNyNgIEIAAgAWoiASABKAIEQQFyNgIEDAELIAAgBGoiByAFQQFyNgIEIAAgBEEDcjYCBCAFIAdqIAU2AgAgCARAIAhBeHFBtNAAaiEBQaDQACgCACEDAn9BASAIQQN2dCICIAZxRQRAQYzQACACIAZyNgIAIAEMAQsgASgCCAsiAiADNgIMIAEgAzYCCCADIAE2AgwgAyACNgIIC0Gg0AAgBzYCAEGU0AAgBTYCAAsgAEEIaiEBCyAKQRBqJAAgAQtDACAARQRAPwBBEHQPCwJAIABB//8DcQ0AIABBAEgNACAAQRB2QAAiAEF/RgRAQfzTAEEwNgIAQX8PCyAAQRB0DwsACwvcPyIAQYAICwkBAAAAAgAAAAMAQZQICwUEAAAABQBBpAgLCQYAAAAHAAAACABB3AgLii1JbnZhbGlkIGNoYXIgaW4gdXJsIHF1ZXJ5AFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fYm9keQBDb250ZW50LUxlbmd0aCBvdmVyZmxvdwBDaHVuayBzaXplIG92ZXJmbG93AFJlc3BvbnNlIG92ZXJmbG93AEludmFsaWQgbWV0aG9kIGZvciBIVFRQL3gueCByZXF1ZXN0AEludmFsaWQgbWV0aG9kIGZvciBSVFNQL3gueCByZXF1ZXN0AEV4cGVjdGVkIFNPVVJDRSBtZXRob2QgZm9yIElDRS94LnggcmVxdWVzdABJbnZhbGlkIGNoYXIgaW4gdXJsIGZyYWdtZW50IHN0YXJ0AEV4cGVjdGVkIGRvdABTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX3N0YXR1cwBJbnZhbGlkIHJlc3BvbnNlIHN0YXR1cwBJbnZhbGlkIGNoYXJhY3RlciBpbiBjaHVuayBleHRlbnNpb25zAFVzZXIgY2FsbGJhY2sgZXJyb3IAYG9uX3Jlc2V0YCBjYWxsYmFjayBlcnJvcgBgb25fY2h1bmtfaGVhZGVyYCBjYWxsYmFjayBlcnJvcgBgb25fbWVzc2FnZV9iZWdpbmAgY2FsbGJhY2sgZXJyb3IAYG9uX2NodW5rX2V4dGVuc2lvbl92YWx1ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX3N0YXR1c19jb21wbGV0ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX3ZlcnNpb25fY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl91cmxfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9jaHVua19jb21wbGV0ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX2hlYWRlcl92YWx1ZV9jb21wbGV0ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX21lc3NhZ2VfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9tZXRob2RfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9oZWFkZXJfZmllbGRfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9jaHVua19leHRlbnNpb25fbmFtZWAgY2FsbGJhY2sgZXJyb3IAVW5leHBlY3RlZCBjaGFyIGluIHVybCBzZXJ2ZXIASW52YWxpZCBoZWFkZXIgdmFsdWUgY2hhcgBJbnZhbGlkIGhlYWRlciBmaWVsZCBjaGFyAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fdmVyc2lvbgBJbnZhbGlkIG1pbm9yIHZlcnNpb24ASW52YWxpZCBtYWpvciB2ZXJzaW9uAEV4cGVjdGVkIHNwYWNlIGFmdGVyIHZlcnNpb24ARXhwZWN0ZWQgQ1JMRiBhZnRlciB2ZXJzaW9uAEludmFsaWQgSFRUUCB2ZXJzaW9uAEludmFsaWQgaGVhZGVyIHRva2VuAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fdXJsAEludmFsaWQgY2hhcmFjdGVycyBpbiB1cmwAVW5leHBlY3RlZCBzdGFydCBjaGFyIGluIHVybABEb3VibGUgQCBpbiB1cmwARW1wdHkgQ29udGVudC1MZW5ndGgASW52YWxpZCBjaGFyYWN0ZXIgaW4gQ29udGVudC1MZW5ndGgARHVwbGljYXRlIENvbnRlbnQtTGVuZ3RoAEludmFsaWQgY2hhciBpbiB1cmwgcGF0aABDb250ZW50LUxlbmd0aCBjYW4ndCBiZSBwcmVzZW50IHdpdGggVHJhbnNmZXItRW5jb2RpbmcASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgc2l6ZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2hlYWRlcl92YWx1ZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2NodW5rX2V4dGVuc2lvbl92YWx1ZQBJbnZhbGlkIGNoYXJhY3RlciBpbiBjaHVuayBleHRlbnNpb25zIHZhbHVlAE1pc3NpbmcgZXhwZWN0ZWQgTEYgYWZ0ZXIgaGVhZGVyIHZhbHVlAEludmFsaWQgYFRyYW5zZmVyLUVuY29kaW5nYCBoZWFkZXIgdmFsdWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyBxdW90ZSB2YWx1ZQBJbnZhbGlkIGNoYXJhY3RlciBpbiBjaHVuayBleHRlbnNpb25zIHF1b3RlZCB2YWx1ZQBQYXVzZWQgYnkgb25faGVhZGVyc19jb21wbGV0ZQBJbnZhbGlkIEVPRiBzdGF0ZQBvbl9yZXNldCBwYXVzZQBvbl9jaHVua19oZWFkZXIgcGF1c2UAb25fbWVzc2FnZV9iZWdpbiBwYXVzZQBvbl9jaHVua19leHRlbnNpb25fdmFsdWUgcGF1c2UAb25fc3RhdHVzX2NvbXBsZXRlIHBhdXNlAG9uX3ZlcnNpb25fY29tcGxldGUgcGF1c2UAb25fdXJsX2NvbXBsZXRlIHBhdXNlAG9uX2NodW5rX2NvbXBsZXRlIHBhdXNlAG9uX2hlYWRlcl92YWx1ZV9jb21wbGV0ZSBwYXVzZQBvbl9tZXNzYWdlX2NvbXBsZXRlIHBhdXNlAG9uX21ldGhvZF9jb21wbGV0ZSBwYXVzZQBvbl9oZWFkZXJfZmllbGRfY29tcGxldGUgcGF1c2UAb25fY2h1bmtfZXh0ZW5zaW9uX25hbWUgcGF1c2UAVW5leHBlY3RlZCBzcGFjZSBhZnRlciBzdGFydCBsaW5lAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fY2h1bmtfZXh0ZW5zaW9uX25hbWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyBuYW1lAFBhdXNlIG9uIENPTk5FQ1QvVXBncmFkZQBQYXVzZSBvbiBQUkkvVXBncmFkZQBFeHBlY3RlZCBIVFRQLzIgQ29ubmVjdGlvbiBQcmVmYWNlAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fbWV0aG9kAEV4cGVjdGVkIHNwYWNlIGFmdGVyIG1ldGhvZABTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2hlYWRlcl9maWVsZABQYXVzZWQASW52YWxpZCB3b3JkIGVuY291bnRlcmVkAEludmFsaWQgbWV0aG9kIGVuY291bnRlcmVkAFVuZXhwZWN0ZWQgY2hhciBpbiB1cmwgc2NoZW1hAFJlcXVlc3QgaGFzIGludmFsaWQgYFRyYW5zZmVyLUVuY29kaW5nYABTV0lUQ0hfUFJPWFkAVVNFX1BST1hZAE1LQUNUSVZJVFkAVU5QUk9DRVNTQUJMRV9FTlRJVFkAQ09QWQBNT1ZFRF9QRVJNQU5FTlRMWQBUT09fRUFSTFkATk9USUZZAEZBSUxFRF9ERVBFTkRFTkNZAEJBRF9HQVRFV0FZAFBMQVkAUFVUAENIRUNLT1VUAEdBVEVXQVlfVElNRU9VVABSRVFVRVNUX1RJTUVPVVQATkVUV09SS19DT05ORUNUX1RJTUVPVVQAQ09OTkVDVElPTl9USU1FT1VUAExPR0lOX1RJTUVPVVQATkVUV09SS19SRUFEX1RJTUVPVVQAUE9TVABNSVNESVJFQ1RFRF9SRVFVRVNUAENMSUVOVF9DTE9TRURfUkVRVUVTVABDTElFTlRfQ0xPU0VEX0xPQURfQkFMQU5DRURfUkVRVUVTVABCQURfUkVRVUVTVABIVFRQX1JFUVVFU1RfU0VOVF9UT19IVFRQU19QT1JUAFJFUE9SVABJTV9BX1RFQVBPVABSRVNFVF9DT05URU5UAE5PX0NPTlRFTlQAUEFSVElBTF9DT05URU5UAEhQRV9JTlZBTElEX0NPTlNUQU5UAEhQRV9DQl9SRVNFVABHRVQASFBFX1NUUklDVABDT05GTElDVABURU1QT1JBUllfUkVESVJFQ1QAUEVSTUFORU5UX1JFRElSRUNUAENPTk5FQ1QATVVMVElfU1RBVFVTAEhQRV9JTlZBTElEX1NUQVRVUwBUT09fTUFOWV9SRVFVRVNUUwBFQVJMWV9ISU5UUwBVTkFWQUlMQUJMRV9GT1JfTEVHQUxfUkVBU09OUwBPUFRJT05TAFNXSVRDSElOR19QUk9UT0NPTFMAVkFSSUFOVF9BTFNPX05FR09USUFURVMATVVMVElQTEVfQ0hPSUNFUwBJTlRFUk5BTF9TRVJWRVJfRVJST1IAV0VCX1NFUlZFUl9VTktOT1dOX0VSUk9SAFJBSUxHVU5fRVJST1IASURFTlRJVFlfUFJPVklERVJfQVVUSEVOVElDQVRJT05fRVJST1IAU1NMX0NFUlRJRklDQVRFX0VSUk9SAElOVkFMSURfWF9GT1JXQVJERURfRk9SAFNFVF9QQVJBTUVURVIAR0VUX1BBUkFNRVRFUgBIUEVfVVNFUgBTRUVfT1RIRVIASFBFX0NCX0NIVU5LX0hFQURFUgBNS0NBTEVOREFSAFNFVFVQAFdFQl9TRVJWRVJfSVNfRE9XTgBURUFSRE9XTgBIUEVfQ0xPU0VEX0NPTk5FQ1RJT04ASEVVUklTVElDX0VYUElSQVRJT04ARElTQ09OTkVDVEVEX09QRVJBVElPTgBOT05fQVVUSE9SSVRBVElWRV9JTkZPUk1BVElPTgBIUEVfSU5WQUxJRF9WRVJTSU9OAEhQRV9DQl9NRVNTQUdFX0JFR0lOAFNJVEVfSVNfRlJPWkVOAEhQRV9JTlZBTElEX0hFQURFUl9UT0tFTgBJTlZBTElEX1RPS0VOAEZPUkJJRERFTgBFTkhBTkNFX1lPVVJfQ0FMTQBIUEVfSU5WQUxJRF9VUkwAQkxPQ0tFRF9CWV9QQVJFTlRBTF9DT05UUk9MAE1LQ09MAEFDTABIUEVfSU5URVJOQUwAUkVRVUVTVF9IRUFERVJfRklFTERTX1RPT19MQVJHRV9VTk9GRklDSUFMAEhQRV9PSwBVTkxJTksAVU5MT0NLAFBSSQBSRVRSWV9XSVRIAEhQRV9JTlZBTElEX0NPTlRFTlRfTEVOR1RIAEhQRV9VTkVYUEVDVEVEX0NPTlRFTlRfTEVOR1RIAEZMVVNIAFBST1BQQVRDSABNLVNFQVJDSABVUklfVE9PX0xPTkcAUFJPQ0VTU0lORwBNSVNDRUxMQU5FT1VTX1BFUlNJU1RFTlRfV0FSTklORwBNSVNDRUxMQU5FT1VTX1dBUk5JTkcASFBFX0lOVkFMSURfVFJBTlNGRVJfRU5DT0RJTkcARXhwZWN0ZWQgQ1JMRgBIUEVfSU5WQUxJRF9DSFVOS19TSVpFAE1PVkUAQ09OVElOVUUASFBFX0NCX1NUQVRVU19DT01QTEVURQBIUEVfQ0JfSEVBREVSU19DT01QTEVURQBIUEVfQ0JfVkVSU0lPTl9DT01QTEVURQBIUEVfQ0JfVVJMX0NPTVBMRVRFAEhQRV9DQl9DSFVOS19DT01QTEVURQBIUEVfQ0JfSEVBREVSX1ZBTFVFX0NPTVBMRVRFAEhQRV9DQl9DSFVOS19FWFRFTlNJT05fVkFMVUVfQ09NUExFVEUASFBFX0NCX0NIVU5LX0VYVEVOU0lPTl9OQU1FX0NPTVBMRVRFAEhQRV9DQl9NRVNTQUdFX0NPTVBMRVRFAEhQRV9DQl9NRVRIT0RfQ09NUExFVEUASFBFX0NCX0hFQURFUl9GSUVMRF9DT01QTEVURQBERUxFVEUASFBFX0lOVkFMSURfRU9GX1NUQVRFAElOVkFMSURfU1NMX0NFUlRJRklDQVRFAFBBVVNFAE5PX1JFU1BPTlNFAFVOU1VQUE9SVEVEX01FRElBX1RZUEUAR09ORQBOT1RfQUNDRVBUQUJMRQBTRVJWSUNFX1VOQVZBSUxBQkxFAFJBTkdFX05PVF9TQVRJU0ZJQUJMRQBPUklHSU5fSVNfVU5SRUFDSEFCTEUAUkVTUE9OU0VfSVNfU1RBTEUAUFVSR0UATUVSR0UAUkVRVUVTVF9IRUFERVJfRklFTERTX1RPT19MQVJHRQBSRVFVRVNUX0hFQURFUl9UT09fTEFSR0UAUEFZTE9BRF9UT09fTEFSR0UASU5TVUZGSUNJRU5UX1NUT1JBR0UASFBFX1BBVVNFRF9VUEdSQURFAEhQRV9QQVVTRURfSDJfVVBHUkFERQBTT1VSQ0UAQU5OT1VOQ0UAVFJBQ0UASFBFX1VORVhQRUNURURfU1BBQ0UAREVTQ1JJQkUAVU5TVUJTQ1JJQkUAUkVDT1JEAEhQRV9JTlZBTElEX01FVEhPRABOT1RfRk9VTkQAUFJPUEZJTkQAVU5CSU5EAFJFQklORABVTkFVVEhPUklaRUQATUVUSE9EX05PVF9BTExPV0VEAEhUVFBfVkVSU0lPTl9OT1RfU1VQUE9SVEVEAEFMUkVBRFlfUkVQT1JURUQAQUNDRVBURUQATk9UX0lNUExFTUVOVEVEAExPT1BfREVURUNURUQASFBFX0NSX0VYUEVDVEVEAEhQRV9MRl9FWFBFQ1RFRABDUkVBVEVEAElNX1VTRUQASFBFX1BBVVNFRABUSU1FT1VUX09DQ1VSRUQAUEFZTUVOVF9SRVFVSVJFRABQUkVDT05ESVRJT05fUkVRVUlSRUQAUFJPWFlfQVVUSEVOVElDQVRJT05fUkVRVUlSRUQATkVUV09SS19BVVRIRU5USUNBVElPTl9SRVFVSVJFRABMRU5HVEhfUkVRVUlSRUQAU1NMX0NFUlRJRklDQVRFX1JFUVVJUkVEAFVQR1JBREVfUkVRVUlSRUQAUEFHRV9FWFBJUkVEAFBSRUNPTkRJVElPTl9GQUlMRUQARVhQRUNUQVRJT05fRkFJTEVEAFJFVkFMSURBVElPTl9GQUlMRUQAU1NMX0hBTkRTSEFLRV9GQUlMRUQATE9DS0VEAFRSQU5TRk9STUFUSU9OX0FQUExJRUQATk9UX01PRElGSUVEAE5PVF9FWFRFTkRFRABCQU5EV0lEVEhfTElNSVRfRVhDRUVERUQAU0lURV9JU19PVkVSTE9BREVEAEhFQUQARXhwZWN0ZWQgSFRUUC8AAF4TAAAmEwAAMBAAAPAXAACdEwAAFRIAADkXAADwEgAAChAAAHUSAACtEgAAghMAAE8UAAB/EAAAoBUAACMUAACJEgAAixQAAE0VAADUEQAAzxQAABAYAADJFgAA3BYAAMERAADgFwAAuxQAAHQUAAB8FQAA5RQAAAgXAAAfEAAAZRUAAKMUAAAoFQAAAhUAAJkVAAAsEAAAixkAAE8PAADUDgAAahAAAM4QAAACFwAAiQ4AAG4TAAAcEwAAZhQAAFYXAADBEwAAzRMAAGwTAABoFwAAZhcAAF8XAAAiEwAAzg8AAGkOAADYDgAAYxYAAMsTAACqDgAAKBcAACYXAADFEwAAXRYAAOgRAABnEwAAZRMAAPIWAABzEwAAHRcAAPkWAADzEQAAzw4AAM4VAAAMEgAAsxEAAKURAABhEAAAMhcAALsTAEH5NQsBAQBBkDYL4AEBAQIBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB/TcLAQEAQZE4C14CAwICAgICAAACAgACAgACAgICAgICAgICAAQAAAAAAAICAgICAgICAgICAgICAgICAgICAgICAgICAAAAAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAAgACAEH9OQsBAQBBkToLXgIAAgICAgIAAAICAAICAAICAgICAgICAgIAAwAEAAAAAgICAgICAgICAgICAgICAgICAgICAgICAgIAAAACAgICAgICAgICAgICAgICAgICAgICAgICAgICAgACAAIAQfA7Cw1sb3NlZWVwLWFsaXZlAEGJPAsBAQBBoDwL4AEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBBiT4LAQEAQaA+C+cBAQEBAQEBAQEBAQEBAgEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQFjaHVua2VkAEGwwAALXwEBAAEBAQEBAAABAQABAQABAQEBAQEBAQEBAAAAAAAAAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQABAEGQwgALIWVjdGlvbmVudC1sZW5ndGhvbnJveHktY29ubmVjdGlvbgBBwMIACy1yYW5zZmVyLWVuY29kaW5ncGdyYWRlDQoNCg0KU00NCg0KVFRQL0NFL1RTUC8AQfnCAAsFAQIAAQMAQZDDAAvgAQQBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAEH5xAALBQECAAEDAEGQxQAL4AEEAQEFAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB+cYACwQBAAABAEGRxwAL3wEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAEH6yAALBAEAAAIAQZDJAAtfAwQAAAQEBAQEBAQEBAQEBQQEBAQEBAQEBAQEBAAEAAYHBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQABAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAQAQfrKAAsEAQAAAQBBkMsACwEBAEGqywALQQIAAAAAAAADAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwAAAAAAAAMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAEH6zAALBAEAAAEAQZDNAAsBAQBBms0ACwYCAAAAAAIAQbHNAAs6AwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAAAAAAAADAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwBB8M4AC5YBTk9VTkNFRUNLT1VUTkVDVEVURUNSSUJFTFVTSEVURUFEU0VBUkNIUkdFQ1RJVklUWUxFTkRBUlZFT1RJRllQVElPTlNDSFNFQVlTVEFUQ0hHRU9SRElSRUNUT1JUUkNIUEFSQU1FVEVSVVJDRUJTQ1JJQkVBUkRPV05BQ0VJTkROS0NLVUJTQ1JJQkVIVFRQL0FEVFAv', 'base64') + + +/***/ }), + +/***/ 3434: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Buffer } = __nccwpck_require__(4573) + +module.exports = Buffer.from('AGFzbQEAAAABJwdgAX8Bf2ADf39/AX9gAX8AYAJ/fwBgBH9/f38Bf2AAAGADf39/AALLAQgDZW52GHdhc21fb25faGVhZGVyc19jb21wbGV0ZQAEA2VudhV3YXNtX29uX21lc3NhZ2VfYmVnaW4AAANlbnYLd2FzbV9vbl91cmwAAQNlbnYOd2FzbV9vbl9zdGF0dXMAAQNlbnYUd2FzbV9vbl9oZWFkZXJfZmllbGQAAQNlbnYUd2FzbV9vbl9oZWFkZXJfdmFsdWUAAQNlbnYMd2FzbV9vbl9ib2R5AAEDZW52GHdhc21fb25fbWVzc2FnZV9jb21wbGV0ZQAAAy0sBQYAAAIAAAAAAAACAQIAAgICAAADAAAAAAMDAwMBAQEBAQEBAQEAAAIAAAAEBQFwARISBQMBAAIGCAF/AUGA1AQLB9EFIgZtZW1vcnkCAAtfaW5pdGlhbGl6ZQAIGV9faW5kaXJlY3RfZnVuY3Rpb25fdGFibGUBAAtsbGh0dHBfaW5pdAAJGGxsaHR0cF9zaG91bGRfa2VlcF9hbGl2ZQAvDGxsaHR0cF9hbGxvYwALBm1hbGxvYwAxC2xsaHR0cF9mcmVlAAwEZnJlZQAMD2xsaHR0cF9nZXRfdHlwZQANFWxsaHR0cF9nZXRfaHR0cF9tYWpvcgAOFWxsaHR0cF9nZXRfaHR0cF9taW5vcgAPEWxsaHR0cF9nZXRfbWV0aG9kABAWbGxodHRwX2dldF9zdGF0dXNfY29kZQAREmxsaHR0cF9nZXRfdXBncmFkZQASDGxsaHR0cF9yZXNldAATDmxsaHR0cF9leGVjdXRlABQUbGxodHRwX3NldHRpbmdzX2luaXQAFQ1sbGh0dHBfZmluaXNoABYMbGxodHRwX3BhdXNlABcNbGxodHRwX3Jlc3VtZQAYG2xsaHR0cF9yZXN1bWVfYWZ0ZXJfdXBncmFkZQAZEGxsaHR0cF9nZXRfZXJybm8AGhdsbGh0dHBfZ2V0X2Vycm9yX3JlYXNvbgAbF2xsaHR0cF9zZXRfZXJyb3JfcmVhc29uABwUbGxodHRwX2dldF9lcnJvcl9wb3MAHRFsbGh0dHBfZXJybm9fbmFtZQAeEmxsaHR0cF9tZXRob2RfbmFtZQAfEmxsaHR0cF9zdGF0dXNfbmFtZQAgGmxsaHR0cF9zZXRfbGVuaWVudF9oZWFkZXJzACEhbGxodHRwX3NldF9sZW5pZW50X2NodW5rZWRfbGVuZ3RoACIdbGxodHRwX3NldF9sZW5pZW50X2tlZXBfYWxpdmUAIyRsbGh0dHBfc2V0X2xlbmllbnRfdHJhbnNmZXJfZW5jb2RpbmcAJBhsbGh0dHBfbWVzc2FnZV9uZWVkc19lb2YALgkXAQBBAQsRAQIDBAUKBgcrLSwqKSglJyYK77MCLBYAQYjQACgCAARAAAtBiNAAQQE2AgALFAAgABAwIAAgAjYCOCAAIAE6ACgLFAAgACAALwEyIAAtAC4gABAvEAALHgEBf0HAABAyIgEQMCABQYAINgI4IAEgADoAKCABC48MAQd/AkAgAEUNACAAQQhrIgEgAEEEaygCACIAQXhxIgRqIQUCQCAAQQFxDQAgAEEDcUUNASABIAEoAgAiAGsiAUGc0AAoAgBJDQEgACAEaiEEAkACQEGg0AAoAgAgAUcEQCAAQf8BTQRAIABBA3YhAyABKAIIIgAgASgCDCICRgRAQYzQAEGM0AAoAgBBfiADd3E2AgAMBQsgAiAANgIIIAAgAjYCDAwECyABKAIYIQYgASABKAIMIgBHBEAgACABKAIIIgI2AgggAiAANgIMDAMLIAFBFGoiAygCACICRQRAIAEoAhAiAkUNAiABQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFKAIEIgBBA3FBA0cNAiAFIABBfnE2AgRBlNAAIAQ2AgAgBSAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCABKAIcIgJBAnRBvNIAaiIDKAIAIAFGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgAUYbaiAANgIAIABFDQELIAAgBjYCGCABKAIQIgIEQCAAIAI2AhAgAiAANgIYCyABQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAFTw0AIAUoAgQiAEEBcUUNAAJAAkACQAJAIABBAnFFBEBBpNAAKAIAIAVGBEBBpNAAIAE2AgBBmNAAQZjQACgCACAEaiIANgIAIAEgAEEBcjYCBCABQaDQACgCAEcNBkGU0ABBADYCAEGg0ABBADYCAAwGC0Gg0AAoAgAgBUYEQEGg0AAgATYCAEGU0ABBlNAAKAIAIARqIgA2AgAgASAAQQFyNgIEIAAgAWogADYCAAwGCyAAQXhxIARqIQQgAEH/AU0EQCAAQQN2IQMgBSgCCCIAIAUoAgwiAkYEQEGM0ABBjNAAKAIAQX4gA3dxNgIADAULIAIgADYCCCAAIAI2AgwMBAsgBSgCGCEGIAUgBSgCDCIARwRAQZzQACgCABogACAFKAIIIgI2AgggAiAANgIMDAMLIAVBFGoiAygCACICRQRAIAUoAhAiAkUNAiAFQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFIABBfnE2AgQgASAEaiAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCAFKAIcIgJBAnRBvNIAaiIDKAIAIAVGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiAANgIAIABFDQELIAAgBjYCGCAFKAIQIgIEQCAAIAI2AhAgAiAANgIYCyAFQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAEaiAENgIAIAEgBEEBcjYCBCABQaDQACgCAEcNAEGU0AAgBDYCAAwBCyAEQf8BTQRAIARBeHFBtNAAaiEAAn9BjNAAKAIAIgJBASAEQQN2dCIDcUUEQEGM0AAgAiADcjYCACAADAELIAAoAggLIgIgATYCDCAAIAE2AgggASAANgIMIAEgAjYCCAwBC0EfIQIgBEH///8HTQRAIARBJiAEQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAgsgASACNgIcIAFCADcCECACQQJ0QbzSAGohAAJAQZDQACgCACIDQQEgAnQiB3FFBEAgACABNgIAQZDQACADIAdyNgIAIAEgADYCGCABIAE2AgggASABNgIMDAELIARBGSACQQF2a0EAIAJBH0cbdCECIAAoAgAhAAJAA0AgACIDKAIEQXhxIARGDQEgAkEddiEAIAJBAXQhAiADIABBBHFqQRBqIgcoAgAiAA0ACyAHIAE2AgAgASADNgIYIAEgATYCDCABIAE2AggMAQsgAygCCCIAIAE2AgwgAyABNgIIIAFBADYCGCABIAM2AgwgASAANgIIC0Gs0ABBrNAAKAIAQQFrIgBBfyAAGzYCAAsLBwAgAC0AKAsHACAALQAqCwcAIAAtACsLBwAgAC0AKQsHACAALwEyCwcAIAAtAC4LQAEEfyAAKAIYIQEgAC0ALSECIAAtACghAyAAKAI4IQQgABAwIAAgBDYCOCAAIAM6ACggACACOgAtIAAgATYCGAu74gECB38DfiABIAJqIQQCQCAAIgIoAgwiAA0AIAIoAgQEQCACIAE2AgQLIwBBEGsiCCQAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAIoAhwiA0EBaw7dAdoBAdkBAgMEBQYHCAkKCwwNDtgBDxDXARES1gETFBUWFxgZGhvgAd8BHB0e1QEfICEiIyQl1AEmJygpKiss0wHSAS0u0QHQAS8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRtsBR0hJSs8BzgFLzQFMzAFNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AAYEBggGDAYQBhQGGAYcBiAGJAYoBiwGMAY0BjgGPAZABkQGSAZMBlAGVAZYBlwGYAZkBmgGbAZwBnQGeAZ8BoAGhAaIBowGkAaUBpgGnAagBqQGqAasBrAGtAa4BrwGwAbEBsgGzAbQBtQG2AbcBywHKAbgByQG5AcgBugG7AbwBvQG+Ab8BwAHBAcIBwwHEAcUBxgEA3AELQQAMxgELQQ4MxQELQQ0MxAELQQ8MwwELQRAMwgELQRMMwQELQRQMwAELQRUMvwELQRYMvgELQRgMvQELQRkMvAELQRoMuwELQRsMugELQRwMuQELQR0MuAELQQgMtwELQR4MtgELQSAMtQELQR8MtAELQQcMswELQSEMsgELQSIMsQELQSMMsAELQSQMrwELQRIMrgELQREMrQELQSUMrAELQSYMqwELQScMqgELQSgMqQELQcMBDKgBC0EqDKcBC0ErDKYBC0EsDKUBC0EtDKQBC0EuDKMBC0EvDKIBC0HEAQyhAQtBMAygAQtBNAyfAQtBDAyeAQtBMQydAQtBMgycAQtBMwybAQtBOQyaAQtBNQyZAQtBxQEMmAELQQsMlwELQToMlgELQTYMlQELQQoMlAELQTcMkwELQTgMkgELQTwMkQELQTsMkAELQT0MjwELQQkMjgELQSkMjQELQT4MjAELQT8MiwELQcAADIoBC0HBAAyJAQtBwgAMiAELQcMADIcBC0HEAAyGAQtBxQAMhQELQcYADIQBC0EXDIMBC0HHAAyCAQtByAAMgQELQckADIABC0HKAAx/C0HLAAx+C0HNAAx9C0HMAAx8C0HOAAx7C0HPAAx6C0HQAAx5C0HRAAx4C0HSAAx3C0HTAAx2C0HUAAx1C0HWAAx0C0HVAAxzC0EGDHILQdcADHELQQUMcAtB2AAMbwtBBAxuC0HZAAxtC0HaAAxsC0HbAAxrC0HcAAxqC0EDDGkLQd0ADGgLQd4ADGcLQd8ADGYLQeEADGULQeAADGQLQeIADGMLQeMADGILQQIMYQtB5AAMYAtB5QAMXwtB5gAMXgtB5wAMXQtB6AAMXAtB6QAMWwtB6gAMWgtB6wAMWQtB7AAMWAtB7QAMVwtB7gAMVgtB7wAMVQtB8AAMVAtB8QAMUwtB8gAMUgtB8wAMUQtB9AAMUAtB9QAMTwtB9gAMTgtB9wAMTQtB+AAMTAtB+QAMSwtB+gAMSgtB+wAMSQtB/AAMSAtB/QAMRwtB/gAMRgtB/wAMRQtBgAEMRAtBgQEMQwtBggEMQgtBgwEMQQtBhAEMQAtBhQEMPwtBhgEMPgtBhwEMPQtBiAEMPAtBiQEMOwtBigEMOgtBiwEMOQtBjAEMOAtBjQEMNwtBjgEMNgtBjwEMNQtBkAEMNAtBkQEMMwtBkgEMMgtBkwEMMQtBlAEMMAtBlQEMLwtBlgEMLgtBlwEMLQtBmAEMLAtBmQEMKwtBmgEMKgtBmwEMKQtBnAEMKAtBnQEMJwtBngEMJgtBnwEMJQtBoAEMJAtBoQEMIwtBogEMIgtBowEMIQtBpAEMIAtBpQEMHwtBpgEMHgtBpwEMHQtBqAEMHAtBqQEMGwtBqgEMGgtBqwEMGQtBrAEMGAtBrQEMFwtBrgEMFgtBAQwVC0GvAQwUC0GwAQwTC0GxAQwSC0GzAQwRC0GyAQwQC0G0AQwPC0G1AQwOC0G2AQwNC0G3AQwMC0G4AQwLC0G5AQwKC0G6AQwJC0G7AQwIC0HGAQwHC0G8AQwGC0G9AQwFC0G+AQwEC0G/AQwDC0HAAQwCC0HCAQwBC0HBAQshAwNAAkACQAJAAkACQAJAAkACQAJAIAICfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAgJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAn8CQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCADDsYBAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHyAhIyUmKCorLC8wMTIzNDU2Nzk6Ozw9lANAQkRFRklLTk9QUVJTVFVWWFpbXF1eX2BhYmNkZWZnaGpsb3Bxc3V2eHl6e3x/gAGBAYIBgwGEAYUBhgGHAYgBiQGKAYsBjAGNAY4BjwGQAZEBkgGTAZQBlQGWAZcBmAGZAZoBmwGcAZ0BngGfAaABoQGiAaMBpAGlAaYBpwGoAakBqgGrAawBrQGuAa8BsAGxAbIBswG0AbUBtgG3AbgBuQG6AbsBvAG9Ab4BvwHAAcEBwgHDAcQBxQHGAccByAHJAcsBzAHNAc4BzwGKA4kDiAOHA4QDgwOAA/sC+gL5AvgC9wL0AvMC8gLLAsECsALZAQsgASAERw3wAkHdASEDDLMDCyABIARHDcgBQcMBIQMMsgMLIAEgBEcNe0H3ACEDDLEDCyABIARHDXBB7wAhAwywAwsgASAERw1pQeoAIQMMrwMLIAEgBEcNZUHoACEDDK4DCyABIARHDWJB5gAhAwytAwsgASAERw0aQRghAwysAwsgASAERw0VQRIhAwyrAwsgASAERw1CQcUAIQMMqgMLIAEgBEcNNEE/IQMMqQMLIAEgBEcNMkE8IQMMqAMLIAEgBEcNK0ExIQMMpwMLIAItAC5BAUYNnwMMwQILQQAhAAJAAkACQCACLQAqRQ0AIAItACtFDQAgAi8BMCIDQQJxRQ0BDAILIAIvATAiA0EBcUUNAQtBASEAIAItAChBAUYNACACLwEyIgVB5ABrQeQASQ0AIAVBzAFGDQAgBUGwAkYNACADQcAAcQ0AQQAhACADQYgEcUGABEYNACADQShxQQBHIQALIAJBADsBMCACQQA6AC8gAEUN3wIgAkIANwMgDOACC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAARQ3MASAAQRVHDd0CIAJBBDYCHCACIAE2AhQgAkGwGDYCECACQRU2AgxBACEDDKQDCyABIARGBEBBBiEDDKQDCyABQQFqIQFBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAA3ZAgwcCyACQgA3AyBBEiEDDIkDCyABIARHDRZBHSEDDKEDCyABIARHBEAgAUEBaiEBQRAhAwyIAwtBByEDDKADCyACIAIpAyAiCiAEIAFrrSILfSIMQgAgCiAMWhs3AyAgCiALWA3UAkEIIQMMnwMLIAEgBEcEQCACQQk2AgggAiABNgIEQRQhAwyGAwtBCSEDDJ4DCyACKQMgQgBSDccBIAIgAi8BMEGAAXI7ATAMQgsgASAERw0/QdAAIQMMnAMLIAEgBEYEQEELIQMMnAMLIAFBAWohAUEAIQACQCACKAI4IgNFDQAgAygCUCIDRQ0AIAIgAxEAACEACyAADc8CDMYBC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ3GASAAQRVHDc0CIAJBCzYCHCACIAE2AhQgAkGCGTYCECACQRU2AgxBACEDDJoDC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ0MIABBFUcNygIgAkEaNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMmQMLQQAhAAJAIAIoAjgiA0UNACADKAJMIgNFDQAgAiADEQAAIQALIABFDcQBIABBFUcNxwIgAkELNgIcIAIgATYCFCACQZEXNgIQIAJBFTYCDEEAIQMMmAMLIAEgBEYEQEEPIQMMmAMLIAEtAAAiAEE7Rg0HIABBDUcNxAIgAUEBaiEBDMMBC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3DASAAQRVHDcICIAJBDzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJYDCwNAIAEtAABB8DVqLQAAIgBBAUcEQCAAQQJHDcECIAIoAgQhAEEAIQMgAkEANgIEIAIgACABQQFqIgEQLSIADcICDMUBCyAEIAFBAWoiAUcNAAtBEiEDDJUDC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3FASAAQRVHDb0CIAJBGzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJQDCyABIARGBEBBFiEDDJQDCyACQQo2AgggAiABNgIEQQAhAAJAIAIoAjgiA0UNACADKAJIIgNFDQAgAiADEQAAIQALIABFDcIBIABBFUcNuQIgAkEVNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMkwMLIAEgBEcEQANAIAEtAABB8DdqLQAAIgBBAkcEQAJAIABBAWsOBMQCvQIAvgK9AgsgAUEBaiEBQQghAwz8AgsgBCABQQFqIgFHDQALQRUhAwyTAwtBFSEDDJIDCwNAIAEtAABB8DlqLQAAIgBBAkcEQCAAQQFrDgTFArcCwwK4ArcCCyAEIAFBAWoiAUcNAAtBGCEDDJEDCyABIARHBEAgAkELNgIIIAIgATYCBEEHIQMM+AILQRkhAwyQAwsgAUEBaiEBDAILIAEgBEYEQEEaIQMMjwMLAkAgAS0AAEENaw4UtQG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwEAvwELQQAhAyACQQA2AhwgAkGvCzYCECACQQI2AgwgAiABQQFqNgIUDI4DCyABIARGBEBBGyEDDI4DCyABLQAAIgBBO0cEQCAAQQ1HDbECIAFBAWohAQy6AQsgAUEBaiEBC0EiIQMM8wILIAEgBEYEQEEcIQMMjAMLQgAhCgJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAS0AAEEwaw43wQLAAgABAgMEBQYH0AHQAdAB0AHQAdAB0AEICQoLDA3QAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdABDg8QERIT0AELQgIhCgzAAgtCAyEKDL8CC0IEIQoMvgILQgUhCgy9AgtCBiEKDLwCC0IHIQoMuwILQgghCgy6AgtCCSEKDLkCC0IKIQoMuAILQgshCgy3AgtCDCEKDLYCC0INIQoMtQILQg4hCgy0AgtCDyEKDLMCC0IKIQoMsgILQgshCgyxAgtCDCEKDLACC0INIQoMrwILQg4hCgyuAgtCDyEKDK0CC0IAIQoCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAEtAABBMGsON8ACvwIAAQIDBAUGB74CvgK+Ar4CvgK+Ar4CCAkKCwwNvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ag4PEBESE74CC0ICIQoMvwILQgMhCgy+AgtCBCEKDL0CC0IFIQoMvAILQgYhCgy7AgtCByEKDLoCC0IIIQoMuQILQgkhCgy4AgtCCiEKDLcCC0ILIQoMtgILQgwhCgy1AgtCDSEKDLQCC0IOIQoMswILQg8hCgyyAgtCCiEKDLECC0ILIQoMsAILQgwhCgyvAgtCDSEKDK4CC0IOIQoMrQILQg8hCgysAgsgAiACKQMgIgogBCABa60iC30iDEIAIAogDFobNwMgIAogC1gNpwJBHyEDDIkDCyABIARHBEAgAkEJNgIIIAIgATYCBEElIQMM8AILQSAhAwyIAwtBASEFIAIvATAiA0EIcUUEQCACKQMgQgBSIQULAkAgAi0ALgRAQQEhACACLQApQQVGDQEgA0HAAHFFIAVxRQ0BC0EAIQAgA0HAAHENAEECIQAgA0EIcQ0AIANBgARxBEACQCACLQAoQQFHDQAgAi0ALUEKcQ0AQQUhAAwCC0EEIQAMAQsgA0EgcUUEQAJAIAItAChBAUYNACACLwEyIgBB5ABrQeQASQ0AIABBzAFGDQAgAEGwAkYNAEEEIQAgA0EocUUNAiADQYgEcUGABEYNAgtBACEADAELQQBBAyACKQMgUBshAAsgAEEBaw4FvgIAsAEBpAKhAgtBESEDDO0CCyACQQE6AC8MhAMLIAEgBEcNnQJBJCEDDIQDCyABIARHDRxBxgAhAwyDAwtBACEAAkAgAigCOCIDRQ0AIAMoAkQiA0UNACACIAMRAAAhAAsgAEUNJyAAQRVHDZgCIAJB0AA2AhwgAiABNgIUIAJBkRg2AhAgAkEVNgIMQQAhAwyCAwsgASAERgRAQSghAwyCAwtBACEDIAJBADYCBCACQQw2AgggAiABIAEQKiIARQ2UAiACQSc2AhwgAiABNgIUIAIgADYCDAyBAwsgASAERgRAQSkhAwyBAwsgAS0AACIAQSBGDRMgAEEJRw2VAiABQQFqIQEMFAsgASAERwRAIAFBAWohAQwWC0EqIQMM/wILIAEgBEYEQEErIQMM/wILIAEtAAAiAEEJRyAAQSBHcQ2QAiACLQAsQQhHDd0CIAJBADoALAzdAgsgASAERgRAQSwhAwz+AgsgAS0AAEEKRw2OAiABQQFqIQEMsAELIAEgBEcNigJBLyEDDPwCCwNAIAEtAAAiAEEgRwRAIABBCmsOBIQCiAKIAoQChgILIAQgAUEBaiIBRw0AC0ExIQMM+wILQTIhAyABIARGDfoCIAIoAgAiACAEIAFraiEHIAEgAGtBA2ohBgJAA0AgAEHwO2otAAAgAS0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDQEgAEEDRgRAQQYhAQziAgsgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAc2AgAM+wILIAJBADYCAAyGAgtBMyEDIAQgASIARg35AiAEIAFrIAIoAgAiAWohByAAIAFrQQhqIQYCQANAIAFB9DtqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBCEYEQEEFIQEM4QILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPoCCyACQQA2AgAgACEBDIUCC0E0IQMgBCABIgBGDfgCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgJAA0AgAUHQwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBBUYEQEEHIQEM4AILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPkCCyACQQA2AgAgACEBDIQCCyABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRg0JDIECCyAEIAFBAWoiAUcNAAtBMCEDDPgCC0EwIQMM9wILIAEgBEcEQANAIAEtAAAiAEEgRwRAIABBCmsOBP8B/gH+Af8B/gELIAQgAUEBaiIBRw0AC0E4IQMM9wILQTghAwz2AgsDQCABLQAAIgBBIEcgAEEJR3EN9gEgBCABQQFqIgFHDQALQTwhAwz1AgsDQCABLQAAIgBBIEcEQAJAIABBCmsOBPkBBAT5AQALIABBLEYN9QEMAwsgBCABQQFqIgFHDQALQT8hAwz0AgtBwAAhAyABIARGDfMCIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAEGAQGstAAAgAS0AAEEgckcNASAAQQZGDdsCIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPQCCyACQQA2AgALQTYhAwzZAgsgASAERgRAQcEAIQMM8gILIAJBDDYCCCACIAE2AgQgAi0ALEEBaw4E+wHuAewB6wHUAgsgAUEBaiEBDPoBCyABIARHBEADQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxIgBBCUYNACAAQSBGDQACQAJAAkACQCAAQeMAaw4TAAMDAwMDAwMBAwMDAwMDAwMDAgMLIAFBAWohAUExIQMM3AILIAFBAWohAUEyIQMM2wILIAFBAWohAUEzIQMM2gILDP4BCyAEIAFBAWoiAUcNAAtBNSEDDPACC0E1IQMM7wILIAEgBEcEQANAIAEtAABBgDxqLQAAQQFHDfcBIAQgAUEBaiIBRw0AC0E9IQMM7wILQT0hAwzuAgtBACEAAkAgAigCOCIDRQ0AIAMoAkAiA0UNACACIAMRAAAhAAsgAEUNASAAQRVHDeYBIAJBwgA2AhwgAiABNgIUIAJB4xg2AhAgAkEVNgIMQQAhAwztAgsgAUEBaiEBC0E8IQMM0gILIAEgBEYEQEHCACEDDOsCCwJAA0ACQCABLQAAQQlrDhgAAswCzALRAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAgDMAgsgBCABQQFqIgFHDQALQcIAIQMM6wILIAFBAWohASACLQAtQQFxRQ3+AQtBLCEDDNACCyABIARHDd4BQcQAIQMM6AILA0AgAS0AAEGQwABqLQAAQQFHDZwBIAQgAUEBaiIBRw0AC0HFACEDDOcCCyABLQAAIgBBIEYN/gEgAEE6Rw3AAiACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgAN3gEM3QELQccAIQMgBCABIgBGDeUCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFBkMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvwIgAUEFRg3CAiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzlAgtByAAhAyAEIAEiAEYN5AIgBCABayACKAIAIgFqIQcgACABa0EJaiEGA0AgAUGWwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw2+AkECIAFBCUYNwgIaIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOQCCyABIARGBEBByQAhAwzkAgsCQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxQe4Aaw4HAL8CvwK/Ar8CvwIBvwILIAFBAWohAUE+IQMMywILIAFBAWohAUE/IQMMygILQcoAIQMgBCABIgBGDeICIAQgAWsgAigCACIBaiEGIAAgAWtBAWohBwNAIAFBoMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvAIgAUEBRg2+AiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBjYCAAziAgtBywAhAyAEIAEiAEYN4QIgBCABayACKAIAIgFqIQcgACABa0EOaiEGA0AgAUGiwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw27AiABQQ5GDb4CIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOECC0HMACEDIAQgASIARg3gAiAEIAFrIAIoAgAiAWohByAAIAFrQQ9qIQYDQCABQcDCAGotAAAgAC0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDboCQQMgAUEPRg2+AhogAUEBaiEBIAQgAEEBaiIARw0ACyACIAc2AgAM4AILQc0AIQMgBCABIgBGDd8CIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFB0MIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNuQJBBCABQQVGDb0CGiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzfAgsgASAERgRAQc4AIQMM3wILAkACQAJAAkAgAS0AACIAQSByIAAgAEHBAGtB/wFxQRpJG0H/AXFB4wBrDhMAvAK8ArwCvAK8ArwCvAK8ArwCvAK8ArwCAbwCvAK8AgIDvAILIAFBAWohAUHBACEDDMgCCyABQQFqIQFBwgAhAwzHAgsgAUEBaiEBQcMAIQMMxgILIAFBAWohAUHEACEDDMUCCyABIARHBEAgAkENNgIIIAIgATYCBEHFACEDDMUCC0HPACEDDN0CCwJAAkAgAS0AAEEKaw4EAZABkAEAkAELIAFBAWohAQtBKCEDDMMCCyABIARGBEBB0QAhAwzcAgsgAS0AAEEgRw0AIAFBAWohASACLQAtQQFxRQ3QAQtBFyEDDMECCyABIARHDcsBQdIAIQMM2QILQdMAIQMgASAERg3YAiACKAIAIgAgBCABa2ohBiABIABrQQFqIQUDQCABLQAAIABB1sIAai0AAEcNxwEgAEEBRg3KASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBjYCAAzYAgsgASAERgRAQdUAIQMM2AILIAEtAABBCkcNwgEgAUEBaiEBDMoBCyABIARGBEBB1gAhAwzXAgsCQAJAIAEtAABBCmsOBADDAcMBAcMBCyABQQFqIQEMygELIAFBAWohAUHKACEDDL0CC0EAIQACQCACKAI4IgNFDQAgAygCPCIDRQ0AIAIgAxEAACEACyAADb8BQc0AIQMMvAILIAItAClBIkYNzwIMiQELIAQgASIFRgRAQdsAIQMM1AILQQAhAEEBIQFBASEGQQAhAwJAAn8CQAJAAkACQAJAAkACQCAFLQAAQTBrDgrFAcQBAAECAwQFBgjDAQtBAgwGC0EDDAULQQQMBAtBBQwDC0EGDAILQQcMAQtBCAshA0EAIQFBACEGDL0BC0EJIQNBASEAQQAhAUEAIQYMvAELIAEgBEYEQEHdACEDDNMCCyABLQAAQS5HDbgBIAFBAWohAQyIAQsgASAERw22AUHfACEDDNECCyABIARHBEAgAkEONgIIIAIgATYCBEHQACEDDLgCC0HgACEDDNACC0HhACEDIAEgBEYNzwIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGA0AgAS0AACAAQeLCAGotAABHDbEBIABBA0YNswEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMzwILQeIAIQMgASAERg3OAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYDQCABLQAAIABB5sIAai0AAEcNsAEgAEECRg2vASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAzOAgtB4wAhAyABIARGDc0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgNAIAEtAAAgAEHpwgBqLQAARw2vASAAQQNGDa0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADM0CCyABIARGBEBB5QAhAwzNAgsgAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANqgFB1gAhAwyzAgsgASAERwRAA0AgAS0AACIAQSBHBEACQAJAAkAgAEHIAGsOCwABswGzAbMBswGzAbMBswGzAQKzAQsgAUEBaiEBQdIAIQMMtwILIAFBAWohAUHTACEDDLYCCyABQQFqIQFB1AAhAwy1AgsgBCABQQFqIgFHDQALQeQAIQMMzAILQeQAIQMMywILA0AgAS0AAEHwwgBqLQAAIgBBAUcEQCAAQQJrDgOnAaYBpQGkAQsgBCABQQFqIgFHDQALQeYAIQMMygILIAFBAWogASAERw0CGkHnACEDDMkCCwNAIAEtAABB8MQAai0AACIAQQFHBEACQCAAQQJrDgSiAaEBoAEAnwELQdcAIQMMsQILIAQgAUEBaiIBRw0AC0HoACEDDMgCCyABIARGBEBB6QAhAwzIAgsCQCABLQAAIgBBCmsOGrcBmwGbAbQBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBpAGbAZsBAJkBCyABQQFqCyEBQQYhAwytAgsDQCABLQAAQfDGAGotAABBAUcNfSAEIAFBAWoiAUcNAAtB6gAhAwzFAgsgAUEBaiABIARHDQIaQesAIQMMxAILIAEgBEYEQEHsACEDDMQCCyABQQFqDAELIAEgBEYEQEHtACEDDMMCCyABQQFqCyEBQQQhAwyoAgsgASAERgRAQe4AIQMMwQILAkACQAJAIAEtAABB8MgAai0AAEEBaw4HkAGPAY4BAHwBAo0BCyABQQFqIQEMCwsgAUEBagyTAQtBACEDIAJBADYCHCACQZsSNgIQIAJBBzYCDCACIAFBAWo2AhQMwAILAkADQCABLQAAQfDIAGotAAAiAEEERwRAAkACQCAAQQFrDgeUAZMBkgGNAQAEAY0BC0HaACEDDKoCCyABQQFqIQFB3AAhAwypAgsgBCABQQFqIgFHDQALQe8AIQMMwAILIAFBAWoMkQELIAQgASIARgRAQfAAIQMMvwILIAAtAABBL0cNASAAQQFqIQEMBwsgBCABIgBGBEBB8QAhAwy+AgsgAC0AACIBQS9GBEAgAEEBaiEBQd0AIQMMpQILIAFBCmsiA0EWSw0AIAAhAUEBIAN0QYmAgAJxDfkBC0EAIQMgAkEANgIcIAIgADYCFCACQYwcNgIQIAJBBzYCDAy8AgsgASAERwRAIAFBAWohAUHeACEDDKMCC0HyACEDDLsCCyABIARGBEBB9AAhAwy7AgsCQCABLQAAQfDMAGotAABBAWsOA/cBcwCCAQtB4QAhAwyhAgsgASAERwRAA0AgAS0AAEHwygBqLQAAIgBBA0cEQAJAIABBAWsOAvkBAIUBC0HfACEDDKMCCyAEIAFBAWoiAUcNAAtB8wAhAwy6AgtB8wAhAwy5AgsgASAERwRAIAJBDzYCCCACIAE2AgRB4AAhAwygAgtB9QAhAwy4AgsgASAERgRAQfYAIQMMuAILIAJBDzYCCCACIAE2AgQLQQMhAwydAgsDQCABLQAAQSBHDY4CIAQgAUEBaiIBRw0AC0H3ACEDDLUCCyABIARGBEBB+AAhAwy1AgsgAS0AAEEgRw16IAFBAWohAQxbC0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAADXgMgAILIAEgBEYEQEH6ACEDDLMCCyABLQAAQcwARw10IAFBAWohAUETDHYLQfsAIQMgASAERg2xAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYDQCABLQAAIABB8M4Aai0AAEcNcyAAQQVGDXUgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMsQILIAEgBEYEQEH8ACEDDLECCwJAAkAgAS0AAEHDAGsODAB0dHR0dHR0dHR0AXQLIAFBAWohAUHmACEDDJgCCyABQQFqIQFB5wAhAwyXAgtB/QAhAyABIARGDa8CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDXIgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADLACCyACQQA2AgAgBkEBaiEBQRAMcwtB/gAhAyABIARGDa4CIAIoAgAiACAEIAFraiEFIAEgAGtBBWohBgJAA0AgAS0AACAAQfbOAGotAABHDXEgAEEFRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK8CCyACQQA2AgAgBkEBaiEBQRYMcgtB/wAhAyABIARGDa0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQfzOAGotAABHDXAgAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK4CCyACQQA2AgAgBkEBaiEBQQUMcQsgASAERgRAQYABIQMMrQILIAEtAABB2QBHDW4gAUEBaiEBQQgMcAsgASAERgRAQYEBIQMMrAILAkACQCABLQAAQc4Aaw4DAG8BbwsgAUEBaiEBQesAIQMMkwILIAFBAWohAUHsACEDDJICCyABIARGBEBBggEhAwyrAgsCQAJAIAEtAABByABrDggAbm5ubm5uAW4LIAFBAWohAUHqACEDDJICCyABQQFqIQFB7QAhAwyRAgtBgwEhAyABIARGDakCIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQYDPAGotAABHDWwgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKoCCyACQQA2AgAgBkEBaiEBQQAMbQtBhAEhAyABIARGDagCIAIoAgAiACAEIAFraiEFIAEgAGtBBGohBgJAA0AgAS0AACAAQYPPAGotAABHDWsgAEEERg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKkCCyACQQA2AgAgBkEBaiEBQSMMbAsgASAERgRAQYUBIQMMqAILAkACQCABLQAAQcwAaw4IAGtra2trawFrCyABQQFqIQFB7wAhAwyPAgsgAUEBaiEBQfAAIQMMjgILIAEgBEYEQEGGASEDDKcCCyABLQAAQcUARw1oIAFBAWohAQxgC0GHASEDIAEgBEYNpQIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGAkADQCABLQAAIABBiM8Aai0AAEcNaCAAQQNGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpgILIAJBADYCACAGQQFqIQFBLQxpC0GIASEDIAEgBEYNpAIgAigCACIAIAQgAWtqIQUgASAAa0EIaiEGAkADQCABLQAAIABB0M8Aai0AAEcNZyAAQQhGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpQILIAJBADYCACAGQQFqIQFBKQxoCyABIARGBEBBiQEhAwykAgtBASABLQAAQd8ARw1nGiABQQFqIQEMXgtBigEhAyABIARGDaICIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgNAIAEtAAAgAEGMzwBqLQAARw1kIABBAUYN+gEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMogILQYsBIQMgASAERg2hAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGOzwBqLQAARw1kIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyiAgsgAkEANgIAIAZBAWohAUECDGULQYwBIQMgASAERg2gAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHwzwBqLQAARw1jIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyhAgsgAkEANgIAIAZBAWohAUEfDGQLQY0BIQMgASAERg2fAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHyzwBqLQAARw1iIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAygAgsgAkEANgIAIAZBAWohAUEJDGMLIAEgBEYEQEGOASEDDJ8CCwJAAkAgAS0AAEHJAGsOBwBiYmJiYgFiCyABQQFqIQFB+AAhAwyGAgsgAUEBaiEBQfkAIQMMhQILQY8BIQMgASAERg2dAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGRzwBqLQAARw1gIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyeAgsgAkEANgIAIAZBAWohAUEYDGELQZABIQMgASAERg2cAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGXzwBqLQAARw1fIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAydAgsgAkEANgIAIAZBAWohAUEXDGALQZEBIQMgASAERg2bAiACKAIAIgAgBCABa2ohBSABIABrQQZqIQYCQANAIAEtAAAgAEGazwBqLQAARw1eIABBBkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAycAgsgAkEANgIAIAZBAWohAUEVDF8LQZIBIQMgASAERg2aAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGhzwBqLQAARw1dIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAybAgsgAkEANgIAIAZBAWohAUEeDF4LIAEgBEYEQEGTASEDDJoCCyABLQAAQcwARw1bIAFBAWohAUEKDF0LIAEgBEYEQEGUASEDDJkCCwJAAkAgAS0AAEHBAGsODwBcXFxcXFxcXFxcXFxcAVwLIAFBAWohAUH+ACEDDIACCyABQQFqIQFB/wAhAwz/AQsgASAERgRAQZUBIQMMmAILAkACQCABLQAAQcEAaw4DAFsBWwsgAUEBaiEBQf0AIQMM/wELIAFBAWohAUGAASEDDP4BC0GWASEDIAEgBEYNlgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBp88Aai0AAEcNWSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlwILIAJBADYCACAGQQFqIQFBCwxaCyABIARGBEBBlwEhAwyWAgsCQAJAAkACQCABLQAAQS1rDiMAW1tbW1tbW1tbW1tbW1tbW1tbW1tbW1sBW1tbW1sCW1tbA1sLIAFBAWohAUH7ACEDDP8BCyABQQFqIQFB/AAhAwz+AQsgAUEBaiEBQYEBIQMM/QELIAFBAWohAUGCASEDDPwBC0GYASEDIAEgBEYNlAIgAigCACIAIAQgAWtqIQUgASAAa0EEaiEGAkADQCABLQAAIABBqc8Aai0AAEcNVyAAQQRGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlQILIAJBADYCACAGQQFqIQFBGQxYC0GZASEDIAEgBEYNkwIgAigCACIAIAQgAWtqIQUgASAAa0EFaiEGAkADQCABLQAAIABBrs8Aai0AAEcNViAAQQVGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlAILIAJBADYCACAGQQFqIQFBBgxXC0GaASEDIAEgBEYNkgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBtM8Aai0AAEcNVSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkwILIAJBADYCACAGQQFqIQFBHAxWC0GbASEDIAEgBEYNkQIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBts8Aai0AAEcNVCAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkgILIAJBADYCACAGQQFqIQFBJwxVCyABIARGBEBBnAEhAwyRAgsCQAJAIAEtAABB1ABrDgIAAVQLIAFBAWohAUGGASEDDPgBCyABQQFqIQFBhwEhAwz3AQtBnQEhAyABIARGDY8CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbjPAGotAABHDVIgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADJACCyACQQA2AgAgBkEBaiEBQSYMUwtBngEhAyABIARGDY4CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbrPAGotAABHDVEgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI8CCyACQQA2AgAgBkEBaiEBQQMMUgtBnwEhAyABIARGDY0CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDVAgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI4CCyACQQA2AgAgBkEBaiEBQQwMUQtBoAEhAyABIARGDYwCIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQbzPAGotAABHDU8gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI0CCyACQQA2AgAgBkEBaiEBQQ0MUAsgASAERgRAQaEBIQMMjAILAkACQCABLQAAQcYAaw4LAE9PT09PT09PTwFPCyABQQFqIQFBiwEhAwzzAQsgAUEBaiEBQYwBIQMM8gELIAEgBEYEQEGiASEDDIsCCyABLQAAQdAARw1MIAFBAWohAQxGCyABIARGBEBBowEhAwyKAgsCQAJAIAEtAABByQBrDgcBTU1NTU0ATQsgAUEBaiEBQY4BIQMM8QELIAFBAWohAUEiDE0LQaQBIQMgASAERg2IAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHAzwBqLQAARw1LIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyJAgsgAkEANgIAIAZBAWohAUEdDEwLIAEgBEYEQEGlASEDDIgCCwJAAkAgAS0AAEHSAGsOAwBLAUsLIAFBAWohAUGQASEDDO8BCyABQQFqIQFBBAxLCyABIARGBEBBpgEhAwyHAgsCQAJAAkACQAJAIAEtAABBwQBrDhUATU1NTU1NTU1NTQFNTQJNTQNNTQRNCyABQQFqIQFBiAEhAwzxAQsgAUEBaiEBQYkBIQMM8AELIAFBAWohAUGKASEDDO8BCyABQQFqIQFBjwEhAwzuAQsgAUEBaiEBQZEBIQMM7QELQacBIQMgASAERg2FAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHtzwBqLQAARw1IIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyGAgsgAkEANgIAIAZBAWohAUERDEkLQagBIQMgASAERg2EAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHCzwBqLQAARw1HIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyFAgsgAkEANgIAIAZBAWohAUEsDEgLQakBIQMgASAERg2DAiACKAIAIgAgBCABa2ohBSABIABrQQRqIQYCQANAIAEtAAAgAEHFzwBqLQAARw1GIABBBEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyEAgsgAkEANgIAIAZBAWohAUErDEcLQaoBIQMgASAERg2CAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHKzwBqLQAARw1FIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyDAgsgAkEANgIAIAZBAWohAUEUDEYLIAEgBEYEQEGrASEDDIICCwJAAkACQAJAIAEtAABBwgBrDg8AAQJHR0dHR0dHR0dHRwNHCyABQQFqIQFBkwEhAwzrAQsgAUEBaiEBQZQBIQMM6gELIAFBAWohAUGVASEDDOkBCyABQQFqIQFBlgEhAwzoAQsgASAERgRAQawBIQMMgQILIAEtAABBxQBHDUIgAUEBaiEBDD0LQa0BIQMgASAERg3/ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHNzwBqLQAARw1CIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyAAgsgAkEANgIAIAZBAWohAUEODEMLIAEgBEYEQEGuASEDDP8BCyABLQAAQdAARw1AIAFBAWohAUElDEILQa8BIQMgASAERg39ASACKAIAIgAgBCABa2ohBSABIABrQQhqIQYCQANAIAEtAAAgAEHQzwBqLQAARw1AIABBCEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz+AQsgAkEANgIAIAZBAWohAUEqDEELIAEgBEYEQEGwASEDDP0BCwJAAkAgAS0AAEHVAGsOCwBAQEBAQEBAQEABQAsgAUEBaiEBQZoBIQMM5AELIAFBAWohAUGbASEDDOMBCyABIARGBEBBsQEhAwz8AQsCQAJAIAEtAABBwQBrDhQAPz8/Pz8/Pz8/Pz8/Pz8/Pz8/AT8LIAFBAWohAUGZASEDDOMBCyABQQFqIQFBnAEhAwziAQtBsgEhAyABIARGDfoBIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQdnPAGotAABHDT0gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPsBCyACQQA2AgAgBkEBaiEBQSEMPgtBswEhAyABIARGDfkBIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAS0AACAAQd3PAGotAABHDTwgAEEGRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPoBCyACQQA2AgAgBkEBaiEBQRoMPQsgASAERgRAQbQBIQMM+QELAkACQAJAIAEtAABBxQBrDhEAPT09PT09PT09AT09PT09Aj0LIAFBAWohAUGdASEDDOEBCyABQQFqIQFBngEhAwzgAQsgAUEBaiEBQZ8BIQMM3wELQbUBIQMgASAERg33ASACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEHkzwBqLQAARw06IABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz4AQsgAkEANgIAIAZBAWohAUEoDDsLQbYBIQMgASAERg32ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHqzwBqLQAARw05IABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz3AQsgAkEANgIAIAZBAWohAUEHDDoLIAEgBEYEQEG3ASEDDPYBCwJAAkAgAS0AAEHFAGsODgA5OTk5OTk5OTk5OTkBOQsgAUEBaiEBQaEBIQMM3QELIAFBAWohAUGiASEDDNwBC0G4ASEDIAEgBEYN9AEgAigCACIAIAQgAWtqIQUgASAAa0ECaiEGAkADQCABLQAAIABB7c8Aai0AAEcNNyAAQQJGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9QELIAJBADYCACAGQQFqIQFBEgw4C0G5ASEDIAEgBEYN8wEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8M8Aai0AAEcNNiAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9AELIAJBADYCACAGQQFqIQFBIAw3C0G6ASEDIAEgBEYN8gEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8s8Aai0AAEcNNSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8wELIAJBADYCACAGQQFqIQFBDww2CyABIARGBEBBuwEhAwzyAQsCQAJAIAEtAABByQBrDgcANTU1NTUBNQsgAUEBaiEBQaUBIQMM2QELIAFBAWohAUGmASEDDNgBC0G8ASEDIAEgBEYN8AEgAigCACIAIAQgAWtqIQUgASAAa0EHaiEGAkADQCABLQAAIABB9M8Aai0AAEcNMyAAQQdGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8QELIAJBADYCACAGQQFqIQFBGww0CyABIARGBEBBvQEhAwzwAQsCQAJAAkAgAS0AAEHCAGsOEgA0NDQ0NDQ0NDQBNDQ0NDQ0AjQLIAFBAWohAUGkASEDDNgBCyABQQFqIQFBpwEhAwzXAQsgAUEBaiEBQagBIQMM1gELIAEgBEYEQEG+ASEDDO8BCyABLQAAQc4ARw0wIAFBAWohAQwsCyABIARGBEBBvwEhAwzuAQsCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCABLQAAQcEAaw4VAAECAz8EBQY/Pz8HCAkKCz8MDQ4PPwsgAUEBaiEBQegAIQMM4wELIAFBAWohAUHpACEDDOIBCyABQQFqIQFB7gAhAwzhAQsgAUEBaiEBQfIAIQMM4AELIAFBAWohAUHzACEDDN8BCyABQQFqIQFB9gAhAwzeAQsgAUEBaiEBQfcAIQMM3QELIAFBAWohAUH6ACEDDNwBCyABQQFqIQFBgwEhAwzbAQsgAUEBaiEBQYQBIQMM2gELIAFBAWohAUGFASEDDNkBCyABQQFqIQFBkgEhAwzYAQsgAUEBaiEBQZgBIQMM1wELIAFBAWohAUGgASEDDNYBCyABQQFqIQFBowEhAwzVAQsgAUEBaiEBQaoBIQMM1AELIAEgBEcEQCACQRA2AgggAiABNgIEQasBIQMM1AELQcABIQMM7AELQQAhAAJAIAIoAjgiA0UNACADKAI0IgNFDQAgAiADEQAAIQALIABFDV4gAEEVRw0HIAJB0QA2AhwgAiABNgIUIAJBsBc2AhAgAkEVNgIMQQAhAwzrAQsgAUEBaiABIARHDQgaQcIBIQMM6gELA0ACQCABLQAAQQprDgQIAAALAAsgBCABQQFqIgFHDQALQcMBIQMM6QELIAEgBEcEQCACQRE2AgggAiABNgIEQQEhAwzQAQtBxAEhAwzoAQsgASAERgRAQcUBIQMM6AELAkACQCABLQAAQQprDgQBKCgAKAsgAUEBagwJCyABQQFqDAULIAEgBEYEQEHGASEDDOcBCwJAAkAgAS0AAEEKaw4XAQsLAQsLCwsLCwsLCwsLCwsLCwsLCwALCyABQQFqIQELQbABIQMMzQELIAEgBEYEQEHIASEDDOYBCyABLQAAQSBHDQkgAkEAOwEyIAFBAWohAUGzASEDDMwBCwNAIAEhAAJAIAEgBEcEQCABLQAAQTBrQf8BcSIDQQpJDQEMJwtBxwEhAwzmAQsCQCACLwEyIgFBmTNLDQAgAiABQQpsIgU7ATIgBUH+/wNxIANB//8Dc0sNACAAQQFqIQEgAiADIAVqIgM7ATIgA0H//wNxQegHSQ0BCwtBACEDIAJBADYCHCACQcEJNgIQIAJBDTYCDCACIABBAWo2AhQM5AELIAJBADYCHCACIAE2AhQgAkHwDDYCECACQRs2AgxBACEDDOMBCyACKAIEIQAgAkEANgIEIAIgACABECYiAA0BIAFBAWoLIQFBrQEhAwzIAQsgAkHBATYCHCACIAA2AgwgAiABQQFqNgIUQQAhAwzgAQsgAigCBCEAIAJBADYCBCACIAAgARAmIgANASABQQFqCyEBQa4BIQMMxQELIAJBwgE2AhwgAiAANgIMIAIgAUEBajYCFEEAIQMM3QELIAJBADYCHCACIAE2AhQgAkGXCzYCECACQQ02AgxBACEDDNwBCyACQQA2AhwgAiABNgIUIAJB4xA2AhAgAkEJNgIMQQAhAwzbAQsgAkECOgAoDKwBC0EAIQMgAkEANgIcIAJBrws2AhAgAkECNgIMIAIgAUEBajYCFAzZAQtBAiEDDL8BC0ENIQMMvgELQSYhAwy9AQtBFSEDDLwBC0EWIQMMuwELQRghAwy6AQtBHCEDDLkBC0EdIQMMuAELQSAhAwy3AQtBISEDDLYBC0EjIQMMtQELQcYAIQMMtAELQS4hAwyzAQtBPSEDDLIBC0HLACEDDLEBC0HOACEDDLABC0HYACEDDK8BC0HZACEDDK4BC0HbACEDDK0BC0HxACEDDKwBC0H0ACEDDKsBC0GNASEDDKoBC0GXASEDDKkBC0GpASEDDKgBC0GvASEDDKcBC0GxASEDDKYBCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB8Rs2AhAgAkEGNgIMDL0BCyACQQA2AgAgBkEBaiEBQSQLOgApIAIoAgQhACACQQA2AgQgAiAAIAEQJyIARQRAQeUAIQMMowELIAJB+QA2AhwgAiABNgIUIAIgADYCDEEAIQMMuwELIABBFUcEQCACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwy7AQsgAkH4ADYCHCACIAE2AhQgAkHKGDYCECACQRU2AgxBACEDDLoBCyACQQA2AhwgAiABNgIUIAJBjhs2AhAgAkEGNgIMQQAhAwy5AQsgAkEANgIcIAIgATYCFCACQf4RNgIQIAJBBzYCDEEAIQMMuAELIAJBADYCHCACIAE2AhQgAkGMHDYCECACQQc2AgxBACEDDLcBCyACQQA2AhwgAiABNgIUIAJBww82AhAgAkEHNgIMQQAhAwy2AQsgAkEANgIcIAIgATYCFCACQcMPNgIQIAJBBzYCDEEAIQMMtQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0RIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMtAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0gIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMswELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0iIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMsgELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0OIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMsQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0dIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMsAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0fIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMrwELIABBP0cNASABQQFqCyEBQQUhAwyUAQtBACEDIAJBADYCHCACIAE2AhQgAkH9EjYCECACQQc2AgwMrAELIAJBADYCHCACIAE2AhQgAkHcCDYCECACQQc2AgxBACEDDKsBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNByACQeUANgIcIAIgATYCFCACIAA2AgxBACEDDKoBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNFiACQdMANgIcIAIgATYCFCACIAA2AgxBACEDDKkBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNGCACQdIANgIcIAIgATYCFCACIAA2AgxBACEDDKgBCyACQQA2AhwgAiABNgIUIAJBxgo2AhAgAkEHNgIMQQAhAwynAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQMgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwymAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRIgAkHTADYCHCACIAE2AhQgAiAANgIMQQAhAwylAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRQgAkHSADYCHCACIAE2AhQgAiAANgIMQQAhAwykAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQAgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwyjAQtB1QAhAwyJAQsgAEEVRwRAIAJBADYCHCACIAE2AhQgAkG5DTYCECACQRo2AgxBACEDDKIBCyACQeQANgIcIAIgATYCFCACQeMXNgIQIAJBFTYCDEEAIQMMoQELIAJBADYCACAGQQFqIQEgAi0AKSIAQSNrQQtJDQQCQCAAQQZLDQBBASAAdEHKAHFFDQAMBQtBACEDIAJBADYCHCACIAE2AhQgAkH3CTYCECACQQg2AgwMoAELIAJBADYCACAGQQFqIQEgAi0AKUEhRg0DIAJBADYCHCACIAE2AhQgAkGbCjYCECACQQg2AgxBACEDDJ8BCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJBkDM2AhAgAkEINgIMDJ0BCyACQQA2AgAgBkEBaiEBIAItAClBI0kNACACQQA2AhwgAiABNgIUIAJB0wk2AhAgAkEINgIMQQAhAwycAQtB0QAhAwyCAQsgAS0AAEEwayIAQf8BcUEKSQRAIAIgADoAKiABQQFqIQFBzwAhAwyCAQsgAigCBCEAIAJBADYCBCACIAAgARAoIgBFDYYBIAJB3gA2AhwgAiABNgIUIAIgADYCDEEAIQMMmgELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ2GASACQdwANgIcIAIgATYCFCACIAA2AgxBACEDDJkBCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMhwELIAJB2gA2AhwgAiAFNgIUIAIgADYCDAyYAQtBACEBQQEhAwsgAiADOgArIAVBAWohAwJAAkACQCACLQAtQRBxDQACQAJAAkAgAi0AKg4DAQACBAsgBkUNAwwCCyAADQEMAgsgAUUNAQsgAigCBCEAIAJBADYCBCACIAAgAxAoIgBFBEAgAyEBDAILIAJB2AA2AhwgAiADNgIUIAIgADYCDEEAIQMMmAELIAIoAgQhACACQQA2AgQgAiAAIAMQKCIARQRAIAMhAQyHAQsgAkHZADYCHCACIAM2AhQgAiAANgIMQQAhAwyXAQtBzAAhAwx9CyAAQRVHBEAgAkEANgIcIAIgATYCFCACQZQNNgIQIAJBITYCDEEAIQMMlgELIAJB1wA2AhwgAiABNgIUIAJByRc2AhAgAkEVNgIMQQAhAwyVAQtBACEDIAJBADYCHCACIAE2AhQgAkGAETYCECACQQk2AgwMlAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0AIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMkwELQckAIQMMeQsgAkEANgIcIAIgATYCFCACQcEoNgIQIAJBBzYCDCACQQA2AgBBACEDDJEBCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAlIgBFDQAgAkHSADYCHCACIAE2AhQgAiAANgIMDJABC0HIACEDDHYLIAJBADYCACAFIQELIAJBgBI7ASogAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANAQtBxwAhAwxzCyAAQRVGBEAgAkHRADYCHCACIAE2AhQgAkHjFzYCECACQRU2AgxBACEDDIwBC0EAIQMgAkEANgIcIAIgATYCFCACQbkNNgIQIAJBGjYCDAyLAQtBACEDIAJBADYCHCACIAE2AhQgAkGgGTYCECACQR42AgwMigELIAEtAABBOkYEQCACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgBFDQEgAkHDADYCHCACIAA2AgwgAiABQQFqNgIUDIoBC0EAIQMgAkEANgIcIAIgATYCFCACQbERNgIQIAJBCjYCDAyJAQsgAUEBaiEBQTshAwxvCyACQcMANgIcIAIgADYCDCACIAFBAWo2AhQMhwELQQAhAyACQQA2AhwgAiABNgIUIAJB8A42AhAgAkEcNgIMDIYBCyACIAIvATBBEHI7ATAMZgsCQCACLwEwIgBBCHFFDQAgAi0AKEEBRw0AIAItAC1BCHFFDQMLIAIgAEH3+wNxQYAEcjsBMAwECyABIARHBEACQANAIAEtAABBMGsiAEH/AXFBCk8EQEE1IQMMbgsgAikDICIKQpmz5syZs+bMGVYNASACIApCCn4iCjcDICAKIACtQv8BgyILQn+FVg0BIAIgCiALfDcDICAEIAFBAWoiAUcNAAtBOSEDDIUBCyACKAIEIQBBACEDIAJBADYCBCACIAAgAUEBaiIBECoiAA0MDHcLQTkhAwyDAQsgAi0AMEEgcQ0GQcUBIQMMaQtBACEDIAJBADYCBCACIAEgARAqIgBFDQQgAkE6NgIcIAIgADYCDCACIAFBAWo2AhQMgQELIAItAChBAUcNACACLQAtQQhxRQ0BC0E3IQMMZgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIABEAgAkE7NgIcIAIgADYCDCACIAFBAWo2AhQMfwsgAUEBaiEBDG4LIAJBCDoALAwECyABQQFqIQEMbQtBACEDIAJBADYCHCACIAE2AhQgAkHkEjYCECACQQQ2AgwMewsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ1sIAJBNzYCHCACIAE2AhQgAiAANgIMDHoLIAIgAi8BMEEgcjsBMAtBMCEDDF8LIAJBNjYCHCACIAE2AhQgAiAANgIMDHcLIABBLEcNASABQQFqIQBBASEBAkACQAJAAkACQCACLQAsQQVrDgQDAQIEAAsgACEBDAQLQQIhAQwBC0EEIQELIAJBAToALCACIAIvATAgAXI7ATAgACEBDAELIAIgAi8BMEEIcjsBMCAAIQELQTkhAwxcCyACQQA6ACwLQTQhAwxaCyABIARGBEBBLSEDDHMLAkACQANAAkAgAS0AAEEKaw4EAgAAAwALIAQgAUEBaiIBRw0AC0EtIQMMdAsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ0CIAJBLDYCHCACIAE2AhQgAiAANgIMDHMLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAS0AAEENRgRAIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAi0ALUEBcQRAQcQBIQMMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIADQEMZQtBLyEDDFcLIAJBLjYCHCACIAE2AhQgAiAANgIMDG8LQQAhAyACQQA2AhwgAiABNgIUIAJB8BQ2AhAgAkEDNgIMDG4LQQEhAwJAAkACQAJAIAItACxBBWsOBAMBAgAECyACIAIvATBBCHI7ATAMAwtBAiEDDAELQQQhAwsgAkEBOgAsIAIgAi8BMCADcjsBMAtBKiEDDFMLQQAhAyACQQA2AhwgAiABNgIUIAJB4Q82AhAgAkEKNgIMDGsLQQEhAwJAAkACQAJAAkACQCACLQAsQQJrDgcFBAQDAQIABAsgAiACLwEwQQhyOwEwDAMLQQIhAwwBC0EEIQMLIAJBAToALCACIAIvATAgA3I7ATALQSshAwxSC0EAIQMgAkEANgIcIAIgATYCFCACQasSNgIQIAJBCzYCDAxqC0EAIQMgAkEANgIcIAIgATYCFCACQf0NNgIQIAJBHTYCDAxpCyABIARHBEADQCABLQAAQSBHDUggBCABQQFqIgFHDQALQSUhAwxpC0ElIQMMaAsgAi0ALUEBcQRAQcMBIQMMTwsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKSIABEAgAkEmNgIcIAIgADYCDCACIAFBAWo2AhQMaAsgAUEBaiEBDFwLIAFBAWohASACLwEwIgBBgAFxBEBBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAEUNBiAAQRVHDR8gAkEFNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMZwsCQCAAQaAEcUGgBEcNACACLQAtQQJxDQBBACEDIAJBADYCHCACIAE2AhQgAkGWEzYCECACQQQ2AgwMZwsgAgJ/IAIvATBBFHFBFEYEQEEBIAItAChBAUYNARogAi8BMkHlAEYMAQsgAi0AKUEFRgs6AC5BACEAAkAgAigCOCIDRQ0AIAMoAiQiA0UNACACIAMRAAAhAAsCQAJAAkACQAJAIAAOFgIBAAQEBAQEBAQEBAQEBAQEBAQEBAMECyACQQE6AC4LIAIgAi8BMEHAAHI7ATALQSchAwxPCyACQSM2AhwgAiABNgIUIAJBpRY2AhAgAkEVNgIMQQAhAwxnC0EAIQMgAkEANgIcIAIgATYCFCACQdULNgIQIAJBETYCDAxmC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAADQELQQ4hAwxLCyAAQRVGBEAgAkECNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMZAtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMYwtBACEDIAJBADYCHCACIAE2AhQgAkGqHDYCECACQQ82AgwMYgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEgCqdqIgEQKyIARQ0AIAJBBTYCHCACIAE2AhQgAiAANgIMDGELQQ8hAwxHC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxfC0IBIQoLIAFBAWohAQJAIAIpAyAiC0L//////////w9YBEAgAiALQgSGIAqENwMgDAELQQAhAyACQQA2AhwgAiABNgIUIAJBrQk2AhAgAkEMNgIMDF4LQSQhAwxEC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxcCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAsIgBFBEAgAUEBaiEBDFILIAJBFzYCHCACIAA2AgwgAiABQQFqNgIUDFsLIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQRY2AhwgAiAANgIMIAIgAUEBajYCFAxbC0EfIQMMQQtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQLSIARQRAIAFBAWohAQxQCyACQRQ2AhwgAiAANgIMIAIgAUEBajYCFAxYCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABEC0iAEUEQCABQQFqIQEMAQsgAkETNgIcIAIgADYCDCACIAFBAWo2AhQMWAtBHiEDDD4LQQAhAyACQQA2AhwgAiABNgIUIAJBxgw2AhAgAkEjNgIMDFYLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABEC0iAEUEQCABQQFqIQEMTgsgAkERNgIcIAIgADYCDCACIAFBAWo2AhQMVQsgAkEQNgIcIAIgATYCFCACIAA2AgwMVAtBACEDIAJBADYCHCACIAE2AhQgAkHGDDYCECACQSM2AgwMUwtBACEDIAJBADYCHCACIAE2AhQgAkHAFTYCECACQQI2AgwMUgsgAigCBCEAQQAhAyACQQA2AgQCQCACIAAgARAtIgBFBEAgAUEBaiEBDAELIAJBDjYCHCACIAA2AgwgAiABQQFqNgIUDFILQRshAww4C0EAIQMgAkEANgIcIAIgATYCFCACQcYMNgIQIAJBIzYCDAxQCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABECwiAEUEQCABQQFqIQEMAQsgAkENNgIcIAIgADYCDCACIAFBAWo2AhQMUAtBGiEDDDYLQQAhAyACQQA2AhwgAiABNgIUIAJBmg82AhAgAkEiNgIMDE4LIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQQw2AhwgAiAANgIMIAIgAUEBajYCFAxOC0EZIQMMNAtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMTAsgAEEVRwRAQQAhAyACQQA2AhwgAiABNgIUIAJBgww2AhAgAkETNgIMDEwLIAJBCjYCHCACIAE2AhQgAkHkFjYCECACQRU2AgxBACEDDEsLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABIAqnaiIBECsiAARAIAJBBzYCHCACIAE2AhQgAiAANgIMDEsLQRMhAwwxCyAAQRVHBEBBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMSgsgAkEeNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMSQtBACEAAkAgAigCOCIDRQ0AIAMoAiwiA0UNACACIAMRAAAhAAsgAEUNQSAAQRVGBEAgAkEDNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMSQtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMSAtBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMRwtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMRgsgAkEAOgAvIAItAC1BBHFFDT8LIAJBADoALyACQQE6ADRBACEDDCsLQQAhAyACQQA2AhwgAkHkETYCECACQQc2AgwgAiABQQFqNgIUDEMLAkADQAJAIAEtAABBCmsOBAACAgACCyAEIAFBAWoiAUcNAAtB3QEhAwxDCwJAAkAgAi0ANEEBRw0AQQAhAAJAIAIoAjgiA0UNACADKAJYIgNFDQAgAiADEQAAIQALIABFDQAgAEEVRw0BIAJB3AE2AhwgAiABNgIUIAJB1RY2AhAgAkEVNgIMQQAhAwxEC0HBASEDDCoLIAJBADYCHCACIAE2AhQgAkHpCzYCECACQR82AgxBACEDDEILAkACQCACLQAoQQFrDgIEAQALQcABIQMMKQtBuQEhAwwoCyACQQI6AC9BACEAAkAgAigCOCIDRQ0AIAMoAgAiA0UNACACIAMRAAAhAAsgAEUEQEHCASEDDCgLIABBFUcEQCACQQA2AhwgAiABNgIUIAJBpAw2AhAgAkEQNgIMQQAhAwxBCyACQdsBNgIcIAIgATYCFCACQfoWNgIQIAJBFTYCDEEAIQMMQAsgASAERgRAQdoBIQMMQAsgAS0AAEHIAEYNASACQQE6ACgLQawBIQMMJQtBvwEhAwwkCyABIARHBEAgAkEQNgIIIAIgATYCBEG+ASEDDCQLQdkBIQMMPAsgASAERgRAQdgBIQMMPAsgAS0AAEHIAEcNBCABQQFqIQFBvQEhAwwiCyABIARGBEBB1wEhAww7CwJAAkAgAS0AAEHFAGsOEAAFBQUFBQUFBQUFBQUFBQEFCyABQQFqIQFBuwEhAwwiCyABQQFqIQFBvAEhAwwhC0HWASEDIAEgBEYNOSACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGD0ABqLQAARw0DIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw6CyACKAIEIQAgAkIANwMAIAIgACAGQQFqIgEQJyIARQRAQcYBIQMMIQsgAkHVATYCHCACIAE2AhQgAiAANgIMQQAhAww5C0HUASEDIAEgBEYNOCACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEGB0ABqLQAARw0CIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw5CyACQYEEOwEoIAIoAgQhACACQgA3AwAgAiAAIAZBAWoiARAnIgANAwwCCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB2Bs2AhAgAkEINgIMDDYLQboBIQMMHAsgAkHTATYCHCACIAE2AhQgAiAANgIMQQAhAww0C0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAARQ0AIABBFUYNASACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwwzC0HkACEDDBkLIAJB+AA2AhwgAiABNgIUIAJByhg2AhAgAkEVNgIMQQAhAwwxC0HSASEDIAQgASIARg0wIAQgAWsgAigCACIBaiEFIAAgAWtBBGohBgJAA0AgAC0AACABQfzPAGotAABHDQEgAUEERg0DIAFBAWohASAEIABBAWoiAEcNAAsgAiAFNgIADDELIAJBADYCHCACIAA2AhQgAkGQMzYCECACQQg2AgwgAkEANgIAQQAhAwwwCyABIARHBEAgAkEONgIIIAIgATYCBEG3ASEDDBcLQdEBIQMMLwsgAkEANgIAIAZBAWohAQtBuAEhAwwUCyABIARGBEBB0AEhAwwtCyABLQAAQTBrIgBB/wFxQQpJBEAgAiAAOgAqIAFBAWohAUG2ASEDDBQLIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0UIAJBzwE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAsgASAERgRAQc4BIQMMLAsCQCABLQAAQS5GBEAgAUEBaiEBDAELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0VIAJBzQE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAtBtQEhAwwSCyAEIAEiBUYEQEHMASEDDCsLQQAhAEEBIQFBASEGQQAhAwJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAIAUtAABBMGsOCgoJAAECAwQFBggLC0ECDAYLQQMMBQtBBAwEC0EFDAMLQQYMAgtBBwwBC0EICyEDQQAhAUEAIQYMAgtBCSEDQQEhAEEAIQFBACEGDAELQQAhAUEBIQMLIAIgAzoAKyAFQQFqIQMCQAJAIAItAC1BEHENAAJAAkACQCACLQAqDgMBAAIECyAGRQ0DDAILIAANAQwCCyABRQ0BCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMAwsgAkHJATYCHCACIAM2AhQgAiAANgIMQQAhAwwtCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMGAsgAkHKATYCHCACIAM2AhQgAiAANgIMQQAhAwwsCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMFgsgAkHLATYCHCACIAU2AhQgAiAANgIMDCsLQbQBIQMMEQtBACEAAkAgAigCOCIDRQ0AIAMoAjwiA0UNACACIAMRAAAhAAsCQCAABEAgAEEVRg0BIAJBADYCHCACIAE2AhQgAkGUDTYCECACQSE2AgxBACEDDCsLQbIBIQMMEQsgAkHIATYCHCACIAE2AhQgAkHJFzYCECACQRU2AgxBACEDDCkLIAJBADYCACAGQQFqIQFB9QAhAwwPCyACLQApQQVGBEBB4wAhAwwPC0HiACEDDA4LIAAhASACQQA2AgALIAJBADoALEEJIQMMDAsgAkEANgIAIAdBAWohAUHAACEDDAsLQQELOgAsIAJBADYCACAGQQFqIQELQSkhAwwIC0E4IQMMBwsCQCABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRw0DIAFBAWohAQwFCyAEIAFBAWoiAUcNAAtBPiEDDCELQT4hAwwgCwsgAkEAOgAsDAELQQshAwwEC0E6IQMMAwsgAUEBaiEBQS0hAwwCCyACIAE6ACwgAkEANgIAIAZBAWohAUEMIQMMAQsgAkEANgIAIAZBAWohAUEKIQMMAAsAC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwXC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwWC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwVC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwUC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwTC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwSC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwRC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwQC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwPC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwOC0EAIQMgAkEANgIcIAIgATYCFCACQcASNgIQIAJBCzYCDAwNC0EAIQMgAkEANgIcIAIgATYCFCACQZUJNgIQIAJBCzYCDAwMC0EAIQMgAkEANgIcIAIgATYCFCACQeEPNgIQIAJBCjYCDAwLC0EAIQMgAkEANgIcIAIgATYCFCACQfsPNgIQIAJBCjYCDAwKC0EAIQMgAkEANgIcIAIgATYCFCACQfEZNgIQIAJBAjYCDAwJC0EAIQMgAkEANgIcIAIgATYCFCACQcQUNgIQIAJBAjYCDAwIC0EAIQMgAkEANgIcIAIgATYCFCACQfIVNgIQIAJBAjYCDAwHCyACQQI2AhwgAiABNgIUIAJBnBo2AhAgAkEWNgIMQQAhAwwGC0EBIQMMBQtB1AAhAyABIARGDQQgCEEIaiEJIAIoAgAhBQJAAkAgASAERwRAIAVB2MIAaiEHIAQgBWogAWshACAFQX9zQQpqIgUgAWohBgNAIAEtAAAgBy0AAEcEQEECIQcMAwsgBUUEQEEAIQcgBiEBDAMLIAVBAWshBSAHQQFqIQcgBCABQQFqIgFHDQALIAAhBSAEIQELIAlBATYCACACIAU2AgAMAQsgAkEANgIAIAkgBzYCAAsgCSABNgIEIAgoAgwhACAIKAIIDgMBBAIACwALIAJBADYCHCACQbUaNgIQIAJBFzYCDCACIABBAWo2AhRBACEDDAILIAJBADYCHCACIAA2AhQgAkHKGjYCECACQQk2AgxBACEDDAELIAEgBEYEQEEiIQMMAQsgAkEJNgIIIAIgATYCBEEhIQMLIAhBEGokACADRQRAIAIoAgwhAAwBCyACIAM2AhxBACEAIAIoAgQiAUUNACACIAEgBCACKAIIEQEAIgFFDQAgAiAENgIUIAIgATYCDCABIQALIAALvgIBAn8gAEEAOgAAIABB3ABqIgFBAWtBADoAACAAQQA6AAIgAEEAOgABIAFBA2tBADoAACABQQJrQQA6AAAgAEEAOgADIAFBBGtBADoAAEEAIABrQQNxIgEgAGoiAEEANgIAQdwAIAFrQXxxIgIgAGoiAUEEa0EANgIAAkAgAkEJSQ0AIABBADYCCCAAQQA2AgQgAUEIa0EANgIAIAFBDGtBADYCACACQRlJDQAgAEEANgIYIABBADYCFCAAQQA2AhAgAEEANgIMIAFBEGtBADYCACABQRRrQQA2AgAgAUEYa0EANgIAIAFBHGtBADYCACACIABBBHFBGHIiAmsiAUEgSQ0AIAAgAmohAANAIABCADcDGCAAQgA3AxAgAEIANwMIIABCADcDACAAQSBqIQAgAUEgayIBQR9LDQALCwtWAQF/AkAgACgCDA0AAkACQAJAAkAgAC0ALw4DAQADAgsgACgCOCIBRQ0AIAEoAiwiAUUNACAAIAERAAAiAQ0DC0EADwsACyAAQcMWNgIQQQ4hAQsgAQsaACAAKAIMRQRAIABB0Rs2AhAgAEEVNgIMCwsUACAAKAIMQRVGBEAgAEEANgIMCwsUACAAKAIMQRZGBEAgAEEANgIMCwsHACAAKAIMCwcAIAAoAhALCQAgACABNgIQCwcAIAAoAhQLFwAgAEEkTwRAAAsgAEECdEGgM2ooAgALFwAgAEEuTwRAAAsgAEECdEGwNGooAgALvwkBAX9B6yghAQJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIABB5ABrDvQDY2IAAWFhYWFhYQIDBAVhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhBgcICQoLDA0OD2FhYWFhEGFhYWFhYWFhYWFhEWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYRITFBUWFxgZGhthYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2YTc4OTphYWFhYWFhYTthYWE8YWFhYT0+P2FhYWFhYWFhQGFhQWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYUJDREVGR0hJSktMTU5PUFFSU2FhYWFhYWFhVFVWV1hZWlthXF1hYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFeYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhX2BhC0HhJw8LQaQhDwtByywPC0H+MQ8LQcAkDwtBqyQPC0GNKA8LQeImDwtBgDAPC0G5Lw8LQdckDwtB7x8PC0HhHw8LQfofDwtB8iAPC0GoLw8LQa4yDwtBiDAPC0HsJw8LQYIiDwtBjh0PC0HQLg8LQcojDwtBxTIPC0HfHA8LQdIcDwtBxCAPC0HXIA8LQaIfDwtB7S4PC0GrMA8LQdQlDwtBzC4PC0H6Lg8LQfwrDwtB0jAPC0HxHQ8LQbsgDwtB9ysPC0GQMQ8LQdcxDwtBoi0PC0HUJw8LQeArDwtBnywPC0HrMQ8LQdUfDwtByjEPC0HeJQ8LQdQeDwtB9BwPC0GnMg8LQbEdDwtBoB0PC0G5MQ8LQbwwDwtBkiEPC0GzJg8LQeksDwtBrB4PC0HUKw8LQfcmDwtBgCYPC0GwIQ8LQf4eDwtBjSMPC0GJLQ8LQfciDwtBoDEPC0GuHw8LQcYlDwtB6B4PC0GTIg8LQcIvDwtBwx0PC0GLLA8LQeEdDwtBjS8PC0HqIQ8LQbQtDwtB0i8PC0HfMg8LQdIyDwtB8DAPC0GpIg8LQfkjDwtBmR4PC0G1LA8LQZswDwtBkjIPC0G2Kw8LQcIiDwtB+DIPC0GeJQ8LQdAiDwtBuh4PC0GBHg8LAAtB1iEhAQsgAQsWACAAIAAtAC1B/gFxIAFBAEdyOgAtCxkAIAAgAC0ALUH9AXEgAUEAR0EBdHI6AC0LGQAgACAALQAtQfsBcSABQQBHQQJ0cjoALQsZACAAIAAtAC1B9wFxIAFBAEdBA3RyOgAtCz4BAn8CQCAAKAI4IgNFDQAgAygCBCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBxhE2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCCCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9go2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCDCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7Ro2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCECIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlRA2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCFCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBqhs2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCGCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7RM2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCKCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9gg2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCHCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBwhk2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCICIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlBQ2AhBBGCEECyAEC1kBAn8CQCAALQAoQQFGDQAgAC8BMiIBQeQAa0HkAEkNACABQcwBRg0AIAFBsAJGDQAgAC8BMCIAQcAAcQ0AQQEhAiAAQYgEcUGABEYNACAAQShxRSECCyACC4wBAQJ/AkACQAJAIAAtACpFDQAgAC0AK0UNACAALwEwIgFBAnFFDQEMAgsgAC8BMCIBQQFxRQ0BC0EBIQIgAC0AKEEBRg0AIAAvATIiAEHkAGtB5ABJDQAgAEHMAUYNACAAQbACRg0AIAFBwABxDQBBACECIAFBiARxQYAERg0AIAFBKHFBAEchAgsgAgtzACAAQRBq/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAA/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAAQTBq/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAAQSBq/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAAQd0BNgIcCwYAIAAQMguaLQELfyMAQRBrIgokAEGk0AAoAgAiCUUEQEHk0wAoAgAiBUUEQEHw0wBCfzcCAEHo0wBCgICEgICAwAA3AgBB5NMAIApBCGpBcHFB2KrVqgVzIgU2AgBB+NMAQQA2AgBByNMAQQA2AgALQczTAEGA1AQ2AgBBnNAAQYDUBDYCAEGw0AAgBTYCAEGs0ABBfzYCAEHQ0wBBgKwDNgIAA0AgAUHI0ABqIAFBvNAAaiICNgIAIAIgAUG00ABqIgM2AgAgAUHA0ABqIAM2AgAgAUHQ0ABqIAFBxNAAaiIDNgIAIAMgAjYCACABQdjQAGogAUHM0ABqIgI2AgAgAiADNgIAIAFB1NAAaiACNgIAIAFBIGoiAUGAAkcNAAtBjNQEQcGrAzYCAEGo0ABB9NMAKAIANgIAQZjQAEHAqwM2AgBBpNAAQYjUBDYCAEHM/wdBODYCAEGI1AQhCQsCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCAAQewBTQRAQYzQACgCACIGQRAgAEETakFwcSAAQQtJGyIEQQN2IgB2IgFBA3EEQAJAIAFBAXEgAHJBAXMiAkEDdCIAQbTQAGoiASAAQbzQAGooAgAiACgCCCIDRgRAQYzQACAGQX4gAndxNgIADAELIAEgAzYCCCADIAE2AgwLIABBCGohASAAIAJBA3QiAkEDcjYCBCAAIAJqIgAgACgCBEEBcjYCBAwRC0GU0AAoAgAiCCAETw0BIAEEQAJAQQIgAHQiAkEAIAJrciABIAB0cWgiAEEDdCICQbTQAGoiASACQbzQAGooAgAiAigCCCIDRgRAQYzQACAGQX4gAHdxIgY2AgAMAQsgASADNgIIIAMgATYCDAsgAiAEQQNyNgIEIABBA3QiACAEayEFIAAgAmogBTYCACACIARqIgQgBUEBcjYCBCAIBEAgCEF4cUG00ABqIQBBoNAAKAIAIQMCf0EBIAhBA3Z0IgEgBnFFBEBBjNAAIAEgBnI2AgAgAAwBCyAAKAIICyIBIAM2AgwgACADNgIIIAMgADYCDCADIAE2AggLIAJBCGohAUGg0AAgBDYCAEGU0AAgBTYCAAwRC0GQ0AAoAgAiC0UNASALaEECdEG80gBqKAIAIgAoAgRBeHEgBGshBSAAIQIDQAJAIAIoAhAiAUUEQCACQRRqKAIAIgFFDQELIAEoAgRBeHEgBGsiAyAFSSECIAMgBSACGyEFIAEgACACGyEAIAEhAgwBCwsgACgCGCEJIAAoAgwiAyAARwRAQZzQACgCABogAyAAKAIIIgE2AgggASADNgIMDBALIABBFGoiAigCACIBRQRAIAAoAhAiAUUNAyAAQRBqIQILA0AgAiEHIAEiA0EUaiICKAIAIgENACADQRBqIQIgAygCECIBDQALIAdBADYCAAwPC0F/IQQgAEG/f0sNACAAQRNqIgFBcHEhBEGQ0AAoAgAiCEUNAEEAIARrIQUCQAJAAkACf0EAIARBgAJJDQAaQR8gBEH///8HSw0AGiAEQSYgAUEIdmciAGt2QQFxIABBAXRrQT5qCyIGQQJ0QbzSAGooAgAiAkUEQEEAIQFBACEDDAELQQAhASAEQRkgBkEBdmtBACAGQR9HG3QhAEEAIQMDQAJAIAIoAgRBeHEgBGsiByAFTw0AIAIhAyAHIgUNAEEAIQUgAiEBDAMLIAEgAkEUaigCACIHIAcgAiAAQR12QQRxakEQaigCACICRhsgASAHGyEBIABBAXQhACACDQALCyABIANyRQRAQQAhA0ECIAZ0IgBBACAAa3IgCHEiAEUNAyAAaEECdEG80gBqKAIAIQELIAFFDQELA0AgASgCBEF4cSAEayICIAVJIQAgAiAFIAAbIQUgASADIAAbIQMgASgCECIABH8gAAUgAUEUaigCAAsiAQ0ACwsgA0UNACAFQZTQACgCACAEa08NACADKAIYIQcgAyADKAIMIgBHBEBBnNAAKAIAGiAAIAMoAggiATYCCCABIAA2AgwMDgsgA0EUaiICKAIAIgFFBEAgAygCECIBRQ0DIANBEGohAgsDQCACIQYgASIAQRRqIgIoAgAiAQ0AIABBEGohAiAAKAIQIgENAAsgBkEANgIADA0LQZTQACgCACIDIARPBEBBoNAAKAIAIQECQCADIARrIgJBEE8EQCABIARqIgAgAkEBcjYCBCABIANqIAI2AgAgASAEQQNyNgIEDAELIAEgA0EDcjYCBCABIANqIgAgACgCBEEBcjYCBEEAIQBBACECC0GU0AAgAjYCAEGg0AAgADYCACABQQhqIQEMDwtBmNAAKAIAIgMgBEsEQCAEIAlqIgAgAyAEayIBQQFyNgIEQaTQACAANgIAQZjQACABNgIAIAkgBEEDcjYCBCAJQQhqIQEMDwtBACEBIAQCf0Hk0wAoAgAEQEHs0wAoAgAMAQtB8NMAQn83AgBB6NMAQoCAhICAgMAANwIAQeTTACAKQQxqQXBxQdiq1aoFczYCAEH40wBBADYCAEHI0wBBADYCAEGAgAQLIgAgBEHHAGoiBWoiBkEAIABrIgdxIgJPBEBB/NMAQTA2AgAMDwsCQEHE0wAoAgAiAUUNAEG80wAoAgAiCCACaiEAIAAgAU0gACAIS3ENAEEAIQFB/NMAQTA2AgAMDwtByNMALQAAQQRxDQQCQAJAIAkEQEHM0wAhAQNAIAEoAgAiACAJTQRAIAAgASgCBGogCUsNAwsgASgCCCIBDQALC0EAEDMiAEF/Rg0FIAIhBkHo0wAoAgAiAUEBayIDIABxBEAgAiAAayAAIANqQQAgAWtxaiEGCyAEIAZPDQUgBkH+////B0sNBUHE0wAoAgAiAwRAQbzTACgCACIHIAZqIQEgASAHTQ0GIAEgA0sNBgsgBhAzIgEgAEcNAQwHCyAGIANrIAdxIgZB/v///wdLDQQgBhAzIQAgACABKAIAIAEoAgRqRg0DIAAhAQsCQCAGIARByABqTw0AIAFBf0YNAEHs0wAoAgAiACAFIAZrakEAIABrcSIAQf7///8HSwRAIAEhAAwHCyAAEDNBf0cEQCAAIAZqIQYgASEADAcLQQAgBmsQMxoMBAsgASIAQX9HDQUMAwtBACEDDAwLQQAhAAwKCyAAQX9HDQILQcjTAEHI0wAoAgBBBHI2AgALIAJB/v///wdLDQEgAhAzIQBBABAzIQEgAEF/Rg0BIAFBf0YNASAAIAFPDQEgASAAayIGIARBOGpNDQELQbzTAEG80wAoAgAgBmoiATYCAEHA0wAoAgAgAUkEQEHA0wAgATYCAAsCQAJAAkBBpNAAKAIAIgIEQEHM0wAhAQNAIAAgASgCACIDIAEoAgQiBWpGDQIgASgCCCIBDQALDAILQZzQACgCACIBQQBHIAAgAU9xRQRAQZzQACAANgIAC0EAIQFB0NMAIAY2AgBBzNMAIAA2AgBBrNAAQX82AgBBsNAAQeTTACgCADYCAEHY0wBBADYCAANAIAFByNAAaiABQbzQAGoiAjYCACACIAFBtNAAaiIDNgIAIAFBwNAAaiADNgIAIAFB0NAAaiABQcTQAGoiAzYCACADIAI2AgAgAUHY0ABqIAFBzNAAaiICNgIAIAIgAzYCACABQdTQAGogAjYCACABQSBqIgFBgAJHDQALQXggAGtBD3EiASAAaiICIAZBOGsiAyABayIBQQFyNgIEQajQAEH00wAoAgA2AgBBmNAAIAE2AgBBpNAAIAI2AgAgACADakE4NgIEDAILIAAgAk0NACACIANJDQAgASgCDEEIcQ0AQXggAmtBD3EiACACaiIDQZjQACgCACAGaiIHIABrIgBBAXI2AgQgASAFIAZqNgIEQajQAEH00wAoAgA2AgBBmNAAIAA2AgBBpNAAIAM2AgAgAiAHakE4NgIEDAELIABBnNAAKAIASQRAQZzQACAANgIACyAAIAZqIQNBzNMAIQECQAJAAkADQCADIAEoAgBHBEAgASgCCCIBDQEMAgsLIAEtAAxBCHFFDQELQczTACEBA0AgASgCACIDIAJNBEAgAyABKAIEaiIFIAJLDQMLIAEoAgghAQwACwALIAEgADYCACABIAEoAgQgBmo2AgQgAEF4IABrQQ9xaiIJIARBA3I2AgQgA0F4IANrQQ9xaiIGIAQgCWoiBGshASACIAZGBEBBpNAAIAQ2AgBBmNAAQZjQACgCACABaiIANgIAIAQgAEEBcjYCBAwIC0Gg0AAoAgAgBkYEQEGg0AAgBDYCAEGU0ABBlNAAKAIAIAFqIgA2AgAgBCAAQQFyNgIEIAAgBGogADYCAAwICyAGKAIEIgVBA3FBAUcNBiAFQXhxIQggBUH/AU0EQCAFQQN2IQMgBigCCCIAIAYoAgwiAkYEQEGM0ABBjNAAKAIAQX4gA3dxNgIADAcLIAIgADYCCCAAIAI2AgwMBgsgBigCGCEHIAYgBigCDCIARwRAIAAgBigCCCICNgIIIAIgADYCDAwFCyAGQRRqIgIoAgAiBUUEQCAGKAIQIgVFDQQgBkEQaiECCwNAIAIhAyAFIgBBFGoiAigCACIFDQAgAEEQaiECIAAoAhAiBQ0ACyADQQA2AgAMBAtBeCAAa0EPcSIBIABqIgcgBkE4ayIDIAFrIgFBAXI2AgQgACADakE4NgIEIAIgBUE3IAVrQQ9xakE/ayIDIAMgAkEQakkbIgNBIzYCBEGo0ABB9NMAKAIANgIAQZjQACABNgIAQaTQACAHNgIAIANBEGpB1NMAKQIANwIAIANBzNMAKQIANwIIQdTTACADQQhqNgIAQdDTACAGNgIAQczTACAANgIAQdjTAEEANgIAIANBJGohAQNAIAFBBzYCACAFIAFBBGoiAUsNAAsgAiADRg0AIAMgAygCBEF+cTYCBCADIAMgAmsiBTYCACACIAVBAXI2AgQgBUH/AU0EQCAFQXhxQbTQAGohAAJ/QYzQACgCACIBQQEgBUEDdnQiA3FFBEBBjNAAIAEgA3I2AgAgAAwBCyAAKAIICyIBIAI2AgwgACACNgIIIAIgADYCDCACIAE2AggMAQtBHyEBIAVB////B00EQCAFQSYgBUEIdmciAGt2QQFxIABBAXRrQT5qIQELIAIgATYCHCACQgA3AhAgAUECdEG80gBqIQBBkNAAKAIAIgNBASABdCIGcUUEQCAAIAI2AgBBkNAAIAMgBnI2AgAgAiAANgIYIAIgAjYCCCACIAI2AgwMAQsgBUEZIAFBAXZrQQAgAUEfRxt0IQEgACgCACEDAkADQCADIgAoAgRBeHEgBUYNASABQR12IQMgAUEBdCEBIAAgA0EEcWpBEGoiBigCACIDDQALIAYgAjYCACACIAA2AhggAiACNgIMIAIgAjYCCAwBCyAAKAIIIgEgAjYCDCAAIAI2AgggAkEANgIYIAIgADYCDCACIAE2AggLQZjQACgCACIBIARNDQBBpNAAKAIAIgAgBGoiAiABIARrIgFBAXI2AgRBmNAAIAE2AgBBpNAAIAI2AgAgACAEQQNyNgIEIABBCGohAQwIC0EAIQFB/NMAQTA2AgAMBwtBACEACyAHRQ0AAkAgBigCHCICQQJ0QbzSAGoiAygCACAGRgRAIAMgADYCACAADQFBkNAAQZDQACgCAEF+IAJ3cTYCAAwCCyAHQRBBFCAHKAIQIAZGG2ogADYCACAARQ0BCyAAIAc2AhggBigCECICBEAgACACNgIQIAIgADYCGAsgBkEUaigCACICRQ0AIABBFGogAjYCACACIAA2AhgLIAEgCGohASAGIAhqIgYoAgQhBQsgBiAFQX5xNgIEIAEgBGogATYCACAEIAFBAXI2AgQgAUH/AU0EQCABQXhxQbTQAGohAAJ/QYzQACgCACICQQEgAUEDdnQiAXFFBEBBjNAAIAEgAnI2AgAgAAwBCyAAKAIICyIBIAQ2AgwgACAENgIIIAQgADYCDCAEIAE2AggMAQtBHyEFIAFB////B00EQCABQSYgAUEIdmciAGt2QQFxIABBAXRrQT5qIQULIAQgBTYCHCAEQgA3AhAgBUECdEG80gBqIQBBkNAAKAIAIgJBASAFdCIDcUUEQCAAIAQ2AgBBkNAAIAIgA3I2AgAgBCAANgIYIAQgBDYCCCAEIAQ2AgwMAQsgAUEZIAVBAXZrQQAgBUEfRxt0IQUgACgCACEAAkADQCAAIgIoAgRBeHEgAUYNASAFQR12IQAgBUEBdCEFIAIgAEEEcWpBEGoiAygCACIADQALIAMgBDYCACAEIAI2AhggBCAENgIMIAQgBDYCCAwBCyACKAIIIgAgBDYCDCACIAQ2AgggBEEANgIYIAQgAjYCDCAEIAA2AggLIAlBCGohAQwCCwJAIAdFDQACQCADKAIcIgFBAnRBvNIAaiICKAIAIANGBEAgAiAANgIAIAANAUGQ0AAgCEF+IAF3cSIINgIADAILIAdBEEEUIAcoAhAgA0YbaiAANgIAIABFDQELIAAgBzYCGCADKAIQIgEEQCAAIAE2AhAgASAANgIYCyADQRRqKAIAIgFFDQAgAEEUaiABNgIAIAEgADYCGAsCQCAFQQ9NBEAgAyAEIAVqIgBBA3I2AgQgACADaiIAIAAoAgRBAXI2AgQMAQsgAyAEaiICIAVBAXI2AgQgAyAEQQNyNgIEIAIgBWogBTYCACAFQf8BTQRAIAVBeHFBtNAAaiEAAn9BjNAAKAIAIgFBASAFQQN2dCIFcUUEQEGM0AAgASAFcjYCACAADAELIAAoAggLIgEgAjYCDCAAIAI2AgggAiAANgIMIAIgATYCCAwBC0EfIQEgBUH///8HTQRAIAVBJiAFQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAQsgAiABNgIcIAJCADcCECABQQJ0QbzSAGohAEEBIAF0IgQgCHFFBEAgACACNgIAQZDQACAEIAhyNgIAIAIgADYCGCACIAI2AgggAiACNgIMDAELIAVBGSABQQF2a0EAIAFBH0cbdCEBIAAoAgAhBAJAA0AgBCIAKAIEQXhxIAVGDQEgAUEddiEEIAFBAXQhASAAIARBBHFqQRBqIgYoAgAiBA0ACyAGIAI2AgAgAiAANgIYIAIgAjYCDCACIAI2AggMAQsgACgCCCIBIAI2AgwgACACNgIIIAJBADYCGCACIAA2AgwgAiABNgIICyADQQhqIQEMAQsCQCAJRQ0AAkAgACgCHCIBQQJ0QbzSAGoiAigCACAARgRAIAIgAzYCACADDQFBkNAAIAtBfiABd3E2AgAMAgsgCUEQQRQgCSgCECAARhtqIAM2AgAgA0UNAQsgAyAJNgIYIAAoAhAiAQRAIAMgATYCECABIAM2AhgLIABBFGooAgAiAUUNACADQRRqIAE2AgAgASADNgIYCwJAIAVBD00EQCAAIAQgBWoiAUEDcjYCBCAAIAFqIgEgASgCBEEBcjYCBAwBCyAAIARqIgcgBUEBcjYCBCAAIARBA3I2AgQgBSAHaiAFNgIAIAgEQCAIQXhxQbTQAGohAUGg0AAoAgAhAwJ/QQEgCEEDdnQiAiAGcUUEQEGM0AAgAiAGcjYCACABDAELIAEoAggLIgIgAzYCDCABIAM2AgggAyABNgIMIAMgAjYCCAtBoNAAIAc2AgBBlNAAIAU2AgALIABBCGohAQsgCkEQaiQAIAELQwAgAEUEQD8AQRB0DwsCQCAAQf//A3ENACAAQQBIDQAgAEEQdkAAIgBBf0YEQEH80wBBMDYCAEF/DwsgAEEQdA8LAAsL3D8iAEGACAsJAQAAAAIAAAADAEGUCAsFBAAAAAUAQaQICwkGAAAABwAAAAgAQdwIC4otSW52YWxpZCBjaGFyIGluIHVybCBxdWVyeQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2JvZHkAQ29udGVudC1MZW5ndGggb3ZlcmZsb3cAQ2h1bmsgc2l6ZSBvdmVyZmxvdwBSZXNwb25zZSBvdmVyZmxvdwBJbnZhbGlkIG1ldGhvZCBmb3IgSFRUUC94LnggcmVxdWVzdABJbnZhbGlkIG1ldGhvZCBmb3IgUlRTUC94LnggcmVxdWVzdABFeHBlY3RlZCBTT1VSQ0UgbWV0aG9kIGZvciBJQ0UveC54IHJlcXVlc3QASW52YWxpZCBjaGFyIGluIHVybCBmcmFnbWVudCBzdGFydABFeHBlY3RlZCBkb3QAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9zdGF0dXMASW52YWxpZCByZXNwb25zZSBzdGF0dXMASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucwBVc2VyIGNhbGxiYWNrIGVycm9yAGBvbl9yZXNldGAgY2FsbGJhY2sgZXJyb3IAYG9uX2NodW5rX2hlYWRlcmAgY2FsbGJhY2sgZXJyb3IAYG9uX21lc3NhZ2VfYmVnaW5gIGNhbGxiYWNrIGVycm9yAGBvbl9jaHVua19leHRlbnNpb25fdmFsdWVgIGNhbGxiYWNrIGVycm9yAGBvbl9zdGF0dXNfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl92ZXJzaW9uX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fdXJsX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fY2h1bmtfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9oZWFkZXJfdmFsdWVfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9tZXNzYWdlX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fbWV0aG9kX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25faGVhZGVyX2ZpZWxkX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fY2h1bmtfZXh0ZW5zaW9uX25hbWVgIGNhbGxiYWNrIGVycm9yAFVuZXhwZWN0ZWQgY2hhciBpbiB1cmwgc2VydmVyAEludmFsaWQgaGVhZGVyIHZhbHVlIGNoYXIASW52YWxpZCBoZWFkZXIgZmllbGQgY2hhcgBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX3ZlcnNpb24ASW52YWxpZCBtaW5vciB2ZXJzaW9uAEludmFsaWQgbWFqb3IgdmVyc2lvbgBFeHBlY3RlZCBzcGFjZSBhZnRlciB2ZXJzaW9uAEV4cGVjdGVkIENSTEYgYWZ0ZXIgdmVyc2lvbgBJbnZhbGlkIEhUVFAgdmVyc2lvbgBJbnZhbGlkIGhlYWRlciB0b2tlbgBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX3VybABJbnZhbGlkIGNoYXJhY3RlcnMgaW4gdXJsAFVuZXhwZWN0ZWQgc3RhcnQgY2hhciBpbiB1cmwARG91YmxlIEAgaW4gdXJsAEVtcHR5IENvbnRlbnQtTGVuZ3RoAEludmFsaWQgY2hhcmFjdGVyIGluIENvbnRlbnQtTGVuZ3RoAER1cGxpY2F0ZSBDb250ZW50LUxlbmd0aABJbnZhbGlkIGNoYXIgaW4gdXJsIHBhdGgAQ29udGVudC1MZW5ndGggY2FuJ3QgYmUgcHJlc2VudCB3aXRoIFRyYW5zZmVyLUVuY29kaW5nAEludmFsaWQgY2hhcmFjdGVyIGluIGNodW5rIHNpemUAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9oZWFkZXJfdmFsdWUAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9jaHVua19leHRlbnNpb25fdmFsdWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyB2YWx1ZQBNaXNzaW5nIGV4cGVjdGVkIExGIGFmdGVyIGhlYWRlciB2YWx1ZQBJbnZhbGlkIGBUcmFuc2Zlci1FbmNvZGluZ2AgaGVhZGVyIHZhbHVlAEludmFsaWQgY2hhcmFjdGVyIGluIGNodW5rIGV4dGVuc2lvbnMgcXVvdGUgdmFsdWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyBxdW90ZWQgdmFsdWUAUGF1c2VkIGJ5IG9uX2hlYWRlcnNfY29tcGxldGUASW52YWxpZCBFT0Ygc3RhdGUAb25fcmVzZXQgcGF1c2UAb25fY2h1bmtfaGVhZGVyIHBhdXNlAG9uX21lc3NhZ2VfYmVnaW4gcGF1c2UAb25fY2h1bmtfZXh0ZW5zaW9uX3ZhbHVlIHBhdXNlAG9uX3N0YXR1c19jb21wbGV0ZSBwYXVzZQBvbl92ZXJzaW9uX2NvbXBsZXRlIHBhdXNlAG9uX3VybF9jb21wbGV0ZSBwYXVzZQBvbl9jaHVua19jb21wbGV0ZSBwYXVzZQBvbl9oZWFkZXJfdmFsdWVfY29tcGxldGUgcGF1c2UAb25fbWVzc2FnZV9jb21wbGV0ZSBwYXVzZQBvbl9tZXRob2RfY29tcGxldGUgcGF1c2UAb25faGVhZGVyX2ZpZWxkX2NvbXBsZXRlIHBhdXNlAG9uX2NodW5rX2V4dGVuc2lvbl9uYW1lIHBhdXNlAFVuZXhwZWN0ZWQgc3BhY2UgYWZ0ZXIgc3RhcnQgbGluZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2NodW5rX2V4dGVuc2lvbl9uYW1lAEludmFsaWQgY2hhcmFjdGVyIGluIGNodW5rIGV4dGVuc2lvbnMgbmFtZQBQYXVzZSBvbiBDT05ORUNUL1VwZ3JhZGUAUGF1c2Ugb24gUFJJL1VwZ3JhZGUARXhwZWN0ZWQgSFRUUC8yIENvbm5lY3Rpb24gUHJlZmFjZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX21ldGhvZABFeHBlY3RlZCBzcGFjZSBhZnRlciBtZXRob2QAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9oZWFkZXJfZmllbGQAUGF1c2VkAEludmFsaWQgd29yZCBlbmNvdW50ZXJlZABJbnZhbGlkIG1ldGhvZCBlbmNvdW50ZXJlZABVbmV4cGVjdGVkIGNoYXIgaW4gdXJsIHNjaGVtYQBSZXF1ZXN0IGhhcyBpbnZhbGlkIGBUcmFuc2Zlci1FbmNvZGluZ2AAU1dJVENIX1BST1hZAFVTRV9QUk9YWQBNS0FDVElWSVRZAFVOUFJPQ0VTU0FCTEVfRU5USVRZAENPUFkATU9WRURfUEVSTUFORU5UTFkAVE9PX0VBUkxZAE5PVElGWQBGQUlMRURfREVQRU5ERU5DWQBCQURfR0FURVdBWQBQTEFZAFBVVABDSEVDS09VVABHQVRFV0FZX1RJTUVPVVQAUkVRVUVTVF9USU1FT1VUAE5FVFdPUktfQ09OTkVDVF9USU1FT1VUAENPTk5FQ1RJT05fVElNRU9VVABMT0dJTl9USU1FT1VUAE5FVFdPUktfUkVBRF9USU1FT1VUAFBPU1QATUlTRElSRUNURURfUkVRVUVTVABDTElFTlRfQ0xPU0VEX1JFUVVFU1QAQ0xJRU5UX0NMT1NFRF9MT0FEX0JBTEFOQ0VEX1JFUVVFU1QAQkFEX1JFUVVFU1QASFRUUF9SRVFVRVNUX1NFTlRfVE9fSFRUUFNfUE9SVABSRVBPUlQASU1fQV9URUFQT1QAUkVTRVRfQ09OVEVOVABOT19DT05URU5UAFBBUlRJQUxfQ09OVEVOVABIUEVfSU5WQUxJRF9DT05TVEFOVABIUEVfQ0JfUkVTRVQAR0VUAEhQRV9TVFJJQ1QAQ09ORkxJQ1QAVEVNUE9SQVJZX1JFRElSRUNUAFBFUk1BTkVOVF9SRURJUkVDVABDT05ORUNUAE1VTFRJX1NUQVRVUwBIUEVfSU5WQUxJRF9TVEFUVVMAVE9PX01BTllfUkVRVUVTVFMARUFSTFlfSElOVFMAVU5BVkFJTEFCTEVfRk9SX0xFR0FMX1JFQVNPTlMAT1BUSU9OUwBTV0lUQ0hJTkdfUFJPVE9DT0xTAFZBUklBTlRfQUxTT19ORUdPVElBVEVTAE1VTFRJUExFX0NIT0lDRVMASU5URVJOQUxfU0VSVkVSX0VSUk9SAFdFQl9TRVJWRVJfVU5LTk9XTl9FUlJPUgBSQUlMR1VOX0VSUk9SAElERU5USVRZX1BST1ZJREVSX0FVVEhFTlRJQ0FUSU9OX0VSUk9SAFNTTF9DRVJUSUZJQ0FURV9FUlJPUgBJTlZBTElEX1hfRk9SV0FSREVEX0ZPUgBTRVRfUEFSQU1FVEVSAEdFVF9QQVJBTUVURVIASFBFX1VTRVIAU0VFX09USEVSAEhQRV9DQl9DSFVOS19IRUFERVIATUtDQUxFTkRBUgBTRVRVUABXRUJfU0VSVkVSX0lTX0RPV04AVEVBUkRPV04ASFBFX0NMT1NFRF9DT05ORUNUSU9OAEhFVVJJU1RJQ19FWFBJUkFUSU9OAERJU0NPTk5FQ1RFRF9PUEVSQVRJT04ATk9OX0FVVEhPUklUQVRJVkVfSU5GT1JNQVRJT04ASFBFX0lOVkFMSURfVkVSU0lPTgBIUEVfQ0JfTUVTU0FHRV9CRUdJTgBTSVRFX0lTX0ZST1pFTgBIUEVfSU5WQUxJRF9IRUFERVJfVE9LRU4ASU5WQUxJRF9UT0tFTgBGT1JCSURERU4ARU5IQU5DRV9ZT1VSX0NBTE0ASFBFX0lOVkFMSURfVVJMAEJMT0NLRURfQllfUEFSRU5UQUxfQ09OVFJPTABNS0NPTABBQ0wASFBFX0lOVEVSTkFMAFJFUVVFU1RfSEVBREVSX0ZJRUxEU19UT09fTEFSR0VfVU5PRkZJQ0lBTABIUEVfT0sAVU5MSU5LAFVOTE9DSwBQUkkAUkVUUllfV0lUSABIUEVfSU5WQUxJRF9DT05URU5UX0xFTkdUSABIUEVfVU5FWFBFQ1RFRF9DT05URU5UX0xFTkdUSABGTFVTSABQUk9QUEFUQ0gATS1TRUFSQ0gAVVJJX1RPT19MT05HAFBST0NFU1NJTkcATUlTQ0VMTEFORU9VU19QRVJTSVNURU5UX1dBUk5JTkcATUlTQ0VMTEFORU9VU19XQVJOSU5HAEhQRV9JTlZBTElEX1RSQU5TRkVSX0VOQ09ESU5HAEV4cGVjdGVkIENSTEYASFBFX0lOVkFMSURfQ0hVTktfU0laRQBNT1ZFAENPTlRJTlVFAEhQRV9DQl9TVEFUVVNfQ09NUExFVEUASFBFX0NCX0hFQURFUlNfQ09NUExFVEUASFBFX0NCX1ZFUlNJT05fQ09NUExFVEUASFBFX0NCX1VSTF9DT01QTEVURQBIUEVfQ0JfQ0hVTktfQ09NUExFVEUASFBFX0NCX0hFQURFUl9WQUxVRV9DT01QTEVURQBIUEVfQ0JfQ0hVTktfRVhURU5TSU9OX1ZBTFVFX0NPTVBMRVRFAEhQRV9DQl9DSFVOS19FWFRFTlNJT05fTkFNRV9DT01QTEVURQBIUEVfQ0JfTUVTU0FHRV9DT01QTEVURQBIUEVfQ0JfTUVUSE9EX0NPTVBMRVRFAEhQRV9DQl9IRUFERVJfRklFTERfQ09NUExFVEUAREVMRVRFAEhQRV9JTlZBTElEX0VPRl9TVEFURQBJTlZBTElEX1NTTF9DRVJUSUZJQ0FURQBQQVVTRQBOT19SRVNQT05TRQBVTlNVUFBPUlRFRF9NRURJQV9UWVBFAEdPTkUATk9UX0FDQ0VQVEFCTEUAU0VSVklDRV9VTkFWQUlMQUJMRQBSQU5HRV9OT1RfU0FUSVNGSUFCTEUAT1JJR0lOX0lTX1VOUkVBQ0hBQkxFAFJFU1BPTlNFX0lTX1NUQUxFAFBVUkdFAE1FUkdFAFJFUVVFU1RfSEVBREVSX0ZJRUxEU19UT09fTEFSR0UAUkVRVUVTVF9IRUFERVJfVE9PX0xBUkdFAFBBWUxPQURfVE9PX0xBUkdFAElOU1VGRklDSUVOVF9TVE9SQUdFAEhQRV9QQVVTRURfVVBHUkFERQBIUEVfUEFVU0VEX0gyX1VQR1JBREUAU09VUkNFAEFOTk9VTkNFAFRSQUNFAEhQRV9VTkVYUEVDVEVEX1NQQUNFAERFU0NSSUJFAFVOU1VCU0NSSUJFAFJFQ09SRABIUEVfSU5WQUxJRF9NRVRIT0QATk9UX0ZPVU5EAFBST1BGSU5EAFVOQklORABSRUJJTkQAVU5BVVRIT1JJWkVEAE1FVEhPRF9OT1RfQUxMT1dFRABIVFRQX1ZFUlNJT05fTk9UX1NVUFBPUlRFRABBTFJFQURZX1JFUE9SVEVEAEFDQ0VQVEVEAE5PVF9JTVBMRU1FTlRFRABMT09QX0RFVEVDVEVEAEhQRV9DUl9FWFBFQ1RFRABIUEVfTEZfRVhQRUNURUQAQ1JFQVRFRABJTV9VU0VEAEhQRV9QQVVTRUQAVElNRU9VVF9PQ0NVUkVEAFBBWU1FTlRfUkVRVUlSRUQAUFJFQ09ORElUSU9OX1JFUVVJUkVEAFBST1hZX0FVVEhFTlRJQ0FUSU9OX1JFUVVJUkVEAE5FVFdPUktfQVVUSEVOVElDQVRJT05fUkVRVUlSRUQATEVOR1RIX1JFUVVJUkVEAFNTTF9DRVJUSUZJQ0FURV9SRVFVSVJFRABVUEdSQURFX1JFUVVJUkVEAFBBR0VfRVhQSVJFRABQUkVDT05ESVRJT05fRkFJTEVEAEVYUEVDVEFUSU9OX0ZBSUxFRABSRVZBTElEQVRJT05fRkFJTEVEAFNTTF9IQU5EU0hBS0VfRkFJTEVEAExPQ0tFRABUUkFOU0ZPUk1BVElPTl9BUFBMSUVEAE5PVF9NT0RJRklFRABOT1RfRVhURU5ERUQAQkFORFdJRFRIX0xJTUlUX0VYQ0VFREVEAFNJVEVfSVNfT1ZFUkxPQURFRABIRUFEAEV4cGVjdGVkIEhUVFAvAABeEwAAJhMAADAQAADwFwAAnRMAABUSAAA5FwAA8BIAAAoQAAB1EgAArRIAAIITAABPFAAAfxAAAKAVAAAjFAAAiRIAAIsUAABNFQAA1BEAAM8UAAAQGAAAyRYAANwWAADBEQAA4BcAALsUAAB0FAAAfBUAAOUUAAAIFwAAHxAAAGUVAACjFAAAKBUAAAIVAACZFQAALBAAAIsZAABPDwAA1A4AAGoQAADOEAAAAhcAAIkOAABuEwAAHBMAAGYUAABWFwAAwRMAAM0TAABsEwAAaBcAAGYXAABfFwAAIhMAAM4PAABpDgAA2A4AAGMWAADLEwAAqg4AACgXAAAmFwAAxRMAAF0WAADoEQAAZxMAAGUTAADyFgAAcxMAAB0XAAD5FgAA8xEAAM8OAADOFQAADBIAALMRAAClEQAAYRAAADIXAAC7EwBB+TULAQEAQZA2C+ABAQECAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAQf03CwEBAEGROAteAgMCAgICAgAAAgIAAgIAAgICAgICAgICAgAEAAAAAAACAgICAgICAgICAgICAgICAgICAgICAgICAgAAAAICAgICAgICAgICAgICAgICAgICAgICAgICAgICAAIAAgBB/TkLAQEAQZE6C14CAAICAgICAAACAgACAgACAgICAgICAgICAAMABAAAAAICAgICAgICAgICAgICAgICAgICAgICAgICAAAAAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAAgACAEHwOwsNbG9zZWVlcC1hbGl2ZQBBiTwLAQEAQaA8C+ABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAQYk+CwEBAEGgPgvnAQEBAQEBAQEBAQEBAQIBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBY2h1bmtlZABBsMAAC18BAQABAQEBAQAAAQEAAQEAAQEBAQEBAQEBAQAAAAAAAAABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQAAAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEAAQBBkMIACyFlY3Rpb25lbnQtbGVuZ3Rob25yb3h5LWNvbm5lY3Rpb24AQcDCAAstcmFuc2Zlci1lbmNvZGluZ3BncmFkZQ0KDQoNClNNDQoNClRUUC9DRS9UU1AvAEH5wgALBQECAAEDAEGQwwAL4AEEAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB+cQACwUBAgABAwBBkMUAC+ABBAEBBQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAQfnGAAsEAQAAAQBBkccAC98BAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB+sgACwQBAAACAEGQyQALXwMEAAAEBAQEBAQEBAQEBAUEBAQEBAQEBAQEBAQABAAGBwQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEAAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQAAAAEAEH6ygALBAEAAAEAQZDLAAsBAQBBqssAC0ECAAAAAAAAAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAAAAAAAADAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwBB+swACwQBAAABAEGQzQALAQEAQZrNAAsGAgAAAAACAEGxzQALOgMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAAAAAAAAAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAQfDOAAuWAU5PVU5DRUVDS09VVE5FQ1RFVEVDUklCRUxVU0hFVEVBRFNFQVJDSFJHRUNUSVZJVFlMRU5EQVJWRU9USUZZUFRJT05TQ0hTRUFZU1RBVENIR0VPUkRJUkVDVE9SVFJDSFBBUkFNRVRFUlVSQ0VCU0NSSUJFQVJET1dOQUNFSU5ETktDS1VCU0NSSUJFSFRUUC9BRFRQLw==', 'base64') + + +/***/ }), + +/***/ 172: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.enumToMap = void 0; +function enumToMap(obj) { + const res = {}; + Object.keys(obj).forEach((key) => { + const value = obj[key]; + if (typeof value === 'number') { + res[key] = value; + } + }); + return res; +} +exports.enumToMap = enumToMap; +//# sourceMappingURL=utils.js.map + +/***/ }), + +/***/ 7501: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { kClients } = __nccwpck_require__(6443) +const Agent = __nccwpck_require__(7405) +const { + kAgent, + kMockAgentSet, + kMockAgentGet, + kDispatches, + kIsMockActive, + kNetConnect, + kGetNetConnect, + kOptions, + kFactory +} = __nccwpck_require__(1117) +const MockClient = __nccwpck_require__(7365) +const MockPool = __nccwpck_require__(4004) +const { matchValue, buildMockOptions } = __nccwpck_require__(3397) +const { InvalidArgumentError, UndiciError } = __nccwpck_require__(8707) +const Dispatcher = __nccwpck_require__(883) +const Pluralizer = __nccwpck_require__(1529) +const PendingInterceptorsFormatter = __nccwpck_require__(6142) + +class MockAgent extends Dispatcher { + constructor (opts) { + super(opts) + + this[kNetConnect] = true + this[kIsMockActive] = true + + // Instantiate Agent and encapsulate + if ((opts?.agent && typeof opts.agent.dispatch !== 'function')) { + throw new InvalidArgumentError('Argument opts.agent must implement Agent') + } + const agent = opts?.agent ? opts.agent : new Agent(opts) + this[kAgent] = agent + + this[kClients] = agent[kClients] + this[kOptions] = buildMockOptions(opts) + } + + get (origin) { + let dispatcher = this[kMockAgentGet](origin) + + if (!dispatcher) { + dispatcher = this[kFactory](origin) + this[kMockAgentSet](origin, dispatcher) + } + return dispatcher + } + + dispatch (opts, handler) { + // Call MockAgent.get to perform additional setup before dispatching as normal + this.get(opts.origin) + return this[kAgent].dispatch(opts, handler) + } + + async close () { + await this[kAgent].close() + this[kClients].clear() + } + + deactivate () { + this[kIsMockActive] = false + } + + activate () { + this[kIsMockActive] = true + } + + enableNetConnect (matcher) { + if (typeof matcher === 'string' || typeof matcher === 'function' || matcher instanceof RegExp) { + if (Array.isArray(this[kNetConnect])) { + this[kNetConnect].push(matcher) + } else { + this[kNetConnect] = [matcher] + } + } else if (typeof matcher === 'undefined') { + this[kNetConnect] = true + } else { + throw new InvalidArgumentError('Unsupported matcher. Must be one of String|Function|RegExp.') + } + } + + disableNetConnect () { + this[kNetConnect] = false + } + + // This is required to bypass issues caused by using global symbols - see: + // https://github.com/nodejs/undici/issues/1447 + get isMockActive () { + return this[kIsMockActive] + } + + [kMockAgentSet] (origin, dispatcher) { + this[kClients].set(origin, dispatcher) + } + + [kFactory] (origin) { + const mockOptions = Object.assign({ agent: this }, this[kOptions]) + return this[kOptions] && this[kOptions].connections === 1 + ? new MockClient(origin, mockOptions) + : new MockPool(origin, mockOptions) + } + + [kMockAgentGet] (origin) { + // First check if we can immediately find it + const client = this[kClients].get(origin) + if (client) { + return client + } + + // If the origin is not a string create a dummy parent pool and return to user + if (typeof origin !== 'string') { + const dispatcher = this[kFactory]('http://localhost:9999') + this[kMockAgentSet](origin, dispatcher) + return dispatcher + } + + // If we match, create a pool and assign the same dispatches + for (const [keyMatcher, nonExplicitDispatcher] of Array.from(this[kClients])) { + if (nonExplicitDispatcher && typeof keyMatcher !== 'string' && matchValue(keyMatcher, origin)) { + const dispatcher = this[kFactory](origin) + this[kMockAgentSet](origin, dispatcher) + dispatcher[kDispatches] = nonExplicitDispatcher[kDispatches] + return dispatcher + } + } + } + + [kGetNetConnect] () { + return this[kNetConnect] + } + + pendingInterceptors () { + const mockAgentClients = this[kClients] + + return Array.from(mockAgentClients.entries()) + .flatMap(([origin, scope]) => scope[kDispatches].map(dispatch => ({ ...dispatch, origin }))) + .filter(({ pending }) => pending) + } + + assertNoPendingInterceptors ({ pendingInterceptorsFormatter = new PendingInterceptorsFormatter() } = {}) { + const pending = this.pendingInterceptors() + + if (pending.length === 0) { + return + } + + const pluralizer = new Pluralizer('interceptor', 'interceptors').pluralize(pending.length) + + throw new UndiciError(` +${pluralizer.count} ${pluralizer.noun} ${pluralizer.is} pending: + +${pendingInterceptorsFormatter.format(pending)} +`.trim()) + } +} + +module.exports = MockAgent + + +/***/ }), + +/***/ 7365: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { promisify } = __nccwpck_require__(7975) +const Client = __nccwpck_require__(3701) +const { buildMockDispatch } = __nccwpck_require__(3397) +const { + kDispatches, + kMockAgent, + kClose, + kOriginalClose, + kOrigin, + kOriginalDispatch, + kConnected +} = __nccwpck_require__(1117) +const { MockInterceptor } = __nccwpck_require__(1511) +const Symbols = __nccwpck_require__(6443) +const { InvalidArgumentError } = __nccwpck_require__(8707) + +/** + * MockClient provides an API that extends the Client to influence the mockDispatches. + */ +class MockClient extends Client { + constructor (origin, opts) { + super(origin, opts) + + if (!opts || !opts.agent || typeof opts.agent.dispatch !== 'function') { + throw new InvalidArgumentError('Argument opts.agent must implement Agent') + } + + this[kMockAgent] = opts.agent + this[kOrigin] = origin + this[kDispatches] = [] + this[kConnected] = 1 + this[kOriginalDispatch] = this.dispatch + this[kOriginalClose] = this.close.bind(this) + + this.dispatch = buildMockDispatch.call(this) + this.close = this[kClose] + } + + get [Symbols.kConnected] () { + return this[kConnected] + } + + /** + * Sets up the base interceptor for mocking replies from undici. + */ + intercept (opts) { + return new MockInterceptor(opts, this[kDispatches]) + } + + async [kClose] () { + await promisify(this[kOriginalClose])() + this[kConnected] = 0 + this[kMockAgent][Symbols.kClients].delete(this[kOrigin]) + } +} + +module.exports = MockClient + + +/***/ }), + +/***/ 2429: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { UndiciError } = __nccwpck_require__(8707) + +const kMockNotMatchedError = Symbol.for('undici.error.UND_MOCK_ERR_MOCK_NOT_MATCHED') + +/** + * The request does not match any registered mock dispatches. + */ +class MockNotMatchedError extends UndiciError { + constructor (message) { + super(message) + Error.captureStackTrace(this, MockNotMatchedError) + this.name = 'MockNotMatchedError' + this.message = message || 'The request does not match any registered mock dispatches' + this.code = 'UND_MOCK_ERR_MOCK_NOT_MATCHED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kMockNotMatchedError] === true + } + + [kMockNotMatchedError] = true +} + +module.exports = { + MockNotMatchedError +} + + +/***/ }), + +/***/ 1511: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { getResponseData, buildKey, addMockDispatch } = __nccwpck_require__(3397) +const { + kDispatches, + kDispatchKey, + kDefaultHeaders, + kDefaultTrailers, + kContentLength, + kMockDispatch +} = __nccwpck_require__(1117) +const { InvalidArgumentError } = __nccwpck_require__(8707) +const { buildURL } = __nccwpck_require__(3440) + +/** + * Defines the scope API for an interceptor reply + */ +class MockScope { + constructor (mockDispatch) { + this[kMockDispatch] = mockDispatch + } + + /** + * Delay a reply by a set amount in ms. + */ + delay (waitInMs) { + if (typeof waitInMs !== 'number' || !Number.isInteger(waitInMs) || waitInMs <= 0) { + throw new InvalidArgumentError('waitInMs must be a valid integer > 0') + } + + this[kMockDispatch].delay = waitInMs + return this + } + + /** + * For a defined reply, never mark as consumed. + */ + persist () { + this[kMockDispatch].persist = true + return this + } + + /** + * Allow one to define a reply for a set amount of matching requests. + */ + times (repeatTimes) { + if (typeof repeatTimes !== 'number' || !Number.isInteger(repeatTimes) || repeatTimes <= 0) { + throw new InvalidArgumentError('repeatTimes must be a valid integer > 0') + } + + this[kMockDispatch].times = repeatTimes + return this + } +} + +/** + * Defines an interceptor for a Mock + */ +class MockInterceptor { + constructor (opts, mockDispatches) { + if (typeof opts !== 'object') { + throw new InvalidArgumentError('opts must be an object') + } + if (typeof opts.path === 'undefined') { + throw new InvalidArgumentError('opts.path must be defined') + } + if (typeof opts.method === 'undefined') { + opts.method = 'GET' + } + // See https://github.com/nodejs/undici/issues/1245 + // As per RFC 3986, clients are not supposed to send URI + // fragments to servers when they retrieve a document, + if (typeof opts.path === 'string') { + if (opts.query) { + opts.path = buildURL(opts.path, opts.query) + } else { + // Matches https://github.com/nodejs/undici/blob/main/lib/web/fetch/index.js#L1811 + const parsedURL = new URL(opts.path, 'data://') + opts.path = parsedURL.pathname + parsedURL.search + } + } + if (typeof opts.method === 'string') { + opts.method = opts.method.toUpperCase() + } + + this[kDispatchKey] = buildKey(opts) + this[kDispatches] = mockDispatches + this[kDefaultHeaders] = {} + this[kDefaultTrailers] = {} + this[kContentLength] = false + } + + createMockScopeDispatchData ({ statusCode, data, responseOptions }) { + const responseData = getResponseData(data) + const contentLength = this[kContentLength] ? { 'content-length': responseData.length } : {} + const headers = { ...this[kDefaultHeaders], ...contentLength, ...responseOptions.headers } + const trailers = { ...this[kDefaultTrailers], ...responseOptions.trailers } + + return { statusCode, data, headers, trailers } + } + + validateReplyParameters (replyParameters) { + if (typeof replyParameters.statusCode === 'undefined') { + throw new InvalidArgumentError('statusCode must be defined') + } + if (typeof replyParameters.responseOptions !== 'object' || replyParameters.responseOptions === null) { + throw new InvalidArgumentError('responseOptions must be an object') + } + } + + /** + * Mock an undici request with a defined reply. + */ + reply (replyOptionsCallbackOrStatusCode) { + // Values of reply aren't available right now as they + // can only be available when the reply callback is invoked. + if (typeof replyOptionsCallbackOrStatusCode === 'function') { + // We'll first wrap the provided callback in another function, + // this function will properly resolve the data from the callback + // when invoked. + const wrappedDefaultsCallback = (opts) => { + // Our reply options callback contains the parameter for statusCode, data and options. + const resolvedData = replyOptionsCallbackOrStatusCode(opts) + + // Check if it is in the right format + if (typeof resolvedData !== 'object' || resolvedData === null) { + throw new InvalidArgumentError('reply options callback must return an object') + } + + const replyParameters = { data: '', responseOptions: {}, ...resolvedData } + this.validateReplyParameters(replyParameters) + // Since the values can be obtained immediately we return them + // from this higher order function that will be resolved later. + return { + ...this.createMockScopeDispatchData(replyParameters) + } + } + + // Add usual dispatch data, but this time set the data parameter to function that will eventually provide data. + const newMockDispatch = addMockDispatch(this[kDispatches], this[kDispatchKey], wrappedDefaultsCallback) + return new MockScope(newMockDispatch) + } + + // We can have either one or three parameters, if we get here, + // we should have 1-3 parameters. So we spread the arguments of + // this function to obtain the parameters, since replyData will always + // just be the statusCode. + const replyParameters = { + statusCode: replyOptionsCallbackOrStatusCode, + data: arguments[1] === undefined ? '' : arguments[1], + responseOptions: arguments[2] === undefined ? {} : arguments[2] + } + this.validateReplyParameters(replyParameters) + + // Send in-already provided data like usual + const dispatchData = this.createMockScopeDispatchData(replyParameters) + const newMockDispatch = addMockDispatch(this[kDispatches], this[kDispatchKey], dispatchData) + return new MockScope(newMockDispatch) + } + + /** + * Mock an undici request with a defined error. + */ + replyWithError (error) { + if (typeof error === 'undefined') { + throw new InvalidArgumentError('error must be defined') + } + + const newMockDispatch = addMockDispatch(this[kDispatches], this[kDispatchKey], { error }) + return new MockScope(newMockDispatch) + } + + /** + * Set default reply headers on the interceptor for subsequent replies + */ + defaultReplyHeaders (headers) { + if (typeof headers === 'undefined') { + throw new InvalidArgumentError('headers must be defined') + } + + this[kDefaultHeaders] = headers + return this + } + + /** + * Set default reply trailers on the interceptor for subsequent replies + */ + defaultReplyTrailers (trailers) { + if (typeof trailers === 'undefined') { + throw new InvalidArgumentError('trailers must be defined') + } + + this[kDefaultTrailers] = trailers + return this + } + + /** + * Set reply content length header for replies on the interceptor + */ + replyContentLength () { + this[kContentLength] = true + return this + } +} + +module.exports.MockInterceptor = MockInterceptor +module.exports.MockScope = MockScope + + +/***/ }), + +/***/ 4004: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { promisify } = __nccwpck_require__(7975) +const Pool = __nccwpck_require__(628) +const { buildMockDispatch } = __nccwpck_require__(3397) +const { + kDispatches, + kMockAgent, + kClose, + kOriginalClose, + kOrigin, + kOriginalDispatch, + kConnected +} = __nccwpck_require__(1117) +const { MockInterceptor } = __nccwpck_require__(1511) +const Symbols = __nccwpck_require__(6443) +const { InvalidArgumentError } = __nccwpck_require__(8707) + +/** + * MockPool provides an API that extends the Pool to influence the mockDispatches. + */ +class MockPool extends Pool { + constructor (origin, opts) { + super(origin, opts) + + if (!opts || !opts.agent || typeof opts.agent.dispatch !== 'function') { + throw new InvalidArgumentError('Argument opts.agent must implement Agent') + } + + this[kMockAgent] = opts.agent + this[kOrigin] = origin + this[kDispatches] = [] + this[kConnected] = 1 + this[kOriginalDispatch] = this.dispatch + this[kOriginalClose] = this.close.bind(this) + + this.dispatch = buildMockDispatch.call(this) + this.close = this[kClose] + } + + get [Symbols.kConnected] () { + return this[kConnected] + } + + /** + * Sets up the base interceptor for mocking replies from undici. + */ + intercept (opts) { + return new MockInterceptor(opts, this[kDispatches]) + } + + async [kClose] () { + await promisify(this[kOriginalClose])() + this[kConnected] = 0 + this[kMockAgent][Symbols.kClients].delete(this[kOrigin]) + } +} + +module.exports = MockPool + + +/***/ }), + +/***/ 1117: +/***/ ((module) => { + +"use strict"; + + +module.exports = { + kAgent: Symbol('agent'), + kOptions: Symbol('options'), + kFactory: Symbol('factory'), + kDispatches: Symbol('dispatches'), + kDispatchKey: Symbol('dispatch key'), + kDefaultHeaders: Symbol('default headers'), + kDefaultTrailers: Symbol('default trailers'), + kContentLength: Symbol('content length'), + kMockAgent: Symbol('mock agent'), + kMockAgentSet: Symbol('mock agent set'), + kMockAgentGet: Symbol('mock agent get'), + kMockDispatch: Symbol('mock dispatch'), + kClose: Symbol('close'), + kOriginalClose: Symbol('original agent close'), + kOrigin: Symbol('origin'), + kIsMockActive: Symbol('is mock active'), + kNetConnect: Symbol('net connect'), + kGetNetConnect: Symbol('get net connect'), + kConnected: Symbol('connected') +} + + +/***/ }), + +/***/ 3397: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { MockNotMatchedError } = __nccwpck_require__(2429) +const { + kDispatches, + kMockAgent, + kOriginalDispatch, + kOrigin, + kGetNetConnect +} = __nccwpck_require__(1117) +const { buildURL } = __nccwpck_require__(3440) +const { STATUS_CODES } = __nccwpck_require__(7067) +const { + types: { + isPromise + } +} = __nccwpck_require__(7975) + +function matchValue (match, value) { + if (typeof match === 'string') { + return match === value + } + if (match instanceof RegExp) { + return match.test(value) + } + if (typeof match === 'function') { + return match(value) === true + } + return false +} + +function lowerCaseEntries (headers) { + return Object.fromEntries( + Object.entries(headers).map(([headerName, headerValue]) => { + return [headerName.toLocaleLowerCase(), headerValue] + }) + ) +} + +/** + * @param {import('../../index').Headers|string[]|Record} headers + * @param {string} key + */ +function getHeaderByName (headers, key) { + if (Array.isArray(headers)) { + for (let i = 0; i < headers.length; i += 2) { + if (headers[i].toLocaleLowerCase() === key.toLocaleLowerCase()) { + return headers[i + 1] + } + } + + return undefined + } else if (typeof headers.get === 'function') { + return headers.get(key) + } else { + return lowerCaseEntries(headers)[key.toLocaleLowerCase()] + } +} + +/** @param {string[]} headers */ +function buildHeadersFromArray (headers) { // fetch HeadersList + const clone = headers.slice() + const entries = [] + for (let index = 0; index < clone.length; index += 2) { + entries.push([clone[index], clone[index + 1]]) + } + return Object.fromEntries(entries) +} + +function matchHeaders (mockDispatch, headers) { + if (typeof mockDispatch.headers === 'function') { + if (Array.isArray(headers)) { // fetch HeadersList + headers = buildHeadersFromArray(headers) + } + return mockDispatch.headers(headers ? lowerCaseEntries(headers) : {}) + } + if (typeof mockDispatch.headers === 'undefined') { + return true + } + if (typeof headers !== 'object' || typeof mockDispatch.headers !== 'object') { + return false + } + + for (const [matchHeaderName, matchHeaderValue] of Object.entries(mockDispatch.headers)) { + const headerValue = getHeaderByName(headers, matchHeaderName) + + if (!matchValue(matchHeaderValue, headerValue)) { + return false + } + } + return true +} + +function safeUrl (path) { + if (typeof path !== 'string') { + return path + } + + const pathSegments = path.split('?') + + if (pathSegments.length !== 2) { + return path + } + + const qp = new URLSearchParams(pathSegments.pop()) + qp.sort() + return [...pathSegments, qp.toString()].join('?') +} + +function matchKey (mockDispatch, { path, method, body, headers }) { + const pathMatch = matchValue(mockDispatch.path, path) + const methodMatch = matchValue(mockDispatch.method, method) + const bodyMatch = typeof mockDispatch.body !== 'undefined' ? matchValue(mockDispatch.body, body) : true + const headersMatch = matchHeaders(mockDispatch, headers) + return pathMatch && methodMatch && bodyMatch && headersMatch +} + +function getResponseData (data) { + if (Buffer.isBuffer(data)) { + return data + } else if (data instanceof Uint8Array) { + return data + } else if (data instanceof ArrayBuffer) { + return data + } else if (typeof data === 'object') { + return JSON.stringify(data) + } else { + return data.toString() + } +} + +function getMockDispatch (mockDispatches, key) { + const basePath = key.query ? buildURL(key.path, key.query) : key.path + const resolvedPath = typeof basePath === 'string' ? safeUrl(basePath) : basePath + + // Match path + let matchedMockDispatches = mockDispatches.filter(({ consumed }) => !consumed).filter(({ path }) => matchValue(safeUrl(path), resolvedPath)) + if (matchedMockDispatches.length === 0) { + throw new MockNotMatchedError(`Mock dispatch not matched for path '${resolvedPath}'`) + } + + // Match method + matchedMockDispatches = matchedMockDispatches.filter(({ method }) => matchValue(method, key.method)) + if (matchedMockDispatches.length === 0) { + throw new MockNotMatchedError(`Mock dispatch not matched for method '${key.method}' on path '${resolvedPath}'`) + } + + // Match body + matchedMockDispatches = matchedMockDispatches.filter(({ body }) => typeof body !== 'undefined' ? matchValue(body, key.body) : true) + if (matchedMockDispatches.length === 0) { + throw new MockNotMatchedError(`Mock dispatch not matched for body '${key.body}' on path '${resolvedPath}'`) + } + + // Match headers + matchedMockDispatches = matchedMockDispatches.filter((mockDispatch) => matchHeaders(mockDispatch, key.headers)) + if (matchedMockDispatches.length === 0) { + const headers = typeof key.headers === 'object' ? JSON.stringify(key.headers) : key.headers + throw new MockNotMatchedError(`Mock dispatch not matched for headers '${headers}' on path '${resolvedPath}'`) + } + + return matchedMockDispatches[0] +} + +function addMockDispatch (mockDispatches, key, data) { + const baseData = { timesInvoked: 0, times: 1, persist: false, consumed: false } + const replyData = typeof data === 'function' ? { callback: data } : { ...data } + const newMockDispatch = { ...baseData, ...key, pending: true, data: { error: null, ...replyData } } + mockDispatches.push(newMockDispatch) + return newMockDispatch +} + +function deleteMockDispatch (mockDispatches, key) { + const index = mockDispatches.findIndex(dispatch => { + if (!dispatch.consumed) { + return false + } + return matchKey(dispatch, key) + }) + if (index !== -1) { + mockDispatches.splice(index, 1) + } +} + +function buildKey (opts) { + const { path, method, body, headers, query } = opts + return { + path, + method, + body, + headers, + query + } +} + +function generateKeyValues (data) { + const keys = Object.keys(data) + const result = [] + for (let i = 0; i < keys.length; ++i) { + const key = keys[i] + const value = data[key] + const name = Buffer.from(`${key}`) + if (Array.isArray(value)) { + for (let j = 0; j < value.length; ++j) { + result.push(name, Buffer.from(`${value[j]}`)) + } + } else { + result.push(name, Buffer.from(`${value}`)) + } + } + return result +} + +/** + * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Status + * @param {number} statusCode + */ +function getStatusText (statusCode) { + return STATUS_CODES[statusCode] || 'unknown' +} + +async function getResponse (body) { + const buffers = [] + for await (const data of body) { + buffers.push(data) + } + return Buffer.concat(buffers).toString('utf8') +} + +/** + * Mock dispatch function used to simulate undici dispatches + */ +function mockDispatch (opts, handler) { + // Get mock dispatch from built key + const key = buildKey(opts) + const mockDispatch = getMockDispatch(this[kDispatches], key) + + mockDispatch.timesInvoked++ + + // Here's where we resolve a callback if a callback is present for the dispatch data. + if (mockDispatch.data.callback) { + mockDispatch.data = { ...mockDispatch.data, ...mockDispatch.data.callback(opts) } + } + + // Parse mockDispatch data + const { data: { statusCode, data, headers, trailers, error }, delay, persist } = mockDispatch + const { timesInvoked, times } = mockDispatch + + // If it's used up and not persistent, mark as consumed + mockDispatch.consumed = !persist && timesInvoked >= times + mockDispatch.pending = timesInvoked < times + + // If specified, trigger dispatch error + if (error !== null) { + deleteMockDispatch(this[kDispatches], key) + handler.onError(error) + return true + } + + // Handle the request with a delay if necessary + if (typeof delay === 'number' && delay > 0) { + setTimeout(() => { + handleReply(this[kDispatches]) + }, delay) + } else { + handleReply(this[kDispatches]) + } + + function handleReply (mockDispatches, _data = data) { + // fetch's HeadersList is a 1D string array + const optsHeaders = Array.isArray(opts.headers) + ? buildHeadersFromArray(opts.headers) + : opts.headers + const body = typeof _data === 'function' + ? _data({ ...opts, headers: optsHeaders }) + : _data + + // util.types.isPromise is likely needed for jest. + if (isPromise(body)) { + // If handleReply is asynchronous, throwing an error + // in the callback will reject the promise, rather than + // synchronously throw the error, which breaks some tests. + // Rather, we wait for the callback to resolve if it is a + // promise, and then re-run handleReply with the new body. + body.then((newData) => handleReply(mockDispatches, newData)) + return + } + + const responseData = getResponseData(body) + const responseHeaders = generateKeyValues(headers) + const responseTrailers = generateKeyValues(trailers) + + handler.onConnect?.(err => handler.onError(err), null) + handler.onHeaders?.(statusCode, responseHeaders, resume, getStatusText(statusCode)) + handler.onData?.(Buffer.from(responseData)) + handler.onComplete?.(responseTrailers) + deleteMockDispatch(mockDispatches, key) + } + + function resume () {} + + return true +} + +function buildMockDispatch () { + const agent = this[kMockAgent] + const origin = this[kOrigin] + const originalDispatch = this[kOriginalDispatch] + + return function dispatch (opts, handler) { + if (agent.isMockActive) { + try { + mockDispatch.call(this, opts, handler) + } catch (error) { + if (error instanceof MockNotMatchedError) { + const netConnect = agent[kGetNetConnect]() + if (netConnect === false) { + throw new MockNotMatchedError(`${error.message}: subsequent request to origin ${origin} was not allowed (net.connect disabled)`) + } + if (checkNetConnect(netConnect, origin)) { + originalDispatch.call(this, opts, handler) + } else { + throw new MockNotMatchedError(`${error.message}: subsequent request to origin ${origin} was not allowed (net.connect is not enabled for this origin)`) + } + } else { + throw error + } + } + } else { + originalDispatch.call(this, opts, handler) + } + } +} + +function checkNetConnect (netConnect, origin) { + const url = new URL(origin) + if (netConnect === true) { + return true + } else if (Array.isArray(netConnect) && netConnect.some((matcher) => matchValue(matcher, url.host))) { + return true + } + return false +} + +function buildMockOptions (opts) { + if (opts) { + const { agent, ...mockOptions } = opts + return mockOptions + } +} + +module.exports = { + getResponseData, + getMockDispatch, + addMockDispatch, + deleteMockDispatch, + buildKey, + generateKeyValues, + matchValue, + getResponse, + getStatusText, + mockDispatch, + buildMockDispatch, + checkNetConnect, + buildMockOptions, + getHeaderByName, + buildHeadersFromArray +} + + +/***/ }), + +/***/ 6142: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Transform } = __nccwpck_require__(7075) +const { Console } = __nccwpck_require__(7540) + +const PERSISTENT = process.versions.icu ? '✅' : 'Y ' +const NOT_PERSISTENT = process.versions.icu ? '❌' : 'N ' + +/** + * Gets the output of `console.table(…)` as a string. + */ +module.exports = class PendingInterceptorsFormatter { + constructor ({ disableColors } = {}) { + this.transform = new Transform({ + transform (chunk, _enc, cb) { + cb(null, chunk) + } + }) + + this.logger = new Console({ + stdout: this.transform, + inspectOptions: { + colors: !disableColors && !process.env.CI + } + }) + } + + format (pendingInterceptors) { + const withPrettyHeaders = pendingInterceptors.map( + ({ method, path, data: { statusCode }, persist, times, timesInvoked, origin }) => ({ + Method: method, + Origin: origin, + Path: path, + 'Status code': statusCode, + Persistent: persist ? PERSISTENT : NOT_PERSISTENT, + Invocations: timesInvoked, + Remaining: persist ? Infinity : times - timesInvoked + })) + + this.logger.table(withPrettyHeaders) + return this.transform.read().toString() + } +} + + +/***/ }), + +/***/ 1529: +/***/ ((module) => { + +"use strict"; + + +const singulars = { + pronoun: 'it', + is: 'is', + was: 'was', + this: 'this' +} + +const plurals = { + pronoun: 'they', + is: 'are', + was: 'were', + this: 'these' +} + +module.exports = class Pluralizer { + constructor (singular, plural) { + this.singular = singular + this.plural = plural + } + + pluralize (count) { + const one = count === 1 + const keys = one ? singulars : plurals + const noun = one ? this.singular : this.plural + return { ...keys, count, noun } + } +} + + +/***/ }), + +/***/ 6603: +/***/ ((module) => { + +"use strict"; + + +/** + * This module offers an optimized timer implementation designed for scenarios + * where high precision is not critical. + * + * The timer achieves faster performance by using a low-resolution approach, + * with an accuracy target of within 500ms. This makes it particularly useful + * for timers with delays of 1 second or more, where exact timing is less + * crucial. + * + * It's important to note that Node.js timers are inherently imprecise, as + * delays can occur due to the event loop being blocked by other operations. + * Consequently, timers may trigger later than their scheduled time. + */ + +/** + * The fastNow variable contains the internal fast timer clock value. + * + * @type {number} + */ +let fastNow = 0 + +/** + * RESOLUTION_MS represents the target resolution time in milliseconds. + * + * @type {number} + * @default 1000 + */ +const RESOLUTION_MS = 1e3 + +/** + * TICK_MS defines the desired interval in milliseconds between each tick. + * The target value is set to half the resolution time, minus 1 ms, to account + * for potential event loop overhead. + * + * @type {number} + * @default 499 + */ +const TICK_MS = (RESOLUTION_MS >> 1) - 1 + +/** + * fastNowTimeout is a Node.js timer used to manage and process + * the FastTimers stored in the `fastTimers` array. + * + * @type {NodeJS.Timeout} + */ +let fastNowTimeout + +/** + * The kFastTimer symbol is used to identify FastTimer instances. + * + * @type {Symbol} + */ +const kFastTimer = Symbol('kFastTimer') + +/** + * The fastTimers array contains all active FastTimers. + * + * @type {FastTimer[]} + */ +const fastTimers = [] + +/** + * These constants represent the various states of a FastTimer. + */ + +/** + * The `NOT_IN_LIST` constant indicates that the FastTimer is not included + * in the `fastTimers` array. Timers with this status will not be processed + * during the next tick by the `onTick` function. + * + * A FastTimer can be re-added to the `fastTimers` array by invoking the + * `refresh` method on the FastTimer instance. + * + * @type {-2} + */ +const NOT_IN_LIST = -2 + +/** + * The `TO_BE_CLEARED` constant indicates that the FastTimer is scheduled + * for removal from the `fastTimers` array. A FastTimer in this state will + * be removed in the next tick by the `onTick` function and will no longer + * be processed. + * + * This status is also set when the `clear` method is called on the FastTimer instance. + * + * @type {-1} + */ +const TO_BE_CLEARED = -1 + +/** + * The `PENDING` constant signifies that the FastTimer is awaiting processing + * in the next tick by the `onTick` function. Timers with this status will have + * their `_idleStart` value set and their status updated to `ACTIVE` in the next tick. + * + * @type {0} + */ +const PENDING = 0 + +/** + * The `ACTIVE` constant indicates that the FastTimer is active and waiting + * for its timer to expire. During the next tick, the `onTick` function will + * check if the timer has expired, and if so, it will execute the associated callback. + * + * @type {1} + */ +const ACTIVE = 1 + +/** + * The onTick function processes the fastTimers array. + * + * @returns {void} + */ +function onTick () { + /** + * Increment the fastNow value by the TICK_MS value, despite the actual time + * that has passed since the last tick. This approach ensures independence + * from the system clock and delays caused by a blocked event loop. + * + * @type {number} + */ + fastNow += TICK_MS + + /** + * The `idx` variable is used to iterate over the `fastTimers` array. + * Expired timers are removed by replacing them with the last element in the array. + * Consequently, `idx` is only incremented when the current element is not removed. + * + * @type {number} + */ + let idx = 0 + + /** + * The len variable will contain the length of the fastTimers array + * and will be decremented when a FastTimer should be removed from the + * fastTimers array. + * + * @type {number} + */ + let len = fastTimers.length + + while (idx < len) { + /** + * @type {FastTimer} + */ + const timer = fastTimers[idx] + + // If the timer is in the ACTIVE state and the timer has expired, it will + // be processed in the next tick. + if (timer._state === PENDING) { + // Set the _idleStart value to the fastNow value minus the TICK_MS value + // to account for the time the timer was in the PENDING state. + timer._idleStart = fastNow - TICK_MS + timer._state = ACTIVE + } else if ( + timer._state === ACTIVE && + fastNow >= timer._idleStart + timer._idleTimeout + ) { + timer._state = TO_BE_CLEARED + timer._idleStart = -1 + timer._onTimeout(timer._timerArg) + } + + if (timer._state === TO_BE_CLEARED) { + timer._state = NOT_IN_LIST + + // Move the last element to the current index and decrement len if it is + // not the only element in the array. + if (--len !== 0) { + fastTimers[idx] = fastTimers[len] + } + } else { + ++idx + } + } + + // Set the length of the fastTimers array to the new length and thus + // removing the excess FastTimers elements from the array. + fastTimers.length = len + + // If there are still active FastTimers in the array, refresh the Timer. + // If there are no active FastTimers, the timer will be refreshed again + // when a new FastTimer is instantiated. + if (fastTimers.length !== 0) { + refreshTimeout() + } +} + +function refreshTimeout () { + // If the fastNowTimeout is already set, refresh it. + if (fastNowTimeout) { + fastNowTimeout.refresh() + // fastNowTimeout is not instantiated yet, create a new Timer. + } else { + clearTimeout(fastNowTimeout) + fastNowTimeout = setTimeout(onTick, TICK_MS) + + // If the Timer has an unref method, call it to allow the process to exit if + // there are no other active handles. + if (fastNowTimeout.unref) { + fastNowTimeout.unref() + } + } +} + +/** + * The `FastTimer` class is a data structure designed to store and manage + * timer information. + */ +class FastTimer { + [kFastTimer] = true + + /** + * The state of the timer, which can be one of the following: + * - NOT_IN_LIST (-2) + * - TO_BE_CLEARED (-1) + * - PENDING (0) + * - ACTIVE (1) + * + * @type {-2|-1|0|1} + * @private + */ + _state = NOT_IN_LIST + + /** + * The number of milliseconds to wait before calling the callback. + * + * @type {number} + * @private + */ + _idleTimeout = -1 + + /** + * The time in milliseconds when the timer was started. This value is used to + * calculate when the timer should expire. + * + * @type {number} + * @default -1 + * @private + */ + _idleStart = -1 + + /** + * The function to be executed when the timer expires. + * @type {Function} + * @private + */ + _onTimeout + + /** + * The argument to be passed to the callback when the timer expires. + * + * @type {*} + * @private + */ + _timerArg + + /** + * @constructor + * @param {Function} callback A function to be executed after the timer + * expires. + * @param {number} delay The time, in milliseconds that the timer should wait + * before the specified function or code is executed. + * @param {*} arg + */ + constructor (callback, delay, arg) { + this._onTimeout = callback + this._idleTimeout = delay + this._timerArg = arg + + this.refresh() + } + + /** + * Sets the timer's start time to the current time, and reschedules the timer + * to call its callback at the previously specified duration adjusted to the + * current time. + * Using this on a timer that has already called its callback will reactivate + * the timer. + * + * @returns {void} + */ + refresh () { + // In the special case that the timer is not in the list of active timers, + // add it back to the array to be processed in the next tick by the onTick + // function. + if (this._state === NOT_IN_LIST) { + fastTimers.push(this) + } + + // If the timer is the only active timer, refresh the fastNowTimeout for + // better resolution. + if (!fastNowTimeout || fastTimers.length === 1) { + refreshTimeout() + } + + // Setting the state to PENDING will cause the timer to be reset in the + // next tick by the onTick function. + this._state = PENDING + } + + /** + * The `clear` method cancels the timer, preventing it from executing. + * + * @returns {void} + * @private + */ + clear () { + // Set the state to TO_BE_CLEARED to mark the timer for removal in the next + // tick by the onTick function. + this._state = TO_BE_CLEARED + + // Reset the _idleStart value to -1 to indicate that the timer is no longer + // active. + this._idleStart = -1 + } +} + +/** + * This module exports a setTimeout and clearTimeout function that can be + * used as a drop-in replacement for the native functions. + */ +module.exports = { + /** + * The setTimeout() method sets a timer which executes a function once the + * timer expires. + * @param {Function} callback A function to be executed after the timer + * expires. + * @param {number} delay The time, in milliseconds that the timer should + * wait before the specified function or code is executed. + * @param {*} [arg] An optional argument to be passed to the callback function + * when the timer expires. + * @returns {NodeJS.Timeout|FastTimer} + */ + setTimeout (callback, delay, arg) { + // If the delay is less than or equal to the RESOLUTION_MS value return a + // native Node.js Timer instance. + return delay <= RESOLUTION_MS + ? setTimeout(callback, delay, arg) + : new FastTimer(callback, delay, arg) + }, + /** + * The clearTimeout method cancels an instantiated Timer previously created + * by calling setTimeout. + * + * @param {NodeJS.Timeout|FastTimer} timeout + */ + clearTimeout (timeout) { + // If the timeout is a FastTimer, call its own clear method. + if (timeout[kFastTimer]) { + /** + * @type {FastTimer} + */ + timeout.clear() + // Otherwise it is an instance of a native NodeJS.Timeout, so call the + // Node.js native clearTimeout function. + } else { + clearTimeout(timeout) + } + }, + /** + * The setFastTimeout() method sets a fastTimer which executes a function once + * the timer expires. + * @param {Function} callback A function to be executed after the timer + * expires. + * @param {number} delay The time, in milliseconds that the timer should + * wait before the specified function or code is executed. + * @param {*} [arg] An optional argument to be passed to the callback function + * when the timer expires. + * @returns {FastTimer} + */ + setFastTimeout (callback, delay, arg) { + return new FastTimer(callback, delay, arg) + }, + /** + * The clearTimeout method cancels an instantiated FastTimer previously + * created by calling setFastTimeout. + * + * @param {FastTimer} timeout + */ + clearFastTimeout (timeout) { + timeout.clear() + }, + /** + * The now method returns the value of the internal fast timer clock. + * + * @returns {number} + */ + now () { + return fastNow + }, + /** + * Trigger the onTick function to process the fastTimers array. + * Exported for testing purposes only. + * Marking as deprecated to discourage any use outside of testing. + * @deprecated + * @param {number} [delay=0] The delay in milliseconds to add to the now value. + */ + tick (delay = 0) { + fastNow += delay - RESOLUTION_MS + 1 + onTick() + onTick() + }, + /** + * Reset FastTimers. + * Exported for testing purposes only. + * Marking as deprecated to discourage any use outside of testing. + * @deprecated + */ + reset () { + fastNow = 0 + fastTimers.length = 0 + clearTimeout(fastNowTimeout) + fastNowTimeout = null + }, + /** + * Exporting for testing purposes only. + * Marking as deprecated to discourage any use outside of testing. + * @deprecated + */ + kFastTimer +} + + +/***/ }), + +/***/ 9634: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { kConstruct } = __nccwpck_require__(109) +const { urlEquals, getFieldValues } = __nccwpck_require__(6798) +const { kEnumerableProperty, isDisturbed } = __nccwpck_require__(3440) +const { webidl } = __nccwpck_require__(5893) +const { Response, cloneResponse, fromInnerResponse } = __nccwpck_require__(9051) +const { Request, fromInnerRequest } = __nccwpck_require__(9967) +const { kState } = __nccwpck_require__(3627) +const { fetching } = __nccwpck_require__(4398) +const { urlIsHttpHttpsScheme, createDeferredPromise, readAllBytes } = __nccwpck_require__(3168) +const assert = __nccwpck_require__(4589) + +/** + * @see https://w3c.github.io/ServiceWorker/#dfn-cache-batch-operation + * @typedef {Object} CacheBatchOperation + * @property {'delete' | 'put'} type + * @property {any} request + * @property {any} response + * @property {import('../../types/cache').CacheQueryOptions} options + */ + +/** + * @see https://w3c.github.io/ServiceWorker/#dfn-request-response-list + * @typedef {[any, any][]} requestResponseList + */ + +class Cache { + /** + * @see https://w3c.github.io/ServiceWorker/#dfn-relevant-request-response-list + * @type {requestResponseList} + */ + #relevantRequestResponseList + + constructor () { + if (arguments[0] !== kConstruct) { + webidl.illegalConstructor() + } + + webidl.util.markAsUncloneable(this) + this.#relevantRequestResponseList = arguments[1] + } + + async match (request, options = {}) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.match' + webidl.argumentLengthCheck(arguments, 1, prefix) + + request = webidl.converters.RequestInfo(request, prefix, 'request') + options = webidl.converters.CacheQueryOptions(options, prefix, 'options') + + const p = this.#internalMatchAll(request, options, 1) + + if (p.length === 0) { + return + } + + return p[0] + } + + async matchAll (request = undefined, options = {}) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.matchAll' + if (request !== undefined) request = webidl.converters.RequestInfo(request, prefix, 'request') + options = webidl.converters.CacheQueryOptions(options, prefix, 'options') + + return this.#internalMatchAll(request, options) + } + + async add (request) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.add' + webidl.argumentLengthCheck(arguments, 1, prefix) + + request = webidl.converters.RequestInfo(request, prefix, 'request') + + // 1. + const requests = [request] + + // 2. + const responseArrayPromise = this.addAll(requests) + + // 3. + return await responseArrayPromise + } + + async addAll (requests) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.addAll' + webidl.argumentLengthCheck(arguments, 1, prefix) + + // 1. + const responsePromises = [] + + // 2. + const requestList = [] + + // 3. + for (let request of requests) { + if (request === undefined) { + throw webidl.errors.conversionFailed({ + prefix, + argument: 'Argument 1', + types: ['undefined is not allowed'] + }) + } + + request = webidl.converters.RequestInfo(request) + + if (typeof request === 'string') { + continue + } + + // 3.1 + const r = request[kState] + + // 3.2 + if (!urlIsHttpHttpsScheme(r.url) || r.method !== 'GET') { + throw webidl.errors.exception({ + header: prefix, + message: 'Expected http/s scheme when method is not GET.' + }) + } + } + + // 4. + /** @type {ReturnType[]} */ + const fetchControllers = [] + + // 5. + for (const request of requests) { + // 5.1 + const r = new Request(request)[kState] + + // 5.2 + if (!urlIsHttpHttpsScheme(r.url)) { + throw webidl.errors.exception({ + header: prefix, + message: 'Expected http/s scheme.' + }) + } + + // 5.4 + r.initiator = 'fetch' + r.destination = 'subresource' + + // 5.5 + requestList.push(r) + + // 5.6 + const responsePromise = createDeferredPromise() + + // 5.7 + fetchControllers.push(fetching({ + request: r, + processResponse (response) { + // 1. + if (response.type === 'error' || response.status === 206 || response.status < 200 || response.status > 299) { + responsePromise.reject(webidl.errors.exception({ + header: 'Cache.addAll', + message: 'Received an invalid status code or the request failed.' + })) + } else if (response.headersList.contains('vary')) { // 2. + // 2.1 + const fieldValues = getFieldValues(response.headersList.get('vary')) + + // 2.2 + for (const fieldValue of fieldValues) { + // 2.2.1 + if (fieldValue === '*') { + responsePromise.reject(webidl.errors.exception({ + header: 'Cache.addAll', + message: 'invalid vary field value' + })) + + for (const controller of fetchControllers) { + controller.abort() + } + + return + } + } + } + }, + processResponseEndOfBody (response) { + // 1. + if (response.aborted) { + responsePromise.reject(new DOMException('aborted', 'AbortError')) + return + } + + // 2. + responsePromise.resolve(response) + } + })) + + // 5.8 + responsePromises.push(responsePromise.promise) + } + + // 6. + const p = Promise.all(responsePromises) + + // 7. + const responses = await p + + // 7.1 + const operations = [] + + // 7.2 + let index = 0 + + // 7.3 + for (const response of responses) { + // 7.3.1 + /** @type {CacheBatchOperation} */ + const operation = { + type: 'put', // 7.3.2 + request: requestList[index], // 7.3.3 + response // 7.3.4 + } + + operations.push(operation) // 7.3.5 + + index++ // 7.3.6 + } + + // 7.5 + const cacheJobPromise = createDeferredPromise() + + // 7.6.1 + let errorData = null + + // 7.6.2 + try { + this.#batchCacheOperations(operations) + } catch (e) { + errorData = e + } + + // 7.6.3 + queueMicrotask(() => { + // 7.6.3.1 + if (errorData === null) { + cacheJobPromise.resolve(undefined) + } else { + // 7.6.3.2 + cacheJobPromise.reject(errorData) + } + }) + + // 7.7 + return cacheJobPromise.promise + } + + async put (request, response) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.put' + webidl.argumentLengthCheck(arguments, 2, prefix) + + request = webidl.converters.RequestInfo(request, prefix, 'request') + response = webidl.converters.Response(response, prefix, 'response') + + // 1. + let innerRequest = null + + // 2. + if (request instanceof Request) { + innerRequest = request[kState] + } else { // 3. + innerRequest = new Request(request)[kState] + } + + // 4. + if (!urlIsHttpHttpsScheme(innerRequest.url) || innerRequest.method !== 'GET') { + throw webidl.errors.exception({ + header: prefix, + message: 'Expected an http/s scheme when method is not GET' + }) + } + + // 5. + const innerResponse = response[kState] + + // 6. + if (innerResponse.status === 206) { + throw webidl.errors.exception({ + header: prefix, + message: 'Got 206 status' + }) + } + + // 7. + if (innerResponse.headersList.contains('vary')) { + // 7.1. + const fieldValues = getFieldValues(innerResponse.headersList.get('vary')) + + // 7.2. + for (const fieldValue of fieldValues) { + // 7.2.1 + if (fieldValue === '*') { + throw webidl.errors.exception({ + header: prefix, + message: 'Got * vary field value' + }) + } + } + } + + // 8. + if (innerResponse.body && (isDisturbed(innerResponse.body.stream) || innerResponse.body.stream.locked)) { + throw webidl.errors.exception({ + header: prefix, + message: 'Response body is locked or disturbed' + }) + } + + // 9. + const clonedResponse = cloneResponse(innerResponse) + + // 10. + const bodyReadPromise = createDeferredPromise() + + // 11. + if (innerResponse.body != null) { + // 11.1 + const stream = innerResponse.body.stream + + // 11.2 + const reader = stream.getReader() + + // 11.3 + readAllBytes(reader).then(bodyReadPromise.resolve, bodyReadPromise.reject) + } else { + bodyReadPromise.resolve(undefined) + } + + // 12. + /** @type {CacheBatchOperation[]} */ + const operations = [] + + // 13. + /** @type {CacheBatchOperation} */ + const operation = { + type: 'put', // 14. + request: innerRequest, // 15. + response: clonedResponse // 16. + } + + // 17. + operations.push(operation) + + // 19. + const bytes = await bodyReadPromise.promise + + if (clonedResponse.body != null) { + clonedResponse.body.source = bytes + } + + // 19.1 + const cacheJobPromise = createDeferredPromise() + + // 19.2.1 + let errorData = null + + // 19.2.2 + try { + this.#batchCacheOperations(operations) + } catch (e) { + errorData = e + } + + // 19.2.3 + queueMicrotask(() => { + // 19.2.3.1 + if (errorData === null) { + cacheJobPromise.resolve() + } else { // 19.2.3.2 + cacheJobPromise.reject(errorData) + } + }) + + return cacheJobPromise.promise + } + + async delete (request, options = {}) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.delete' + webidl.argumentLengthCheck(arguments, 1, prefix) + + request = webidl.converters.RequestInfo(request, prefix, 'request') + options = webidl.converters.CacheQueryOptions(options, prefix, 'options') + + /** + * @type {Request} + */ + let r = null + + if (request instanceof Request) { + r = request[kState] + + if (r.method !== 'GET' && !options.ignoreMethod) { + return false + } + } else { + assert(typeof request === 'string') + + r = new Request(request)[kState] + } + + /** @type {CacheBatchOperation[]} */ + const operations = [] + + /** @type {CacheBatchOperation} */ + const operation = { + type: 'delete', + request: r, + options + } + + operations.push(operation) + + const cacheJobPromise = createDeferredPromise() + + let errorData = null + let requestResponses + + try { + requestResponses = this.#batchCacheOperations(operations) + } catch (e) { + errorData = e + } + + queueMicrotask(() => { + if (errorData === null) { + cacheJobPromise.resolve(!!requestResponses?.length) + } else { + cacheJobPromise.reject(errorData) + } + }) + + return cacheJobPromise.promise + } + + /** + * @see https://w3c.github.io/ServiceWorker/#dom-cache-keys + * @param {any} request + * @param {import('../../types/cache').CacheQueryOptions} options + * @returns {Promise} + */ + async keys (request = undefined, options = {}) { + webidl.brandCheck(this, Cache) + + const prefix = 'Cache.keys' + + if (request !== undefined) request = webidl.converters.RequestInfo(request, prefix, 'request') + options = webidl.converters.CacheQueryOptions(options, prefix, 'options') + + // 1. + let r = null + + // 2. + if (request !== undefined) { + // 2.1 + if (request instanceof Request) { + // 2.1.1 + r = request[kState] + + // 2.1.2 + if (r.method !== 'GET' && !options.ignoreMethod) { + return [] + } + } else if (typeof request === 'string') { // 2.2 + r = new Request(request)[kState] + } + } + + // 4. + const promise = createDeferredPromise() + + // 5. + // 5.1 + const requests = [] + + // 5.2 + if (request === undefined) { + // 5.2.1 + for (const requestResponse of this.#relevantRequestResponseList) { + // 5.2.1.1 + requests.push(requestResponse[0]) + } + } else { // 5.3 + // 5.3.1 + const requestResponses = this.#queryCache(r, options) + + // 5.3.2 + for (const requestResponse of requestResponses) { + // 5.3.2.1 + requests.push(requestResponse[0]) + } + } + + // 5.4 + queueMicrotask(() => { + // 5.4.1 + const requestList = [] + + // 5.4.2 + for (const request of requests) { + const requestObject = fromInnerRequest( + request, + new AbortController().signal, + 'immutable' + ) + // 5.4.2.1 + requestList.push(requestObject) + } + + // 5.4.3 + promise.resolve(Object.freeze(requestList)) + }) + + return promise.promise + } + + /** + * @see https://w3c.github.io/ServiceWorker/#batch-cache-operations-algorithm + * @param {CacheBatchOperation[]} operations + * @returns {requestResponseList} + */ + #batchCacheOperations (operations) { + // 1. + const cache = this.#relevantRequestResponseList + + // 2. + const backupCache = [...cache] + + // 3. + const addedItems = [] + + // 4.1 + const resultList = [] + + try { + // 4.2 + for (const operation of operations) { + // 4.2.1 + if (operation.type !== 'delete' && operation.type !== 'put') { + throw webidl.errors.exception({ + header: 'Cache.#batchCacheOperations', + message: 'operation type does not match "delete" or "put"' + }) + } + + // 4.2.2 + if (operation.type === 'delete' && operation.response != null) { + throw webidl.errors.exception({ + header: 'Cache.#batchCacheOperations', + message: 'delete operation should not have an associated response' + }) + } + + // 4.2.3 + if (this.#queryCache(operation.request, operation.options, addedItems).length) { + throw new DOMException('???', 'InvalidStateError') + } + + // 4.2.4 + let requestResponses + + // 4.2.5 + if (operation.type === 'delete') { + // 4.2.5.1 + requestResponses = this.#queryCache(operation.request, operation.options) + + // TODO: the spec is wrong, this is needed to pass WPTs + if (requestResponses.length === 0) { + return [] + } + + // 4.2.5.2 + for (const requestResponse of requestResponses) { + const idx = cache.indexOf(requestResponse) + assert(idx !== -1) + + // 4.2.5.2.1 + cache.splice(idx, 1) + } + } else if (operation.type === 'put') { // 4.2.6 + // 4.2.6.1 + if (operation.response == null) { + throw webidl.errors.exception({ + header: 'Cache.#batchCacheOperations', + message: 'put operation should have an associated response' + }) + } + + // 4.2.6.2 + const r = operation.request + + // 4.2.6.3 + if (!urlIsHttpHttpsScheme(r.url)) { + throw webidl.errors.exception({ + header: 'Cache.#batchCacheOperations', + message: 'expected http or https scheme' + }) + } + + // 4.2.6.4 + if (r.method !== 'GET') { + throw webidl.errors.exception({ + header: 'Cache.#batchCacheOperations', + message: 'not get method' + }) + } + + // 4.2.6.5 + if (operation.options != null) { + throw webidl.errors.exception({ + header: 'Cache.#batchCacheOperations', + message: 'options must not be defined' + }) + } + + // 4.2.6.6 + requestResponses = this.#queryCache(operation.request) + + // 4.2.6.7 + for (const requestResponse of requestResponses) { + const idx = cache.indexOf(requestResponse) + assert(idx !== -1) + + // 4.2.6.7.1 + cache.splice(idx, 1) + } + + // 4.2.6.8 + cache.push([operation.request, operation.response]) + + // 4.2.6.10 + addedItems.push([operation.request, operation.response]) + } + + // 4.2.7 + resultList.push([operation.request, operation.response]) + } + + // 4.3 + return resultList + } catch (e) { // 5. + // 5.1 + this.#relevantRequestResponseList.length = 0 + + // 5.2 + this.#relevantRequestResponseList = backupCache + + // 5.3 + throw e + } + } + + /** + * @see https://w3c.github.io/ServiceWorker/#query-cache + * @param {any} requestQuery + * @param {import('../../types/cache').CacheQueryOptions} options + * @param {requestResponseList} targetStorage + * @returns {requestResponseList} + */ + #queryCache (requestQuery, options, targetStorage) { + /** @type {requestResponseList} */ + const resultList = [] + + const storage = targetStorage ?? this.#relevantRequestResponseList + + for (const requestResponse of storage) { + const [cachedRequest, cachedResponse] = requestResponse + if (this.#requestMatchesCachedItem(requestQuery, cachedRequest, cachedResponse, options)) { + resultList.push(requestResponse) + } + } + + return resultList + } + + /** + * @see https://w3c.github.io/ServiceWorker/#request-matches-cached-item-algorithm + * @param {any} requestQuery + * @param {any} request + * @param {any | null} response + * @param {import('../../types/cache').CacheQueryOptions | undefined} options + * @returns {boolean} + */ + #requestMatchesCachedItem (requestQuery, request, response = null, options) { + // if (options?.ignoreMethod === false && request.method === 'GET') { + // return false + // } + + const queryURL = new URL(requestQuery.url) + + const cachedURL = new URL(request.url) + + if (options?.ignoreSearch) { + cachedURL.search = '' + + queryURL.search = '' + } + + if (!urlEquals(queryURL, cachedURL, true)) { + return false + } + + if ( + response == null || + options?.ignoreVary || + !response.headersList.contains('vary') + ) { + return true + } + + const fieldValues = getFieldValues(response.headersList.get('vary')) + + for (const fieldValue of fieldValues) { + if (fieldValue === '*') { + return false + } + + const requestValue = request.headersList.get(fieldValue) + const queryValue = requestQuery.headersList.get(fieldValue) + + // If one has the header and the other doesn't, or one has + // a different value than the other, return false + if (requestValue !== queryValue) { + return false + } + } + + return true + } + + #internalMatchAll (request, options, maxResponses = Infinity) { + // 1. + let r = null + + // 2. + if (request !== undefined) { + if (request instanceof Request) { + // 2.1.1 + r = request[kState] + + // 2.1.2 + if (r.method !== 'GET' && !options.ignoreMethod) { + return [] + } + } else if (typeof request === 'string') { + // 2.2.1 + r = new Request(request)[kState] + } + } + + // 5. + // 5.1 + const responses = [] + + // 5.2 + if (request === undefined) { + // 5.2.1 + for (const requestResponse of this.#relevantRequestResponseList) { + responses.push(requestResponse[1]) + } + } else { // 5.3 + // 5.3.1 + const requestResponses = this.#queryCache(r, options) + + // 5.3.2 + for (const requestResponse of requestResponses) { + responses.push(requestResponse[1]) + } + } + + // 5.4 + // We don't implement CORs so we don't need to loop over the responses, yay! + + // 5.5.1 + const responseList = [] + + // 5.5.2 + for (const response of responses) { + // 5.5.2.1 + const responseObject = fromInnerResponse(response, 'immutable') + + responseList.push(responseObject.clone()) + + if (responseList.length >= maxResponses) { + break + } + } + + // 6. + return Object.freeze(responseList) + } +} + +Object.defineProperties(Cache.prototype, { + [Symbol.toStringTag]: { + value: 'Cache', + configurable: true + }, + match: kEnumerableProperty, + matchAll: kEnumerableProperty, + add: kEnumerableProperty, + addAll: kEnumerableProperty, + put: kEnumerableProperty, + delete: kEnumerableProperty, + keys: kEnumerableProperty +}) + +const cacheQueryOptionConverters = [ + { + key: 'ignoreSearch', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'ignoreMethod', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'ignoreVary', + converter: webidl.converters.boolean, + defaultValue: () => false + } +] + +webidl.converters.CacheQueryOptions = webidl.dictionaryConverter(cacheQueryOptionConverters) + +webidl.converters.MultiCacheQueryOptions = webidl.dictionaryConverter([ + ...cacheQueryOptionConverters, + { + key: 'cacheName', + converter: webidl.converters.DOMString + } +]) + +webidl.converters.Response = webidl.interfaceConverter(Response) + +webidl.converters['sequence'] = webidl.sequenceConverter( + webidl.converters.RequestInfo +) + +module.exports = { + Cache +} + + +/***/ }), + +/***/ 3245: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { kConstruct } = __nccwpck_require__(109) +const { Cache } = __nccwpck_require__(9634) +const { webidl } = __nccwpck_require__(5893) +const { kEnumerableProperty } = __nccwpck_require__(3440) + +class CacheStorage { + /** + * @see https://w3c.github.io/ServiceWorker/#dfn-relevant-name-to-cache-map + * @type {Map} + */ + async has (cacheName) { + webidl.brandCheck(this, CacheStorage) + + const prefix = 'CacheStorage.has' + webidl.argumentLengthCheck(arguments, 1, prefix) + + cacheName = webidl.converters.DOMString(cacheName, prefix, 'cacheName') + + // 2.1.1 + // 2.2 + return this.#caches.has(cacheName) + } + + /** + * @see https://w3c.github.io/ServiceWorker/#dom-cachestorage-open + * @param {string} cacheName + * @returns {Promise} + */ + async open (cacheName) { + webidl.brandCheck(this, CacheStorage) + + const prefix = 'CacheStorage.open' + webidl.argumentLengthCheck(arguments, 1, prefix) + + cacheName = webidl.converters.DOMString(cacheName, prefix, 'cacheName') + + // 2.1 + if (this.#caches.has(cacheName)) { + // await caches.open('v1') !== await caches.open('v1') + + // 2.1.1 + const cache = this.#caches.get(cacheName) + + // 2.1.1.1 + return new Cache(kConstruct, cache) + } + + // 2.2 + const cache = [] + + // 2.3 + this.#caches.set(cacheName, cache) + + // 2.4 + return new Cache(kConstruct, cache) + } + + /** + * @see https://w3c.github.io/ServiceWorker/#cache-storage-delete + * @param {string} cacheName + * @returns {Promise} + */ + async delete (cacheName) { + webidl.brandCheck(this, CacheStorage) + + const prefix = 'CacheStorage.delete' + webidl.argumentLengthCheck(arguments, 1, prefix) + + cacheName = webidl.converters.DOMString(cacheName, prefix, 'cacheName') + + return this.#caches.delete(cacheName) + } + + /** + * @see https://w3c.github.io/ServiceWorker/#cache-storage-keys + * @returns {Promise} + */ + async keys () { + webidl.brandCheck(this, CacheStorage) + + // 2.1 + const keys = this.#caches.keys() + + // 2.2 + return [...keys] + } +} + +Object.defineProperties(CacheStorage.prototype, { + [Symbol.toStringTag]: { + value: 'CacheStorage', + configurable: true + }, + match: kEnumerableProperty, + has: kEnumerableProperty, + open: kEnumerableProperty, + delete: kEnumerableProperty, + keys: kEnumerableProperty +}) + +module.exports = { + CacheStorage +} + + +/***/ }), + +/***/ 109: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +module.exports = { + kConstruct: (__nccwpck_require__(6443).kConstruct) +} + + +/***/ }), + +/***/ 6798: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) +const { URLSerializer } = __nccwpck_require__(1900) +const { isValidHeaderName } = __nccwpck_require__(3168) + +/** + * @see https://url.spec.whatwg.org/#concept-url-equals + * @param {URL} A + * @param {URL} B + * @param {boolean | undefined} excludeFragment + * @returns {boolean} + */ +function urlEquals (A, B, excludeFragment = false) { + const serializedA = URLSerializer(A, excludeFragment) + + const serializedB = URLSerializer(B, excludeFragment) + + return serializedA === serializedB +} + +/** + * @see https://github.com/chromium/chromium/blob/694d20d134cb553d8d89e5500b9148012b1ba299/content/browser/cache_storage/cache_storage_cache.cc#L260-L262 + * @param {string} header + */ +function getFieldValues (header) { + assert(header !== null) + + const values = [] + + for (let value of header.split(',')) { + value = value.trim() + + if (isValidHeaderName(value)) { + values.push(value) + } + } + + return values +} + +module.exports = { + urlEquals, + getFieldValues +} + + +/***/ }), + +/***/ 1276: +/***/ ((module) => { + +"use strict"; + + +// https://wicg.github.io/cookie-store/#cookie-maximum-attribute-value-size +const maxAttributeValueSize = 1024 + +// https://wicg.github.io/cookie-store/#cookie-maximum-name-value-pair-size +const maxNameValuePairSize = 4096 + +module.exports = { + maxAttributeValueSize, + maxNameValuePairSize +} + + +/***/ }), + +/***/ 9061: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { parseSetCookie } = __nccwpck_require__(1978) +const { stringify } = __nccwpck_require__(7797) +const { webidl } = __nccwpck_require__(5893) +const { Headers } = __nccwpck_require__(660) + +/** + * @typedef {Object} Cookie + * @property {string} name + * @property {string} value + * @property {Date|number|undefined} expires + * @property {number|undefined} maxAge + * @property {string|undefined} domain + * @property {string|undefined} path + * @property {boolean|undefined} secure + * @property {boolean|undefined} httpOnly + * @property {'Strict'|'Lax'|'None'} sameSite + * @property {string[]} unparsed + */ + +/** + * @param {Headers} headers + * @returns {Record} + */ +function getCookies (headers) { + webidl.argumentLengthCheck(arguments, 1, 'getCookies') + + webidl.brandCheck(headers, Headers, { strict: false }) + + const cookie = headers.get('cookie') + const out = {} + + if (!cookie) { + return out + } + + for (const piece of cookie.split(';')) { + const [name, ...value] = piece.split('=') + + out[name.trim()] = value.join('=') + } + + return out +} + +/** + * @param {Headers} headers + * @param {string} name + * @param {{ path?: string, domain?: string }|undefined} attributes + * @returns {void} + */ +function deleteCookie (headers, name, attributes) { + webidl.brandCheck(headers, Headers, { strict: false }) + + const prefix = 'deleteCookie' + webidl.argumentLengthCheck(arguments, 2, prefix) + + name = webidl.converters.DOMString(name, prefix, 'name') + attributes = webidl.converters.DeleteCookieAttributes(attributes) + + // Matches behavior of + // https://github.com/denoland/deno_std/blob/63827b16330b82489a04614027c33b7904e08be5/http/cookie.ts#L278 + setCookie(headers, { + name, + value: '', + expires: new Date(0), + ...attributes + }) +} + +/** + * @param {Headers} headers + * @returns {Cookie[]} + */ +function getSetCookies (headers) { + webidl.argumentLengthCheck(arguments, 1, 'getSetCookies') + + webidl.brandCheck(headers, Headers, { strict: false }) + + const cookies = headers.getSetCookie() + + if (!cookies) { + return [] + } + + return cookies.map((pair) => parseSetCookie(pair)) +} + +/** + * @param {Headers} headers + * @param {Cookie} cookie + * @returns {void} + */ +function setCookie (headers, cookie) { + webidl.argumentLengthCheck(arguments, 2, 'setCookie') + + webidl.brandCheck(headers, Headers, { strict: false }) + + cookie = webidl.converters.Cookie(cookie) + + const str = stringify(cookie) + + if (str) { + headers.append('Set-Cookie', str) + } +} + +webidl.converters.DeleteCookieAttributes = webidl.dictionaryConverter([ + { + converter: webidl.nullableConverter(webidl.converters.DOMString), + key: 'path', + defaultValue: () => null + }, + { + converter: webidl.nullableConverter(webidl.converters.DOMString), + key: 'domain', + defaultValue: () => null + } +]) + +webidl.converters.Cookie = webidl.dictionaryConverter([ + { + converter: webidl.converters.DOMString, + key: 'name' + }, + { + converter: webidl.converters.DOMString, + key: 'value' + }, + { + converter: webidl.nullableConverter((value) => { + if (typeof value === 'number') { + return webidl.converters['unsigned long long'](value) + } + + return new Date(value) + }), + key: 'expires', + defaultValue: () => null + }, + { + converter: webidl.nullableConverter(webidl.converters['long long']), + key: 'maxAge', + defaultValue: () => null + }, + { + converter: webidl.nullableConverter(webidl.converters.DOMString), + key: 'domain', + defaultValue: () => null + }, + { + converter: webidl.nullableConverter(webidl.converters.DOMString), + key: 'path', + defaultValue: () => null + }, + { + converter: webidl.nullableConverter(webidl.converters.boolean), + key: 'secure', + defaultValue: () => null + }, + { + converter: webidl.nullableConverter(webidl.converters.boolean), + key: 'httpOnly', + defaultValue: () => null + }, + { + converter: webidl.converters.USVString, + key: 'sameSite', + allowedValues: ['Strict', 'Lax', 'None'] + }, + { + converter: webidl.sequenceConverter(webidl.converters.DOMString), + key: 'unparsed', + defaultValue: () => new Array(0) + } +]) + +module.exports = { + getCookies, + deleteCookie, + getSetCookies, + setCookie +} + + +/***/ }), + +/***/ 1978: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { maxNameValuePairSize, maxAttributeValueSize } = __nccwpck_require__(1276) +const { isCTLExcludingHtab } = __nccwpck_require__(7797) +const { collectASequenceOfCodePointsFast } = __nccwpck_require__(1900) +const assert = __nccwpck_require__(4589) + +/** + * @description Parses the field-value attributes of a set-cookie header string. + * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4 + * @param {string} header + * @returns if the header is invalid, null will be returned + */ +function parseSetCookie (header) { + // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F + // character (CTL characters excluding HTAB): Abort these steps and + // ignore the set-cookie-string entirely. + if (isCTLExcludingHtab(header)) { + return null + } + + let nameValuePair = '' + let unparsedAttributes = '' + let name = '' + let value = '' + + // 2. If the set-cookie-string contains a %x3B (";") character: + if (header.includes(';')) { + // 1. The name-value-pair string consists of the characters up to, + // but not including, the first %x3B (";"), and the unparsed- + // attributes consist of the remainder of the set-cookie-string + // (including the %x3B (";") in question). + const position = { position: 0 } + + nameValuePair = collectASequenceOfCodePointsFast(';', header, position) + unparsedAttributes = header.slice(position.position) + } else { + // Otherwise: + + // 1. The name-value-pair string consists of all the characters + // contained in the set-cookie-string, and the unparsed- + // attributes is the empty string. + nameValuePair = header + } + + // 3. If the name-value-pair string lacks a %x3D ("=") character, then + // the name string is empty, and the value string is the value of + // name-value-pair. + if (!nameValuePair.includes('=')) { + value = nameValuePair + } else { + // Otherwise, the name string consists of the characters up to, but + // not including, the first %x3D ("=") character, and the (possibly + // empty) value string consists of the characters after the first + // %x3D ("=") character. + const position = { position: 0 } + name = collectASequenceOfCodePointsFast( + '=', + nameValuePair, + position + ) + value = nameValuePair.slice(position.position + 1) + } + + // 4. Remove any leading or trailing WSP characters from the name + // string and the value string. + name = name.trim() + value = value.trim() + + // 5. If the sum of the lengths of the name string and the value string + // is more than 4096 octets, abort these steps and ignore the set- + // cookie-string entirely. + if (name.length + value.length > maxNameValuePairSize) { + return null + } + + // 6. The cookie-name is the name string, and the cookie-value is the + // value string. + return { + name, value, ...parseUnparsedAttributes(unparsedAttributes) + } +} + +/** + * Parses the remaining attributes of a set-cookie header + * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4 + * @param {string} unparsedAttributes + * @param {[Object.]={}} cookieAttributeList + */ +function parseUnparsedAttributes (unparsedAttributes, cookieAttributeList = {}) { + // 1. If the unparsed-attributes string is empty, skip the rest of + // these steps. + if (unparsedAttributes.length === 0) { + return cookieAttributeList + } + + // 2. Discard the first character of the unparsed-attributes (which + // will be a %x3B (";") character). + assert(unparsedAttributes[0] === ';') + unparsedAttributes = unparsedAttributes.slice(1) + + let cookieAv = '' + + // 3. If the remaining unparsed-attributes contains a %x3B (";") + // character: + if (unparsedAttributes.includes(';')) { + // 1. Consume the characters of the unparsed-attributes up to, but + // not including, the first %x3B (";") character. + cookieAv = collectASequenceOfCodePointsFast( + ';', + unparsedAttributes, + { position: 0 } + ) + unparsedAttributes = unparsedAttributes.slice(cookieAv.length) + } else { + // Otherwise: + + // 1. Consume the remainder of the unparsed-attributes. + cookieAv = unparsedAttributes + unparsedAttributes = '' + } + + // Let the cookie-av string be the characters consumed in this step. + + let attributeName = '' + let attributeValue = '' + + // 4. If the cookie-av string contains a %x3D ("=") character: + if (cookieAv.includes('=')) { + // 1. The (possibly empty) attribute-name string consists of the + // characters up to, but not including, the first %x3D ("=") + // character, and the (possibly empty) attribute-value string + // consists of the characters after the first %x3D ("=") + // character. + const position = { position: 0 } + + attributeName = collectASequenceOfCodePointsFast( + '=', + cookieAv, + position + ) + attributeValue = cookieAv.slice(position.position + 1) + } else { + // Otherwise: + + // 1. The attribute-name string consists of the entire cookie-av + // string, and the attribute-value string is empty. + attributeName = cookieAv + } + + // 5. Remove any leading or trailing WSP characters from the attribute- + // name string and the attribute-value string. + attributeName = attributeName.trim() + attributeValue = attributeValue.trim() + + // 6. If the attribute-value is longer than 1024 octets, ignore the + // cookie-av string and return to Step 1 of this algorithm. + if (attributeValue.length > maxAttributeValueSize) { + return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList) + } + + // 7. Process the attribute-name and attribute-value according to the + // requirements in the following subsections. (Notice that + // attributes with unrecognized attribute-names are ignored.) + const attributeNameLowercase = attributeName.toLowerCase() + + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.1 + // If the attribute-name case-insensitively matches the string + // "Expires", the user agent MUST process the cookie-av as follows. + if (attributeNameLowercase === 'expires') { + // 1. Let the expiry-time be the result of parsing the attribute-value + // as cookie-date (see Section 5.1.1). + const expiryTime = new Date(attributeValue) + + // 2. If the attribute-value failed to parse as a cookie date, ignore + // the cookie-av. + + cookieAttributeList.expires = expiryTime + } else if (attributeNameLowercase === 'max-age') { + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.2 + // If the attribute-name case-insensitively matches the string "Max- + // Age", the user agent MUST process the cookie-av as follows. + + // 1. If the first character of the attribute-value is not a DIGIT or a + // "-" character, ignore the cookie-av. + const charCode = attributeValue.charCodeAt(0) + + if ((charCode < 48 || charCode > 57) && attributeValue[0] !== '-') { + return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList) + } + + // 2. If the remainder of attribute-value contains a non-DIGIT + // character, ignore the cookie-av. + if (!/^\d+$/.test(attributeValue)) { + return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList) + } + + // 3. Let delta-seconds be the attribute-value converted to an integer. + const deltaSeconds = Number(attributeValue) + + // 4. Let cookie-age-limit be the maximum age of the cookie (which + // SHOULD be 400 days or less, see Section 4.1.2.2). + + // 5. Set delta-seconds to the smaller of its present value and cookie- + // age-limit. + // deltaSeconds = Math.min(deltaSeconds * 1000, maxExpiresMs) + + // 6. If delta-seconds is less than or equal to zero (0), let expiry- + // time be the earliest representable date and time. Otherwise, let + // the expiry-time be the current date and time plus delta-seconds + // seconds. + // const expiryTime = deltaSeconds <= 0 ? Date.now() : Date.now() + deltaSeconds + + // 7. Append an attribute to the cookie-attribute-list with an + // attribute-name of Max-Age and an attribute-value of expiry-time. + cookieAttributeList.maxAge = deltaSeconds + } else if (attributeNameLowercase === 'domain') { + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.3 + // If the attribute-name case-insensitively matches the string "Domain", + // the user agent MUST process the cookie-av as follows. + + // 1. Let cookie-domain be the attribute-value. + let cookieDomain = attributeValue + + // 2. If cookie-domain starts with %x2E ("."), let cookie-domain be + // cookie-domain without its leading %x2E ("."). + if (cookieDomain[0] === '.') { + cookieDomain = cookieDomain.slice(1) + } + + // 3. Convert the cookie-domain to lower case. + cookieDomain = cookieDomain.toLowerCase() + + // 4. Append an attribute to the cookie-attribute-list with an + // attribute-name of Domain and an attribute-value of cookie-domain. + cookieAttributeList.domain = cookieDomain + } else if (attributeNameLowercase === 'path') { + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.4 + // If the attribute-name case-insensitively matches the string "Path", + // the user agent MUST process the cookie-av as follows. + + // 1. If the attribute-value is empty or if the first character of the + // attribute-value is not %x2F ("/"): + let cookiePath = '' + if (attributeValue.length === 0 || attributeValue[0] !== '/') { + // 1. Let cookie-path be the default-path. + cookiePath = '/' + } else { + // Otherwise: + + // 1. Let cookie-path be the attribute-value. + cookiePath = attributeValue + } + + // 2. Append an attribute to the cookie-attribute-list with an + // attribute-name of Path and an attribute-value of cookie-path. + cookieAttributeList.path = cookiePath + } else if (attributeNameLowercase === 'secure') { + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.5 + // If the attribute-name case-insensitively matches the string "Secure", + // the user agent MUST append an attribute to the cookie-attribute-list + // with an attribute-name of Secure and an empty attribute-value. + + cookieAttributeList.secure = true + } else if (attributeNameLowercase === 'httponly') { + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.6 + // If the attribute-name case-insensitively matches the string + // "HttpOnly", the user agent MUST append an attribute to the cookie- + // attribute-list with an attribute-name of HttpOnly and an empty + // attribute-value. + + cookieAttributeList.httpOnly = true + } else if (attributeNameLowercase === 'samesite') { + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.7 + // If the attribute-name case-insensitively matches the string + // "SameSite", the user agent MUST process the cookie-av as follows: + + // 1. Let enforcement be "Default". + let enforcement = 'Default' + + const attributeValueLowercase = attributeValue.toLowerCase() + // 2. If cookie-av's attribute-value is a case-insensitive match for + // "None", set enforcement to "None". + if (attributeValueLowercase.includes('none')) { + enforcement = 'None' + } + + // 3. If cookie-av's attribute-value is a case-insensitive match for + // "Strict", set enforcement to "Strict". + if (attributeValueLowercase.includes('strict')) { + enforcement = 'Strict' + } + + // 4. If cookie-av's attribute-value is a case-insensitive match for + // "Lax", set enforcement to "Lax". + if (attributeValueLowercase.includes('lax')) { + enforcement = 'Lax' + } + + // 5. Append an attribute to the cookie-attribute-list with an + // attribute-name of "SameSite" and an attribute-value of + // enforcement. + cookieAttributeList.sameSite = enforcement + } else { + cookieAttributeList.unparsed ??= [] + + cookieAttributeList.unparsed.push(`${attributeName}=${attributeValue}`) + } + + // 8. Return to Step 1 of this algorithm. + return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList) +} + +module.exports = { + parseSetCookie, + parseUnparsedAttributes +} + + +/***/ }), + +/***/ 7797: +/***/ ((module) => { + +"use strict"; + + +/** + * @param {string} value + * @returns {boolean} + */ +function isCTLExcludingHtab (value) { + for (let i = 0; i < value.length; ++i) { + const code = value.charCodeAt(i) + + if ( + (code >= 0x00 && code <= 0x08) || + (code >= 0x0A && code <= 0x1F) || + code === 0x7F + ) { + return true + } + } + return false +} + +/** + CHAR = + token = 1* + separators = "(" | ")" | "<" | ">" | "@" + | "," | ";" | ":" | "\" | <"> + | "/" | "[" | "]" | "?" | "=" + | "{" | "}" | SP | HT + * @param {string} name + */ +function validateCookieName (name) { + for (let i = 0; i < name.length; ++i) { + const code = name.charCodeAt(i) + + if ( + code < 0x21 || // exclude CTLs (0-31), SP and HT + code > 0x7E || // exclude non-ascii and DEL + code === 0x22 || // " + code === 0x28 || // ( + code === 0x29 || // ) + code === 0x3C || // < + code === 0x3E || // > + code === 0x40 || // @ + code === 0x2C || // , + code === 0x3B || // ; + code === 0x3A || // : + code === 0x5C || // \ + code === 0x2F || // / + code === 0x5B || // [ + code === 0x5D || // ] + code === 0x3F || // ? + code === 0x3D || // = + code === 0x7B || // { + code === 0x7D // } + ) { + throw new Error('Invalid cookie name') + } + } +} + +/** + cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE ) + cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E + ; US-ASCII characters excluding CTLs, + ; whitespace DQUOTE, comma, semicolon, + ; and backslash + * @param {string} value + */ +function validateCookieValue (value) { + let len = value.length + let i = 0 + + // if the value is wrapped in DQUOTE + if (value[0] === '"') { + if (len === 1 || value[len - 1] !== '"') { + throw new Error('Invalid cookie value') + } + --len + ++i + } + + while (i < len) { + const code = value.charCodeAt(i++) + + if ( + code < 0x21 || // exclude CTLs (0-31) + code > 0x7E || // non-ascii and DEL (127) + code === 0x22 || // " + code === 0x2C || // , + code === 0x3B || // ; + code === 0x5C // \ + ) { + throw new Error('Invalid cookie value') + } + } +} + +/** + * path-value = + * @param {string} path + */ +function validateCookiePath (path) { + for (let i = 0; i < path.length; ++i) { + const code = path.charCodeAt(i) + + if ( + code < 0x20 || // exclude CTLs (0-31) + code === 0x7F || // DEL + code === 0x3B // ; + ) { + throw new Error('Invalid cookie path') + } + } +} + +/** + * I have no idea why these values aren't allowed to be honest, + * but Deno tests these. - Khafra + * @param {string} domain + */ +function validateCookieDomain (domain) { + if ( + domain.startsWith('-') || + domain.endsWith('.') || + domain.endsWith('-') + ) { + throw new Error('Invalid cookie domain') + } +} + +const IMFDays = [ + 'Sun', 'Mon', 'Tue', 'Wed', + 'Thu', 'Fri', 'Sat' +] + +const IMFMonths = [ + 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', + 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec' +] + +const IMFPaddedNumbers = Array(61).fill(0).map((_, i) => i.toString().padStart(2, '0')) + +/** + * @see https://www.rfc-editor.org/rfc/rfc7231#section-7.1.1.1 + * @param {number|Date} date + IMF-fixdate = day-name "," SP date1 SP time-of-day SP GMT + ; fixed length/zone/capitalization subset of the format + ; see Section 3.3 of [RFC5322] + + day-name = %x4D.6F.6E ; "Mon", case-sensitive + / %x54.75.65 ; "Tue", case-sensitive + / %x57.65.64 ; "Wed", case-sensitive + / %x54.68.75 ; "Thu", case-sensitive + / %x46.72.69 ; "Fri", case-sensitive + / %x53.61.74 ; "Sat", case-sensitive + / %x53.75.6E ; "Sun", case-sensitive + date1 = day SP month SP year + ; e.g., 02 Jun 1982 + + day = 2DIGIT + month = %x4A.61.6E ; "Jan", case-sensitive + / %x46.65.62 ; "Feb", case-sensitive + / %x4D.61.72 ; "Mar", case-sensitive + / %x41.70.72 ; "Apr", case-sensitive + / %x4D.61.79 ; "May", case-sensitive + / %x4A.75.6E ; "Jun", case-sensitive + / %x4A.75.6C ; "Jul", case-sensitive + / %x41.75.67 ; "Aug", case-sensitive + / %x53.65.70 ; "Sep", case-sensitive + / %x4F.63.74 ; "Oct", case-sensitive + / %x4E.6F.76 ; "Nov", case-sensitive + / %x44.65.63 ; "Dec", case-sensitive + year = 4DIGIT + + GMT = %x47.4D.54 ; "GMT", case-sensitive + + time-of-day = hour ":" minute ":" second + ; 00:00:00 - 23:59:60 (leap second) + + hour = 2DIGIT + minute = 2DIGIT + second = 2DIGIT + */ +function toIMFDate (date) { + if (typeof date === 'number') { + date = new Date(date) + } + + return `${IMFDays[date.getUTCDay()]}, ${IMFPaddedNumbers[date.getUTCDate()]} ${IMFMonths[date.getUTCMonth()]} ${date.getUTCFullYear()} ${IMFPaddedNumbers[date.getUTCHours()]}:${IMFPaddedNumbers[date.getUTCMinutes()]}:${IMFPaddedNumbers[date.getUTCSeconds()]} GMT` +} + +/** + max-age-av = "Max-Age=" non-zero-digit *DIGIT + ; In practice, both expires-av and max-age-av + ; are limited to dates representable by the + ; user agent. + * @param {number} maxAge + */ +function validateCookieMaxAge (maxAge) { + if (maxAge < 0) { + throw new Error('Invalid cookie max-age') + } +} + +/** + * @see https://www.rfc-editor.org/rfc/rfc6265#section-4.1.1 + * @param {import('./index').Cookie} cookie + */ +function stringify (cookie) { + if (cookie.name.length === 0) { + return null + } + + validateCookieName(cookie.name) + validateCookieValue(cookie.value) + + const out = [`${cookie.name}=${cookie.value}`] + + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1 + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2 + if (cookie.name.startsWith('__Secure-')) { + cookie.secure = true + } + + if (cookie.name.startsWith('__Host-')) { + cookie.secure = true + cookie.domain = null + cookie.path = '/' + } + + if (cookie.secure) { + out.push('Secure') + } + + if (cookie.httpOnly) { + out.push('HttpOnly') + } + + if (typeof cookie.maxAge === 'number') { + validateCookieMaxAge(cookie.maxAge) + out.push(`Max-Age=${cookie.maxAge}`) + } + + if (cookie.domain) { + validateCookieDomain(cookie.domain) + out.push(`Domain=${cookie.domain}`) + } + + if (cookie.path) { + validateCookiePath(cookie.path) + out.push(`Path=${cookie.path}`) + } + + if (cookie.expires && cookie.expires.toString() !== 'Invalid Date') { + out.push(`Expires=${toIMFDate(cookie.expires)}`) + } + + if (cookie.sameSite) { + out.push(`SameSite=${cookie.sameSite}`) + } + + for (const part of cookie.unparsed) { + if (!part.includes('=')) { + throw new Error('Invalid unparsed') + } + + const [key, ...value] = part.split('=') + + out.push(`${key.trim()}=${value.join('=')}`) + } + + return out.join('; ') +} + +module.exports = { + isCTLExcludingHtab, + validateCookieName, + validateCookiePath, + validateCookieValue, + toIMFDate, + stringify +} + + +/***/ }), + +/***/ 4031: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + +const { Transform } = __nccwpck_require__(7075) +const { isASCIINumber, isValidLastEventId } = __nccwpck_require__(4811) + +/** + * @type {number[]} BOM + */ +const BOM = [0xEF, 0xBB, 0xBF] +/** + * @type {10} LF + */ +const LF = 0x0A +/** + * @type {13} CR + */ +const CR = 0x0D +/** + * @type {58} COLON + */ +const COLON = 0x3A +/** + * @type {32} SPACE + */ +const SPACE = 0x20 + +/** + * @typedef {object} EventSourceStreamEvent + * @type {object} + * @property {string} [event] The event type. + * @property {string} [data] The data of the message. + * @property {string} [id] A unique ID for the event. + * @property {string} [retry] The reconnection time, in milliseconds. + */ + +/** + * @typedef eventSourceSettings + * @type {object} + * @property {string} lastEventId The last event ID received from the server. + * @property {string} origin The origin of the event source. + * @property {number} reconnectionTime The reconnection time, in milliseconds. + */ + +class EventSourceStream extends Transform { + /** + * @type {eventSourceSettings} + */ + state = null + + /** + * Leading byte-order-mark check. + * @type {boolean} + */ + checkBOM = true + + /** + * @type {boolean} + */ + crlfCheck = false + + /** + * @type {boolean} + */ + eventEndCheck = false + + /** + * @type {Buffer} + */ + buffer = null + + pos = 0 + + event = { + data: undefined, + event: undefined, + id: undefined, + retry: undefined + } + + /** + * @param {object} options + * @param {eventSourceSettings} options.eventSourceSettings + * @param {Function} [options.push] + */ + constructor (options = {}) { + // Enable object mode as EventSourceStream emits objects of shape + // EventSourceStreamEvent + options.readableObjectMode = true + + super(options) + + this.state = options.eventSourceSettings || {} + if (options.push) { + this.push = options.push + } + } + + /** + * @param {Buffer} chunk + * @param {string} _encoding + * @param {Function} callback + * @returns {void} + */ + _transform (chunk, _encoding, callback) { + if (chunk.length === 0) { + callback() + return + } + + // Cache the chunk in the buffer, as the data might not be complete while + // processing it + // TODO: Investigate if there is a more performant way to handle + // incoming chunks + // see: https://github.com/nodejs/undici/issues/2630 + if (this.buffer) { + this.buffer = Buffer.concat([this.buffer, chunk]) + } else { + this.buffer = chunk + } + + // Strip leading byte-order-mark if we opened the stream and started + // the processing of the incoming data + if (this.checkBOM) { + switch (this.buffer.length) { + case 1: + // Check if the first byte is the same as the first byte of the BOM + if (this.buffer[0] === BOM[0]) { + // If it is, we need to wait for more data + callback() + return + } + // Set the checkBOM flag to false as we don't need to check for the + // BOM anymore + this.checkBOM = false + + // The buffer only contains one byte so we need to wait for more data + callback() + return + case 2: + // Check if the first two bytes are the same as the first two bytes + // of the BOM + if ( + this.buffer[0] === BOM[0] && + this.buffer[1] === BOM[1] + ) { + // If it is, we need to wait for more data, because the third byte + // is needed to determine if it is the BOM or not + callback() + return + } + + // Set the checkBOM flag to false as we don't need to check for the + // BOM anymore + this.checkBOM = false + break + case 3: + // Check if the first three bytes are the same as the first three + // bytes of the BOM + if ( + this.buffer[0] === BOM[0] && + this.buffer[1] === BOM[1] && + this.buffer[2] === BOM[2] + ) { + // If it is, we can drop the buffered data, as it is only the BOM + this.buffer = Buffer.alloc(0) + // Set the checkBOM flag to false as we don't need to check for the + // BOM anymore + this.checkBOM = false + + // Await more data + callback() + return + } + // If it is not the BOM, we can start processing the data + this.checkBOM = false + break + default: + // The buffer is longer than 3 bytes, so we can drop the BOM if it is + // present + if ( + this.buffer[0] === BOM[0] && + this.buffer[1] === BOM[1] && + this.buffer[2] === BOM[2] + ) { + // Remove the BOM from the buffer + this.buffer = this.buffer.subarray(3) + } + + // Set the checkBOM flag to false as we don't need to check for the + this.checkBOM = false + break + } + } + + while (this.pos < this.buffer.length) { + // If the previous line ended with an end-of-line, we need to check + // if the next character is also an end-of-line. + if (this.eventEndCheck) { + // If the the current character is an end-of-line, then the event + // is finished and we can process it + + // If the previous line ended with a carriage return, we need to + // check if the current character is a line feed and remove it + // from the buffer. + if (this.crlfCheck) { + // If the current character is a line feed, we can remove it + // from the buffer and reset the crlfCheck flag + if (this.buffer[this.pos] === LF) { + this.buffer = this.buffer.subarray(this.pos + 1) + this.pos = 0 + this.crlfCheck = false + + // It is possible that the line feed is not the end of the + // event. We need to check if the next character is an + // end-of-line character to determine if the event is + // finished. We simply continue the loop to check the next + // character. + + // As we removed the line feed from the buffer and set the + // crlfCheck flag to false, we basically don't make any + // distinction between a line feed and a carriage return. + continue + } + this.crlfCheck = false + } + + if (this.buffer[this.pos] === LF || this.buffer[this.pos] === CR) { + // If the current character is a carriage return, we need to + // set the crlfCheck flag to true, as we need to check if the + // next character is a line feed so we can remove it from the + // buffer + if (this.buffer[this.pos] === CR) { + this.crlfCheck = true + } + + this.buffer = this.buffer.subarray(this.pos + 1) + this.pos = 0 + if ( + this.event.data !== undefined || this.event.event || this.event.id || this.event.retry) { + this.processEvent(this.event) + } + this.clearEvent() + continue + } + // If the current character is not an end-of-line, then the event + // is not finished and we have to reset the eventEndCheck flag + this.eventEndCheck = false + continue + } + + // If the current character is an end-of-line, we can process the + // line + if (this.buffer[this.pos] === LF || this.buffer[this.pos] === CR) { + // If the current character is a carriage return, we need to + // set the crlfCheck flag to true, as we need to check if the + // next character is a line feed + if (this.buffer[this.pos] === CR) { + this.crlfCheck = true + } + + // In any case, we can process the line as we reached an + // end-of-line character + this.parseLine(this.buffer.subarray(0, this.pos), this.event) + + // Remove the processed line from the buffer + this.buffer = this.buffer.subarray(this.pos + 1) + // Reset the position as we removed the processed line from the buffer + this.pos = 0 + // A line was processed and this could be the end of the event. We need + // to check if the next line is empty to determine if the event is + // finished. + this.eventEndCheck = true + continue + } + + this.pos++ + } + + callback() + } + + /** + * @param {Buffer} line + * @param {EventStreamEvent} event + */ + parseLine (line, event) { + // If the line is empty (a blank line) + // Dispatch the event, as defined below. + // This will be handled in the _transform method + if (line.length === 0) { + return + } + + // If the line starts with a U+003A COLON character (:) + // Ignore the line. + const colonPosition = line.indexOf(COLON) + if (colonPosition === 0) { + return + } + + let field = '' + let value = '' + + // If the line contains a U+003A COLON character (:) + if (colonPosition !== -1) { + // Collect the characters on the line before the first U+003A COLON + // character (:), and let field be that string. + // TODO: Investigate if there is a more performant way to extract the + // field + // see: https://github.com/nodejs/undici/issues/2630 + field = line.subarray(0, colonPosition).toString('utf8') + + // Collect the characters on the line after the first U+003A COLON + // character (:), and let value be that string. + // If value starts with a U+0020 SPACE character, remove it from value. + let valueStart = colonPosition + 1 + if (line[valueStart] === SPACE) { + ++valueStart + } + // TODO: Investigate if there is a more performant way to extract the + // value + // see: https://github.com/nodejs/undici/issues/2630 + value = line.subarray(valueStart).toString('utf8') + + // Otherwise, the string is not empty but does not contain a U+003A COLON + // character (:) + } else { + // Process the field using the steps described below, using the whole + // line as the field name, and the empty string as the field value. + field = line.toString('utf8') + value = '' + } + + // Modify the event with the field name and value. The value is also + // decoded as UTF-8 + switch (field) { + case 'data': + if (event[field] === undefined) { + event[field] = value + } else { + event[field] += `\n${value}` + } + break + case 'retry': + if (isASCIINumber(value)) { + event[field] = value + } + break + case 'id': + if (isValidLastEventId(value)) { + event[field] = value + } + break + case 'event': + if (value.length > 0) { + event[field] = value + } + break + } + } + + /** + * @param {EventSourceStreamEvent} event + */ + processEvent (event) { + if (event.retry && isASCIINumber(event.retry)) { + this.state.reconnectionTime = parseInt(event.retry, 10) + } + + if (event.id && isValidLastEventId(event.id)) { + this.state.lastEventId = event.id + } + + // only dispatch event, when data is provided + if (event.data !== undefined) { + this.push({ + type: event.event || 'message', + options: { + data: event.data, + lastEventId: this.state.lastEventId, + origin: this.state.origin + } + }) + } + } + + clearEvent () { + this.event = { + data: undefined, + event: undefined, + id: undefined, + retry: undefined + } + } +} + +module.exports = { + EventSourceStream +} + + +/***/ }), + +/***/ 1238: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { pipeline } = __nccwpck_require__(7075) +const { fetching } = __nccwpck_require__(4398) +const { makeRequest } = __nccwpck_require__(9967) +const { webidl } = __nccwpck_require__(5893) +const { EventSourceStream } = __nccwpck_require__(4031) +const { parseMIMEType } = __nccwpck_require__(1900) +const { createFastMessageEvent } = __nccwpck_require__(5188) +const { isNetworkError } = __nccwpck_require__(9051) +const { delay } = __nccwpck_require__(4811) +const { kEnumerableProperty } = __nccwpck_require__(3440) +const { environmentSettingsObject } = __nccwpck_require__(3168) + +let experimentalWarned = false + +/** + * A reconnection time, in milliseconds. This must initially be an implementation-defined value, + * probably in the region of a few seconds. + * + * In Comparison: + * - Chrome uses 3000ms. + * - Deno uses 5000ms. + * + * @type {3000} + */ +const defaultReconnectionTime = 3000 + +/** + * The readyState attribute represents the state of the connection. + * @enum + * @readonly + * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#dom-eventsource-readystate-dev + */ + +/** + * The connection has not yet been established, or it was closed and the user + * agent is reconnecting. + * @type {0} + */ +const CONNECTING = 0 + +/** + * The user agent has an open connection and is dispatching events as it + * receives them. + * @type {1} + */ +const OPEN = 1 + +/** + * The connection is not open, and the user agent is not trying to reconnect. + * @type {2} + */ +const CLOSED = 2 + +/** + * Requests for the element will have their mode set to "cors" and their credentials mode set to "same-origin". + * @type {'anonymous'} + */ +const ANONYMOUS = 'anonymous' + +/** + * Requests for the element will have their mode set to "cors" and their credentials mode set to "include". + * @type {'use-credentials'} + */ +const USE_CREDENTIALS = 'use-credentials' + +/** + * The EventSource interface is used to receive server-sent events. It + * connects to a server over HTTP and receives events in text/event-stream + * format without closing the connection. + * @extends {EventTarget} + * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#server-sent-events + * @api public + */ +class EventSource extends EventTarget { + #events = { + open: null, + error: null, + message: null + } + + #url = null + #withCredentials = false + + #readyState = CONNECTING + + #request = null + #controller = null + + #dispatcher + + /** + * @type {import('./eventsource-stream').eventSourceSettings} + */ + #state + + /** + * Creates a new EventSource object. + * @param {string} url + * @param {EventSourceInit} [eventSourceInitDict] + * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#the-eventsource-interface + */ + constructor (url, eventSourceInitDict = {}) { + // 1. Let ev be a new EventSource object. + super() + + webidl.util.markAsUncloneable(this) + + const prefix = 'EventSource constructor' + webidl.argumentLengthCheck(arguments, 1, prefix) + + if (!experimentalWarned) { + experimentalWarned = true + process.emitWarning('EventSource is experimental, expect them to change at any time.', { + code: 'UNDICI-ES' + }) + } + + url = webidl.converters.USVString(url, prefix, 'url') + eventSourceInitDict = webidl.converters.EventSourceInitDict(eventSourceInitDict, prefix, 'eventSourceInitDict') + + this.#dispatcher = eventSourceInitDict.dispatcher + this.#state = { + lastEventId: '', + reconnectionTime: defaultReconnectionTime + } + + // 2. Let settings be ev's relevant settings object. + // https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object + const settings = environmentSettingsObject + + let urlRecord + + try { + // 3. Let urlRecord be the result of encoding-parsing a URL given url, relative to settings. + urlRecord = new URL(url, settings.settingsObject.baseUrl) + this.#state.origin = urlRecord.origin + } catch (e) { + // 4. If urlRecord is failure, then throw a "SyntaxError" DOMException. + throw new DOMException(e, 'SyntaxError') + } + + // 5. Set ev's url to urlRecord. + this.#url = urlRecord.href + + // 6. Let corsAttributeState be Anonymous. + let corsAttributeState = ANONYMOUS + + // 7. If the value of eventSourceInitDict's withCredentials member is true, + // then set corsAttributeState to Use Credentials and set ev's + // withCredentials attribute to true. + if (eventSourceInitDict.withCredentials) { + corsAttributeState = USE_CREDENTIALS + this.#withCredentials = true + } + + // 8. Let request be the result of creating a potential-CORS request given + // urlRecord, the empty string, and corsAttributeState. + const initRequest = { + redirect: 'follow', + keepalive: true, + // @see https://html.spec.whatwg.org/multipage/urls-and-fetching.html#cors-settings-attributes + mode: 'cors', + credentials: corsAttributeState === 'anonymous' + ? 'same-origin' + : 'omit', + referrer: 'no-referrer' + } + + // 9. Set request's client to settings. + initRequest.client = environmentSettingsObject.settingsObject + + // 10. User agents may set (`Accept`, `text/event-stream`) in request's header list. + initRequest.headersList = [['accept', { name: 'accept', value: 'text/event-stream' }]] + + // 11. Set request's cache mode to "no-store". + initRequest.cache = 'no-store' + + // 12. Set request's initiator type to "other". + initRequest.initiator = 'other' + + initRequest.urlList = [new URL(this.#url)] + + // 13. Set ev's request to request. + this.#request = makeRequest(initRequest) + + this.#connect() + } + + /** + * Returns the state of this EventSource object's connection. It can have the + * values described below. + * @returns {0|1|2} + * @readonly + */ + get readyState () { + return this.#readyState + } + + /** + * Returns the URL providing the event stream. + * @readonly + * @returns {string} + */ + get url () { + return this.#url + } + + /** + * Returns a boolean indicating whether the EventSource object was + * instantiated with CORS credentials set (true), or not (false, the default). + */ + get withCredentials () { + return this.#withCredentials + } + + #connect () { + if (this.#readyState === CLOSED) return + + this.#readyState = CONNECTING + + const fetchParams = { + request: this.#request, + dispatcher: this.#dispatcher + } + + // 14. Let processEventSourceEndOfBody given response res be the following step: if res is not a network error, then reestablish the connection. + const processEventSourceEndOfBody = (response) => { + if (isNetworkError(response)) { + this.dispatchEvent(new Event('error')) + this.close() + } + + this.#reconnect() + } + + // 15. Fetch request, with processResponseEndOfBody set to processEventSourceEndOfBody... + fetchParams.processResponseEndOfBody = processEventSourceEndOfBody + + // and processResponse set to the following steps given response res: + fetchParams.processResponse = (response) => { + // 1. If res is an aborted network error, then fail the connection. + + if (isNetworkError(response)) { + // 1. When a user agent is to fail the connection, the user agent + // must queue a task which, if the readyState attribute is set to a + // value other than CLOSED, sets the readyState attribute to CLOSED + // and fires an event named error at the EventSource object. Once the + // user agent has failed the connection, it does not attempt to + // reconnect. + if (response.aborted) { + this.close() + this.dispatchEvent(new Event('error')) + return + // 2. Otherwise, if res is a network error, then reestablish the + // connection, unless the user agent knows that to be futile, in + // which case the user agent may fail the connection. + } else { + this.#reconnect() + return + } + } + + // 3. Otherwise, if res's status is not 200, or if res's `Content-Type` + // is not `text/event-stream`, then fail the connection. + const contentType = response.headersList.get('content-type', true) + const mimeType = contentType !== null ? parseMIMEType(contentType) : 'failure' + const contentTypeValid = mimeType !== 'failure' && mimeType.essence === 'text/event-stream' + if ( + response.status !== 200 || + contentTypeValid === false + ) { + this.close() + this.dispatchEvent(new Event('error')) + return + } + + // 4. Otherwise, announce the connection and interpret res's body + // line by line. + + // When a user agent is to announce the connection, the user agent + // must queue a task which, if the readyState attribute is set to a + // value other than CLOSED, sets the readyState attribute to OPEN + // and fires an event named open at the EventSource object. + // @see https://html.spec.whatwg.org/multipage/server-sent-events.html#sse-processing-model + this.#readyState = OPEN + this.dispatchEvent(new Event('open')) + + // If redirected to a different origin, set the origin to the new origin. + this.#state.origin = response.urlList[response.urlList.length - 1].origin + + const eventSourceStream = new EventSourceStream({ + eventSourceSettings: this.#state, + push: (event) => { + this.dispatchEvent(createFastMessageEvent( + event.type, + event.options + )) + } + }) + + pipeline(response.body.stream, + eventSourceStream, + (error) => { + if ( + error?.aborted === false + ) { + this.close() + this.dispatchEvent(new Event('error')) + } + }) + } + + this.#controller = fetching(fetchParams) + } + + /** + * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#sse-processing-model + * @returns {Promise} + */ + async #reconnect () { + // When a user agent is to reestablish the connection, the user agent must + // run the following steps. These steps are run in parallel, not as part of + // a task. (The tasks that it queues, of course, are run like normal tasks + // and not themselves in parallel.) + + // 1. Queue a task to run the following steps: + + // 1. If the readyState attribute is set to CLOSED, abort the task. + if (this.#readyState === CLOSED) return + + // 2. Set the readyState attribute to CONNECTING. + this.#readyState = CONNECTING + + // 3. Fire an event named error at the EventSource object. + this.dispatchEvent(new Event('error')) + + // 2. Wait a delay equal to the reconnection time of the event source. + await delay(this.#state.reconnectionTime) + + // 5. Queue a task to run the following steps: + + // 1. If the EventSource object's readyState attribute is not set to + // CONNECTING, then return. + if (this.#readyState !== CONNECTING) return + + // 2. Let request be the EventSource object's request. + // 3. If the EventSource object's last event ID string is not the empty + // string, then: + // 1. Let lastEventIDValue be the EventSource object's last event ID + // string, encoded as UTF-8. + // 2. Set (`Last-Event-ID`, lastEventIDValue) in request's header + // list. + if (this.#state.lastEventId.length) { + this.#request.headersList.set('last-event-id', this.#state.lastEventId, true) + } + + // 4. Fetch request and process the response obtained in this fashion, if any, as described earlier in this section. + this.#connect() + } + + /** + * Closes the connection, if any, and sets the readyState attribute to + * CLOSED. + */ + close () { + webidl.brandCheck(this, EventSource) + + if (this.#readyState === CLOSED) return + this.#readyState = CLOSED + this.#controller.abort() + this.#request = null + } + + get onopen () { + return this.#events.open + } + + set onopen (fn) { + if (this.#events.open) { + this.removeEventListener('open', this.#events.open) + } + + if (typeof fn === 'function') { + this.#events.open = fn + this.addEventListener('open', fn) + } else { + this.#events.open = null + } + } + + get onmessage () { + return this.#events.message + } + + set onmessage (fn) { + if (this.#events.message) { + this.removeEventListener('message', this.#events.message) + } + + if (typeof fn === 'function') { + this.#events.message = fn + this.addEventListener('message', fn) + } else { + this.#events.message = null + } + } + + get onerror () { + return this.#events.error + } + + set onerror (fn) { + if (this.#events.error) { + this.removeEventListener('error', this.#events.error) + } + + if (typeof fn === 'function') { + this.#events.error = fn + this.addEventListener('error', fn) + } else { + this.#events.error = null + } + } +} + +const constantsPropertyDescriptors = { + CONNECTING: { + __proto__: null, + configurable: false, + enumerable: true, + value: CONNECTING, + writable: false + }, + OPEN: { + __proto__: null, + configurable: false, + enumerable: true, + value: OPEN, + writable: false + }, + CLOSED: { + __proto__: null, + configurable: false, + enumerable: true, + value: CLOSED, + writable: false + } +} + +Object.defineProperties(EventSource, constantsPropertyDescriptors) +Object.defineProperties(EventSource.prototype, constantsPropertyDescriptors) + +Object.defineProperties(EventSource.prototype, { + close: kEnumerableProperty, + onerror: kEnumerableProperty, + onmessage: kEnumerableProperty, + onopen: kEnumerableProperty, + readyState: kEnumerableProperty, + url: kEnumerableProperty, + withCredentials: kEnumerableProperty +}) + +webidl.converters.EventSourceInitDict = webidl.dictionaryConverter([ + { + key: 'withCredentials', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'dispatcher', // undici only + converter: webidl.converters.any + } +]) + +module.exports = { + EventSource, + defaultReconnectionTime +} + + +/***/ }), + +/***/ 4811: +/***/ ((module) => { + +"use strict"; + + +/** + * Checks if the given value is a valid LastEventId. + * @param {string} value + * @returns {boolean} + */ +function isValidLastEventId (value) { + // LastEventId should not contain U+0000 NULL + return value.indexOf('\u0000') === -1 +} + +/** + * Checks if the given value is a base 10 digit. + * @param {string} value + * @returns {boolean} + */ +function isASCIINumber (value) { + if (value.length === 0) return false + for (let i = 0; i < value.length; i++) { + if (value.charCodeAt(i) < 0x30 || value.charCodeAt(i) > 0x39) return false + } + return true +} + +// https://github.com/nodejs/undici/issues/2664 +function delay (ms) { + return new Promise((resolve) => { + setTimeout(resolve, ms).unref() + }) +} + +module.exports = { + isValidLastEventId, + isASCIINumber, + delay +} + + +/***/ }), + +/***/ 4492: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const util = __nccwpck_require__(3440) +const { + ReadableStreamFrom, + isBlobLike, + isReadableStreamLike, + readableStreamClose, + createDeferredPromise, + fullyReadBody, + extractMimeType, + utf8DecodeBytes +} = __nccwpck_require__(3168) +const { FormData } = __nccwpck_require__(5910) +const { kState } = __nccwpck_require__(3627) +const { webidl } = __nccwpck_require__(5893) +const { Blob } = __nccwpck_require__(4573) +const assert = __nccwpck_require__(4589) +const { isErrored, isDisturbed } = __nccwpck_require__(7075) +const { isArrayBuffer } = __nccwpck_require__(3429) +const { serializeAMimeType } = __nccwpck_require__(1900) +const { multipartFormDataParser } = __nccwpck_require__(116) +let random + +try { + const crypto = __nccwpck_require__(7598) + random = (max) => crypto.randomInt(0, max) +} catch { + random = (max) => Math.floor(Math.random(max)) +} + +const textEncoder = new TextEncoder() +function noop () {} + +const hasFinalizationRegistry = globalThis.FinalizationRegistry && process.version.indexOf('v18') !== 0 +let streamRegistry + +if (hasFinalizationRegistry) { + streamRegistry = new FinalizationRegistry((weakRef) => { + const stream = weakRef.deref() + if (stream && !stream.locked && !isDisturbed(stream) && !isErrored(stream)) { + stream.cancel('Response object has been garbage collected').catch(noop) + } + }) +} + +// https://fetch.spec.whatwg.org/#concept-bodyinit-extract +function extractBody (object, keepalive = false) { + // 1. Let stream be null. + let stream = null + + // 2. If object is a ReadableStream object, then set stream to object. + if (object instanceof ReadableStream) { + stream = object + } else if (isBlobLike(object)) { + // 3. Otherwise, if object is a Blob object, set stream to the + // result of running object’s get stream. + stream = object.stream() + } else { + // 4. Otherwise, set stream to a new ReadableStream object, and set + // up stream with byte reading support. + stream = new ReadableStream({ + async pull (controller) { + const buffer = typeof source === 'string' ? textEncoder.encode(source) : source + + if (buffer.byteLength) { + controller.enqueue(buffer) + } + + queueMicrotask(() => readableStreamClose(controller)) + }, + start () {}, + type: 'bytes' + }) + } + + // 5. Assert: stream is a ReadableStream object. + assert(isReadableStreamLike(stream)) + + // 6. Let action be null. + let action = null + + // 7. Let source be null. + let source = null + + // 8. Let length be null. + let length = null + + // 9. Let type be null. + let type = null + + // 10. Switch on object: + if (typeof object === 'string') { + // Set source to the UTF-8 encoding of object. + // Note: setting source to a Uint8Array here breaks some mocking assumptions. + source = object + + // Set type to `text/plain;charset=UTF-8`. + type = 'text/plain;charset=UTF-8' + } else if (object instanceof URLSearchParams) { + // URLSearchParams + + // spec says to run application/x-www-form-urlencoded on body.list + // this is implemented in Node.js as apart of an URLSearchParams instance toString method + // See: https://github.com/nodejs/node/blob/e46c680bf2b211bbd52cf959ca17ee98c7f657f5/lib/internal/url.js#L490 + // and https://github.com/nodejs/node/blob/e46c680bf2b211bbd52cf959ca17ee98c7f657f5/lib/internal/url.js#L1100 + + // Set source to the result of running the application/x-www-form-urlencoded serializer with object’s list. + source = object.toString() + + // Set type to `application/x-www-form-urlencoded;charset=UTF-8`. + type = 'application/x-www-form-urlencoded;charset=UTF-8' + } else if (isArrayBuffer(object)) { + // BufferSource/ArrayBuffer + + // Set source to a copy of the bytes held by object. + source = new Uint8Array(object.slice()) + } else if (ArrayBuffer.isView(object)) { + // BufferSource/ArrayBufferView + + // Set source to a copy of the bytes held by object. + source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) + } else if (util.isFormDataLike(object)) { + const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` + const prefix = `--${boundary}\r\nContent-Disposition: form-data` + + /*! formdata-polyfill. MIT License. Jimmy Wärting */ + const escape = (str) => + str.replace(/\n/g, '%0A').replace(/\r/g, '%0D').replace(/"/g, '%22') + const normalizeLinefeeds = (value) => value.replace(/\r?\n|\r/g, '\r\n') + + // Set action to this step: run the multipart/form-data + // encoding algorithm, with object’s entry list and UTF-8. + // - This ensures that the body is immutable and can't be changed afterwords + // - That the content-length is calculated in advance. + // - And that all parts are pre-encoded and ready to be sent. + + const blobParts = [] + const rn = new Uint8Array([13, 10]) // '\r\n' + length = 0 + let hasUnknownSizeValue = false + + for (const [name, value] of object) { + if (typeof value === 'string') { + const chunk = textEncoder.encode(prefix + + `; name="${escape(normalizeLinefeeds(name))}"` + + `\r\n\r\n${normalizeLinefeeds(value)}\r\n`) + blobParts.push(chunk) + length += chunk.byteLength + } else { + const chunk = textEncoder.encode(`${prefix}; name="${escape(normalizeLinefeeds(name))}"` + + (value.name ? `; filename="${escape(value.name)}"` : '') + '\r\n' + + `Content-Type: ${ + value.type || 'application/octet-stream' + }\r\n\r\n`) + blobParts.push(chunk, value, rn) + if (typeof value.size === 'number') { + length += chunk.byteLength + value.size + rn.byteLength + } else { + hasUnknownSizeValue = true + } + } + } + + // CRLF is appended to the body to function with legacy servers and match other implementations. + // https://github.com/curl/curl/blob/3434c6b46e682452973972e8313613dfa58cd690/lib/mime.c#L1029-L1030 + // https://github.com/form-data/form-data/issues/63 + const chunk = textEncoder.encode(`--${boundary}--\r\n`) + blobParts.push(chunk) + length += chunk.byteLength + if (hasUnknownSizeValue) { + length = null + } + + // Set source to object. + source = object + + action = async function * () { + for (const part of blobParts) { + if (part.stream) { + yield * part.stream() + } else { + yield part + } + } + } + + // Set type to `multipart/form-data; boundary=`, + // followed by the multipart/form-data boundary string generated + // by the multipart/form-data encoding algorithm. + type = `multipart/form-data; boundary=${boundary}` + } else if (isBlobLike(object)) { + // Blob + + // Set source to object. + source = object + + // Set length to object’s size. + length = object.size + + // If object’s type attribute is not the empty byte sequence, set + // type to its value. + if (object.type) { + type = object.type + } + } else if (typeof object[Symbol.asyncIterator] === 'function') { + // If keepalive is true, then throw a TypeError. + if (keepalive) { + throw new TypeError('keepalive') + } + + // If object is disturbed or locked, then throw a TypeError. + if (util.isDisturbed(object) || object.locked) { + throw new TypeError( + 'Response body object should not be disturbed or locked' + ) + } + + stream = + object instanceof ReadableStream ? object : ReadableStreamFrom(object) + } + + // 11. If source is a byte sequence, then set action to a + // step that returns source and length to source’s length. + if (typeof source === 'string' || util.isBuffer(source)) { + length = Buffer.byteLength(source) + } + + // 12. If action is non-null, then run these steps in in parallel: + if (action != null) { + // Run action. + let iterator + stream = new ReadableStream({ + async start () { + iterator = action(object)[Symbol.asyncIterator]() + }, + async pull (controller) { + const { value, done } = await iterator.next() + if (done) { + // When running action is done, close stream. + queueMicrotask(() => { + controller.close() + controller.byobRequest?.respond(0) + }) + } else { + // Whenever one or more bytes are available and stream is not errored, + // enqueue a Uint8Array wrapping an ArrayBuffer containing the available + // bytes into stream. + if (!isErrored(stream)) { + const buffer = new Uint8Array(value) + if (buffer.byteLength) { + controller.enqueue(buffer) + } + } + } + return controller.desiredSize > 0 + }, + async cancel (reason) { + await iterator.return() + }, + type: 'bytes' + }) + } + + // 13. Let body be a body whose stream is stream, source is source, + // and length is length. + const body = { stream, source, length } + + // 14. Return (body, type). + return [body, type] +} + +// https://fetch.spec.whatwg.org/#bodyinit-safely-extract +function safelyExtractBody (object, keepalive = false) { + // To safely extract a body and a `Content-Type` value from + // a byte sequence or BodyInit object object, run these steps: + + // 1. If object is a ReadableStream object, then: + if (object instanceof ReadableStream) { + // Assert: object is neither disturbed nor locked. + // istanbul ignore next + assert(!util.isDisturbed(object), 'The body has already been consumed.') + // istanbul ignore next + assert(!object.locked, 'The stream is locked.') + } + + // 2. Return the results of extracting object. + return extractBody(object, keepalive) +} + +function cloneBody (instance, body) { + // To clone a body body, run these steps: + + // https://fetch.spec.whatwg.org/#concept-body-clone + + // 1. Let « out1, out2 » be the result of teeing body’s stream. + const [out1, out2] = body.stream.tee() + + // 2. Set body’s stream to out1. + body.stream = out1 + + // 3. Return a body whose stream is out2 and other members are copied from body. + return { + stream: out2, + length: body.length, + source: body.source + } +} + +function throwIfAborted (state) { + if (state.aborted) { + throw new DOMException('The operation was aborted.', 'AbortError') + } +} + +function bodyMixinMethods (instance) { + const methods = { + blob () { + // The blob() method steps are to return the result of + // running consume body with this and the following step + // given a byte sequence bytes: return a Blob whose + // contents are bytes and whose type attribute is this’s + // MIME type. + return consumeBody(this, (bytes) => { + let mimeType = bodyMimeType(this) + + if (mimeType === null) { + mimeType = '' + } else if (mimeType) { + mimeType = serializeAMimeType(mimeType) + } + + // Return a Blob whose contents are bytes and type attribute + // is mimeType. + return new Blob([bytes], { type: mimeType }) + }, instance) + }, + + arrayBuffer () { + // The arrayBuffer() method steps are to return the result + // of running consume body with this and the following step + // given a byte sequence bytes: return a new ArrayBuffer + // whose contents are bytes. + return consumeBody(this, (bytes) => { + return new Uint8Array(bytes).buffer + }, instance) + }, + + text () { + // The text() method steps are to return the result of running + // consume body with this and UTF-8 decode. + return consumeBody(this, utf8DecodeBytes, instance) + }, + + json () { + // The json() method steps are to return the result of running + // consume body with this and parse JSON from bytes. + return consumeBody(this, parseJSONFromBytes, instance) + }, + + formData () { + // The formData() method steps are to return the result of running + // consume body with this and the following step given a byte sequence bytes: + return consumeBody(this, (value) => { + // 1. Let mimeType be the result of get the MIME type with this. + const mimeType = bodyMimeType(this) + + // 2. If mimeType is non-null, then switch on mimeType’s essence and run + // the corresponding steps: + if (mimeType !== null) { + switch (mimeType.essence) { + case 'multipart/form-data': { + // 1. ... [long step] + const parsed = multipartFormDataParser(value, mimeType) + + // 2. If that fails for some reason, then throw a TypeError. + if (parsed === 'failure') { + throw new TypeError('Failed to parse body as FormData.') + } + + // 3. Return a new FormData object, appending each entry, + // resulting from the parsing operation, to its entry list. + const fd = new FormData() + fd[kState] = parsed + + return fd + } + case 'application/x-www-form-urlencoded': { + // 1. Let entries be the result of parsing bytes. + const entries = new URLSearchParams(value.toString()) + + // 2. If entries is failure, then throw a TypeError. + + // 3. Return a new FormData object whose entry list is entries. + const fd = new FormData() + + for (const [name, value] of entries) { + fd.append(name, value) + } + + return fd + } + } + } + + // 3. Throw a TypeError. + throw new TypeError( + 'Content-Type was not one of "multipart/form-data" or "application/x-www-form-urlencoded".' + ) + }, instance) + }, + + bytes () { + // The bytes() method steps are to return the result of running consume body + // with this and the following step given a byte sequence bytes: return the + // result of creating a Uint8Array from bytes in this’s relevant realm. + return consumeBody(this, (bytes) => { + return new Uint8Array(bytes) + }, instance) + } + } + + return methods +} + +function mixinBody (prototype) { + Object.assign(prototype.prototype, bodyMixinMethods(prototype)) +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-body-consume-body + * @param {Response|Request} object + * @param {(value: unknown) => unknown} convertBytesToJSValue + * @param {Response|Request} instance + */ +async function consumeBody (object, convertBytesToJSValue, instance) { + webidl.brandCheck(object, instance) + + // 1. If object is unusable, then return a promise rejected + // with a TypeError. + if (bodyUnusable(object)) { + throw new TypeError('Body is unusable: Body has already been read') + } + + throwIfAborted(object[kState]) + + // 2. Let promise be a new promise. + const promise = createDeferredPromise() + + // 3. Let errorSteps given error be to reject promise with error. + const errorSteps = (error) => promise.reject(error) + + // 4. Let successSteps given a byte sequence data be to resolve + // promise with the result of running convertBytesToJSValue + // with data. If that threw an exception, then run errorSteps + // with that exception. + const successSteps = (data) => { + try { + promise.resolve(convertBytesToJSValue(data)) + } catch (e) { + errorSteps(e) + } + } + + // 5. If object’s body is null, then run successSteps with an + // empty byte sequence. + if (object[kState].body == null) { + successSteps(Buffer.allocUnsafe(0)) + return promise.promise + } + + // 6. Otherwise, fully read object’s body given successSteps, + // errorSteps, and object’s relevant global object. + await fullyReadBody(object[kState].body, successSteps, errorSteps) + + // 7. Return promise. + return promise.promise +} + +// https://fetch.spec.whatwg.org/#body-unusable +function bodyUnusable (object) { + const body = object[kState].body + + // An object including the Body interface mixin is + // said to be unusable if its body is non-null and + // its body’s stream is disturbed or locked. + return body != null && (body.stream.locked || util.isDisturbed(body.stream)) +} + +/** + * @see https://infra.spec.whatwg.org/#parse-json-bytes-to-a-javascript-value + * @param {Uint8Array} bytes + */ +function parseJSONFromBytes (bytes) { + return JSON.parse(utf8DecodeBytes(bytes)) +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-body-mime-type + * @param {import('./response').Response|import('./request').Request} requestOrResponse + */ +function bodyMimeType (requestOrResponse) { + // 1. Let headers be null. + // 2. If requestOrResponse is a Request object, then set headers to requestOrResponse’s request’s header list. + // 3. Otherwise, set headers to requestOrResponse’s response’s header list. + /** @type {import('./headers').HeadersList} */ + const headers = requestOrResponse[kState].headersList + + // 4. Let mimeType be the result of extracting a MIME type from headers. + const mimeType = extractMimeType(headers) + + // 5. If mimeType is failure, then return null. + if (mimeType === 'failure') { + return null + } + + // 6. Return mimeType. + return mimeType +} + +module.exports = { + extractBody, + safelyExtractBody, + cloneBody, + mixinBody, + streamRegistry, + hasFinalizationRegistry, + bodyUnusable +} + + +/***/ }), + +/***/ 4495: +/***/ ((module) => { + +"use strict"; + + +const corsSafeListedMethods = /** @type {const} */ (['GET', 'HEAD', 'POST']) +const corsSafeListedMethodsSet = new Set(corsSafeListedMethods) + +const nullBodyStatus = /** @type {const} */ ([101, 204, 205, 304]) + +const redirectStatus = /** @type {const} */ ([301, 302, 303, 307, 308]) +const redirectStatusSet = new Set(redirectStatus) + +/** + * @see https://fetch.spec.whatwg.org/#block-bad-port + */ +const badPorts = /** @type {const} */ ([ + '1', '7', '9', '11', '13', '15', '17', '19', '20', '21', '22', '23', '25', '37', '42', '43', '53', '69', '77', '79', + '87', '95', '101', '102', '103', '104', '109', '110', '111', '113', '115', '117', '119', '123', '135', '137', + '139', '143', '161', '179', '389', '427', '465', '512', '513', '514', '515', '526', '530', '531', '532', + '540', '548', '554', '556', '563', '587', '601', '636', '989', '990', '993', '995', '1719', '1720', '1723', + '2049', '3659', '4045', '4190', '5060', '5061', '6000', '6566', '6665', '6666', '6667', '6668', '6669', '6679', + '6697', '10080' +]) +const badPortsSet = new Set(badPorts) + +/** + * @see https://w3c.github.io/webappsec-referrer-policy/#referrer-policies + */ +const referrerPolicy = /** @type {const} */ ([ + '', + 'no-referrer', + 'no-referrer-when-downgrade', + 'same-origin', + 'origin', + 'strict-origin', + 'origin-when-cross-origin', + 'strict-origin-when-cross-origin', + 'unsafe-url' +]) +const referrerPolicySet = new Set(referrerPolicy) + +const requestRedirect = /** @type {const} */ (['follow', 'manual', 'error']) + +const safeMethods = /** @type {const} */ (['GET', 'HEAD', 'OPTIONS', 'TRACE']) +const safeMethodsSet = new Set(safeMethods) + +const requestMode = /** @type {const} */ (['navigate', 'same-origin', 'no-cors', 'cors']) + +const requestCredentials = /** @type {const} */ (['omit', 'same-origin', 'include']) + +const requestCache = /** @type {const} */ ([ + 'default', + 'no-store', + 'reload', + 'no-cache', + 'force-cache', + 'only-if-cached' +]) + +/** + * @see https://fetch.spec.whatwg.org/#request-body-header-name + */ +const requestBodyHeader = /** @type {const} */ ([ + 'content-encoding', + 'content-language', + 'content-location', + 'content-type', + // See https://github.com/nodejs/undici/issues/2021 + // 'Content-Length' is a forbidden header name, which is typically + // removed in the Headers implementation. However, undici doesn't + // filter out headers, so we add it here. + 'content-length' +]) + +/** + * @see https://fetch.spec.whatwg.org/#enumdef-requestduplex + */ +const requestDuplex = /** @type {const} */ ([ + 'half' +]) + +/** + * @see http://fetch.spec.whatwg.org/#forbidden-method + */ +const forbiddenMethods = /** @type {const} */ (['CONNECT', 'TRACE', 'TRACK']) +const forbiddenMethodsSet = new Set(forbiddenMethods) + +const subresource = /** @type {const} */ ([ + 'audio', + 'audioworklet', + 'font', + 'image', + 'manifest', + 'paintworklet', + 'script', + 'style', + 'track', + 'video', + 'xslt', + '' +]) +const subresourceSet = new Set(subresource) + +module.exports = { + subresource, + forbiddenMethods, + requestBodyHeader, + referrerPolicy, + requestRedirect, + requestMode, + requestCredentials, + requestCache, + redirectStatus, + corsSafeListedMethods, + nullBodyStatus, + safeMethods, + badPorts, + requestDuplex, + subresourceSet, + badPortsSet, + redirectStatusSet, + corsSafeListedMethodsSet, + safeMethodsSet, + forbiddenMethodsSet, + referrerPolicySet +} + + +/***/ }), + +/***/ 1900: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const assert = __nccwpck_require__(4589) + +const encoder = new TextEncoder() + +/** + * @see https://mimesniff.spec.whatwg.org/#http-token-code-point + */ +const HTTP_TOKEN_CODEPOINTS = /^[!#$%&'*+\-.^_|~A-Za-z0-9]+$/ +const HTTP_WHITESPACE_REGEX = /[\u000A\u000D\u0009\u0020]/ // eslint-disable-line +const ASCII_WHITESPACE_REPLACE_REGEX = /[\u0009\u000A\u000C\u000D\u0020]/g // eslint-disable-line +/** + * @see https://mimesniff.spec.whatwg.org/#http-quoted-string-token-code-point + */ +const HTTP_QUOTED_STRING_TOKENS = /^[\u0009\u0020-\u007E\u0080-\u00FF]+$/ // eslint-disable-line + +// https://fetch.spec.whatwg.org/#data-url-processor +/** @param {URL} dataURL */ +function dataURLProcessor (dataURL) { + // 1. Assert: dataURL’s scheme is "data". + assert(dataURL.protocol === 'data:') + + // 2. Let input be the result of running the URL + // serializer on dataURL with exclude fragment + // set to true. + let input = URLSerializer(dataURL, true) + + // 3. Remove the leading "data:" string from input. + input = input.slice(5) + + // 4. Let position point at the start of input. + const position = { position: 0 } + + // 5. Let mimeType be the result of collecting a + // sequence of code points that are not equal + // to U+002C (,), given position. + let mimeType = collectASequenceOfCodePointsFast( + ',', + input, + position + ) + + // 6. Strip leading and trailing ASCII whitespace + // from mimeType. + // Undici implementation note: we need to store the + // length because if the mimetype has spaces removed, + // the wrong amount will be sliced from the input in + // step #9 + const mimeTypeLength = mimeType.length + mimeType = removeASCIIWhitespace(mimeType, true, true) + + // 7. If position is past the end of input, then + // return failure + if (position.position >= input.length) { + return 'failure' + } + + // 8. Advance position by 1. + position.position++ + + // 9. Let encodedBody be the remainder of input. + const encodedBody = input.slice(mimeTypeLength + 1) + + // 10. Let body be the percent-decoding of encodedBody. + let body = stringPercentDecode(encodedBody) + + // 11. If mimeType ends with U+003B (;), followed by + // zero or more U+0020 SPACE, followed by an ASCII + // case-insensitive match for "base64", then: + if (/;(\u0020){0,}base64$/i.test(mimeType)) { + // 1. Let stringBody be the isomorphic decode of body. + const stringBody = isomorphicDecode(body) + + // 2. Set body to the forgiving-base64 decode of + // stringBody. + body = forgivingBase64(stringBody) + + // 3. If body is failure, then return failure. + if (body === 'failure') { + return 'failure' + } + + // 4. Remove the last 6 code points from mimeType. + mimeType = mimeType.slice(0, -6) + + // 5. Remove trailing U+0020 SPACE code points from mimeType, + // if any. + mimeType = mimeType.replace(/(\u0020)+$/, '') + + // 6. Remove the last U+003B (;) code point from mimeType. + mimeType = mimeType.slice(0, -1) + } + + // 12. If mimeType starts with U+003B (;), then prepend + // "text/plain" to mimeType. + if (mimeType.startsWith(';')) { + mimeType = 'text/plain' + mimeType + } + + // 13. Let mimeTypeRecord be the result of parsing + // mimeType. + let mimeTypeRecord = parseMIMEType(mimeType) + + // 14. If mimeTypeRecord is failure, then set + // mimeTypeRecord to text/plain;charset=US-ASCII. + if (mimeTypeRecord === 'failure') { + mimeTypeRecord = parseMIMEType('text/plain;charset=US-ASCII') + } + + // 15. Return a new data: URL struct whose MIME + // type is mimeTypeRecord and body is body. + // https://fetch.spec.whatwg.org/#data-url-struct + return { mimeType: mimeTypeRecord, body } +} + +// https://url.spec.whatwg.org/#concept-url-serializer +/** + * @param {URL} url + * @param {boolean} excludeFragment + */ +function URLSerializer (url, excludeFragment = false) { + if (!excludeFragment) { + return url.href + } + + const href = url.href + const hashLength = url.hash.length + + const serialized = hashLength === 0 ? href : href.substring(0, href.length - hashLength) + + if (!hashLength && href.endsWith('#')) { + return serialized.slice(0, -1) + } + + return serialized +} + +// https://infra.spec.whatwg.org/#collect-a-sequence-of-code-points +/** + * @param {(char: string) => boolean} condition + * @param {string} input + * @param {{ position: number }} position + */ +function collectASequenceOfCodePoints (condition, input, position) { + // 1. Let result be the empty string. + let result = '' + + // 2. While position doesn’t point past the end of input and the + // code point at position within input meets the condition condition: + while (position.position < input.length && condition(input[position.position])) { + // 1. Append that code point to the end of result. + result += input[position.position] + + // 2. Advance position by 1. + position.position++ + } + + // 3. Return result. + return result +} + +/** + * A faster collectASequenceOfCodePoints that only works when comparing a single character. + * @param {string} char + * @param {string} input + * @param {{ position: number }} position + */ +function collectASequenceOfCodePointsFast (char, input, position) { + const idx = input.indexOf(char, position.position) + const start = position.position + + if (idx === -1) { + position.position = input.length + return input.slice(start) + } + + position.position = idx + return input.slice(start, position.position) +} + +// https://url.spec.whatwg.org/#string-percent-decode +/** @param {string} input */ +function stringPercentDecode (input) { + // 1. Let bytes be the UTF-8 encoding of input. + const bytes = encoder.encode(input) + + // 2. Return the percent-decoding of bytes. + return percentDecode(bytes) +} + +/** + * @param {number} byte + */ +function isHexCharByte (byte) { + // 0-9 A-F a-f + return (byte >= 0x30 && byte <= 0x39) || (byte >= 0x41 && byte <= 0x46) || (byte >= 0x61 && byte <= 0x66) +} + +/** + * @param {number} byte + */ +function hexByteToNumber (byte) { + return ( + // 0-9 + byte >= 0x30 && byte <= 0x39 + ? (byte - 48) + // Convert to uppercase + // ((byte & 0xDF) - 65) + 10 + : ((byte & 0xDF) - 55) + ) +} + +// https://url.spec.whatwg.org/#percent-decode +/** @param {Uint8Array} input */ +function percentDecode (input) { + const length = input.length + // 1. Let output be an empty byte sequence. + /** @type {Uint8Array} */ + const output = new Uint8Array(length) + let j = 0 + // 2. For each byte byte in input: + for (let i = 0; i < length; ++i) { + const byte = input[i] + + // 1. If byte is not 0x25 (%), then append byte to output. + if (byte !== 0x25) { + output[j++] = byte + + // 2. Otherwise, if byte is 0x25 (%) and the next two bytes + // after byte in input are not in the ranges + // 0x30 (0) to 0x39 (9), 0x41 (A) to 0x46 (F), + // and 0x61 (a) to 0x66 (f), all inclusive, append byte + // to output. + } else if ( + byte === 0x25 && + !(isHexCharByte(input[i + 1]) && isHexCharByte(input[i + 2])) + ) { + output[j++] = 0x25 + + // 3. Otherwise: + } else { + // 1. Let bytePoint be the two bytes after byte in input, + // decoded, and then interpreted as hexadecimal number. + // 2. Append a byte whose value is bytePoint to output. + output[j++] = (hexByteToNumber(input[i + 1]) << 4) | hexByteToNumber(input[i + 2]) + + // 3. Skip the next two bytes in input. + i += 2 + } + } + + // 3. Return output. + return length === j ? output : output.subarray(0, j) +} + +// https://mimesniff.spec.whatwg.org/#parse-a-mime-type +/** @param {string} input */ +function parseMIMEType (input) { + // 1. Remove any leading and trailing HTTP whitespace + // from input. + input = removeHTTPWhitespace(input, true, true) + + // 2. Let position be a position variable for input, + // initially pointing at the start of input. + const position = { position: 0 } + + // 3. Let type be the result of collecting a sequence + // of code points that are not U+002F (/) from + // input, given position. + const type = collectASequenceOfCodePointsFast( + '/', + input, + position + ) + + // 4. If type is the empty string or does not solely + // contain HTTP token code points, then return failure. + // https://mimesniff.spec.whatwg.org/#http-token-code-point + if (type.length === 0 || !HTTP_TOKEN_CODEPOINTS.test(type)) { + return 'failure' + } + + // 5. If position is past the end of input, then return + // failure + if (position.position > input.length) { + return 'failure' + } + + // 6. Advance position by 1. (This skips past U+002F (/).) + position.position++ + + // 7. Let subtype be the result of collecting a sequence of + // code points that are not U+003B (;) from input, given + // position. + let subtype = collectASequenceOfCodePointsFast( + ';', + input, + position + ) + + // 8. Remove any trailing HTTP whitespace from subtype. + subtype = removeHTTPWhitespace(subtype, false, true) + + // 9. If subtype is the empty string or does not solely + // contain HTTP token code points, then return failure. + if (subtype.length === 0 || !HTTP_TOKEN_CODEPOINTS.test(subtype)) { + return 'failure' + } + + const typeLowercase = type.toLowerCase() + const subtypeLowercase = subtype.toLowerCase() + + // 10. Let mimeType be a new MIME type record whose type + // is type, in ASCII lowercase, and subtype is subtype, + // in ASCII lowercase. + // https://mimesniff.spec.whatwg.org/#mime-type + const mimeType = { + type: typeLowercase, + subtype: subtypeLowercase, + /** @type {Map} */ + parameters: new Map(), + // https://mimesniff.spec.whatwg.org/#mime-type-essence + essence: `${typeLowercase}/${subtypeLowercase}` + } + + // 11. While position is not past the end of input: + while (position.position < input.length) { + // 1. Advance position by 1. (This skips past U+003B (;).) + position.position++ + + // 2. Collect a sequence of code points that are HTTP + // whitespace from input given position. + collectASequenceOfCodePoints( + // https://fetch.spec.whatwg.org/#http-whitespace + char => HTTP_WHITESPACE_REGEX.test(char), + input, + position + ) + + // 3. Let parameterName be the result of collecting a + // sequence of code points that are not U+003B (;) + // or U+003D (=) from input, given position. + let parameterName = collectASequenceOfCodePoints( + (char) => char !== ';' && char !== '=', + input, + position + ) + + // 4. Set parameterName to parameterName, in ASCII + // lowercase. + parameterName = parameterName.toLowerCase() + + // 5. If position is not past the end of input, then: + if (position.position < input.length) { + // 1. If the code point at position within input is + // U+003B (;), then continue. + if (input[position.position] === ';') { + continue + } + + // 2. Advance position by 1. (This skips past U+003D (=).) + position.position++ + } + + // 6. If position is past the end of input, then break. + if (position.position > input.length) { + break + } + + // 7. Let parameterValue be null. + let parameterValue = null + + // 8. If the code point at position within input is + // U+0022 ("), then: + if (input[position.position] === '"') { + // 1. Set parameterValue to the result of collecting + // an HTTP quoted string from input, given position + // and the extract-value flag. + parameterValue = collectAnHTTPQuotedString(input, position, true) + + // 2. Collect a sequence of code points that are not + // U+003B (;) from input, given position. + collectASequenceOfCodePointsFast( + ';', + input, + position + ) + + // 9. Otherwise: + } else { + // 1. Set parameterValue to the result of collecting + // a sequence of code points that are not U+003B (;) + // from input, given position. + parameterValue = collectASequenceOfCodePointsFast( + ';', + input, + position + ) + + // 2. Remove any trailing HTTP whitespace from parameterValue. + parameterValue = removeHTTPWhitespace(parameterValue, false, true) + + // 3. If parameterValue is the empty string, then continue. + if (parameterValue.length === 0) { + continue + } + } + + // 10. If all of the following are true + // - parameterName is not the empty string + // - parameterName solely contains HTTP token code points + // - parameterValue solely contains HTTP quoted-string token code points + // - mimeType’s parameters[parameterName] does not exist + // then set mimeType’s parameters[parameterName] to parameterValue. + if ( + parameterName.length !== 0 && + HTTP_TOKEN_CODEPOINTS.test(parameterName) && + (parameterValue.length === 0 || HTTP_QUOTED_STRING_TOKENS.test(parameterValue)) && + !mimeType.parameters.has(parameterName) + ) { + mimeType.parameters.set(parameterName, parameterValue) + } + } + + // 12. Return mimeType. + return mimeType +} + +// https://infra.spec.whatwg.org/#forgiving-base64-decode +/** @param {string} data */ +function forgivingBase64 (data) { + // 1. Remove all ASCII whitespace from data. + data = data.replace(ASCII_WHITESPACE_REPLACE_REGEX, '') // eslint-disable-line + + let dataLength = data.length + // 2. If data’s code point length divides by 4 leaving + // no remainder, then: + if (dataLength % 4 === 0) { + // 1. If data ends with one or two U+003D (=) code points, + // then remove them from data. + if (data.charCodeAt(dataLength - 1) === 0x003D) { + --dataLength + if (data.charCodeAt(dataLength - 1) === 0x003D) { + --dataLength + } + } + } + + // 3. If data’s code point length divides by 4 leaving + // a remainder of 1, then return failure. + if (dataLength % 4 === 1) { + return 'failure' + } + + // 4. If data contains a code point that is not one of + // U+002B (+) + // U+002F (/) + // ASCII alphanumeric + // then return failure. + if (/[^+/0-9A-Za-z]/.test(data.length === dataLength ? data : data.substring(0, dataLength))) { + return 'failure' + } + + const buffer = Buffer.from(data, 'base64') + return new Uint8Array(buffer.buffer, buffer.byteOffset, buffer.byteLength) +} + +// https://fetch.spec.whatwg.org/#collect-an-http-quoted-string +// tests: https://fetch.spec.whatwg.org/#example-http-quoted-string +/** + * @param {string} input + * @param {{ position: number }} position + * @param {boolean?} extractValue + */ +function collectAnHTTPQuotedString (input, position, extractValue) { + // 1. Let positionStart be position. + const positionStart = position.position + + // 2. Let value be the empty string. + let value = '' + + // 3. Assert: the code point at position within input + // is U+0022 ("). + assert(input[position.position] === '"') + + // 4. Advance position by 1. + position.position++ + + // 5. While true: + while (true) { + // 1. Append the result of collecting a sequence of code points + // that are not U+0022 (") or U+005C (\) from input, given + // position, to value. + value += collectASequenceOfCodePoints( + (char) => char !== '"' && char !== '\\', + input, + position + ) + + // 2. If position is past the end of input, then break. + if (position.position >= input.length) { + break + } + + // 3. Let quoteOrBackslash be the code point at position within + // input. + const quoteOrBackslash = input[position.position] + + // 4. Advance position by 1. + position.position++ + + // 5. If quoteOrBackslash is U+005C (\), then: + if (quoteOrBackslash === '\\') { + // 1. If position is past the end of input, then append + // U+005C (\) to value and break. + if (position.position >= input.length) { + value += '\\' + break + } + + // 2. Append the code point at position within input to value. + value += input[position.position] + + // 3. Advance position by 1. + position.position++ + + // 6. Otherwise: + } else { + // 1. Assert: quoteOrBackslash is U+0022 ("). + assert(quoteOrBackslash === '"') + + // 2. Break. + break + } + } + + // 6. If the extract-value flag is set, then return value. + if (extractValue) { + return value + } + + // 7. Return the code points from positionStart to position, + // inclusive, within input. + return input.slice(positionStart, position.position) +} + +/** + * @see https://mimesniff.spec.whatwg.org/#serialize-a-mime-type + */ +function serializeAMimeType (mimeType) { + assert(mimeType !== 'failure') + const { parameters, essence } = mimeType + + // 1. Let serialization be the concatenation of mimeType’s + // type, U+002F (/), and mimeType’s subtype. + let serialization = essence + + // 2. For each name → value of mimeType’s parameters: + for (let [name, value] of parameters.entries()) { + // 1. Append U+003B (;) to serialization. + serialization += ';' + + // 2. Append name to serialization. + serialization += name + + // 3. Append U+003D (=) to serialization. + serialization += '=' + + // 4. If value does not solely contain HTTP token code + // points or value is the empty string, then: + if (!HTTP_TOKEN_CODEPOINTS.test(value)) { + // 1. Precede each occurrence of U+0022 (") or + // U+005C (\) in value with U+005C (\). + value = value.replace(/(\\|")/g, '\\$1') + + // 2. Prepend U+0022 (") to value. + value = '"' + value + + // 3. Append U+0022 (") to value. + value += '"' + } + + // 5. Append value to serialization. + serialization += value + } + + // 3. Return serialization. + return serialization +} + +/** + * @see https://fetch.spec.whatwg.org/#http-whitespace + * @param {number} char + */ +function isHTTPWhiteSpace (char) { + // "\r\n\t " + return char === 0x00d || char === 0x00a || char === 0x009 || char === 0x020 +} + +/** + * @see https://fetch.spec.whatwg.org/#http-whitespace + * @param {string} str + * @param {boolean} [leading=true] + * @param {boolean} [trailing=true] + */ +function removeHTTPWhitespace (str, leading = true, trailing = true) { + return removeChars(str, leading, trailing, isHTTPWhiteSpace) +} + +/** + * @see https://infra.spec.whatwg.org/#ascii-whitespace + * @param {number} char + */ +function isASCIIWhitespace (char) { + // "\r\n\t\f " + return char === 0x00d || char === 0x00a || char === 0x009 || char === 0x00c || char === 0x020 +} + +/** + * @see https://infra.spec.whatwg.org/#strip-leading-and-trailing-ascii-whitespace + * @param {string} str + * @param {boolean} [leading=true] + * @param {boolean} [trailing=true] + */ +function removeASCIIWhitespace (str, leading = true, trailing = true) { + return removeChars(str, leading, trailing, isASCIIWhitespace) +} + +/** + * @param {string} str + * @param {boolean} leading + * @param {boolean} trailing + * @param {(charCode: number) => boolean} predicate + * @returns + */ +function removeChars (str, leading, trailing, predicate) { + let lead = 0 + let trail = str.length - 1 + + if (leading) { + while (lead < str.length && predicate(str.charCodeAt(lead))) lead++ + } + + if (trailing) { + while (trail > 0 && predicate(str.charCodeAt(trail))) trail-- + } + + return lead === 0 && trail === str.length - 1 ? str : str.slice(lead, trail + 1) +} + +/** + * @see https://infra.spec.whatwg.org/#isomorphic-decode + * @param {Uint8Array} input + * @returns {string} + */ +function isomorphicDecode (input) { + // 1. To isomorphic decode a byte sequence input, return a string whose code point + // length is equal to input’s length and whose code points have the same values + // as the values of input’s bytes, in the same order. + const length = input.length + if ((2 << 15) - 1 > length) { + return String.fromCharCode.apply(null, input) + } + let result = ''; let i = 0 + let addition = (2 << 15) - 1 + while (i < length) { + if (i + addition > length) { + addition = length - i + } + result += String.fromCharCode.apply(null, input.subarray(i, i += addition)) + } + return result +} + +/** + * @see https://mimesniff.spec.whatwg.org/#minimize-a-supported-mime-type + * @param {Exclude, 'failure'>} mimeType + */ +function minimizeSupportedMimeType (mimeType) { + switch (mimeType.essence) { + case 'application/ecmascript': + case 'application/javascript': + case 'application/x-ecmascript': + case 'application/x-javascript': + case 'text/ecmascript': + case 'text/javascript': + case 'text/javascript1.0': + case 'text/javascript1.1': + case 'text/javascript1.2': + case 'text/javascript1.3': + case 'text/javascript1.4': + case 'text/javascript1.5': + case 'text/jscript': + case 'text/livescript': + case 'text/x-ecmascript': + case 'text/x-javascript': + // 1. If mimeType is a JavaScript MIME type, then return "text/javascript". + return 'text/javascript' + case 'application/json': + case 'text/json': + // 2. If mimeType is a JSON MIME type, then return "application/json". + return 'application/json' + case 'image/svg+xml': + // 3. If mimeType’s essence is "image/svg+xml", then return "image/svg+xml". + return 'image/svg+xml' + case 'text/xml': + case 'application/xml': + // 4. If mimeType is an XML MIME type, then return "application/xml". + return 'application/xml' + } + + // 2. If mimeType is a JSON MIME type, then return "application/json". + if (mimeType.subtype.endsWith('+json')) { + return 'application/json' + } + + // 4. If mimeType is an XML MIME type, then return "application/xml". + if (mimeType.subtype.endsWith('+xml')) { + return 'application/xml' + } + + // 5. If mimeType is supported by the user agent, then return mimeType’s essence. + // Technically, node doesn't support any mimetypes. + + // 6. Return the empty string. + return '' +} + +module.exports = { + dataURLProcessor, + URLSerializer, + collectASequenceOfCodePoints, + collectASequenceOfCodePointsFast, + stringPercentDecode, + parseMIMEType, + collectAnHTTPQuotedString, + serializeAMimeType, + removeChars, + removeHTTPWhitespace, + minimizeSupportedMimeType, + HTTP_TOKEN_CODEPOINTS, + isomorphicDecode +} + + +/***/ }), + +/***/ 6653: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { kConnected, kSize } = __nccwpck_require__(6443) + +class CompatWeakRef { + constructor (value) { + this.value = value + } + + deref () { + return this.value[kConnected] === 0 && this.value[kSize] === 0 + ? undefined + : this.value + } +} + +class CompatFinalizer { + constructor (finalizer) { + this.finalizer = finalizer + } + + register (dispatcher, key) { + if (dispatcher.on) { + dispatcher.on('disconnect', () => { + if (dispatcher[kConnected] === 0 && dispatcher[kSize] === 0) { + this.finalizer(key) + } + }) + } + } + + unregister (key) {} +} + +module.exports = function () { + // FIXME: remove workaround when the Node bug is backported to v18 + // https://github.com/nodejs/node/issues/49344#issuecomment-1741776308 + if (process.env.NODE_V8_COVERAGE && process.version.startsWith('v18')) { + process._rawDebug('Using compatibility WeakRef and FinalizationRegistry') + return { + WeakRef: CompatWeakRef, + FinalizationRegistry: CompatFinalizer + } + } + return { WeakRef, FinalizationRegistry } +} + + +/***/ }), + +/***/ 7114: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Blob, File } = __nccwpck_require__(4573) +const { kState } = __nccwpck_require__(3627) +const { webidl } = __nccwpck_require__(5893) + +// TODO(@KhafraDev): remove +class FileLike { + constructor (blobLike, fileName, options = {}) { + // TODO: argument idl type check + + // The File constructor is invoked with two or three parameters, depending + // on whether the optional dictionary parameter is used. When the File() + // constructor is invoked, user agents must run the following steps: + + // 1. Let bytes be the result of processing blob parts given fileBits and + // options. + + // 2. Let n be the fileName argument to the constructor. + const n = fileName + + // 3. Process FilePropertyBag dictionary argument by running the following + // substeps: + + // 1. If the type member is provided and is not the empty string, let t + // be set to the type dictionary member. If t contains any characters + // outside the range U+0020 to U+007E, then set t to the empty string + // and return from these substeps. + // TODO + const t = options.type + + // 2. Convert every character in t to ASCII lowercase. + // TODO + + // 3. If the lastModified member is provided, let d be set to the + // lastModified dictionary member. If it is not provided, set d to the + // current date and time represented as the number of milliseconds since + // the Unix Epoch (which is the equivalent of Date.now() [ECMA-262]). + const d = options.lastModified ?? Date.now() + + // 4. Return a new File object F such that: + // F refers to the bytes byte sequence. + // F.size is set to the number of total bytes in bytes. + // F.name is set to n. + // F.type is set to t. + // F.lastModified is set to d. + + this[kState] = { + blobLike, + name: n, + type: t, + lastModified: d + } + } + + stream (...args) { + webidl.brandCheck(this, FileLike) + + return this[kState].blobLike.stream(...args) + } + + arrayBuffer (...args) { + webidl.brandCheck(this, FileLike) + + return this[kState].blobLike.arrayBuffer(...args) + } + + slice (...args) { + webidl.brandCheck(this, FileLike) + + return this[kState].blobLike.slice(...args) + } + + text (...args) { + webidl.brandCheck(this, FileLike) + + return this[kState].blobLike.text(...args) + } + + get size () { + webidl.brandCheck(this, FileLike) + + return this[kState].blobLike.size + } + + get type () { + webidl.brandCheck(this, FileLike) + + return this[kState].blobLike.type + } + + get name () { + webidl.brandCheck(this, FileLike) + + return this[kState].name + } + + get lastModified () { + webidl.brandCheck(this, FileLike) + + return this[kState].lastModified + } + + get [Symbol.toStringTag] () { + return 'File' + } +} + +webidl.converters.Blob = webidl.interfaceConverter(Blob) + +// If this function is moved to ./util.js, some tools (such as +// rollup) will warn about circular dependencies. See: +// https://github.com/nodejs/undici/issues/1629 +function isFileLike (object) { + return ( + (object instanceof File) || + ( + object && + (typeof object.stream === 'function' || + typeof object.arrayBuffer === 'function') && + object[Symbol.toStringTag] === 'File' + ) + ) +} + +module.exports = { FileLike, isFileLike } + + +/***/ }), + +/***/ 116: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { isUSVString, bufferToLowerCasedHeaderName } = __nccwpck_require__(3440) +const { utf8DecodeBytes } = __nccwpck_require__(3168) +const { HTTP_TOKEN_CODEPOINTS, isomorphicDecode } = __nccwpck_require__(1900) +const { isFileLike } = __nccwpck_require__(7114) +const { makeEntry } = __nccwpck_require__(5910) +const assert = __nccwpck_require__(4589) +const { File: NodeFile } = __nccwpck_require__(4573) + +const File = globalThis.File ?? NodeFile + +const formDataNameBuffer = Buffer.from('form-data; name="') +const filenameBuffer = Buffer.from('; filename') +const dd = Buffer.from('--') +const ddcrlf = Buffer.from('--\r\n') + +/** + * @param {string} chars + */ +function isAsciiString (chars) { + for (let i = 0; i < chars.length; ++i) { + if ((chars.charCodeAt(i) & ~0x7F) !== 0) { + return false + } + } + return true +} + +/** + * @see https://andreubotella.github.io/multipart-form-data/#multipart-form-data-boundary + * @param {string} boundary + */ +function validateBoundary (boundary) { + const length = boundary.length + + // - its length is greater or equal to 27 and lesser or equal to 70, and + if (length < 27 || length > 70) { + return false + } + + // - it is composed by bytes in the ranges 0x30 to 0x39, 0x41 to 0x5A, or + // 0x61 to 0x7A, inclusive (ASCII alphanumeric), or which are 0x27 ('), + // 0x2D (-) or 0x5F (_). + for (let i = 0; i < length; ++i) { + const cp = boundary.charCodeAt(i) + + if (!( + (cp >= 0x30 && cp <= 0x39) || + (cp >= 0x41 && cp <= 0x5a) || + (cp >= 0x61 && cp <= 0x7a) || + cp === 0x27 || + cp === 0x2d || + cp === 0x5f + )) { + return false + } + } + + return true +} + +/** + * @see https://andreubotella.github.io/multipart-form-data/#multipart-form-data-parser + * @param {Buffer} input + * @param {ReturnType} mimeType + */ +function multipartFormDataParser (input, mimeType) { + // 1. Assert: mimeType’s essence is "multipart/form-data". + assert(mimeType !== 'failure' && mimeType.essence === 'multipart/form-data') + + const boundaryString = mimeType.parameters.get('boundary') + + // 2. If mimeType’s parameters["boundary"] does not exist, return failure. + // Otherwise, let boundary be the result of UTF-8 decoding mimeType’s + // parameters["boundary"]. + if (boundaryString === undefined) { + return 'failure' + } + + const boundary = Buffer.from(`--${boundaryString}`, 'utf8') + + // 3. Let entry list be an empty entry list. + const entryList = [] + + // 4. Let position be a pointer to a byte in input, initially pointing at + // the first byte. + const position = { position: 0 } + + // Note: undici addition, allows leading and trailing CRLFs. + while (input[position.position] === 0x0d && input[position.position + 1] === 0x0a) { + position.position += 2 + } + + let trailing = input.length + + while (input[trailing - 1] === 0x0a && input[trailing - 2] === 0x0d) { + trailing -= 2 + } + + if (trailing !== input.length) { + input = input.subarray(0, trailing) + } + + // 5. While true: + while (true) { + // 5.1. If position points to a sequence of bytes starting with 0x2D 0x2D + // (`--`) followed by boundary, advance position by 2 + the length of + // boundary. Otherwise, return failure. + // Note: boundary is padded with 2 dashes already, no need to add 2. + if (input.subarray(position.position, position.position + boundary.length).equals(boundary)) { + position.position += boundary.length + } else { + return 'failure' + } + + // 5.2. If position points to the sequence of bytes 0x2D 0x2D 0x0D 0x0A + // (`--` followed by CR LF) followed by the end of input, return entry list. + // Note: a body does NOT need to end with CRLF. It can end with --. + if ( + (position.position === input.length - 2 && bufferStartsWith(input, dd, position)) || + (position.position === input.length - 4 && bufferStartsWith(input, ddcrlf, position)) + ) { + return entryList + } + + // 5.3. If position does not point to a sequence of bytes starting with 0x0D + // 0x0A (CR LF), return failure. + if (input[position.position] !== 0x0d || input[position.position + 1] !== 0x0a) { + return 'failure' + } + + // 5.4. Advance position by 2. (This skips past the newline.) + position.position += 2 + + // 5.5. Let name, filename and contentType be the result of parsing + // multipart/form-data headers on input and position, if the result + // is not failure. Otherwise, return failure. + const result = parseMultipartFormDataHeaders(input, position) + + if (result === 'failure') { + return 'failure' + } + + let { name, filename, contentType, encoding } = result + + // 5.6. Advance position by 2. (This skips past the empty line that marks + // the end of the headers.) + position.position += 2 + + // 5.7. Let body be the empty byte sequence. + let body + + // 5.8. Body loop: While position is not past the end of input: + // TODO: the steps here are completely wrong + { + const boundaryIndex = input.indexOf(boundary.subarray(2), position.position) + + if (boundaryIndex === -1) { + return 'failure' + } + + body = input.subarray(position.position, boundaryIndex - 4) + + position.position += body.length + + // Note: position must be advanced by the body's length before being + // decoded, otherwise the parsing will fail. + if (encoding === 'base64') { + body = Buffer.from(body.toString(), 'base64') + } + } + + // 5.9. If position does not point to a sequence of bytes starting with + // 0x0D 0x0A (CR LF), return failure. Otherwise, advance position by 2. + if (input[position.position] !== 0x0d || input[position.position + 1] !== 0x0a) { + return 'failure' + } else { + position.position += 2 + } + + // 5.10. If filename is not null: + let value + + if (filename !== null) { + // 5.10.1. If contentType is null, set contentType to "text/plain". + contentType ??= 'text/plain' + + // 5.10.2. If contentType is not an ASCII string, set contentType to the empty string. + + // Note: `buffer.isAscii` can be used at zero-cost, but converting a string to a buffer is a high overhead. + // Content-Type is a relatively small string, so it is faster to use `String#charCodeAt`. + if (!isAsciiString(contentType)) { + contentType = '' + } + + // 5.10.3. Let value be a new File object with name filename, type contentType, and body body. + value = new File([body], filename, { type: contentType }) + } else { + // 5.11. Otherwise: + + // 5.11.1. Let value be the UTF-8 decoding without BOM of body. + value = utf8DecodeBytes(Buffer.from(body)) + } + + // 5.12. Assert: name is a scalar value string and value is either a scalar value string or a File object. + assert(isUSVString(name)) + assert((typeof value === 'string' && isUSVString(value)) || isFileLike(value)) + + // 5.13. Create an entry with name and value, and append it to entry list. + entryList.push(makeEntry(name, value, filename)) + } +} + +/** + * @see https://andreubotella.github.io/multipart-form-data/#parse-multipart-form-data-headers + * @param {Buffer} input + * @param {{ position: number }} position + */ +function parseMultipartFormDataHeaders (input, position) { + // 1. Let name, filename and contentType be null. + let name = null + let filename = null + let contentType = null + let encoding = null + + // 2. While true: + while (true) { + // 2.1. If position points to a sequence of bytes starting with 0x0D 0x0A (CR LF): + if (input[position.position] === 0x0d && input[position.position + 1] === 0x0a) { + // 2.1.1. If name is null, return failure. + if (name === null) { + return 'failure' + } + + // 2.1.2. Return name, filename and contentType. + return { name, filename, contentType, encoding } + } + + // 2.2. Let header name be the result of collecting a sequence of bytes that are + // not 0x0A (LF), 0x0D (CR) or 0x3A (:), given position. + let headerName = collectASequenceOfBytes( + (char) => char !== 0x0a && char !== 0x0d && char !== 0x3a, + input, + position + ) + + // 2.3. Remove any HTTP tab or space bytes from the start or end of header name. + headerName = removeChars(headerName, true, true, (char) => char === 0x9 || char === 0x20) + + // 2.4. If header name does not match the field-name token production, return failure. + if (!HTTP_TOKEN_CODEPOINTS.test(headerName.toString())) { + return 'failure' + } + + // 2.5. If the byte at position is not 0x3A (:), return failure. + if (input[position.position] !== 0x3a) { + return 'failure' + } + + // 2.6. Advance position by 1. + position.position++ + + // 2.7. Collect a sequence of bytes that are HTTP tab or space bytes given position. + // (Do nothing with those bytes.) + collectASequenceOfBytes( + (char) => char === 0x20 || char === 0x09, + input, + position + ) + + // 2.8. Byte-lowercase header name and switch on the result: + switch (bufferToLowerCasedHeaderName(headerName)) { + case 'content-disposition': { + // 1. Set name and filename to null. + name = filename = null + + // 2. If position does not point to a sequence of bytes starting with + // `form-data; name="`, return failure. + if (!bufferStartsWith(input, formDataNameBuffer, position)) { + return 'failure' + } + + // 3. Advance position so it points at the byte after the next 0x22 (") + // byte (the one in the sequence of bytes matched above). + position.position += 17 + + // 4. Set name to the result of parsing a multipart/form-data name given + // input and position, if the result is not failure. Otherwise, return + // failure. + name = parseMultipartFormDataName(input, position) + + if (name === null) { + return 'failure' + } + + // 5. If position points to a sequence of bytes starting with `; filename="`: + if (bufferStartsWith(input, filenameBuffer, position)) { + // Note: undici also handles filename* + let check = position.position + filenameBuffer.length + + if (input[check] === 0x2a) { + position.position += 1 + check += 1 + } + + if (input[check] !== 0x3d || input[check + 1] !== 0x22) { // =" + return 'failure' + } + + // 1. Advance position so it points at the byte after the next 0x22 (") byte + // (the one in the sequence of bytes matched above). + position.position += 12 + + // 2. Set filename to the result of parsing a multipart/form-data name given + // input and position, if the result is not failure. Otherwise, return failure. + filename = parseMultipartFormDataName(input, position) + + if (filename === null) { + return 'failure' + } + } + + break + } + case 'content-type': { + // 1. Let header value be the result of collecting a sequence of bytes that are + // not 0x0A (LF) or 0x0D (CR), given position. + let headerValue = collectASequenceOfBytes( + (char) => char !== 0x0a && char !== 0x0d, + input, + position + ) + + // 2. Remove any HTTP tab or space bytes from the end of header value. + headerValue = removeChars(headerValue, false, true, (char) => char === 0x9 || char === 0x20) + + // 3. Set contentType to the isomorphic decoding of header value. + contentType = isomorphicDecode(headerValue) + + break + } + case 'content-transfer-encoding': { + let headerValue = collectASequenceOfBytes( + (char) => char !== 0x0a && char !== 0x0d, + input, + position + ) + + headerValue = removeChars(headerValue, false, true, (char) => char === 0x9 || char === 0x20) + + encoding = isomorphicDecode(headerValue) + + break + } + default: { + // Collect a sequence of bytes that are not 0x0A (LF) or 0x0D (CR), given position. + // (Do nothing with those bytes.) + collectASequenceOfBytes( + (char) => char !== 0x0a && char !== 0x0d, + input, + position + ) + } + } + + // 2.9. If position does not point to a sequence of bytes starting with 0x0D 0x0A + // (CR LF), return failure. Otherwise, advance position by 2 (past the newline). + if (input[position.position] !== 0x0d && input[position.position + 1] !== 0x0a) { + return 'failure' + } else { + position.position += 2 + } + } +} + +/** + * @see https://andreubotella.github.io/multipart-form-data/#parse-a-multipart-form-data-name + * @param {Buffer} input + * @param {{ position: number }} position + */ +function parseMultipartFormDataName (input, position) { + // 1. Assert: The byte at (position - 1) is 0x22 ("). + assert(input[position.position - 1] === 0x22) + + // 2. Let name be the result of collecting a sequence of bytes that are not 0x0A (LF), 0x0D (CR) or 0x22 ("), given position. + /** @type {string | Buffer} */ + let name = collectASequenceOfBytes( + (char) => char !== 0x0a && char !== 0x0d && char !== 0x22, + input, + position + ) + + // 3. If the byte at position is not 0x22 ("), return failure. Otherwise, advance position by 1. + if (input[position.position] !== 0x22) { + return null // name could be 'failure' + } else { + position.position++ + } + + // 4. Replace any occurrence of the following subsequences in name with the given byte: + // - `%0A`: 0x0A (LF) + // - `%0D`: 0x0D (CR) + // - `%22`: 0x22 (") + name = new TextDecoder().decode(name) + .replace(/%0A/ig, '\n') + .replace(/%0D/ig, '\r') + .replace(/%22/g, '"') + + // 5. Return the UTF-8 decoding without BOM of name. + return name +} + +/** + * @param {(char: number) => boolean} condition + * @param {Buffer} input + * @param {{ position: number }} position + */ +function collectASequenceOfBytes (condition, input, position) { + let start = position.position + + while (start < input.length && condition(input[start])) { + ++start + } + + return input.subarray(position.position, (position.position = start)) +} + +/** + * @param {Buffer} buf + * @param {boolean} leading + * @param {boolean} trailing + * @param {(charCode: number) => boolean} predicate + * @returns {Buffer} + */ +function removeChars (buf, leading, trailing, predicate) { + let lead = 0 + let trail = buf.length - 1 + + if (leading) { + while (lead < buf.length && predicate(buf[lead])) lead++ + } + + if (trailing) { + while (trail > 0 && predicate(buf[trail])) trail-- + } + + return lead === 0 && trail === buf.length - 1 ? buf : buf.subarray(lead, trail + 1) +} + +/** + * Checks if {@param buffer} starts with {@param start} + * @param {Buffer} buffer + * @param {Buffer} start + * @param {{ position: number }} position + */ +function bufferStartsWith (buffer, start, position) { + if (buffer.length < start.length) { + return false + } + + for (let i = 0; i < start.length; i++) { + if (start[i] !== buffer[position.position + i]) { + return false + } + } + + return true +} + +module.exports = { + multipartFormDataParser, + validateBoundary +} + + +/***/ }), + +/***/ 5910: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { isBlobLike, iteratorMixin } = __nccwpck_require__(3168) +const { kState } = __nccwpck_require__(3627) +const { kEnumerableProperty } = __nccwpck_require__(3440) +const { FileLike, isFileLike } = __nccwpck_require__(7114) +const { webidl } = __nccwpck_require__(5893) +const { File: NativeFile } = __nccwpck_require__(4573) +const nodeUtil = __nccwpck_require__(7975) + +/** @type {globalThis['File']} */ +const File = globalThis.File ?? NativeFile + +// https://xhr.spec.whatwg.org/#formdata +class FormData { + constructor (form) { + webidl.util.markAsUncloneable(this) + + if (form !== undefined) { + throw webidl.errors.conversionFailed({ + prefix: 'FormData constructor', + argument: 'Argument 1', + types: ['undefined'] + }) + } + + this[kState] = [] + } + + append (name, value, filename = undefined) { + webidl.brandCheck(this, FormData) + + const prefix = 'FormData.append' + webidl.argumentLengthCheck(arguments, 2, prefix) + + if (arguments.length === 3 && !isBlobLike(value)) { + throw new TypeError( + "Failed to execute 'append' on 'FormData': parameter 2 is not of type 'Blob'" + ) + } + + // 1. Let value be value if given; otherwise blobValue. + + name = webidl.converters.USVString(name, prefix, 'name') + value = isBlobLike(value) + ? webidl.converters.Blob(value, prefix, 'value', { strict: false }) + : webidl.converters.USVString(value, prefix, 'value') + filename = arguments.length === 3 + ? webidl.converters.USVString(filename, prefix, 'filename') + : undefined + + // 2. Let entry be the result of creating an entry with + // name, value, and filename if given. + const entry = makeEntry(name, value, filename) + + // 3. Append entry to this’s entry list. + this[kState].push(entry) + } + + delete (name) { + webidl.brandCheck(this, FormData) + + const prefix = 'FormData.delete' + webidl.argumentLengthCheck(arguments, 1, prefix) + + name = webidl.converters.USVString(name, prefix, 'name') + + // The delete(name) method steps are to remove all entries whose name + // is name from this’s entry list. + this[kState] = this[kState].filter(entry => entry.name !== name) + } + + get (name) { + webidl.brandCheck(this, FormData) + + const prefix = 'FormData.get' + webidl.argumentLengthCheck(arguments, 1, prefix) + + name = webidl.converters.USVString(name, prefix, 'name') + + // 1. If there is no entry whose name is name in this’s entry list, + // then return null. + const idx = this[kState].findIndex((entry) => entry.name === name) + if (idx === -1) { + return null + } + + // 2. Return the value of the first entry whose name is name from + // this’s entry list. + return this[kState][idx].value + } + + getAll (name) { + webidl.brandCheck(this, FormData) + + const prefix = 'FormData.getAll' + webidl.argumentLengthCheck(arguments, 1, prefix) + + name = webidl.converters.USVString(name, prefix, 'name') + + // 1. If there is no entry whose name is name in this’s entry list, + // then return the empty list. + // 2. Return the values of all entries whose name is name, in order, + // from this’s entry list. + return this[kState] + .filter((entry) => entry.name === name) + .map((entry) => entry.value) + } + + has (name) { + webidl.brandCheck(this, FormData) + + const prefix = 'FormData.has' + webidl.argumentLengthCheck(arguments, 1, prefix) + + name = webidl.converters.USVString(name, prefix, 'name') + + // The has(name) method steps are to return true if there is an entry + // whose name is name in this’s entry list; otherwise false. + return this[kState].findIndex((entry) => entry.name === name) !== -1 + } + + set (name, value, filename = undefined) { + webidl.brandCheck(this, FormData) + + const prefix = 'FormData.set' + webidl.argumentLengthCheck(arguments, 2, prefix) + + if (arguments.length === 3 && !isBlobLike(value)) { + throw new TypeError( + "Failed to execute 'set' on 'FormData': parameter 2 is not of type 'Blob'" + ) + } + + // The set(name, value) and set(name, blobValue, filename) method steps + // are: + + // 1. Let value be value if given; otherwise blobValue. + + name = webidl.converters.USVString(name, prefix, 'name') + value = isBlobLike(value) + ? webidl.converters.Blob(value, prefix, 'name', { strict: false }) + : webidl.converters.USVString(value, prefix, 'name') + filename = arguments.length === 3 + ? webidl.converters.USVString(filename, prefix, 'name') + : undefined + + // 2. Let entry be the result of creating an entry with name, value, and + // filename if given. + const entry = makeEntry(name, value, filename) + + // 3. If there are entries in this’s entry list whose name is name, then + // replace the first such entry with entry and remove the others. + const idx = this[kState].findIndex((entry) => entry.name === name) + if (idx !== -1) { + this[kState] = [ + ...this[kState].slice(0, idx), + entry, + ...this[kState].slice(idx + 1).filter((entry) => entry.name !== name) + ] + } else { + // 4. Otherwise, append entry to this’s entry list. + this[kState].push(entry) + } + } + + [nodeUtil.inspect.custom] (depth, options) { + const state = this[kState].reduce((a, b) => { + if (a[b.name]) { + if (Array.isArray(a[b.name])) { + a[b.name].push(b.value) + } else { + a[b.name] = [a[b.name], b.value] + } + } else { + a[b.name] = b.value + } + + return a + }, { __proto__: null }) + + options.depth ??= depth + options.colors ??= true + + const output = nodeUtil.formatWithOptions(options, state) + + // remove [Object null prototype] + return `FormData ${output.slice(output.indexOf(']') + 2)}` + } +} + +iteratorMixin('FormData', FormData, kState, 'name', 'value') + +Object.defineProperties(FormData.prototype, { + append: kEnumerableProperty, + delete: kEnumerableProperty, + get: kEnumerableProperty, + getAll: kEnumerableProperty, + has: kEnumerableProperty, + set: kEnumerableProperty, + [Symbol.toStringTag]: { + value: 'FormData', + configurable: true + } +}) + +/** + * @see https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#create-an-entry + * @param {string} name + * @param {string|Blob} value + * @param {?string} filename + * @returns + */ +function makeEntry (name, value, filename) { + // 1. Set name to the result of converting name into a scalar value string. + // Note: This operation was done by the webidl converter USVString. + + // 2. If value is a string, then set value to the result of converting + // value into a scalar value string. + if (typeof value === 'string') { + // Note: This operation was done by the webidl converter USVString. + } else { + // 3. Otherwise: + + // 1. If value is not a File object, then set value to a new File object, + // representing the same bytes, whose name attribute value is "blob" + if (!isFileLike(value)) { + value = value instanceof Blob + ? new File([value], 'blob', { type: value.type }) + : new FileLike(value, 'blob', { type: value.type }) + } + + // 2. If filename is given, then set value to a new File object, + // representing the same bytes, whose name attribute is filename. + if (filename !== undefined) { + /** @type {FilePropertyBag} */ + const options = { + type: value.type, + lastModified: value.lastModified + } + + value = value instanceof NativeFile + ? new File([value], filename, options) + : new FileLike(value, filename, options) + } + } + + // 4. Return an entry whose name is name and whose value is value. + return { name, value } +} + +module.exports = { FormData, makeEntry } + + +/***/ }), + +/***/ 1059: +/***/ ((module) => { + +"use strict"; + + +// In case of breaking changes, increase the version +// number to avoid conflicts. +const globalOrigin = Symbol.for('undici.globalOrigin.1') + +function getGlobalOrigin () { + return globalThis[globalOrigin] +} + +function setGlobalOrigin (newOrigin) { + if (newOrigin === undefined) { + Object.defineProperty(globalThis, globalOrigin, { + value: undefined, + writable: true, + enumerable: false, + configurable: false + }) + + return + } + + const parsedURL = new URL(newOrigin) + + if (parsedURL.protocol !== 'http:' && parsedURL.protocol !== 'https:') { + throw new TypeError(`Only http & https urls are allowed, received ${parsedURL.protocol}`) + } + + Object.defineProperty(globalThis, globalOrigin, { + value: parsedURL, + writable: true, + enumerable: false, + configurable: false + }) +} + +module.exports = { + getGlobalOrigin, + setGlobalOrigin +} + + +/***/ }), + +/***/ 660: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; +// https://github.com/Ethan-Arrowood/undici-fetch + + + +const { kConstruct } = __nccwpck_require__(6443) +const { kEnumerableProperty } = __nccwpck_require__(3440) +const { + iteratorMixin, + isValidHeaderName, + isValidHeaderValue +} = __nccwpck_require__(3168) +const { webidl } = __nccwpck_require__(5893) +const assert = __nccwpck_require__(4589) +const util = __nccwpck_require__(7975) + +const kHeadersMap = Symbol('headers map') +const kHeadersSortedMap = Symbol('headers map sorted') + +/** + * @param {number} code + */ +function isHTTPWhiteSpaceCharCode (code) { + return code === 0x00a || code === 0x00d || code === 0x009 || code === 0x020 +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-header-value-normalize + * @param {string} potentialValue + */ +function headerValueNormalize (potentialValue) { + // To normalize a byte sequence potentialValue, remove + // any leading and trailing HTTP whitespace bytes from + // potentialValue. + let i = 0; let j = potentialValue.length + + while (j > i && isHTTPWhiteSpaceCharCode(potentialValue.charCodeAt(j - 1))) --j + while (j > i && isHTTPWhiteSpaceCharCode(potentialValue.charCodeAt(i))) ++i + + return i === 0 && j === potentialValue.length ? potentialValue : potentialValue.substring(i, j) +} + +function fill (headers, object) { + // To fill a Headers object headers with a given object object, run these steps: + + // 1. If object is a sequence, then for each header in object: + // Note: webidl conversion to array has already been done. + if (Array.isArray(object)) { + for (let i = 0; i < object.length; ++i) { + const header = object[i] + // 1. If header does not contain exactly two items, then throw a TypeError. + if (header.length !== 2) { + throw webidl.errors.exception({ + header: 'Headers constructor', + message: `expected name/value pair to be length 2, found ${header.length}.` + }) + } + + // 2. Append (header’s first item, header’s second item) to headers. + appendHeader(headers, header[0], header[1]) + } + } else if (typeof object === 'object' && object !== null) { + // Note: null should throw + + // 2. Otherwise, object is a record, then for each key → value in object, + // append (key, value) to headers + const keys = Object.keys(object) + for (let i = 0; i < keys.length; ++i) { + appendHeader(headers, keys[i], object[keys[i]]) + } + } else { + throw webidl.errors.conversionFailed({ + prefix: 'Headers constructor', + argument: 'Argument 1', + types: ['sequence>', 'record'] + }) + } +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-headers-append + */ +function appendHeader (headers, name, value) { + // 1. Normalize value. + value = headerValueNormalize(value) + + // 2. If name is not a header name or value is not a + // header value, then throw a TypeError. + if (!isValidHeaderName(name)) { + throw webidl.errors.invalidArgument({ + prefix: 'Headers.append', + value: name, + type: 'header name' + }) + } else if (!isValidHeaderValue(value)) { + throw webidl.errors.invalidArgument({ + prefix: 'Headers.append', + value, + type: 'header value' + }) + } + + // 3. If headers’s guard is "immutable", then throw a TypeError. + // 4. Otherwise, if headers’s guard is "request" and name is a + // forbidden header name, return. + // 5. Otherwise, if headers’s guard is "request-no-cors": + // TODO + // Note: undici does not implement forbidden header names + if (getHeadersGuard(headers) === 'immutable') { + throw new TypeError('immutable') + } + + // 6. Otherwise, if headers’s guard is "response" and name is a + // forbidden response-header name, return. + + // 7. Append (name, value) to headers’s header list. + return getHeadersList(headers).append(name, value, false) + + // 8. If headers’s guard is "request-no-cors", then remove + // privileged no-CORS request headers from headers +} + +function compareHeaderName (a, b) { + return a[0] < b[0] ? -1 : 1 +} + +class HeadersList { + /** @type {[string, string][]|null} */ + cookies = null + + constructor (init) { + if (init instanceof HeadersList) { + this[kHeadersMap] = new Map(init[kHeadersMap]) + this[kHeadersSortedMap] = init[kHeadersSortedMap] + this.cookies = init.cookies === null ? null : [...init.cookies] + } else { + this[kHeadersMap] = new Map(init) + this[kHeadersSortedMap] = null + } + } + + /** + * @see https://fetch.spec.whatwg.org/#header-list-contains + * @param {string} name + * @param {boolean} isLowerCase + */ + contains (name, isLowerCase) { + // A header list list contains a header name name if list + // contains a header whose name is a byte-case-insensitive + // match for name. + + return this[kHeadersMap].has(isLowerCase ? name : name.toLowerCase()) + } + + clear () { + this[kHeadersMap].clear() + this[kHeadersSortedMap] = null + this.cookies = null + } + + /** + * @see https://fetch.spec.whatwg.org/#concept-header-list-append + * @param {string} name + * @param {string} value + * @param {boolean} isLowerCase + */ + append (name, value, isLowerCase) { + this[kHeadersSortedMap] = null + + // 1. If list contains name, then set name to the first such + // header’s name. + const lowercaseName = isLowerCase ? name : name.toLowerCase() + const exists = this[kHeadersMap].get(lowercaseName) + + // 2. Append (name, value) to list. + if (exists) { + const delimiter = lowercaseName === 'cookie' ? '; ' : ', ' + this[kHeadersMap].set(lowercaseName, { + name: exists.name, + value: `${exists.value}${delimiter}${value}` + }) + } else { + this[kHeadersMap].set(lowercaseName, { name, value }) + } + + if (lowercaseName === 'set-cookie') { + (this.cookies ??= []).push(value) + } + } + + /** + * @see https://fetch.spec.whatwg.org/#concept-header-list-set + * @param {string} name + * @param {string} value + * @param {boolean} isLowerCase + */ + set (name, value, isLowerCase) { + this[kHeadersSortedMap] = null + const lowercaseName = isLowerCase ? name : name.toLowerCase() + + if (lowercaseName === 'set-cookie') { + this.cookies = [value] + } + + // 1. If list contains name, then set the value of + // the first such header to value and remove the + // others. + // 2. Otherwise, append header (name, value) to list. + this[kHeadersMap].set(lowercaseName, { name, value }) + } + + /** + * @see https://fetch.spec.whatwg.org/#concept-header-list-delete + * @param {string} name + * @param {boolean} isLowerCase + */ + delete (name, isLowerCase) { + this[kHeadersSortedMap] = null + if (!isLowerCase) name = name.toLowerCase() + + if (name === 'set-cookie') { + this.cookies = null + } + + this[kHeadersMap].delete(name) + } + + /** + * @see https://fetch.spec.whatwg.org/#concept-header-list-get + * @param {string} name + * @param {boolean} isLowerCase + * @returns {string | null} + */ + get (name, isLowerCase) { + // 1. If list does not contain name, then return null. + // 2. Return the values of all headers in list whose name + // is a byte-case-insensitive match for name, + // separated from each other by 0x2C 0x20, in order. + return this[kHeadersMap].get(isLowerCase ? name : name.toLowerCase())?.value ?? null + } + + * [Symbol.iterator] () { + // use the lowercased name + for (const { 0: name, 1: { value } } of this[kHeadersMap]) { + yield [name, value] + } + } + + get entries () { + const headers = {} + + if (this[kHeadersMap].size !== 0) { + for (const { name, value } of this[kHeadersMap].values()) { + headers[name] = value + } + } + + return headers + } + + rawValues () { + return this[kHeadersMap].values() + } + + get entriesList () { + const headers = [] + + if (this[kHeadersMap].size !== 0) { + for (const { 0: lowerName, 1: { name, value } } of this[kHeadersMap]) { + if (lowerName === 'set-cookie') { + for (const cookie of this.cookies) { + headers.push([name, cookie]) + } + } else { + headers.push([name, value]) + } + } + } + + return headers + } + + // https://fetch.spec.whatwg.org/#convert-header-names-to-a-sorted-lowercase-set + toSortedArray () { + const size = this[kHeadersMap].size + const array = new Array(size) + // In most cases, you will use the fast-path. + // fast-path: Use binary insertion sort for small arrays. + if (size <= 32) { + if (size === 0) { + // If empty, it is an empty array. To avoid the first index assignment. + return array + } + // Improve performance by unrolling loop and avoiding double-loop. + // Double-loop-less version of the binary insertion sort. + const iterator = this[kHeadersMap][Symbol.iterator]() + const firstValue = iterator.next().value + // set [name, value] to first index. + array[0] = [firstValue[0], firstValue[1].value] + // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine + // 3.2.2. Assert: value is non-null. + assert(firstValue[1].value !== null) + for ( + let i = 1, j = 0, right = 0, left = 0, pivot = 0, x, value; + i < size; + ++i + ) { + // get next value + value = iterator.next().value + // set [name, value] to current index. + x = array[i] = [value[0], value[1].value] + // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine + // 3.2.2. Assert: value is non-null. + assert(x[1] !== null) + left = 0 + right = i + // binary search + while (left < right) { + // middle index + pivot = left + ((right - left) >> 1) + // compare header name + if (array[pivot][0] <= x[0]) { + left = pivot + 1 + } else { + right = pivot + } + } + if (i !== pivot) { + j = i + while (j > left) { + array[j] = array[--j] + } + array[left] = x + } + } + /* c8 ignore next 4 */ + if (!iterator.next().done) { + // This is for debugging and will never be called. + throw new TypeError('Unreachable') + } + return array + } else { + // This case would be a rare occurrence. + // slow-path: fallback + let i = 0 + for (const { 0: name, 1: { value } } of this[kHeadersMap]) { + array[i++] = [name, value] + // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine + // 3.2.2. Assert: value is non-null. + assert(value !== null) + } + return array.sort(compareHeaderName) + } + } +} + +// https://fetch.spec.whatwg.org/#headers-class +class Headers { + #guard + #headersList + + constructor (init = undefined) { + webidl.util.markAsUncloneable(this) + + if (init === kConstruct) { + return + } + + this.#headersList = new HeadersList() + + // The new Headers(init) constructor steps are: + + // 1. Set this’s guard to "none". + this.#guard = 'none' + + // 2. If init is given, then fill this with init. + if (init !== undefined) { + init = webidl.converters.HeadersInit(init, 'Headers contructor', 'init') + fill(this, init) + } + } + + // https://fetch.spec.whatwg.org/#dom-headers-append + append (name, value) { + webidl.brandCheck(this, Headers) + + webidl.argumentLengthCheck(arguments, 2, 'Headers.append') + + const prefix = 'Headers.append' + name = webidl.converters.ByteString(name, prefix, 'name') + value = webidl.converters.ByteString(value, prefix, 'value') + + return appendHeader(this, name, value) + } + + // https://fetch.spec.whatwg.org/#dom-headers-delete + delete (name) { + webidl.brandCheck(this, Headers) + + webidl.argumentLengthCheck(arguments, 1, 'Headers.delete') + + const prefix = 'Headers.delete' + name = webidl.converters.ByteString(name, prefix, 'name') + + // 1. If name is not a header name, then throw a TypeError. + if (!isValidHeaderName(name)) { + throw webidl.errors.invalidArgument({ + prefix: 'Headers.delete', + value: name, + type: 'header name' + }) + } + + // 2. If this’s guard is "immutable", then throw a TypeError. + // 3. Otherwise, if this’s guard is "request" and name is a + // forbidden header name, return. + // 4. Otherwise, if this’s guard is "request-no-cors", name + // is not a no-CORS-safelisted request-header name, and + // name is not a privileged no-CORS request-header name, + // return. + // 5. Otherwise, if this’s guard is "response" and name is + // a forbidden response-header name, return. + // Note: undici does not implement forbidden header names + if (this.#guard === 'immutable') { + throw new TypeError('immutable') + } + + // 6. If this’s header list does not contain name, then + // return. + if (!this.#headersList.contains(name, false)) { + return + } + + // 7. Delete name from this’s header list. + // 8. If this’s guard is "request-no-cors", then remove + // privileged no-CORS request headers from this. + this.#headersList.delete(name, false) + } + + // https://fetch.spec.whatwg.org/#dom-headers-get + get (name) { + webidl.brandCheck(this, Headers) + + webidl.argumentLengthCheck(arguments, 1, 'Headers.get') + + const prefix = 'Headers.get' + name = webidl.converters.ByteString(name, prefix, 'name') + + // 1. If name is not a header name, then throw a TypeError. + if (!isValidHeaderName(name)) { + throw webidl.errors.invalidArgument({ + prefix, + value: name, + type: 'header name' + }) + } + + // 2. Return the result of getting name from this’s header + // list. + return this.#headersList.get(name, false) + } + + // https://fetch.spec.whatwg.org/#dom-headers-has + has (name) { + webidl.brandCheck(this, Headers) + + webidl.argumentLengthCheck(arguments, 1, 'Headers.has') + + const prefix = 'Headers.has' + name = webidl.converters.ByteString(name, prefix, 'name') + + // 1. If name is not a header name, then throw a TypeError. + if (!isValidHeaderName(name)) { + throw webidl.errors.invalidArgument({ + prefix, + value: name, + type: 'header name' + }) + } + + // 2. Return true if this’s header list contains name; + // otherwise false. + return this.#headersList.contains(name, false) + } + + // https://fetch.spec.whatwg.org/#dom-headers-set + set (name, value) { + webidl.brandCheck(this, Headers) + + webidl.argumentLengthCheck(arguments, 2, 'Headers.set') + + const prefix = 'Headers.set' + name = webidl.converters.ByteString(name, prefix, 'name') + value = webidl.converters.ByteString(value, prefix, 'value') + + // 1. Normalize value. + value = headerValueNormalize(value) + + // 2. If name is not a header name or value is not a + // header value, then throw a TypeError. + if (!isValidHeaderName(name)) { + throw webidl.errors.invalidArgument({ + prefix, + value: name, + type: 'header name' + }) + } else if (!isValidHeaderValue(value)) { + throw webidl.errors.invalidArgument({ + prefix, + value, + type: 'header value' + }) + } + + // 3. If this’s guard is "immutable", then throw a TypeError. + // 4. Otherwise, if this’s guard is "request" and name is a + // forbidden header name, return. + // 5. Otherwise, if this’s guard is "request-no-cors" and + // name/value is not a no-CORS-safelisted request-header, + // return. + // 6. Otherwise, if this’s guard is "response" and name is a + // forbidden response-header name, return. + // Note: undici does not implement forbidden header names + if (this.#guard === 'immutable') { + throw new TypeError('immutable') + } + + // 7. Set (name, value) in this’s header list. + // 8. If this’s guard is "request-no-cors", then remove + // privileged no-CORS request headers from this + this.#headersList.set(name, value, false) + } + + // https://fetch.spec.whatwg.org/#dom-headers-getsetcookie + getSetCookie () { + webidl.brandCheck(this, Headers) + + // 1. If this’s header list does not contain `Set-Cookie`, then return « ». + // 2. Return the values of all headers in this’s header list whose name is + // a byte-case-insensitive match for `Set-Cookie`, in order. + + const list = this.#headersList.cookies + + if (list) { + return [...list] + } + + return [] + } + + // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine + get [kHeadersSortedMap] () { + if (this.#headersList[kHeadersSortedMap]) { + return this.#headersList[kHeadersSortedMap] + } + + // 1. Let headers be an empty list of headers with the key being the name + // and value the value. + const headers = [] + + // 2. Let names be the result of convert header names to a sorted-lowercase + // set with all the names of the headers in list. + const names = this.#headersList.toSortedArray() + + const cookies = this.#headersList.cookies + + // fast-path + if (cookies === null || cookies.length === 1) { + // Note: The non-null assertion of value has already been done by `HeadersList#toSortedArray` + return (this.#headersList[kHeadersSortedMap] = names) + } + + // 3. For each name of names: + for (let i = 0; i < names.length; ++i) { + const { 0: name, 1: value } = names[i] + // 1. If name is `set-cookie`, then: + if (name === 'set-cookie') { + // 1. Let values be a list of all values of headers in list whose name + // is a byte-case-insensitive match for name, in order. + + // 2. For each value of values: + // 1. Append (name, value) to headers. + for (let j = 0; j < cookies.length; ++j) { + headers.push([name, cookies[j]]) + } + } else { + // 2. Otherwise: + + // 1. Let value be the result of getting name from list. + + // 2. Assert: value is non-null. + // Note: This operation was done by `HeadersList#toSortedArray`. + + // 3. Append (name, value) to headers. + headers.push([name, value]) + } + } + + // 4. Return headers. + return (this.#headersList[kHeadersSortedMap] = headers) + } + + [util.inspect.custom] (depth, options) { + options.depth ??= depth + + return `Headers ${util.formatWithOptions(options, this.#headersList.entries)}` + } + + static getHeadersGuard (o) { + return o.#guard + } + + static setHeadersGuard (o, guard) { + o.#guard = guard + } + + static getHeadersList (o) { + return o.#headersList + } + + static setHeadersList (o, list) { + o.#headersList = list + } +} + +const { getHeadersGuard, setHeadersGuard, getHeadersList, setHeadersList } = Headers +Reflect.deleteProperty(Headers, 'getHeadersGuard') +Reflect.deleteProperty(Headers, 'setHeadersGuard') +Reflect.deleteProperty(Headers, 'getHeadersList') +Reflect.deleteProperty(Headers, 'setHeadersList') + +iteratorMixin('Headers', Headers, kHeadersSortedMap, 0, 1) + +Object.defineProperties(Headers.prototype, { + append: kEnumerableProperty, + delete: kEnumerableProperty, + get: kEnumerableProperty, + has: kEnumerableProperty, + set: kEnumerableProperty, + getSetCookie: kEnumerableProperty, + [Symbol.toStringTag]: { + value: 'Headers', + configurable: true + }, + [util.inspect.custom]: { + enumerable: false + } +}) + +webidl.converters.HeadersInit = function (V, prefix, argument) { + if (webidl.util.Type(V) === 'Object') { + const iterator = Reflect.get(V, Symbol.iterator) + + // A work-around to ensure we send the properly-cased Headers when V is a Headers object. + // Read https://github.com/nodejs/undici/pull/3159#issuecomment-2075537226 before touching, please. + if (!util.types.isProxy(V) && iterator === Headers.prototype.entries) { // Headers object + try { + return getHeadersList(V).entriesList + } catch { + // fall-through + } + } + + if (typeof iterator === 'function') { + return webidl.converters['sequence>'](V, prefix, argument, iterator.bind(V)) + } + + return webidl.converters['record'](V, prefix, argument) + } + + throw webidl.errors.conversionFailed({ + prefix: 'Headers constructor', + argument: 'Argument 1', + types: ['sequence>', 'record'] + }) +} + +module.exports = { + fill, + // for test. + compareHeaderName, + Headers, + HeadersList, + getHeadersGuard, + setHeadersGuard, + setHeadersList, + getHeadersList +} + + +/***/ }), + +/***/ 4398: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; +// https://github.com/Ethan-Arrowood/undici-fetch + + + +const { + makeNetworkError, + makeAppropriateNetworkError, + filterResponse, + makeResponse, + fromInnerResponse +} = __nccwpck_require__(9051) +const { HeadersList } = __nccwpck_require__(660) +const { Request, cloneRequest } = __nccwpck_require__(9967) +const zlib = __nccwpck_require__(8522) +const { + bytesMatch, + makePolicyContainer, + clonePolicyContainer, + requestBadPort, + TAOCheck, + appendRequestOriginHeader, + responseLocationURL, + requestCurrentURL, + setRequestReferrerPolicyOnRedirect, + tryUpgradeRequestToAPotentiallyTrustworthyURL, + createOpaqueTimingInfo, + appendFetchMetadata, + corsCheck, + crossOriginResourcePolicyCheck, + determineRequestsReferrer, + coarsenedSharedCurrentTime, + createDeferredPromise, + isBlobLike, + sameOrigin, + isCancelled, + isAborted, + isErrorLike, + fullyReadBody, + readableStreamClose, + isomorphicEncode, + urlIsLocal, + urlIsHttpHttpsScheme, + urlHasHttpsScheme, + clampAndCoarsenConnectionTimingInfo, + simpleRangeHeaderValue, + buildContentRange, + createInflate, + extractMimeType +} = __nccwpck_require__(3168) +const { kState, kDispatcher } = __nccwpck_require__(3627) +const assert = __nccwpck_require__(4589) +const { safelyExtractBody, extractBody } = __nccwpck_require__(4492) +const { + redirectStatusSet, + nullBodyStatus, + safeMethodsSet, + requestBodyHeader, + subresourceSet +} = __nccwpck_require__(4495) +const EE = __nccwpck_require__(8474) +const { Readable, pipeline, finished } = __nccwpck_require__(7075) +const { addAbortListener, isErrored, isReadable, bufferToLowerCasedHeaderName } = __nccwpck_require__(3440) +const { dataURLProcessor, serializeAMimeType, minimizeSupportedMimeType } = __nccwpck_require__(1900) +const { getGlobalDispatcher } = __nccwpck_require__(2581) +const { webidl } = __nccwpck_require__(5893) +const { STATUS_CODES } = __nccwpck_require__(7067) +const GET_OR_HEAD = ['GET', 'HEAD'] + +const defaultUserAgent = typeof __UNDICI_IS_NODE__ !== 'undefined' || typeof esbuildDetection !== 'undefined' + ? 'node' + : 'undici' + +/** @type {import('buffer').resolveObjectURL} */ +let resolveObjectURL + +class Fetch extends EE { + constructor (dispatcher) { + super() + + this.dispatcher = dispatcher + this.connection = null + this.dump = false + this.state = 'ongoing' + } + + terminate (reason) { + if (this.state !== 'ongoing') { + return + } + + this.state = 'terminated' + this.connection?.destroy(reason) + this.emit('terminated', reason) + } + + // https://fetch.spec.whatwg.org/#fetch-controller-abort + abort (error) { + if (this.state !== 'ongoing') { + return + } + + // 1. Set controller’s state to "aborted". + this.state = 'aborted' + + // 2. Let fallbackError be an "AbortError" DOMException. + // 3. Set error to fallbackError if it is not given. + if (!error) { + error = new DOMException('The operation was aborted.', 'AbortError') + } + + // 4. Let serializedError be StructuredSerialize(error). + // If that threw an exception, catch it, and let + // serializedError be StructuredSerialize(fallbackError). + + // 5. Set controller’s serialized abort reason to serializedError. + this.serializedAbortReason = error + + this.connection?.destroy(error) + this.emit('terminated', error) + } +} + +function handleFetchDone (response) { + finalizeAndReportTiming(response, 'fetch') +} + +// https://fetch.spec.whatwg.org/#fetch-method +function fetch (input, init = undefined) { + webidl.argumentLengthCheck(arguments, 1, 'globalThis.fetch') + + // 1. Let p be a new promise. + let p = createDeferredPromise() + + // 2. Let requestObject be the result of invoking the initial value of + // Request as constructor with input and init as arguments. If this throws + // an exception, reject p with it and return p. + let requestObject + + try { + requestObject = new Request(input, init) + } catch (e) { + p.reject(e) + return p.promise + } + + // 3. Let request be requestObject’s request. + const request = requestObject[kState] + + // 4. If requestObject’s signal’s aborted flag is set, then: + if (requestObject.signal.aborted) { + // 1. Abort the fetch() call with p, request, null, and + // requestObject’s signal’s abort reason. + abortFetch(p, request, null, requestObject.signal.reason) + + // 2. Return p. + return p.promise + } + + // 5. Let globalObject be request’s client’s global object. + const globalObject = request.client.globalObject + + // 6. If globalObject is a ServiceWorkerGlobalScope object, then set + // request’s service-workers mode to "none". + if (globalObject?.constructor?.name === 'ServiceWorkerGlobalScope') { + request.serviceWorkers = 'none' + } + + // 7. Let responseObject be null. + let responseObject = null + + // 8. Let relevantRealm be this’s relevant Realm. + + // 9. Let locallyAborted be false. + let locallyAborted = false + + // 10. Let controller be null. + let controller = null + + // 11. Add the following abort steps to requestObject’s signal: + addAbortListener( + requestObject.signal, + () => { + // 1. Set locallyAborted to true. + locallyAborted = true + + // 2. Assert: controller is non-null. + assert(controller != null) + + // 3. Abort controller with requestObject’s signal’s abort reason. + controller.abort(requestObject.signal.reason) + + const realResponse = responseObject?.deref() + + // 4. Abort the fetch() call with p, request, responseObject, + // and requestObject’s signal’s abort reason. + abortFetch(p, request, realResponse, requestObject.signal.reason) + } + ) + + // 12. Let handleFetchDone given response response be to finalize and + // report timing with response, globalObject, and "fetch". + // see function handleFetchDone + + // 13. Set controller to the result of calling fetch given request, + // with processResponseEndOfBody set to handleFetchDone, and processResponse + // given response being these substeps: + + const processResponse = (response) => { + // 1. If locallyAborted is true, terminate these substeps. + if (locallyAborted) { + return + } + + // 2. If response’s aborted flag is set, then: + if (response.aborted) { + // 1. Let deserializedError be the result of deserialize a serialized + // abort reason given controller’s serialized abort reason and + // relevantRealm. + + // 2. Abort the fetch() call with p, request, responseObject, and + // deserializedError. + + abortFetch(p, request, responseObject, controller.serializedAbortReason) + return + } + + // 3. If response is a network error, then reject p with a TypeError + // and terminate these substeps. + if (response.type === 'error') { + p.reject(new TypeError('fetch failed', { cause: response.error })) + return + } + + // 4. Set responseObject to the result of creating a Response object, + // given response, "immutable", and relevantRealm. + responseObject = new WeakRef(fromInnerResponse(response, 'immutable')) + + // 5. Resolve p with responseObject. + p.resolve(responseObject.deref()) + p = null + } + + controller = fetching({ + request, + processResponseEndOfBody: handleFetchDone, + processResponse, + dispatcher: requestObject[kDispatcher] // undici + }) + + // 14. Return p. + return p.promise +} + +// https://fetch.spec.whatwg.org/#finalize-and-report-timing +function finalizeAndReportTiming (response, initiatorType = 'other') { + // 1. If response is an aborted network error, then return. + if (response.type === 'error' && response.aborted) { + return + } + + // 2. If response’s URL list is null or empty, then return. + if (!response.urlList?.length) { + return + } + + // 3. Let originalURL be response’s URL list[0]. + const originalURL = response.urlList[0] + + // 4. Let timingInfo be response’s timing info. + let timingInfo = response.timingInfo + + // 5. Let cacheState be response’s cache state. + let cacheState = response.cacheState + + // 6. If originalURL’s scheme is not an HTTP(S) scheme, then return. + if (!urlIsHttpHttpsScheme(originalURL)) { + return + } + + // 7. If timingInfo is null, then return. + if (timingInfo === null) { + return + } + + // 8. If response’s timing allow passed flag is not set, then: + if (!response.timingAllowPassed) { + // 1. Set timingInfo to a the result of creating an opaque timing info for timingInfo. + timingInfo = createOpaqueTimingInfo({ + startTime: timingInfo.startTime + }) + + // 2. Set cacheState to the empty string. + cacheState = '' + } + + // 9. Set timingInfo’s end time to the coarsened shared current time + // given global’s relevant settings object’s cross-origin isolated + // capability. + // TODO: given global’s relevant settings object’s cross-origin isolated + // capability? + timingInfo.endTime = coarsenedSharedCurrentTime() + + // 10. Set response’s timing info to timingInfo. + response.timingInfo = timingInfo + + // 11. Mark resource timing for timingInfo, originalURL, initiatorType, + // global, and cacheState. + markResourceTiming( + timingInfo, + originalURL.href, + initiatorType, + globalThis, + cacheState + ) +} + +// https://w3c.github.io/resource-timing/#dfn-mark-resource-timing +const markResourceTiming = performance.markResourceTiming + +// https://fetch.spec.whatwg.org/#abort-fetch +function abortFetch (p, request, responseObject, error) { + // 1. Reject promise with error. + if (p) { + // We might have already resolved the promise at this stage + p.reject(error) + } + + // 2. If request’s body is not null and is readable, then cancel request’s + // body with error. + if (request.body != null && isReadable(request.body?.stream)) { + request.body.stream.cancel(error).catch((err) => { + if (err.code === 'ERR_INVALID_STATE') { + // Node bug? + return + } + throw err + }) + } + + // 3. If responseObject is null, then return. + if (responseObject == null) { + return + } + + // 4. Let response be responseObject’s response. + const response = responseObject[kState] + + // 5. If response’s body is not null and is readable, then error response’s + // body with error. + if (response.body != null && isReadable(response.body?.stream)) { + response.body.stream.cancel(error).catch((err) => { + if (err.code === 'ERR_INVALID_STATE') { + // Node bug? + return + } + throw err + }) + } +} + +// https://fetch.spec.whatwg.org/#fetching +function fetching ({ + request, + processRequestBodyChunkLength, + processRequestEndOfBody, + processResponse, + processResponseEndOfBody, + processResponseConsumeBody, + useParallelQueue = false, + dispatcher = getGlobalDispatcher() // undici +}) { + // Ensure that the dispatcher is set accordingly + assert(dispatcher) + + // 1. Let taskDestination be null. + let taskDestination = null + + // 2. Let crossOriginIsolatedCapability be false. + let crossOriginIsolatedCapability = false + + // 3. If request’s client is non-null, then: + if (request.client != null) { + // 1. Set taskDestination to request’s client’s global object. + taskDestination = request.client.globalObject + + // 2. Set crossOriginIsolatedCapability to request’s client’s cross-origin + // isolated capability. + crossOriginIsolatedCapability = + request.client.crossOriginIsolatedCapability + } + + // 4. If useParallelQueue is true, then set taskDestination to the result of + // starting a new parallel queue. + // TODO + + // 5. Let timingInfo be a new fetch timing info whose start time and + // post-redirect start time are the coarsened shared current time given + // crossOriginIsolatedCapability. + const currentTime = coarsenedSharedCurrentTime(crossOriginIsolatedCapability) + const timingInfo = createOpaqueTimingInfo({ + startTime: currentTime + }) + + // 6. Let fetchParams be a new fetch params whose + // request is request, + // timing info is timingInfo, + // process request body chunk length is processRequestBodyChunkLength, + // process request end-of-body is processRequestEndOfBody, + // process response is processResponse, + // process response consume body is processResponseConsumeBody, + // process response end-of-body is processResponseEndOfBody, + // task destination is taskDestination, + // and cross-origin isolated capability is crossOriginIsolatedCapability. + const fetchParams = { + controller: new Fetch(dispatcher), + request, + timingInfo, + processRequestBodyChunkLength, + processRequestEndOfBody, + processResponse, + processResponseConsumeBody, + processResponseEndOfBody, + taskDestination, + crossOriginIsolatedCapability + } + + // 7. If request’s body is a byte sequence, then set request’s body to + // request’s body as a body. + // NOTE: Since fetching is only called from fetch, body should already be + // extracted. + assert(!request.body || request.body.stream) + + // 8. If request’s window is "client", then set request’s window to request’s + // client, if request’s client’s global object is a Window object; otherwise + // "no-window". + if (request.window === 'client') { + // TODO: What if request.client is null? + request.window = + request.client?.globalObject?.constructor?.name === 'Window' + ? request.client + : 'no-window' + } + + // 9. If request’s origin is "client", then set request’s origin to request’s + // client’s origin. + if (request.origin === 'client') { + request.origin = request.client.origin + } + + // 10. If all of the following conditions are true: + // TODO + + // 11. If request’s policy container is "client", then: + if (request.policyContainer === 'client') { + // 1. If request’s client is non-null, then set request’s policy + // container to a clone of request’s client’s policy container. [HTML] + if (request.client != null) { + request.policyContainer = clonePolicyContainer( + request.client.policyContainer + ) + } else { + // 2. Otherwise, set request’s policy container to a new policy + // container. + request.policyContainer = makePolicyContainer() + } + } + + // 12. If request’s header list does not contain `Accept`, then: + if (!request.headersList.contains('accept', true)) { + // 1. Let value be `*/*`. + const value = '*/*' + + // 2. A user agent should set value to the first matching statement, if + // any, switching on request’s destination: + // "document" + // "frame" + // "iframe" + // `text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8` + // "image" + // `image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5` + // "style" + // `text/css,*/*;q=0.1` + // TODO + + // 3. Append `Accept`/value to request’s header list. + request.headersList.append('accept', value, true) + } + + // 13. If request’s header list does not contain `Accept-Language`, then + // user agents should append `Accept-Language`/an appropriate value to + // request’s header list. + if (!request.headersList.contains('accept-language', true)) { + request.headersList.append('accept-language', '*', true) + } + + // 14. If request’s priority is null, then use request’s initiator and + // destination appropriately in setting request’s priority to a + // user-agent-defined object. + if (request.priority === null) { + // TODO + } + + // 15. If request is a subresource request, then: + if (subresourceSet.has(request.destination)) { + // TODO + } + + // 16. Run main fetch given fetchParams. + mainFetch(fetchParams) + .catch(err => { + fetchParams.controller.terminate(err) + }) + + // 17. Return fetchParam's controller + return fetchParams.controller +} + +// https://fetch.spec.whatwg.org/#concept-main-fetch +async function mainFetch (fetchParams, recursive = false) { + // 1. Let request be fetchParams’s request. + const request = fetchParams.request + + // 2. Let response be null. + let response = null + + // 3. If request’s local-URLs-only flag is set and request’s current URL is + // not local, then set response to a network error. + if (request.localURLsOnly && !urlIsLocal(requestCurrentURL(request))) { + response = makeNetworkError('local URLs only') + } + + // 4. Run report Content Security Policy violations for request. + // TODO + + // 5. Upgrade request to a potentially trustworthy URL, if appropriate. + tryUpgradeRequestToAPotentiallyTrustworthyURL(request) + + // 6. If should request be blocked due to a bad port, should fetching request + // be blocked as mixed content, or should request be blocked by Content + // Security Policy returns blocked, then set response to a network error. + if (requestBadPort(request) === 'blocked') { + response = makeNetworkError('bad port') + } + // TODO: should fetching request be blocked as mixed content? + // TODO: should request be blocked by Content Security Policy? + + // 7. If request’s referrer policy is the empty string, then set request’s + // referrer policy to request’s policy container’s referrer policy. + if (request.referrerPolicy === '') { + request.referrerPolicy = request.policyContainer.referrerPolicy + } + + // 8. If request’s referrer is not "no-referrer", then set request’s + // referrer to the result of invoking determine request’s referrer. + if (request.referrer !== 'no-referrer') { + request.referrer = determineRequestsReferrer(request) + } + + // 9. Set request’s current URL’s scheme to "https" if all of the following + // conditions are true: + // - request’s current URL’s scheme is "http" + // - request’s current URL’s host is a domain + // - Matching request’s current URL’s host per Known HSTS Host Domain Name + // Matching results in either a superdomain match with an asserted + // includeSubDomains directive or a congruent match (with or without an + // asserted includeSubDomains directive). [HSTS] + // TODO + + // 10. If recursive is false, then run the remaining steps in parallel. + // TODO + + // 11. If response is null, then set response to the result of running + // the steps corresponding to the first matching statement: + if (response === null) { + response = await (async () => { + const currentURL = requestCurrentURL(request) + + if ( + // - request’s current URL’s origin is same origin with request’s origin, + // and request’s response tainting is "basic" + (sameOrigin(currentURL, request.url) && request.responseTainting === 'basic') || + // request’s current URL’s scheme is "data" + (currentURL.protocol === 'data:') || + // - request’s mode is "navigate" or "websocket" + (request.mode === 'navigate' || request.mode === 'websocket') + ) { + // 1. Set request’s response tainting to "basic". + request.responseTainting = 'basic' + + // 2. Return the result of running scheme fetch given fetchParams. + return await schemeFetch(fetchParams) + } + + // request’s mode is "same-origin" + if (request.mode === 'same-origin') { + // 1. Return a network error. + return makeNetworkError('request mode cannot be "same-origin"') + } + + // request’s mode is "no-cors" + if (request.mode === 'no-cors') { + // 1. If request’s redirect mode is not "follow", then return a network + // error. + if (request.redirect !== 'follow') { + return makeNetworkError( + 'redirect mode cannot be "follow" for "no-cors" request' + ) + } + + // 2. Set request’s response tainting to "opaque". + request.responseTainting = 'opaque' + + // 3. Return the result of running scheme fetch given fetchParams. + return await schemeFetch(fetchParams) + } + + // request’s current URL’s scheme is not an HTTP(S) scheme + if (!urlIsHttpHttpsScheme(requestCurrentURL(request))) { + // Return a network error. + return makeNetworkError('URL scheme must be a HTTP(S) scheme') + } + + // - request’s use-CORS-preflight flag is set + // - request’s unsafe-request flag is set and either request’s method is + // not a CORS-safelisted method or CORS-unsafe request-header names with + // request’s header list is not empty + // 1. Set request’s response tainting to "cors". + // 2. Let corsWithPreflightResponse be the result of running HTTP fetch + // given fetchParams and true. + // 3. If corsWithPreflightResponse is a network error, then clear cache + // entries using request. + // 4. Return corsWithPreflightResponse. + // TODO + + // Otherwise + // 1. Set request’s response tainting to "cors". + request.responseTainting = 'cors' + + // 2. Return the result of running HTTP fetch given fetchParams. + return await httpFetch(fetchParams) + })() + } + + // 12. If recursive is true, then return response. + if (recursive) { + return response + } + + // 13. If response is not a network error and response is not a filtered + // response, then: + if (response.status !== 0 && !response.internalResponse) { + // If request’s response tainting is "cors", then: + if (request.responseTainting === 'cors') { + // 1. Let headerNames be the result of extracting header list values + // given `Access-Control-Expose-Headers` and response’s header list. + // TODO + // 2. If request’s credentials mode is not "include" and headerNames + // contains `*`, then set response’s CORS-exposed header-name list to + // all unique header names in response’s header list. + // TODO + // 3. Otherwise, if headerNames is not null or failure, then set + // response’s CORS-exposed header-name list to headerNames. + // TODO + } + + // Set response to the following filtered response with response as its + // internal response, depending on request’s response tainting: + if (request.responseTainting === 'basic') { + response = filterResponse(response, 'basic') + } else if (request.responseTainting === 'cors') { + response = filterResponse(response, 'cors') + } else if (request.responseTainting === 'opaque') { + response = filterResponse(response, 'opaque') + } else { + assert(false) + } + } + + // 14. Let internalResponse be response, if response is a network error, + // and response’s internal response otherwise. + let internalResponse = + response.status === 0 ? response : response.internalResponse + + // 15. If internalResponse’s URL list is empty, then set it to a clone of + // request’s URL list. + if (internalResponse.urlList.length === 0) { + internalResponse.urlList.push(...request.urlList) + } + + // 16. If request’s timing allow failed flag is unset, then set + // internalResponse’s timing allow passed flag. + if (!request.timingAllowFailed) { + response.timingAllowPassed = true + } + + // 17. If response is not a network error and any of the following returns + // blocked + // - should internalResponse to request be blocked as mixed content + // - should internalResponse to request be blocked by Content Security Policy + // - should internalResponse to request be blocked due to its MIME type + // - should internalResponse to request be blocked due to nosniff + // TODO + + // 18. If response’s type is "opaque", internalResponse’s status is 206, + // internalResponse’s range-requested flag is set, and request’s header + // list does not contain `Range`, then set response and internalResponse + // to a network error. + if ( + response.type === 'opaque' && + internalResponse.status === 206 && + internalResponse.rangeRequested && + !request.headers.contains('range', true) + ) { + response = internalResponse = makeNetworkError() + } + + // 19. If response is not a network error and either request’s method is + // `HEAD` or `CONNECT`, or internalResponse’s status is a null body status, + // set internalResponse’s body to null and disregard any enqueuing toward + // it (if any). + if ( + response.status !== 0 && + (request.method === 'HEAD' || + request.method === 'CONNECT' || + nullBodyStatus.includes(internalResponse.status)) + ) { + internalResponse.body = null + fetchParams.controller.dump = true + } + + // 20. If request’s integrity metadata is not the empty string, then: + if (request.integrity) { + // 1. Let processBodyError be this step: run fetch finale given fetchParams + // and a network error. + const processBodyError = (reason) => + fetchFinale(fetchParams, makeNetworkError(reason)) + + // 2. If request’s response tainting is "opaque", or response’s body is null, + // then run processBodyError and abort these steps. + if (request.responseTainting === 'opaque' || response.body == null) { + processBodyError(response.error) + return + } + + // 3. Let processBody given bytes be these steps: + const processBody = (bytes) => { + // 1. If bytes do not match request’s integrity metadata, + // then run processBodyError and abort these steps. [SRI] + if (!bytesMatch(bytes, request.integrity)) { + processBodyError('integrity mismatch') + return + } + + // 2. Set response’s body to bytes as a body. + response.body = safelyExtractBody(bytes)[0] + + // 3. Run fetch finale given fetchParams and response. + fetchFinale(fetchParams, response) + } + + // 4. Fully read response’s body given processBody and processBodyError. + await fullyReadBody(response.body, processBody, processBodyError) + } else { + // 21. Otherwise, run fetch finale given fetchParams and response. + fetchFinale(fetchParams, response) + } +} + +// https://fetch.spec.whatwg.org/#concept-scheme-fetch +// given a fetch params fetchParams +function schemeFetch (fetchParams) { + // Note: since the connection is destroyed on redirect, which sets fetchParams to a + // cancelled state, we do not want this condition to trigger *unless* there have been + // no redirects. See https://github.com/nodejs/undici/issues/1776 + // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams. + if (isCancelled(fetchParams) && fetchParams.request.redirectCount === 0) { + return Promise.resolve(makeAppropriateNetworkError(fetchParams)) + } + + // 2. Let request be fetchParams’s request. + const { request } = fetchParams + + const { protocol: scheme } = requestCurrentURL(request) + + // 3. Switch on request’s current URL’s scheme and run the associated steps: + switch (scheme) { + case 'about:': { + // If request’s current URL’s path is the string "blank", then return a new response + // whose status message is `OK`, header list is « (`Content-Type`, `text/html;charset=utf-8`) », + // and body is the empty byte sequence as a body. + + // Otherwise, return a network error. + return Promise.resolve(makeNetworkError('about scheme is not supported')) + } + case 'blob:': { + if (!resolveObjectURL) { + resolveObjectURL = (__nccwpck_require__(4573).resolveObjectURL) + } + + // 1. Let blobURLEntry be request’s current URL’s blob URL entry. + const blobURLEntry = requestCurrentURL(request) + + // https://github.com/web-platform-tests/wpt/blob/7b0ebaccc62b566a1965396e5be7bb2bc06f841f/FileAPI/url/resources/fetch-tests.js#L52-L56 + // Buffer.resolveObjectURL does not ignore URL queries. + if (blobURLEntry.search.length !== 0) { + return Promise.resolve(makeNetworkError('NetworkError when attempting to fetch resource.')) + } + + const blob = resolveObjectURL(blobURLEntry.toString()) + + // 2. If request’s method is not `GET`, blobURLEntry is null, or blobURLEntry’s + // object is not a Blob object, then return a network error. + if (request.method !== 'GET' || !isBlobLike(blob)) { + return Promise.resolve(makeNetworkError('invalid method')) + } + + // 3. Let blob be blobURLEntry’s object. + // Note: done above + + // 4. Let response be a new response. + const response = makeResponse() + + // 5. Let fullLength be blob’s size. + const fullLength = blob.size + + // 6. Let serializedFullLength be fullLength, serialized and isomorphic encoded. + const serializedFullLength = isomorphicEncode(`${fullLength}`) + + // 7. Let type be blob’s type. + const type = blob.type + + // 8. If request’s header list does not contain `Range`: + // 9. Otherwise: + if (!request.headersList.contains('range', true)) { + // 1. Let bodyWithType be the result of safely extracting blob. + // Note: in the FileAPI a blob "object" is a Blob *or* a MediaSource. + // In node, this can only ever be a Blob. Therefore we can safely + // use extractBody directly. + const bodyWithType = extractBody(blob) + + // 2. Set response’s status message to `OK`. + response.statusText = 'OK' + + // 3. Set response’s body to bodyWithType’s body. + response.body = bodyWithType[0] + + // 4. Set response’s header list to « (`Content-Length`, serializedFullLength), (`Content-Type`, type) ». + response.headersList.set('content-length', serializedFullLength, true) + response.headersList.set('content-type', type, true) + } else { + // 1. Set response’s range-requested flag. + response.rangeRequested = true + + // 2. Let rangeHeader be the result of getting `Range` from request’s header list. + const rangeHeader = request.headersList.get('range', true) + + // 3. Let rangeValue be the result of parsing a single range header value given rangeHeader and true. + const rangeValue = simpleRangeHeaderValue(rangeHeader, true) + + // 4. If rangeValue is failure, then return a network error. + if (rangeValue === 'failure') { + return Promise.resolve(makeNetworkError('failed to fetch the data URL')) + } + + // 5. Let (rangeStart, rangeEnd) be rangeValue. + let { rangeStartValue: rangeStart, rangeEndValue: rangeEnd } = rangeValue + + // 6. If rangeStart is null: + // 7. Otherwise: + if (rangeStart === null) { + // 1. Set rangeStart to fullLength − rangeEnd. + rangeStart = fullLength - rangeEnd + + // 2. Set rangeEnd to rangeStart + rangeEnd − 1. + rangeEnd = rangeStart + rangeEnd - 1 + } else { + // 1. If rangeStart is greater than or equal to fullLength, then return a network error. + if (rangeStart >= fullLength) { + return Promise.resolve(makeNetworkError('Range start is greater than the blob\'s size.')) + } + + // 2. If rangeEnd is null or rangeEnd is greater than or equal to fullLength, then set + // rangeEnd to fullLength − 1. + if (rangeEnd === null || rangeEnd >= fullLength) { + rangeEnd = fullLength - 1 + } + } + + // 8. Let slicedBlob be the result of invoking slice blob given blob, rangeStart, + // rangeEnd + 1, and type. + const slicedBlob = blob.slice(rangeStart, rangeEnd, type) + + // 9. Let slicedBodyWithType be the result of safely extracting slicedBlob. + // Note: same reason as mentioned above as to why we use extractBody + const slicedBodyWithType = extractBody(slicedBlob) + + // 10. Set response’s body to slicedBodyWithType’s body. + response.body = slicedBodyWithType[0] + + // 11. Let serializedSlicedLength be slicedBlob’s size, serialized and isomorphic encoded. + const serializedSlicedLength = isomorphicEncode(`${slicedBlob.size}`) + + // 12. Let contentRange be the result of invoking build a content range given rangeStart, + // rangeEnd, and fullLength. + const contentRange = buildContentRange(rangeStart, rangeEnd, fullLength) + + // 13. Set response’s status to 206. + response.status = 206 + + // 14. Set response’s status message to `Partial Content`. + response.statusText = 'Partial Content' + + // 15. Set response’s header list to « (`Content-Length`, serializedSlicedLength), + // (`Content-Type`, type), (`Content-Range`, contentRange) ». + response.headersList.set('content-length', serializedSlicedLength, true) + response.headersList.set('content-type', type, true) + response.headersList.set('content-range', contentRange, true) + } + + // 10. Return response. + return Promise.resolve(response) + } + case 'data:': { + // 1. Let dataURLStruct be the result of running the + // data: URL processor on request’s current URL. + const currentURL = requestCurrentURL(request) + const dataURLStruct = dataURLProcessor(currentURL) + + // 2. If dataURLStruct is failure, then return a + // network error. + if (dataURLStruct === 'failure') { + return Promise.resolve(makeNetworkError('failed to fetch the data URL')) + } + + // 3. Let mimeType be dataURLStruct’s MIME type, serialized. + const mimeType = serializeAMimeType(dataURLStruct.mimeType) + + // 4. Return a response whose status message is `OK`, + // header list is « (`Content-Type`, mimeType) », + // and body is dataURLStruct’s body as a body. + return Promise.resolve(makeResponse({ + statusText: 'OK', + headersList: [ + ['content-type', { name: 'Content-Type', value: mimeType }] + ], + body: safelyExtractBody(dataURLStruct.body)[0] + })) + } + case 'file:': { + // For now, unfortunate as it is, file URLs are left as an exercise for the reader. + // When in doubt, return a network error. + return Promise.resolve(makeNetworkError('not implemented... yet...')) + } + case 'http:': + case 'https:': { + // Return the result of running HTTP fetch given fetchParams. + + return httpFetch(fetchParams) + .catch((err) => makeNetworkError(err)) + } + default: { + return Promise.resolve(makeNetworkError('unknown scheme')) + } + } +} + +// https://fetch.spec.whatwg.org/#finalize-response +function finalizeResponse (fetchParams, response) { + // 1. Set fetchParams’s request’s done flag. + fetchParams.request.done = true + + // 2, If fetchParams’s process response done is not null, then queue a fetch + // task to run fetchParams’s process response done given response, with + // fetchParams’s task destination. + if (fetchParams.processResponseDone != null) { + queueMicrotask(() => fetchParams.processResponseDone(response)) + } +} + +// https://fetch.spec.whatwg.org/#fetch-finale +function fetchFinale (fetchParams, response) { + // 1. Let timingInfo be fetchParams’s timing info. + let timingInfo = fetchParams.timingInfo + + // 2. If response is not a network error and fetchParams’s request’s client is a secure context, + // then set timingInfo’s server-timing headers to the result of getting, decoding, and splitting + // `Server-Timing` from response’s internal response’s header list. + // TODO + + // 3. Let processResponseEndOfBody be the following steps: + const processResponseEndOfBody = () => { + // 1. Let unsafeEndTime be the unsafe shared current time. + const unsafeEndTime = Date.now() // ? + + // 2. If fetchParams’s request’s destination is "document", then set fetchParams’s controller’s + // full timing info to fetchParams’s timing info. + if (fetchParams.request.destination === 'document') { + fetchParams.controller.fullTimingInfo = timingInfo + } + + // 3. Set fetchParams’s controller’s report timing steps to the following steps given a global object global: + fetchParams.controller.reportTimingSteps = () => { + // 1. If fetchParams’s request’s URL’s scheme is not an HTTP(S) scheme, then return. + if (fetchParams.request.url.protocol !== 'https:') { + return + } + + // 2. Set timingInfo’s end time to the relative high resolution time given unsafeEndTime and global. + timingInfo.endTime = unsafeEndTime + + // 3. Let cacheState be response’s cache state. + let cacheState = response.cacheState + + // 4. Let bodyInfo be response’s body info. + const bodyInfo = response.bodyInfo + + // 5. If response’s timing allow passed flag is not set, then set timingInfo to the result of creating an + // opaque timing info for timingInfo and set cacheState to the empty string. + if (!response.timingAllowPassed) { + timingInfo = createOpaqueTimingInfo(timingInfo) + + cacheState = '' + } + + // 6. Let responseStatus be 0. + let responseStatus = 0 + + // 7. If fetchParams’s request’s mode is not "navigate" or response’s has-cross-origin-redirects is false: + if (fetchParams.request.mode !== 'navigator' || !response.hasCrossOriginRedirects) { + // 1. Set responseStatus to response’s status. + responseStatus = response.status + + // 2. Let mimeType be the result of extracting a MIME type from response’s header list. + const mimeType = extractMimeType(response.headersList) + + // 3. If mimeType is not failure, then set bodyInfo’s content type to the result of minimizing a supported MIME type given mimeType. + if (mimeType !== 'failure') { + bodyInfo.contentType = minimizeSupportedMimeType(mimeType) + } + } + + // 8. If fetchParams’s request’s initiator type is non-null, then mark resource timing given timingInfo, + // fetchParams’s request’s URL, fetchParams’s request’s initiator type, global, cacheState, bodyInfo, + // and responseStatus. + if (fetchParams.request.initiatorType != null) { + // TODO: update markresourcetiming + markResourceTiming(timingInfo, fetchParams.request.url.href, fetchParams.request.initiatorType, globalThis, cacheState, bodyInfo, responseStatus) + } + } + + // 4. Let processResponseEndOfBodyTask be the following steps: + const processResponseEndOfBodyTask = () => { + // 1. Set fetchParams’s request’s done flag. + fetchParams.request.done = true + + // 2. If fetchParams’s process response end-of-body is non-null, then run fetchParams’s process + // response end-of-body given response. + if (fetchParams.processResponseEndOfBody != null) { + queueMicrotask(() => fetchParams.processResponseEndOfBody(response)) + } + + // 3. If fetchParams’s request’s initiator type is non-null and fetchParams’s request’s client’s + // global object is fetchParams’s task destination, then run fetchParams’s controller’s report + // timing steps given fetchParams’s request’s client’s global object. + if (fetchParams.request.initiatorType != null) { + fetchParams.controller.reportTimingSteps() + } + } + + // 5. Queue a fetch task to run processResponseEndOfBodyTask with fetchParams’s task destination + queueMicrotask(() => processResponseEndOfBodyTask()) + } + + // 4. If fetchParams’s process response is non-null, then queue a fetch task to run fetchParams’s + // process response given response, with fetchParams’s task destination. + if (fetchParams.processResponse != null) { + queueMicrotask(() => { + fetchParams.processResponse(response) + fetchParams.processResponse = null + }) + } + + // 5. Let internalResponse be response, if response is a network error; otherwise response’s internal response. + const internalResponse = response.type === 'error' ? response : (response.internalResponse ?? response) + + // 6. If internalResponse’s body is null, then run processResponseEndOfBody. + // 7. Otherwise: + if (internalResponse.body == null) { + processResponseEndOfBody() + } else { + // mcollina: all the following steps of the specs are skipped. + // The internal transform stream is not needed. + // See https://github.com/nodejs/undici/pull/3093#issuecomment-2050198541 + + // 1. Let transformStream be a new TransformStream. + // 2. Let identityTransformAlgorithm be an algorithm which, given chunk, enqueues chunk in transformStream. + // 3. Set up transformStream with transformAlgorithm set to identityTransformAlgorithm and flushAlgorithm + // set to processResponseEndOfBody. + // 4. Set internalResponse’s body’s stream to the result of internalResponse’s body’s stream piped through transformStream. + + finished(internalResponse.body.stream, () => { + processResponseEndOfBody() + }) + } +} + +// https://fetch.spec.whatwg.org/#http-fetch +async function httpFetch (fetchParams) { + // 1. Let request be fetchParams’s request. + const request = fetchParams.request + + // 2. Let response be null. + let response = null + + // 3. Let actualResponse be null. + let actualResponse = null + + // 4. Let timingInfo be fetchParams’s timing info. + const timingInfo = fetchParams.timingInfo + + // 5. If request’s service-workers mode is "all", then: + if (request.serviceWorkers === 'all') { + // TODO + } + + // 6. If response is null, then: + if (response === null) { + // 1. If makeCORSPreflight is true and one of these conditions is true: + // TODO + + // 2. If request’s redirect mode is "follow", then set request’s + // service-workers mode to "none". + if (request.redirect === 'follow') { + request.serviceWorkers = 'none' + } + + // 3. Set response and actualResponse to the result of running + // HTTP-network-or-cache fetch given fetchParams. + actualResponse = response = await httpNetworkOrCacheFetch(fetchParams) + + // 4. If request’s response tainting is "cors" and a CORS check + // for request and response returns failure, then return a network error. + if ( + request.responseTainting === 'cors' && + corsCheck(request, response) === 'failure' + ) { + return makeNetworkError('cors failure') + } + + // 5. If the TAO check for request and response returns failure, then set + // request’s timing allow failed flag. + if (TAOCheck(request, response) === 'failure') { + request.timingAllowFailed = true + } + } + + // 7. If either request’s response tainting or response’s type + // is "opaque", and the cross-origin resource policy check with + // request’s origin, request’s client, request’s destination, + // and actualResponse returns blocked, then return a network error. + if ( + (request.responseTainting === 'opaque' || response.type === 'opaque') && + crossOriginResourcePolicyCheck( + request.origin, + request.client, + request.destination, + actualResponse + ) === 'blocked' + ) { + return makeNetworkError('blocked') + } + + // 8. If actualResponse’s status is a redirect status, then: + if (redirectStatusSet.has(actualResponse.status)) { + // 1. If actualResponse’s status is not 303, request’s body is not null, + // and the connection uses HTTP/2, then user agents may, and are even + // encouraged to, transmit an RST_STREAM frame. + // See, https://github.com/whatwg/fetch/issues/1288 + if (request.redirect !== 'manual') { + fetchParams.controller.connection.destroy(undefined, false) + } + + // 2. Switch on request’s redirect mode: + if (request.redirect === 'error') { + // Set response to a network error. + response = makeNetworkError('unexpected redirect') + } else if (request.redirect === 'manual') { + // Set response to an opaque-redirect filtered response whose internal + // response is actualResponse. + // NOTE(spec): On the web this would return an `opaqueredirect` response, + // but that doesn't make sense server side. + // See https://github.com/nodejs/undici/issues/1193. + response = actualResponse + } else if (request.redirect === 'follow') { + // Set response to the result of running HTTP-redirect fetch given + // fetchParams and response. + response = await httpRedirectFetch(fetchParams, response) + } else { + assert(false) + } + } + + // 9. Set response’s timing info to timingInfo. + response.timingInfo = timingInfo + + // 10. Return response. + return response +} + +// https://fetch.spec.whatwg.org/#http-redirect-fetch +function httpRedirectFetch (fetchParams, response) { + // 1. Let request be fetchParams’s request. + const request = fetchParams.request + + // 2. Let actualResponse be response, if response is not a filtered response, + // and response’s internal response otherwise. + const actualResponse = response.internalResponse + ? response.internalResponse + : response + + // 3. Let locationURL be actualResponse’s location URL given request’s current + // URL’s fragment. + let locationURL + + try { + locationURL = responseLocationURL( + actualResponse, + requestCurrentURL(request).hash + ) + + // 4. If locationURL is null, then return response. + if (locationURL == null) { + return response + } + } catch (err) { + // 5. If locationURL is failure, then return a network error. + return Promise.resolve(makeNetworkError(err)) + } + + // 6. If locationURL’s scheme is not an HTTP(S) scheme, then return a network + // error. + if (!urlIsHttpHttpsScheme(locationURL)) { + return Promise.resolve(makeNetworkError('URL scheme must be a HTTP(S) scheme')) + } + + // 7. If request’s redirect count is 20, then return a network error. + if (request.redirectCount === 20) { + return Promise.resolve(makeNetworkError('redirect count exceeded')) + } + + // 8. Increase request’s redirect count by 1. + request.redirectCount += 1 + + // 9. If request’s mode is "cors", locationURL includes credentials, and + // request’s origin is not same origin with locationURL’s origin, then return + // a network error. + if ( + request.mode === 'cors' && + (locationURL.username || locationURL.password) && + !sameOrigin(request, locationURL) + ) { + return Promise.resolve(makeNetworkError('cross origin not allowed for request mode "cors"')) + } + + // 10. If request’s response tainting is "cors" and locationURL includes + // credentials, then return a network error. + if ( + request.responseTainting === 'cors' && + (locationURL.username || locationURL.password) + ) { + return Promise.resolve(makeNetworkError( + 'URL cannot contain credentials for request mode "cors"' + )) + } + + // 11. If actualResponse’s status is not 303, request’s body is non-null, + // and request’s body’s source is null, then return a network error. + if ( + actualResponse.status !== 303 && + request.body != null && + request.body.source == null + ) { + return Promise.resolve(makeNetworkError()) + } + + // 12. If one of the following is true + // - actualResponse’s status is 301 or 302 and request’s method is `POST` + // - actualResponse’s status is 303 and request’s method is not `GET` or `HEAD` + if ( + ([301, 302].includes(actualResponse.status) && request.method === 'POST') || + (actualResponse.status === 303 && + !GET_OR_HEAD.includes(request.method)) + ) { + // then: + // 1. Set request’s method to `GET` and request’s body to null. + request.method = 'GET' + request.body = null + + // 2. For each headerName of request-body-header name, delete headerName from + // request’s header list. + for (const headerName of requestBodyHeader) { + request.headersList.delete(headerName) + } + } + + // 13. If request’s current URL’s origin is not same origin with locationURL’s + // origin, then for each headerName of CORS non-wildcard request-header name, + // delete headerName from request’s header list. + if (!sameOrigin(requestCurrentURL(request), locationURL)) { + // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name + request.headersList.delete('authorization', true) + + // https://fetch.spec.whatwg.org/#authentication-entries + request.headersList.delete('proxy-authorization', true) + + // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement. + request.headersList.delete('cookie', true) + request.headersList.delete('host', true) + } + + // 14. If request’s body is non-null, then set request’s body to the first return + // value of safely extracting request’s body’s source. + if (request.body != null) { + assert(request.body.source != null) + request.body = safelyExtractBody(request.body.source)[0] + } + + // 15. Let timingInfo be fetchParams’s timing info. + const timingInfo = fetchParams.timingInfo + + // 16. Set timingInfo’s redirect end time and post-redirect start time to the + // coarsened shared current time given fetchParams’s cross-origin isolated + // capability. + timingInfo.redirectEndTime = timingInfo.postRedirectStartTime = + coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability) + + // 17. If timingInfo’s redirect start time is 0, then set timingInfo’s + // redirect start time to timingInfo’s start time. + if (timingInfo.redirectStartTime === 0) { + timingInfo.redirectStartTime = timingInfo.startTime + } + + // 18. Append locationURL to request’s URL list. + request.urlList.push(locationURL) + + // 19. Invoke set request’s referrer policy on redirect on request and + // actualResponse. + setRequestReferrerPolicyOnRedirect(request, actualResponse) + + // 20. Return the result of running main fetch given fetchParams and true. + return mainFetch(fetchParams, true) +} + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +async function httpNetworkOrCacheFetch ( + fetchParams, + isAuthenticationFetch = false, + isNewConnectionFetch = false +) { + // 1. Let request be fetchParams’s request. + const request = fetchParams.request + + // 2. Let httpFetchParams be null. + let httpFetchParams = null + + // 3. Let httpRequest be null. + let httpRequest = null + + // 4. Let response be null. + let response = null + + // 5. Let storedResponse be null. + // TODO: cache + + // 6. Let httpCache be null. + const httpCache = null + + // 7. Let the revalidatingFlag be unset. + const revalidatingFlag = false + + // 8. Run these steps, but abort when the ongoing fetch is terminated: + + // 1. If request’s window is "no-window" and request’s redirect mode is + // "error", then set httpFetchParams to fetchParams and httpRequest to + // request. + if (request.window === 'no-window' && request.redirect === 'error') { + httpFetchParams = fetchParams + httpRequest = request + } else { + // Otherwise: + + // 1. Set httpRequest to a clone of request. + httpRequest = cloneRequest(request) + + // 2. Set httpFetchParams to a copy of fetchParams. + httpFetchParams = { ...fetchParams } + + // 3. Set httpFetchParams’s request to httpRequest. + httpFetchParams.request = httpRequest + } + + // 3. Let includeCredentials be true if one of + const includeCredentials = + request.credentials === 'include' || + (request.credentials === 'same-origin' && + request.responseTainting === 'basic') + + // 4. Let contentLength be httpRequest’s body’s length, if httpRequest’s + // body is non-null; otherwise null. + const contentLength = httpRequest.body ? httpRequest.body.length : null + + // 5. Let contentLengthHeaderValue be null. + let contentLengthHeaderValue = null + + // 6. If httpRequest’s body is null and httpRequest’s method is `POST` or + // `PUT`, then set contentLengthHeaderValue to `0`. + if ( + httpRequest.body == null && + ['POST', 'PUT'].includes(httpRequest.method) + ) { + contentLengthHeaderValue = '0' + } + + // 7. If contentLength is non-null, then set contentLengthHeaderValue to + // contentLength, serialized and isomorphic encoded. + if (contentLength != null) { + contentLengthHeaderValue = isomorphicEncode(`${contentLength}`) + } + + // 8. If contentLengthHeaderValue is non-null, then append + // `Content-Length`/contentLengthHeaderValue to httpRequest’s header + // list. + if (contentLengthHeaderValue != null) { + httpRequest.headersList.append('content-length', contentLengthHeaderValue, true) + } + + // 9. If contentLengthHeaderValue is non-null, then append (`Content-Length`, + // contentLengthHeaderValue) to httpRequest’s header list. + + // 10. If contentLength is non-null and httpRequest’s keepalive is true, + // then: + if (contentLength != null && httpRequest.keepalive) { + // NOTE: keepalive is a noop outside of browser context. + } + + // 11. If httpRequest’s referrer is a URL, then append + // `Referer`/httpRequest’s referrer, serialized and isomorphic encoded, + // to httpRequest’s header list. + if (httpRequest.referrer instanceof URL) { + httpRequest.headersList.append('referer', isomorphicEncode(httpRequest.referrer.href), true) + } + + // 12. Append a request `Origin` header for httpRequest. + appendRequestOriginHeader(httpRequest) + + // 13. Append the Fetch metadata headers for httpRequest. [FETCH-METADATA] + appendFetchMetadata(httpRequest) + + // 14. If httpRequest’s header list does not contain `User-Agent`, then + // user agents should append `User-Agent`/default `User-Agent` value to + // httpRequest’s header list. + if (!httpRequest.headersList.contains('user-agent', true)) { + httpRequest.headersList.append('user-agent', defaultUserAgent) + } + + // 15. If httpRequest’s cache mode is "default" and httpRequest’s header + // list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, then set + // httpRequest’s cache mode to "no-store". + if ( + httpRequest.cache === 'default' && + (httpRequest.headersList.contains('if-modified-since', true) || + httpRequest.headersList.contains('if-none-match', true) || + httpRequest.headersList.contains('if-unmodified-since', true) || + httpRequest.headersList.contains('if-match', true) || + httpRequest.headersList.contains('if-range', true)) + ) { + httpRequest.cache = 'no-store' + } + + // 16. If httpRequest’s cache mode is "no-cache", httpRequest’s prevent + // no-cache cache-control header modification flag is unset, and + // httpRequest’s header list does not contain `Cache-Control`, then append + // `Cache-Control`/`max-age=0` to httpRequest’s header list. + if ( + httpRequest.cache === 'no-cache' && + !httpRequest.preventNoCacheCacheControlHeaderModification && + !httpRequest.headersList.contains('cache-control', true) + ) { + httpRequest.headersList.append('cache-control', 'max-age=0', true) + } + + // 17. If httpRequest’s cache mode is "no-store" or "reload", then: + if (httpRequest.cache === 'no-store' || httpRequest.cache === 'reload') { + // 1. If httpRequest’s header list does not contain `Pragma`, then append + // `Pragma`/`no-cache` to httpRequest’s header list. + if (!httpRequest.headersList.contains('pragma', true)) { + httpRequest.headersList.append('pragma', 'no-cache', true) + } + + // 2. If httpRequest’s header list does not contain `Cache-Control`, + // then append `Cache-Control`/`no-cache` to httpRequest’s header list. + if (!httpRequest.headersList.contains('cache-control', true)) { + httpRequest.headersList.append('cache-control', 'no-cache', true) + } + } + + // 18. If httpRequest’s header list contains `Range`, then append + // `Accept-Encoding`/`identity` to httpRequest’s header list. + if (httpRequest.headersList.contains('range', true)) { + httpRequest.headersList.append('accept-encoding', 'identity', true) + } + + // 19. Modify httpRequest’s header list per HTTP. Do not append a given + // header if httpRequest’s header list contains that header’s name. + // TODO: https://github.com/whatwg/fetch/issues/1285#issuecomment-896560129 + if (!httpRequest.headersList.contains('accept-encoding', true)) { + if (urlHasHttpsScheme(requestCurrentURL(httpRequest))) { + httpRequest.headersList.append('accept-encoding', 'br, gzip, deflate', true) + } else { + httpRequest.headersList.append('accept-encoding', 'gzip, deflate', true) + } + } + + httpRequest.headersList.delete('host', true) + + // 20. If includeCredentials is true, then: + if (includeCredentials) { + // 1. If the user agent is not configured to block cookies for httpRequest + // (see section 7 of [COOKIES]), then: + // TODO: credentials + // 2. If httpRequest’s header list does not contain `Authorization`, then: + // TODO: credentials + } + + // 21. If there’s a proxy-authentication entry, use it as appropriate. + // TODO: proxy-authentication + + // 22. Set httpCache to the result of determining the HTTP cache + // partition, given httpRequest. + // TODO: cache + + // 23. If httpCache is null, then set httpRequest’s cache mode to + // "no-store". + if (httpCache == null) { + httpRequest.cache = 'no-store' + } + + // 24. If httpRequest’s cache mode is neither "no-store" nor "reload", + // then: + if (httpRequest.cache !== 'no-store' && httpRequest.cache !== 'reload') { + // TODO: cache + } + + // 9. If aborted, then return the appropriate network error for fetchParams. + // TODO + + // 10. If response is null, then: + if (response == null) { + // 1. If httpRequest’s cache mode is "only-if-cached", then return a + // network error. + if (httpRequest.cache === 'only-if-cached') { + return makeNetworkError('only if cached') + } + + // 2. Let forwardResponse be the result of running HTTP-network fetch + // given httpFetchParams, includeCredentials, and isNewConnectionFetch. + const forwardResponse = await httpNetworkFetch( + httpFetchParams, + includeCredentials, + isNewConnectionFetch + ) + + // 3. If httpRequest’s method is unsafe and forwardResponse’s status is + // in the range 200 to 399, inclusive, invalidate appropriate stored + // responses in httpCache, as per the "Invalidation" chapter of HTTP + // Caching, and set storedResponse to null. [HTTP-CACHING] + if ( + !safeMethodsSet.has(httpRequest.method) && + forwardResponse.status >= 200 && + forwardResponse.status <= 399 + ) { + // TODO: cache + } + + // 4. If the revalidatingFlag is set and forwardResponse’s status is 304, + // then: + if (revalidatingFlag && forwardResponse.status === 304) { + // TODO: cache + } + + // 5. If response is null, then: + if (response == null) { + // 1. Set response to forwardResponse. + response = forwardResponse + + // 2. Store httpRequest and forwardResponse in httpCache, as per the + // "Storing Responses in Caches" chapter of HTTP Caching. [HTTP-CACHING] + // TODO: cache + } + } + + // 11. Set response’s URL list to a clone of httpRequest’s URL list. + response.urlList = [...httpRequest.urlList] + + // 12. If httpRequest’s header list contains `Range`, then set response’s + // range-requested flag. + if (httpRequest.headersList.contains('range', true)) { + response.rangeRequested = true + } + + // 13. Set response’s request-includes-credentials to includeCredentials. + response.requestIncludesCredentials = includeCredentials + + // 14. If response’s status is 401, httpRequest’s response tainting is not + // "cors", includeCredentials is true, and request’s window is an environment + // settings object, then: + // TODO + + // 15. If response’s status is 407, then: + if (response.status === 407) { + // 1. If request’s window is "no-window", then return a network error. + if (request.window === 'no-window') { + return makeNetworkError() + } + + // 2. ??? + + // 3. If fetchParams is canceled, then return the appropriate network error for fetchParams. + if (isCancelled(fetchParams)) { + return makeAppropriateNetworkError(fetchParams) + } + + // 4. Prompt the end user as appropriate in request’s window and store + // the result as a proxy-authentication entry. [HTTP-AUTH] + // TODO: Invoke some kind of callback? + + // 5. Set response to the result of running HTTP-network-or-cache fetch given + // fetchParams. + // TODO + return makeNetworkError('proxy authentication required') + } + + // 16. If all of the following are true + if ( + // response’s status is 421 + response.status === 421 && + // isNewConnectionFetch is false + !isNewConnectionFetch && + // request’s body is null, or request’s body is non-null and request’s body’s source is non-null + (request.body == null || request.body.source != null) + ) { + // then: + + // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams. + if (isCancelled(fetchParams)) { + return makeAppropriateNetworkError(fetchParams) + } + + // 2. Set response to the result of running HTTP-network-or-cache + // fetch given fetchParams, isAuthenticationFetch, and true. + + // TODO (spec): The spec doesn't specify this but we need to cancel + // the active response before we can start a new one. + // https://github.com/whatwg/fetch/issues/1293 + fetchParams.controller.connection.destroy() + + response = await httpNetworkOrCacheFetch( + fetchParams, + isAuthenticationFetch, + true + ) + } + + // 17. If isAuthenticationFetch is true, then create an authentication entry + if (isAuthenticationFetch) { + // TODO + } + + // 18. Return response. + return response +} + +// https://fetch.spec.whatwg.org/#http-network-fetch +async function httpNetworkFetch ( + fetchParams, + includeCredentials = false, + forceNewConnection = false +) { + assert(!fetchParams.controller.connection || fetchParams.controller.connection.destroyed) + + fetchParams.controller.connection = { + abort: null, + destroyed: false, + destroy (err, abort = true) { + if (!this.destroyed) { + this.destroyed = true + if (abort) { + this.abort?.(err ?? new DOMException('The operation was aborted.', 'AbortError')) + } + } + } + } + + // 1. Let request be fetchParams’s request. + const request = fetchParams.request + + // 2. Let response be null. + let response = null + + // 3. Let timingInfo be fetchParams’s timing info. + const timingInfo = fetchParams.timingInfo + + // 4. Let httpCache be the result of determining the HTTP cache partition, + // given request. + // TODO: cache + const httpCache = null + + // 5. If httpCache is null, then set request’s cache mode to "no-store". + if (httpCache == null) { + request.cache = 'no-store' + } + + // 6. Let networkPartitionKey be the result of determining the network + // partition key given request. + // TODO + + // 7. Let newConnection be "yes" if forceNewConnection is true; otherwise + // "no". + const newConnection = forceNewConnection ? 'yes' : 'no' // eslint-disable-line no-unused-vars + + // 8. Switch on request’s mode: + if (request.mode === 'websocket') { + // Let connection be the result of obtaining a WebSocket connection, + // given request’s current URL. + // TODO + } else { + // Let connection be the result of obtaining a connection, given + // networkPartitionKey, request’s current URL’s origin, + // includeCredentials, and forceNewConnection. + // TODO + } + + // 9. Run these steps, but abort when the ongoing fetch is terminated: + + // 1. If connection is failure, then return a network error. + + // 2. Set timingInfo’s final connection timing info to the result of + // calling clamp and coarsen connection timing info with connection’s + // timing info, timingInfo’s post-redirect start time, and fetchParams’s + // cross-origin isolated capability. + + // 3. If connection is not an HTTP/2 connection, request’s body is non-null, + // and request’s body’s source is null, then append (`Transfer-Encoding`, + // `chunked`) to request’s header list. + + // 4. Set timingInfo’s final network-request start time to the coarsened + // shared current time given fetchParams’s cross-origin isolated + // capability. + + // 5. Set response to the result of making an HTTP request over connection + // using request with the following caveats: + + // - Follow the relevant requirements from HTTP. [HTTP] [HTTP-SEMANTICS] + // [HTTP-COND] [HTTP-CACHING] [HTTP-AUTH] + + // - If request’s body is non-null, and request’s body’s source is null, + // then the user agent may have a buffer of up to 64 kibibytes and store + // a part of request’s body in that buffer. If the user agent reads from + // request’s body beyond that buffer’s size and the user agent needs to + // resend request, then instead return a network error. + + // - Set timingInfo’s final network-response start time to the coarsened + // shared current time given fetchParams’s cross-origin isolated capability, + // immediately after the user agent’s HTTP parser receives the first byte + // of the response (e.g., frame header bytes for HTTP/2 or response status + // line for HTTP/1.x). + + // - Wait until all the headers are transmitted. + + // - Any responses whose status is in the range 100 to 199, inclusive, + // and is not 101, are to be ignored, except for the purposes of setting + // timingInfo’s final network-response start time above. + + // - If request’s header list contains `Transfer-Encoding`/`chunked` and + // response is transferred via HTTP/1.0 or older, then return a network + // error. + + // - If the HTTP request results in a TLS client certificate dialog, then: + + // 1. If request’s window is an environment settings object, make the + // dialog available in request’s window. + + // 2. Otherwise, return a network error. + + // To transmit request’s body body, run these steps: + let requestBody = null + // 1. If body is null and fetchParams’s process request end-of-body is + // non-null, then queue a fetch task given fetchParams’s process request + // end-of-body and fetchParams’s task destination. + if (request.body == null && fetchParams.processRequestEndOfBody) { + queueMicrotask(() => fetchParams.processRequestEndOfBody()) + } else if (request.body != null) { + // 2. Otherwise, if body is non-null: + + // 1. Let processBodyChunk given bytes be these steps: + const processBodyChunk = async function * (bytes) { + // 1. If the ongoing fetch is terminated, then abort these steps. + if (isCancelled(fetchParams)) { + return + } + + // 2. Run this step in parallel: transmit bytes. + yield bytes + + // 3. If fetchParams’s process request body is non-null, then run + // fetchParams’s process request body given bytes’s length. + fetchParams.processRequestBodyChunkLength?.(bytes.byteLength) + } + + // 2. Let processEndOfBody be these steps: + const processEndOfBody = () => { + // 1. If fetchParams is canceled, then abort these steps. + if (isCancelled(fetchParams)) { + return + } + + // 2. If fetchParams’s process request end-of-body is non-null, + // then run fetchParams’s process request end-of-body. + if (fetchParams.processRequestEndOfBody) { + fetchParams.processRequestEndOfBody() + } + } + + // 3. Let processBodyError given e be these steps: + const processBodyError = (e) => { + // 1. If fetchParams is canceled, then abort these steps. + if (isCancelled(fetchParams)) { + return + } + + // 2. If e is an "AbortError" DOMException, then abort fetchParams’s controller. + if (e.name === 'AbortError') { + fetchParams.controller.abort() + } else { + fetchParams.controller.terminate(e) + } + } + + // 4. Incrementally read request’s body given processBodyChunk, processEndOfBody, + // processBodyError, and fetchParams’s task destination. + requestBody = (async function * () { + try { + for await (const bytes of request.body.stream) { + yield * processBodyChunk(bytes) + } + processEndOfBody() + } catch (err) { + processBodyError(err) + } + })() + } + + try { + // socket is only provided for websockets + const { body, status, statusText, headersList, socket } = await dispatch({ body: requestBody }) + + if (socket) { + response = makeResponse({ status, statusText, headersList, socket }) + } else { + const iterator = body[Symbol.asyncIterator]() + fetchParams.controller.next = () => iterator.next() + + response = makeResponse({ status, statusText, headersList }) + } + } catch (err) { + // 10. If aborted, then: + if (err.name === 'AbortError') { + // 1. If connection uses HTTP/2, then transmit an RST_STREAM frame. + fetchParams.controller.connection.destroy() + + // 2. Return the appropriate network error for fetchParams. + return makeAppropriateNetworkError(fetchParams, err) + } + + return makeNetworkError(err) + } + + // 11. Let pullAlgorithm be an action that resumes the ongoing fetch + // if it is suspended. + const pullAlgorithm = async () => { + await fetchParams.controller.resume() + } + + // 12. Let cancelAlgorithm be an algorithm that aborts fetchParams’s + // controller with reason, given reason. + const cancelAlgorithm = (reason) => { + // If the aborted fetch was already terminated, then we do not + // need to do anything. + if (!isCancelled(fetchParams)) { + fetchParams.controller.abort(reason) + } + } + + // 13. Let highWaterMark be a non-negative, non-NaN number, chosen by + // the user agent. + // TODO + + // 14. Let sizeAlgorithm be an algorithm that accepts a chunk object + // and returns a non-negative, non-NaN, non-infinite number, chosen by the user agent. + // TODO + + // 15. Let stream be a new ReadableStream. + // 16. Set up stream with byte reading support with pullAlgorithm set to pullAlgorithm, + // cancelAlgorithm set to cancelAlgorithm. + const stream = new ReadableStream( + { + async start (controller) { + fetchParams.controller.controller = controller + }, + async pull (controller) { + await pullAlgorithm(controller) + }, + async cancel (reason) { + await cancelAlgorithm(reason) + }, + type: 'bytes' + } + ) + + // 17. Run these steps, but abort when the ongoing fetch is terminated: + + // 1. Set response’s body to a new body whose stream is stream. + response.body = { stream, source: null, length: null } + + // 2. If response is not a network error and request’s cache mode is + // not "no-store", then update response in httpCache for request. + // TODO + + // 3. If includeCredentials is true and the user agent is not configured + // to block cookies for request (see section 7 of [COOKIES]), then run the + // "set-cookie-string" parsing algorithm (see section 5.2 of [COOKIES]) on + // the value of each header whose name is a byte-case-insensitive match for + // `Set-Cookie` in response’s header list, if any, and request’s current URL. + // TODO + + // 18. If aborted, then: + // TODO + + // 19. Run these steps in parallel: + + // 1. Run these steps, but abort when fetchParams is canceled: + fetchParams.controller.onAborted = onAborted + fetchParams.controller.on('terminated', onAborted) + fetchParams.controller.resume = async () => { + // 1. While true + while (true) { + // 1-3. See onData... + + // 4. Set bytes to the result of handling content codings given + // codings and bytes. + let bytes + let isFailure + try { + const { done, value } = await fetchParams.controller.next() + + if (isAborted(fetchParams)) { + break + } + + bytes = done ? undefined : value + } catch (err) { + if (fetchParams.controller.ended && !timingInfo.encodedBodySize) { + // zlib doesn't like empty streams. + bytes = undefined + } else { + bytes = err + + // err may be propagated from the result of calling readablestream.cancel, + // which might not be an error. https://github.com/nodejs/undici/issues/2009 + isFailure = true + } + } + + if (bytes === undefined) { + // 2. Otherwise, if the bytes transmission for response’s message + // body is done normally and stream is readable, then close + // stream, finalize response for fetchParams and response, and + // abort these in-parallel steps. + readableStreamClose(fetchParams.controller.controller) + + finalizeResponse(fetchParams, response) + + return + } + + // 5. Increase timingInfo’s decoded body size by bytes’s length. + timingInfo.decodedBodySize += bytes?.byteLength ?? 0 + + // 6. If bytes is failure, then terminate fetchParams’s controller. + if (isFailure) { + fetchParams.controller.terminate(bytes) + return + } + + // 7. Enqueue a Uint8Array wrapping an ArrayBuffer containing bytes + // into stream. + const buffer = new Uint8Array(bytes) + if (buffer.byteLength) { + fetchParams.controller.controller.enqueue(buffer) + } + + // 8. If stream is errored, then terminate the ongoing fetch. + if (isErrored(stream)) { + fetchParams.controller.terminate() + return + } + + // 9. If stream doesn’t need more data ask the user agent to suspend + // the ongoing fetch. + if (fetchParams.controller.controller.desiredSize <= 0) { + return + } + } + } + + // 2. If aborted, then: + function onAborted (reason) { + // 2. If fetchParams is aborted, then: + if (isAborted(fetchParams)) { + // 1. Set response’s aborted flag. + response.aborted = true + + // 2. If stream is readable, then error stream with the result of + // deserialize a serialized abort reason given fetchParams’s + // controller’s serialized abort reason and an + // implementation-defined realm. + if (isReadable(stream)) { + fetchParams.controller.controller.error( + fetchParams.controller.serializedAbortReason + ) + } + } else { + // 3. Otherwise, if stream is readable, error stream with a TypeError. + if (isReadable(stream)) { + fetchParams.controller.controller.error(new TypeError('terminated', { + cause: isErrorLike(reason) ? reason : undefined + })) + } + } + + // 4. If connection uses HTTP/2, then transmit an RST_STREAM frame. + // 5. Otherwise, the user agent should close connection unless it would be bad for performance to do so. + fetchParams.controller.connection.destroy() + } + + // 20. Return response. + return response + + function dispatch ({ body }) { + const url = requestCurrentURL(request) + /** @type {import('../..').Agent} */ + const agent = fetchParams.controller.dispatcher + + return new Promise((resolve, reject) => agent.dispatch( + { + path: url.pathname + url.search, + origin: url.origin, + method: request.method, + body: agent.isMockActive ? request.body && (request.body.source || request.body.stream) : body, + headers: request.headersList.entries, + maxRedirections: 0, + upgrade: request.mode === 'websocket' ? 'websocket' : undefined + }, + { + body: null, + abort: null, + + onConnect (abort) { + // TODO (fix): Do we need connection here? + const { connection } = fetchParams.controller + + // Set timingInfo’s final connection timing info to the result of calling clamp and coarsen + // connection timing info with connection’s timing info, timingInfo’s post-redirect start + // time, and fetchParams’s cross-origin isolated capability. + // TODO: implement connection timing + timingInfo.finalConnectionTimingInfo = clampAndCoarsenConnectionTimingInfo(undefined, timingInfo.postRedirectStartTime, fetchParams.crossOriginIsolatedCapability) + + if (connection.destroyed) { + abort(new DOMException('The operation was aborted.', 'AbortError')) + } else { + fetchParams.controller.on('terminated', abort) + this.abort = connection.abort = abort + } + + // Set timingInfo’s final network-request start time to the coarsened shared current time given + // fetchParams’s cross-origin isolated capability. + timingInfo.finalNetworkRequestStartTime = coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability) + }, + + onResponseStarted () { + // Set timingInfo’s final network-response start time to the coarsened shared current + // time given fetchParams’s cross-origin isolated capability, immediately after the + // user agent’s HTTP parser receives the first byte of the response (e.g., frame header + // bytes for HTTP/2 or response status line for HTTP/1.x). + timingInfo.finalNetworkResponseStartTime = coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability) + }, + + onHeaders (status, rawHeaders, resume, statusText) { + if (status < 200) { + return + } + + let location = '' + + const headersList = new HeadersList() + + for (let i = 0; i < rawHeaders.length; i += 2) { + headersList.append(bufferToLowerCasedHeaderName(rawHeaders[i]), rawHeaders[i + 1].toString('latin1'), true) + } + location = headersList.get('location', true) + + this.body = new Readable({ read: resume }) + + const decoders = [] + + const willFollow = location && request.redirect === 'follow' && + redirectStatusSet.has(status) + + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Encoding + if (request.method !== 'HEAD' && request.method !== 'CONNECT' && !nullBodyStatus.includes(status) && !willFollow) { + // https://www.rfc-editor.org/rfc/rfc7231#section-3.1.2.1 + const contentEncoding = headersList.get('content-encoding', true) + // "All content-coding values are case-insensitive..." + /** @type {string[]} */ + const codings = contentEncoding ? contentEncoding.toLowerCase().split(',') : [] + + // Limit the number of content-encodings to prevent resource exhaustion. + // CVE fix similar to urllib3 (GHSA-gm62-xv2j-4w53) and curl (CVE-2022-32206). + const maxContentEncodings = 5 + if (codings.length > maxContentEncodings) { + reject(new Error(`too many content-encodings in response: ${codings.length}, maximum allowed is ${maxContentEncodings}`)) + return true + } + + for (let i = codings.length - 1; i >= 0; --i) { + const coding = codings[i].trim() + // https://www.rfc-editor.org/rfc/rfc9112.html#section-7.2 + if (coding === 'x-gzip' || coding === 'gzip') { + decoders.push(zlib.createGunzip({ + // Be less strict when decoding compressed responses, since sometimes + // servers send slightly invalid responses that are still accepted + // by common browsers. + // Always using Z_SYNC_FLUSH is what cURL does. + flush: zlib.constants.Z_SYNC_FLUSH, + finishFlush: zlib.constants.Z_SYNC_FLUSH + })) + } else if (coding === 'deflate') { + decoders.push(createInflate({ + flush: zlib.constants.Z_SYNC_FLUSH, + finishFlush: zlib.constants.Z_SYNC_FLUSH + })) + } else if (coding === 'br') { + decoders.push(zlib.createBrotliDecompress({ + flush: zlib.constants.BROTLI_OPERATION_FLUSH, + finishFlush: zlib.constants.BROTLI_OPERATION_FLUSH + })) + } else { + decoders.length = 0 + break + } + } + } + + const onError = this.onError.bind(this) + + resolve({ + status, + statusText, + headersList, + body: decoders.length + ? pipeline(this.body, ...decoders, (err) => { + if (err) { + this.onError(err) + } + }).on('error', onError) + : this.body.on('error', onError) + }) + + return true + }, + + onData (chunk) { + if (fetchParams.controller.dump) { + return + } + + // 1. If one or more bytes have been transmitted from response’s + // message body, then: + + // 1. Let bytes be the transmitted bytes. + const bytes = chunk + + // 2. Let codings be the result of extracting header list values + // given `Content-Encoding` and response’s header list. + // See pullAlgorithm. + + // 3. Increase timingInfo’s encoded body size by bytes’s length. + timingInfo.encodedBodySize += bytes.byteLength + + // 4. See pullAlgorithm... + + return this.body.push(bytes) + }, + + onComplete () { + if (this.abort) { + fetchParams.controller.off('terminated', this.abort) + } + + if (fetchParams.controller.onAborted) { + fetchParams.controller.off('terminated', fetchParams.controller.onAborted) + } + + fetchParams.controller.ended = true + + this.body.push(null) + }, + + onError (error) { + if (this.abort) { + fetchParams.controller.off('terminated', this.abort) + } + + this.body?.destroy(error) + + fetchParams.controller.terminate(error) + + reject(error) + }, + + onUpgrade (status, rawHeaders, socket) { + if (status !== 101) { + return + } + + const headersList = new HeadersList() + + for (let i = 0; i < rawHeaders.length; i += 2) { + headersList.append(bufferToLowerCasedHeaderName(rawHeaders[i]), rawHeaders[i + 1].toString('latin1'), true) + } + + resolve({ + status, + statusText: STATUS_CODES[status], + headersList, + socket + }) + + return true + } + } + )) + } +} + +module.exports = { + fetch, + Fetch, + fetching, + finalizeAndReportTiming +} + + +/***/ }), + +/***/ 9967: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; +/* globals AbortController */ + + + +const { extractBody, mixinBody, cloneBody, bodyUnusable } = __nccwpck_require__(4492) +const { Headers, fill: fillHeaders, HeadersList, setHeadersGuard, getHeadersGuard, setHeadersList, getHeadersList } = __nccwpck_require__(660) +const { FinalizationRegistry } = __nccwpck_require__(6653)() +const util = __nccwpck_require__(3440) +const nodeUtil = __nccwpck_require__(7975) +const { + isValidHTTPToken, + sameOrigin, + environmentSettingsObject +} = __nccwpck_require__(3168) +const { + forbiddenMethodsSet, + corsSafeListedMethodsSet, + referrerPolicy, + requestRedirect, + requestMode, + requestCredentials, + requestCache, + requestDuplex +} = __nccwpck_require__(4495) +const { kEnumerableProperty, normalizedMethodRecordsBase, normalizedMethodRecords } = util +const { kHeaders, kSignal, kState, kDispatcher } = __nccwpck_require__(3627) +const { webidl } = __nccwpck_require__(5893) +const { URLSerializer } = __nccwpck_require__(1900) +const { kConstruct } = __nccwpck_require__(6443) +const assert = __nccwpck_require__(4589) +const { getMaxListeners, setMaxListeners, getEventListeners, defaultMaxListeners } = __nccwpck_require__(8474) + +const kAbortController = Symbol('abortController') + +const requestFinalizer = new FinalizationRegistry(({ signal, abort }) => { + signal.removeEventListener('abort', abort) +}) + +const dependentControllerMap = new WeakMap() + +function buildAbort (acRef) { + return abort + + function abort () { + const ac = acRef.deref() + if (ac !== undefined) { + // Currently, there is a problem with FinalizationRegistry. + // https://github.com/nodejs/node/issues/49344 + // https://github.com/nodejs/node/issues/47748 + // In the case of abort, the first step is to unregister from it. + // If the controller can refer to it, it is still registered. + // It will be removed in the future. + requestFinalizer.unregister(abort) + + // Unsubscribe a listener. + // FinalizationRegistry will no longer be called, so this must be done. + this.removeEventListener('abort', abort) + + ac.abort(this.reason) + + const controllerList = dependentControllerMap.get(ac.signal) + + if (controllerList !== undefined) { + if (controllerList.size !== 0) { + for (const ref of controllerList) { + const ctrl = ref.deref() + if (ctrl !== undefined) { + ctrl.abort(this.reason) + } + } + controllerList.clear() + } + dependentControllerMap.delete(ac.signal) + } + } + } +} + +let patchMethodWarning = false + +// https://fetch.spec.whatwg.org/#request-class +class Request { + // https://fetch.spec.whatwg.org/#dom-request + constructor (input, init = {}) { + webidl.util.markAsUncloneable(this) + if (input === kConstruct) { + return + } + + const prefix = 'Request constructor' + webidl.argumentLengthCheck(arguments, 1, prefix) + + input = webidl.converters.RequestInfo(input, prefix, 'input') + init = webidl.converters.RequestInit(init, prefix, 'init') + + // 1. Let request be null. + let request = null + + // 2. Let fallbackMode be null. + let fallbackMode = null + + // 3. Let baseURL be this’s relevant settings object’s API base URL. + const baseUrl = environmentSettingsObject.settingsObject.baseUrl + + // 4. Let signal be null. + let signal = null + + // 5. If input is a string, then: + if (typeof input === 'string') { + this[kDispatcher] = init.dispatcher + + // 1. Let parsedURL be the result of parsing input with baseURL. + // 2. If parsedURL is failure, then throw a TypeError. + let parsedURL + try { + parsedURL = new URL(input, baseUrl) + } catch (err) { + throw new TypeError('Failed to parse URL from ' + input, { cause: err }) + } + + // 3. If parsedURL includes credentials, then throw a TypeError. + if (parsedURL.username || parsedURL.password) { + throw new TypeError( + 'Request cannot be constructed from a URL that includes credentials: ' + + input + ) + } + + // 4. Set request to a new request whose URL is parsedURL. + request = makeRequest({ urlList: [parsedURL] }) + + // 5. Set fallbackMode to "cors". + fallbackMode = 'cors' + } else { + this[kDispatcher] = init.dispatcher || input[kDispatcher] + + // 6. Otherwise: + + // 7. Assert: input is a Request object. + assert(input instanceof Request) + + // 8. Set request to input’s request. + request = input[kState] + + // 9. Set signal to input’s signal. + signal = input[kSignal] + } + + // 7. Let origin be this’s relevant settings object’s origin. + const origin = environmentSettingsObject.settingsObject.origin + + // 8. Let window be "client". + let window = 'client' + + // 9. If request’s window is an environment settings object and its origin + // is same origin with origin, then set window to request’s window. + if ( + request.window?.constructor?.name === 'EnvironmentSettingsObject' && + sameOrigin(request.window, origin) + ) { + window = request.window + } + + // 10. If init["window"] exists and is non-null, then throw a TypeError. + if (init.window != null) { + throw new TypeError(`'window' option '${window}' must be null`) + } + + // 11. If init["window"] exists, then set window to "no-window". + if ('window' in init) { + window = 'no-window' + } + + // 12. Set request to a new request with the following properties: + request = makeRequest({ + // URL request’s URL. + // undici implementation note: this is set as the first item in request's urlList in makeRequest + // method request’s method. + method: request.method, + // header list A copy of request’s header list. + // undici implementation note: headersList is cloned in makeRequest + headersList: request.headersList, + // unsafe-request flag Set. + unsafeRequest: request.unsafeRequest, + // client This’s relevant settings object. + client: environmentSettingsObject.settingsObject, + // window window. + window, + // priority request’s priority. + priority: request.priority, + // origin request’s origin. The propagation of the origin is only significant for navigation requests + // being handled by a service worker. In this scenario a request can have an origin that is different + // from the current client. + origin: request.origin, + // referrer request’s referrer. + referrer: request.referrer, + // referrer policy request’s referrer policy. + referrerPolicy: request.referrerPolicy, + // mode request’s mode. + mode: request.mode, + // credentials mode request’s credentials mode. + credentials: request.credentials, + // cache mode request’s cache mode. + cache: request.cache, + // redirect mode request’s redirect mode. + redirect: request.redirect, + // integrity metadata request’s integrity metadata. + integrity: request.integrity, + // keepalive request’s keepalive. + keepalive: request.keepalive, + // reload-navigation flag request’s reload-navigation flag. + reloadNavigation: request.reloadNavigation, + // history-navigation flag request’s history-navigation flag. + historyNavigation: request.historyNavigation, + // URL list A clone of request’s URL list. + urlList: [...request.urlList] + }) + + const initHasKey = Object.keys(init).length !== 0 + + // 13. If init is not empty, then: + if (initHasKey) { + // 1. If request’s mode is "navigate", then set it to "same-origin". + if (request.mode === 'navigate') { + request.mode = 'same-origin' + } + + // 2. Unset request’s reload-navigation flag. + request.reloadNavigation = false + + // 3. Unset request’s history-navigation flag. + request.historyNavigation = false + + // 4. Set request’s origin to "client". + request.origin = 'client' + + // 5. Set request’s referrer to "client" + request.referrer = 'client' + + // 6. Set request’s referrer policy to the empty string. + request.referrerPolicy = '' + + // 7. Set request’s URL to request’s current URL. + request.url = request.urlList[request.urlList.length - 1] + + // 8. Set request’s URL list to « request’s URL ». + request.urlList = [request.url] + } + + // 14. If init["referrer"] exists, then: + if (init.referrer !== undefined) { + // 1. Let referrer be init["referrer"]. + const referrer = init.referrer + + // 2. If referrer is the empty string, then set request’s referrer to "no-referrer". + if (referrer === '') { + request.referrer = 'no-referrer' + } else { + // 1. Let parsedReferrer be the result of parsing referrer with + // baseURL. + // 2. If parsedReferrer is failure, then throw a TypeError. + let parsedReferrer + try { + parsedReferrer = new URL(referrer, baseUrl) + } catch (err) { + throw new TypeError(`Referrer "${referrer}" is not a valid URL.`, { cause: err }) + } + + // 3. If one of the following is true + // - parsedReferrer’s scheme is "about" and path is the string "client" + // - parsedReferrer’s origin is not same origin with origin + // then set request’s referrer to "client". + if ( + (parsedReferrer.protocol === 'about:' && parsedReferrer.hostname === 'client') || + (origin && !sameOrigin(parsedReferrer, environmentSettingsObject.settingsObject.baseUrl)) + ) { + request.referrer = 'client' + } else { + // 4. Otherwise, set request’s referrer to parsedReferrer. + request.referrer = parsedReferrer + } + } + } + + // 15. If init["referrerPolicy"] exists, then set request’s referrer policy + // to it. + if (init.referrerPolicy !== undefined) { + request.referrerPolicy = init.referrerPolicy + } + + // 16. Let mode be init["mode"] if it exists, and fallbackMode otherwise. + let mode + if (init.mode !== undefined) { + mode = init.mode + } else { + mode = fallbackMode + } + + // 17. If mode is "navigate", then throw a TypeError. + if (mode === 'navigate') { + throw webidl.errors.exception({ + header: 'Request constructor', + message: 'invalid request mode navigate.' + }) + } + + // 18. If mode is non-null, set request’s mode to mode. + if (mode != null) { + request.mode = mode + } + + // 19. If init["credentials"] exists, then set request’s credentials mode + // to it. + if (init.credentials !== undefined) { + request.credentials = init.credentials + } + + // 18. If init["cache"] exists, then set request’s cache mode to it. + if (init.cache !== undefined) { + request.cache = init.cache + } + + // 21. If request’s cache mode is "only-if-cached" and request’s mode is + // not "same-origin", then throw a TypeError. + if (request.cache === 'only-if-cached' && request.mode !== 'same-origin') { + throw new TypeError( + "'only-if-cached' can be set only with 'same-origin' mode" + ) + } + + // 22. If init["redirect"] exists, then set request’s redirect mode to it. + if (init.redirect !== undefined) { + request.redirect = init.redirect + } + + // 23. If init["integrity"] exists, then set request’s integrity metadata to it. + if (init.integrity != null) { + request.integrity = String(init.integrity) + } + + // 24. If init["keepalive"] exists, then set request’s keepalive to it. + if (init.keepalive !== undefined) { + request.keepalive = Boolean(init.keepalive) + } + + // 25. If init["method"] exists, then: + if (init.method !== undefined) { + // 1. Let method be init["method"]. + let method = init.method + + const mayBeNormalized = normalizedMethodRecords[method] + + if (mayBeNormalized !== undefined) { + // Note: Bypass validation DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH and these lowercase ones + request.method = mayBeNormalized + } else { + // 2. If method is not a method or method is a forbidden method, then + // throw a TypeError. + if (!isValidHTTPToken(method)) { + throw new TypeError(`'${method}' is not a valid HTTP method.`) + } + + const upperCase = method.toUpperCase() + + if (forbiddenMethodsSet.has(upperCase)) { + throw new TypeError(`'${method}' HTTP method is unsupported.`) + } + + // 3. Normalize method. + // https://fetch.spec.whatwg.org/#concept-method-normalize + // Note: must be in uppercase + method = normalizedMethodRecordsBase[upperCase] ?? method + + // 4. Set request’s method to method. + request.method = method + } + + if (!patchMethodWarning && request.method === 'patch') { + process.emitWarning('Using `patch` is highly likely to result in a `405 Method Not Allowed`. `PATCH` is much more likely to succeed.', { + code: 'UNDICI-FETCH-patch' + }) + + patchMethodWarning = true + } + } + + // 26. If init["signal"] exists, then set signal to it. + if (init.signal !== undefined) { + signal = init.signal + } + + // 27. Set this’s request to request. + this[kState] = request + + // 28. Set this’s signal to a new AbortSignal object with this’s relevant + // Realm. + // TODO: could this be simplified with AbortSignal.any + // (https://dom.spec.whatwg.org/#dom-abortsignal-any) + const ac = new AbortController() + this[kSignal] = ac.signal + + // 29. If signal is not null, then make this’s signal follow signal. + if (signal != null) { + if ( + !signal || + typeof signal.aborted !== 'boolean' || + typeof signal.addEventListener !== 'function' + ) { + throw new TypeError( + "Failed to construct 'Request': member signal is not of type AbortSignal." + ) + } + + if (signal.aborted) { + ac.abort(signal.reason) + } else { + // Keep a strong ref to ac while request object + // is alive. This is needed to prevent AbortController + // from being prematurely garbage collected. + // See, https://github.com/nodejs/undici/issues/1926. + this[kAbortController] = ac + + const acRef = new WeakRef(ac) + const abort = buildAbort(acRef) + + // Third-party AbortControllers may not work with these. + // See, https://github.com/nodejs/undici/pull/1910#issuecomment-1464495619. + try { + // If the max amount of listeners is equal to the default, increase it + // This is only available in node >= v19.9.0 + if (typeof getMaxListeners === 'function' && getMaxListeners(signal) === defaultMaxListeners) { + setMaxListeners(1500, signal) + } else if (getEventListeners(signal, 'abort').length >= defaultMaxListeners) { + setMaxListeners(1500, signal) + } + } catch {} + + util.addAbortListener(signal, abort) + // The third argument must be a registry key to be unregistered. + // Without it, you cannot unregister. + // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/FinalizationRegistry + // abort is used as the unregister key. (because it is unique) + requestFinalizer.register(ac, { signal, abort }, abort) + } + } + + // 30. Set this’s headers to a new Headers object with this’s relevant + // Realm, whose header list is request’s header list and guard is + // "request". + this[kHeaders] = new Headers(kConstruct) + setHeadersList(this[kHeaders], request.headersList) + setHeadersGuard(this[kHeaders], 'request') + + // 31. If this’s request’s mode is "no-cors", then: + if (mode === 'no-cors') { + // 1. If this’s request’s method is not a CORS-safelisted method, + // then throw a TypeError. + if (!corsSafeListedMethodsSet.has(request.method)) { + throw new TypeError( + `'${request.method} is unsupported in no-cors mode.` + ) + } + + // 2. Set this’s headers’s guard to "request-no-cors". + setHeadersGuard(this[kHeaders], 'request-no-cors') + } + + // 32. If init is not empty, then: + if (initHasKey) { + /** @type {HeadersList} */ + const headersList = getHeadersList(this[kHeaders]) + // 1. Let headers be a copy of this’s headers and its associated header + // list. + // 2. If init["headers"] exists, then set headers to init["headers"]. + const headers = init.headers !== undefined ? init.headers : new HeadersList(headersList) + + // 3. Empty this’s headers’s header list. + headersList.clear() + + // 4. If headers is a Headers object, then for each header in its header + // list, append header’s name/header’s value to this’s headers. + if (headers instanceof HeadersList) { + for (const { name, value } of headers.rawValues()) { + headersList.append(name, value, false) + } + // Note: Copy the `set-cookie` meta-data. + headersList.cookies = headers.cookies + } else { + // 5. Otherwise, fill this’s headers with headers. + fillHeaders(this[kHeaders], headers) + } + } + + // 33. Let inputBody be input’s request’s body if input is a Request + // object; otherwise null. + const inputBody = input instanceof Request ? input[kState].body : null + + // 34. If either init["body"] exists and is non-null or inputBody is + // non-null, and request’s method is `GET` or `HEAD`, then throw a + // TypeError. + if ( + (init.body != null || inputBody != null) && + (request.method === 'GET' || request.method === 'HEAD') + ) { + throw new TypeError('Request with GET/HEAD method cannot have body.') + } + + // 35. Let initBody be null. + let initBody = null + + // 36. If init["body"] exists and is non-null, then: + if (init.body != null) { + // 1. Let Content-Type be null. + // 2. Set initBody and Content-Type to the result of extracting + // init["body"], with keepalive set to request’s keepalive. + const [extractedBody, contentType] = extractBody( + init.body, + request.keepalive + ) + initBody = extractedBody + + // 3, If Content-Type is non-null and this’s headers’s header list does + // not contain `Content-Type`, then append `Content-Type`/Content-Type to + // this’s headers. + if (contentType && !getHeadersList(this[kHeaders]).contains('content-type', true)) { + this[kHeaders].append('content-type', contentType) + } + } + + // 37. Let inputOrInitBody be initBody if it is non-null; otherwise + // inputBody. + const inputOrInitBody = initBody ?? inputBody + + // 38. If inputOrInitBody is non-null and inputOrInitBody’s source is + // null, then: + if (inputOrInitBody != null && inputOrInitBody.source == null) { + // 1. If initBody is non-null and init["duplex"] does not exist, + // then throw a TypeError. + if (initBody != null && init.duplex == null) { + throw new TypeError('RequestInit: duplex option is required when sending a body.') + } + + // 2. If this’s request’s mode is neither "same-origin" nor "cors", + // then throw a TypeError. + if (request.mode !== 'same-origin' && request.mode !== 'cors') { + throw new TypeError( + 'If request is made from ReadableStream, mode should be "same-origin" or "cors"' + ) + } + + // 3. Set this’s request’s use-CORS-preflight flag. + request.useCORSPreflightFlag = true + } + + // 39. Let finalBody be inputOrInitBody. + let finalBody = inputOrInitBody + + // 40. If initBody is null and inputBody is non-null, then: + if (initBody == null && inputBody != null) { + // 1. If input is unusable, then throw a TypeError. + if (bodyUnusable(input)) { + throw new TypeError( + 'Cannot construct a Request with a Request object that has already been used.' + ) + } + + // 2. Set finalBody to the result of creating a proxy for inputBody. + // https://streams.spec.whatwg.org/#readablestream-create-a-proxy + const identityTransform = new TransformStream() + inputBody.stream.pipeThrough(identityTransform) + finalBody = { + source: inputBody.source, + length: inputBody.length, + stream: identityTransform.readable + } + } + + // 41. Set this’s request’s body to finalBody. + this[kState].body = finalBody + } + + // Returns request’s HTTP method, which is "GET" by default. + get method () { + webidl.brandCheck(this, Request) + + // The method getter steps are to return this’s request’s method. + return this[kState].method + } + + // Returns the URL of request as a string. + get url () { + webidl.brandCheck(this, Request) + + // The url getter steps are to return this’s request’s URL, serialized. + return URLSerializer(this[kState].url) + } + + // Returns a Headers object consisting of the headers associated with request. + // Note that headers added in the network layer by the user agent will not + // be accounted for in this object, e.g., the "Host" header. + get headers () { + webidl.brandCheck(this, Request) + + // The headers getter steps are to return this’s headers. + return this[kHeaders] + } + + // Returns the kind of resource requested by request, e.g., "document" + // or "script". + get destination () { + webidl.brandCheck(this, Request) + + // The destination getter are to return this’s request’s destination. + return this[kState].destination + } + + // Returns the referrer of request. Its value can be a same-origin URL if + // explicitly set in init, the empty string to indicate no referrer, and + // "about:client" when defaulting to the global’s default. This is used + // during fetching to determine the value of the `Referer` header of the + // request being made. + get referrer () { + webidl.brandCheck(this, Request) + + // 1. If this’s request’s referrer is "no-referrer", then return the + // empty string. + if (this[kState].referrer === 'no-referrer') { + return '' + } + + // 2. If this’s request’s referrer is "client", then return + // "about:client". + if (this[kState].referrer === 'client') { + return 'about:client' + } + + // Return this’s request’s referrer, serialized. + return this[kState].referrer.toString() + } + + // Returns the referrer policy associated with request. + // This is used during fetching to compute the value of the request’s + // referrer. + get referrerPolicy () { + webidl.brandCheck(this, Request) + + // The referrerPolicy getter steps are to return this’s request’s referrer policy. + return this[kState].referrerPolicy + } + + // Returns the mode associated with request, which is a string indicating + // whether the request will use CORS, or will be restricted to same-origin + // URLs. + get mode () { + webidl.brandCheck(this, Request) + + // The mode getter steps are to return this’s request’s mode. + return this[kState].mode + } + + // Returns the credentials mode associated with request, + // which is a string indicating whether credentials will be sent with the + // request always, never, or only when sent to a same-origin URL. + get credentials () { + // The credentials getter steps are to return this’s request’s credentials mode. + return this[kState].credentials + } + + // Returns the cache mode associated with request, + // which is a string indicating how the request will + // interact with the browser’s cache when fetching. + get cache () { + webidl.brandCheck(this, Request) + + // The cache getter steps are to return this’s request’s cache mode. + return this[kState].cache + } + + // Returns the redirect mode associated with request, + // which is a string indicating how redirects for the + // request will be handled during fetching. A request + // will follow redirects by default. + get redirect () { + webidl.brandCheck(this, Request) + + // The redirect getter steps are to return this’s request’s redirect mode. + return this[kState].redirect + } + + // Returns request’s subresource integrity metadata, which is a + // cryptographic hash of the resource being fetched. Its value + // consists of multiple hashes separated by whitespace. [SRI] + get integrity () { + webidl.brandCheck(this, Request) + + // The integrity getter steps are to return this’s request’s integrity + // metadata. + return this[kState].integrity + } + + // Returns a boolean indicating whether or not request can outlive the + // global in which it was created. + get keepalive () { + webidl.brandCheck(this, Request) + + // The keepalive getter steps are to return this’s request’s keepalive. + return this[kState].keepalive + } + + // Returns a boolean indicating whether or not request is for a reload + // navigation. + get isReloadNavigation () { + webidl.brandCheck(this, Request) + + // The isReloadNavigation getter steps are to return true if this’s + // request’s reload-navigation flag is set; otherwise false. + return this[kState].reloadNavigation + } + + // Returns a boolean indicating whether or not request is for a history + // navigation (a.k.a. back-forward navigation). + get isHistoryNavigation () { + webidl.brandCheck(this, Request) + + // The isHistoryNavigation getter steps are to return true if this’s request’s + // history-navigation flag is set; otherwise false. + return this[kState].historyNavigation + } + + // Returns the signal associated with request, which is an AbortSignal + // object indicating whether or not request has been aborted, and its + // abort event handler. + get signal () { + webidl.brandCheck(this, Request) + + // The signal getter steps are to return this’s signal. + return this[kSignal] + } + + get body () { + webidl.brandCheck(this, Request) + + return this[kState].body ? this[kState].body.stream : null + } + + get bodyUsed () { + webidl.brandCheck(this, Request) + + return !!this[kState].body && util.isDisturbed(this[kState].body.stream) + } + + get duplex () { + webidl.brandCheck(this, Request) + + return 'half' + } + + // Returns a clone of request. + clone () { + webidl.brandCheck(this, Request) + + // 1. If this is unusable, then throw a TypeError. + if (bodyUnusable(this)) { + throw new TypeError('unusable') + } + + // 2. Let clonedRequest be the result of cloning this’s request. + const clonedRequest = cloneRequest(this[kState]) + + // 3. Let clonedRequestObject be the result of creating a Request object, + // given clonedRequest, this’s headers’s guard, and this’s relevant Realm. + // 4. Make clonedRequestObject’s signal follow this’s signal. + const ac = new AbortController() + if (this.signal.aborted) { + ac.abort(this.signal.reason) + } else { + let list = dependentControllerMap.get(this.signal) + if (list === undefined) { + list = new Set() + dependentControllerMap.set(this.signal, list) + } + const acRef = new WeakRef(ac) + list.add(acRef) + util.addAbortListener( + ac.signal, + buildAbort(acRef) + ) + } + + // 4. Return clonedRequestObject. + return fromInnerRequest(clonedRequest, ac.signal, getHeadersGuard(this[kHeaders])) + } + + [nodeUtil.inspect.custom] (depth, options) { + if (options.depth === null) { + options.depth = 2 + } + + options.colors ??= true + + const properties = { + method: this.method, + url: this.url, + headers: this.headers, + destination: this.destination, + referrer: this.referrer, + referrerPolicy: this.referrerPolicy, + mode: this.mode, + credentials: this.credentials, + cache: this.cache, + redirect: this.redirect, + integrity: this.integrity, + keepalive: this.keepalive, + isReloadNavigation: this.isReloadNavigation, + isHistoryNavigation: this.isHistoryNavigation, + signal: this.signal + } + + return `Request ${nodeUtil.formatWithOptions(options, properties)}` + } +} + +mixinBody(Request) + +// https://fetch.spec.whatwg.org/#requests +function makeRequest (init) { + return { + method: init.method ?? 'GET', + localURLsOnly: init.localURLsOnly ?? false, + unsafeRequest: init.unsafeRequest ?? false, + body: init.body ?? null, + client: init.client ?? null, + reservedClient: init.reservedClient ?? null, + replacesClientId: init.replacesClientId ?? '', + window: init.window ?? 'client', + keepalive: init.keepalive ?? false, + serviceWorkers: init.serviceWorkers ?? 'all', + initiator: init.initiator ?? '', + destination: init.destination ?? '', + priority: init.priority ?? null, + origin: init.origin ?? 'client', + policyContainer: init.policyContainer ?? 'client', + referrer: init.referrer ?? 'client', + referrerPolicy: init.referrerPolicy ?? '', + mode: init.mode ?? 'no-cors', + useCORSPreflightFlag: init.useCORSPreflightFlag ?? false, + credentials: init.credentials ?? 'same-origin', + useCredentials: init.useCredentials ?? false, + cache: init.cache ?? 'default', + redirect: init.redirect ?? 'follow', + integrity: init.integrity ?? '', + cryptoGraphicsNonceMetadata: init.cryptoGraphicsNonceMetadata ?? '', + parserMetadata: init.parserMetadata ?? '', + reloadNavigation: init.reloadNavigation ?? false, + historyNavigation: init.historyNavigation ?? false, + userActivation: init.userActivation ?? false, + taintedOrigin: init.taintedOrigin ?? false, + redirectCount: init.redirectCount ?? 0, + responseTainting: init.responseTainting ?? 'basic', + preventNoCacheCacheControlHeaderModification: init.preventNoCacheCacheControlHeaderModification ?? false, + done: init.done ?? false, + timingAllowFailed: init.timingAllowFailed ?? false, + urlList: init.urlList, + url: init.urlList[0], + headersList: init.headersList + ? new HeadersList(init.headersList) + : new HeadersList() + } +} + +// https://fetch.spec.whatwg.org/#concept-request-clone +function cloneRequest (request) { + // To clone a request request, run these steps: + + // 1. Let newRequest be a copy of request, except for its body. + const newRequest = makeRequest({ ...request, body: null }) + + // 2. If request’s body is non-null, set newRequest’s body to the + // result of cloning request’s body. + if (request.body != null) { + newRequest.body = cloneBody(newRequest, request.body) + } + + // 3. Return newRequest. + return newRequest +} + +/** + * @see https://fetch.spec.whatwg.org/#request-create + * @param {any} innerRequest + * @param {AbortSignal} signal + * @param {'request' | 'immutable' | 'request-no-cors' | 'response' | 'none'} guard + * @returns {Request} + */ +function fromInnerRequest (innerRequest, signal, guard) { + const request = new Request(kConstruct) + request[kState] = innerRequest + request[kSignal] = signal + request[kHeaders] = new Headers(kConstruct) + setHeadersList(request[kHeaders], innerRequest.headersList) + setHeadersGuard(request[kHeaders], guard) + return request +} + +Object.defineProperties(Request.prototype, { + method: kEnumerableProperty, + url: kEnumerableProperty, + headers: kEnumerableProperty, + redirect: kEnumerableProperty, + clone: kEnumerableProperty, + signal: kEnumerableProperty, + duplex: kEnumerableProperty, + destination: kEnumerableProperty, + body: kEnumerableProperty, + bodyUsed: kEnumerableProperty, + isHistoryNavigation: kEnumerableProperty, + isReloadNavigation: kEnumerableProperty, + keepalive: kEnumerableProperty, + integrity: kEnumerableProperty, + cache: kEnumerableProperty, + credentials: kEnumerableProperty, + attribute: kEnumerableProperty, + referrerPolicy: kEnumerableProperty, + referrer: kEnumerableProperty, + mode: kEnumerableProperty, + [Symbol.toStringTag]: { + value: 'Request', + configurable: true + } +}) + +webidl.converters.Request = webidl.interfaceConverter( + Request +) + +// https://fetch.spec.whatwg.org/#requestinfo +webidl.converters.RequestInfo = function (V, prefix, argument) { + if (typeof V === 'string') { + return webidl.converters.USVString(V, prefix, argument) + } + + if (V instanceof Request) { + return webidl.converters.Request(V, prefix, argument) + } + + return webidl.converters.USVString(V, prefix, argument) +} + +webidl.converters.AbortSignal = webidl.interfaceConverter( + AbortSignal +) + +// https://fetch.spec.whatwg.org/#requestinit +webidl.converters.RequestInit = webidl.dictionaryConverter([ + { + key: 'method', + converter: webidl.converters.ByteString + }, + { + key: 'headers', + converter: webidl.converters.HeadersInit + }, + { + key: 'body', + converter: webidl.nullableConverter( + webidl.converters.BodyInit + ) + }, + { + key: 'referrer', + converter: webidl.converters.USVString + }, + { + key: 'referrerPolicy', + converter: webidl.converters.DOMString, + // https://w3c.github.io/webappsec-referrer-policy/#referrer-policy + allowedValues: referrerPolicy + }, + { + key: 'mode', + converter: webidl.converters.DOMString, + // https://fetch.spec.whatwg.org/#concept-request-mode + allowedValues: requestMode + }, + { + key: 'credentials', + converter: webidl.converters.DOMString, + // https://fetch.spec.whatwg.org/#requestcredentials + allowedValues: requestCredentials + }, + { + key: 'cache', + converter: webidl.converters.DOMString, + // https://fetch.spec.whatwg.org/#requestcache + allowedValues: requestCache + }, + { + key: 'redirect', + converter: webidl.converters.DOMString, + // https://fetch.spec.whatwg.org/#requestredirect + allowedValues: requestRedirect + }, + { + key: 'integrity', + converter: webidl.converters.DOMString + }, + { + key: 'keepalive', + converter: webidl.converters.boolean + }, + { + key: 'signal', + converter: webidl.nullableConverter( + (signal) => webidl.converters.AbortSignal( + signal, + 'RequestInit', + 'signal', + { strict: false } + ) + ) + }, + { + key: 'window', + converter: webidl.converters.any + }, + { + key: 'duplex', + converter: webidl.converters.DOMString, + allowedValues: requestDuplex + }, + { + key: 'dispatcher', // undici specific option + converter: webidl.converters.any + } +]) + +module.exports = { Request, makeRequest, fromInnerRequest, cloneRequest } + + +/***/ }), + +/***/ 9051: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Headers, HeadersList, fill, getHeadersGuard, setHeadersGuard, setHeadersList } = __nccwpck_require__(660) +const { extractBody, cloneBody, mixinBody, hasFinalizationRegistry, streamRegistry, bodyUnusable } = __nccwpck_require__(4492) +const util = __nccwpck_require__(3440) +const nodeUtil = __nccwpck_require__(7975) +const { kEnumerableProperty } = util +const { + isValidReasonPhrase, + isCancelled, + isAborted, + isBlobLike, + serializeJavascriptValueToJSONString, + isErrorLike, + isomorphicEncode, + environmentSettingsObject: relevantRealm +} = __nccwpck_require__(3168) +const { + redirectStatusSet, + nullBodyStatus +} = __nccwpck_require__(4495) +const { kState, kHeaders } = __nccwpck_require__(3627) +const { webidl } = __nccwpck_require__(5893) +const { FormData } = __nccwpck_require__(5910) +const { URLSerializer } = __nccwpck_require__(1900) +const { kConstruct } = __nccwpck_require__(6443) +const assert = __nccwpck_require__(4589) +const { types } = __nccwpck_require__(7975) + +const textEncoder = new TextEncoder('utf-8') + +// https://fetch.spec.whatwg.org/#response-class +class Response { + // Creates network error Response. + static error () { + // The static error() method steps are to return the result of creating a + // Response object, given a new network error, "immutable", and this’s + // relevant Realm. + const responseObject = fromInnerResponse(makeNetworkError(), 'immutable') + + return responseObject + } + + // https://fetch.spec.whatwg.org/#dom-response-json + static json (data, init = {}) { + webidl.argumentLengthCheck(arguments, 1, 'Response.json') + + if (init !== null) { + init = webidl.converters.ResponseInit(init) + } + + // 1. Let bytes the result of running serialize a JavaScript value to JSON bytes on data. + const bytes = textEncoder.encode( + serializeJavascriptValueToJSONString(data) + ) + + // 2. Let body be the result of extracting bytes. + const body = extractBody(bytes) + + // 3. Let responseObject be the result of creating a Response object, given a new response, + // "response", and this’s relevant Realm. + const responseObject = fromInnerResponse(makeResponse({}), 'response') + + // 4. Perform initialize a response given responseObject, init, and (body, "application/json"). + initializeResponse(responseObject, init, { body: body[0], type: 'application/json' }) + + // 5. Return responseObject. + return responseObject + } + + // Creates a redirect Response that redirects to url with status status. + static redirect (url, status = 302) { + webidl.argumentLengthCheck(arguments, 1, 'Response.redirect') + + url = webidl.converters.USVString(url) + status = webidl.converters['unsigned short'](status) + + // 1. Let parsedURL be the result of parsing url with current settings + // object’s API base URL. + // 2. If parsedURL is failure, then throw a TypeError. + // TODO: base-URL? + let parsedURL + try { + parsedURL = new URL(url, relevantRealm.settingsObject.baseUrl) + } catch (err) { + throw new TypeError(`Failed to parse URL from ${url}`, { cause: err }) + } + + // 3. If status is not a redirect status, then throw a RangeError. + if (!redirectStatusSet.has(status)) { + throw new RangeError(`Invalid status code ${status}`) + } + + // 4. Let responseObject be the result of creating a Response object, + // given a new response, "immutable", and this’s relevant Realm. + const responseObject = fromInnerResponse(makeResponse({}), 'immutable') + + // 5. Set responseObject’s response’s status to status. + responseObject[kState].status = status + + // 6. Let value be parsedURL, serialized and isomorphic encoded. + const value = isomorphicEncode(URLSerializer(parsedURL)) + + // 7. Append `Location`/value to responseObject’s response’s header list. + responseObject[kState].headersList.append('location', value, true) + + // 8. Return responseObject. + return responseObject + } + + // https://fetch.spec.whatwg.org/#dom-response + constructor (body = null, init = {}) { + webidl.util.markAsUncloneable(this) + if (body === kConstruct) { + return + } + + if (body !== null) { + body = webidl.converters.BodyInit(body) + } + + init = webidl.converters.ResponseInit(init) + + // 1. Set this’s response to a new response. + this[kState] = makeResponse({}) + + // 2. Set this’s headers to a new Headers object with this’s relevant + // Realm, whose header list is this’s response’s header list and guard + // is "response". + this[kHeaders] = new Headers(kConstruct) + setHeadersGuard(this[kHeaders], 'response') + setHeadersList(this[kHeaders], this[kState].headersList) + + // 3. Let bodyWithType be null. + let bodyWithType = null + + // 4. If body is non-null, then set bodyWithType to the result of extracting body. + if (body != null) { + const [extractedBody, type] = extractBody(body) + bodyWithType = { body: extractedBody, type } + } + + // 5. Perform initialize a response given this, init, and bodyWithType. + initializeResponse(this, init, bodyWithType) + } + + // Returns response’s type, e.g., "cors". + get type () { + webidl.brandCheck(this, Response) + + // The type getter steps are to return this’s response’s type. + return this[kState].type + } + + // Returns response’s URL, if it has one; otherwise the empty string. + get url () { + webidl.brandCheck(this, Response) + + const urlList = this[kState].urlList + + // The url getter steps are to return the empty string if this’s + // response’s URL is null; otherwise this’s response’s URL, + // serialized with exclude fragment set to true. + const url = urlList[urlList.length - 1] ?? null + + if (url === null) { + return '' + } + + return URLSerializer(url, true) + } + + // Returns whether response was obtained through a redirect. + get redirected () { + webidl.brandCheck(this, Response) + + // The redirected getter steps are to return true if this’s response’s URL + // list has more than one item; otherwise false. + return this[kState].urlList.length > 1 + } + + // Returns response’s status. + get status () { + webidl.brandCheck(this, Response) + + // The status getter steps are to return this’s response’s status. + return this[kState].status + } + + // Returns whether response’s status is an ok status. + get ok () { + webidl.brandCheck(this, Response) + + // The ok getter steps are to return true if this’s response’s status is an + // ok status; otherwise false. + return this[kState].status >= 200 && this[kState].status <= 299 + } + + // Returns response’s status message. + get statusText () { + webidl.brandCheck(this, Response) + + // The statusText getter steps are to return this’s response’s status + // message. + return this[kState].statusText + } + + // Returns response’s headers as Headers. + get headers () { + webidl.brandCheck(this, Response) + + // The headers getter steps are to return this’s headers. + return this[kHeaders] + } + + get body () { + webidl.brandCheck(this, Response) + + return this[kState].body ? this[kState].body.stream : null + } + + get bodyUsed () { + webidl.brandCheck(this, Response) + + return !!this[kState].body && util.isDisturbed(this[kState].body.stream) + } + + // Returns a clone of response. + clone () { + webidl.brandCheck(this, Response) + + // 1. If this is unusable, then throw a TypeError. + if (bodyUnusable(this)) { + throw webidl.errors.exception({ + header: 'Response.clone', + message: 'Body has already been consumed.' + }) + } + + // 2. Let clonedResponse be the result of cloning this’s response. + const clonedResponse = cloneResponse(this[kState]) + + // Note: To re-register because of a new stream. + if (hasFinalizationRegistry && this[kState].body?.stream) { + streamRegistry.register(this, new WeakRef(this[kState].body.stream)) + } + + // 3. Return the result of creating a Response object, given + // clonedResponse, this’s headers’s guard, and this’s relevant Realm. + return fromInnerResponse(clonedResponse, getHeadersGuard(this[kHeaders])) + } + + [nodeUtil.inspect.custom] (depth, options) { + if (options.depth === null) { + options.depth = 2 + } + + options.colors ??= true + + const properties = { + status: this.status, + statusText: this.statusText, + headers: this.headers, + body: this.body, + bodyUsed: this.bodyUsed, + ok: this.ok, + redirected: this.redirected, + type: this.type, + url: this.url + } + + return `Response ${nodeUtil.formatWithOptions(options, properties)}` + } +} + +mixinBody(Response) + +Object.defineProperties(Response.prototype, { + type: kEnumerableProperty, + url: kEnumerableProperty, + status: kEnumerableProperty, + ok: kEnumerableProperty, + redirected: kEnumerableProperty, + statusText: kEnumerableProperty, + headers: kEnumerableProperty, + clone: kEnumerableProperty, + body: kEnumerableProperty, + bodyUsed: kEnumerableProperty, + [Symbol.toStringTag]: { + value: 'Response', + configurable: true + } +}) + +Object.defineProperties(Response, { + json: kEnumerableProperty, + redirect: kEnumerableProperty, + error: kEnumerableProperty +}) + +// https://fetch.spec.whatwg.org/#concept-response-clone +function cloneResponse (response) { + // To clone a response response, run these steps: + + // 1. If response is a filtered response, then return a new identical + // filtered response whose internal response is a clone of response’s + // internal response. + if (response.internalResponse) { + return filterResponse( + cloneResponse(response.internalResponse), + response.type + ) + } + + // 2. Let newResponse be a copy of response, except for its body. + const newResponse = makeResponse({ ...response, body: null }) + + // 3. If response’s body is non-null, then set newResponse’s body to the + // result of cloning response’s body. + if (response.body != null) { + newResponse.body = cloneBody(newResponse, response.body) + } + + // 4. Return newResponse. + return newResponse +} + +function makeResponse (init) { + return { + aborted: false, + rangeRequested: false, + timingAllowPassed: false, + requestIncludesCredentials: false, + type: 'default', + status: 200, + timingInfo: null, + cacheState: '', + statusText: '', + ...init, + headersList: init?.headersList + ? new HeadersList(init?.headersList) + : new HeadersList(), + urlList: init?.urlList ? [...init.urlList] : [] + } +} + +function makeNetworkError (reason) { + const isError = isErrorLike(reason) + return makeResponse({ + type: 'error', + status: 0, + error: isError + ? reason + : new Error(reason ? String(reason) : reason), + aborted: reason && reason.name === 'AbortError' + }) +} + +// @see https://fetch.spec.whatwg.org/#concept-network-error +function isNetworkError (response) { + return ( + // A network error is a response whose type is "error", + response.type === 'error' && + // status is 0 + response.status === 0 + ) +} + +function makeFilteredResponse (response, state) { + state = { + internalResponse: response, + ...state + } + + return new Proxy(response, { + get (target, p) { + return p in state ? state[p] : target[p] + }, + set (target, p, value) { + assert(!(p in state)) + target[p] = value + return true + } + }) +} + +// https://fetch.spec.whatwg.org/#concept-filtered-response +function filterResponse (response, type) { + // Set response to the following filtered response with response as its + // internal response, depending on request’s response tainting: + if (type === 'basic') { + // A basic filtered response is a filtered response whose type is "basic" + // and header list excludes any headers in internal response’s header list + // whose name is a forbidden response-header name. + + // Note: undici does not implement forbidden response-header names + return makeFilteredResponse(response, { + type: 'basic', + headersList: response.headersList + }) + } else if (type === 'cors') { + // A CORS filtered response is a filtered response whose type is "cors" + // and header list excludes any headers in internal response’s header + // list whose name is not a CORS-safelisted response-header name, given + // internal response’s CORS-exposed header-name list. + + // Note: undici does not implement CORS-safelisted response-header names + return makeFilteredResponse(response, { + type: 'cors', + headersList: response.headersList + }) + } else if (type === 'opaque') { + // An opaque filtered response is a filtered response whose type is + // "opaque", URL list is the empty list, status is 0, status message + // is the empty byte sequence, header list is empty, and body is null. + + return makeFilteredResponse(response, { + type: 'opaque', + urlList: Object.freeze([]), + status: 0, + statusText: '', + body: null + }) + } else if (type === 'opaqueredirect') { + // An opaque-redirect filtered response is a filtered response whose type + // is "opaqueredirect", status is 0, status message is the empty byte + // sequence, header list is empty, and body is null. + + return makeFilteredResponse(response, { + type: 'opaqueredirect', + status: 0, + statusText: '', + headersList: [], + body: null + }) + } else { + assert(false) + } +} + +// https://fetch.spec.whatwg.org/#appropriate-network-error +function makeAppropriateNetworkError (fetchParams, err = null) { + // 1. Assert: fetchParams is canceled. + assert(isCancelled(fetchParams)) + + // 2. Return an aborted network error if fetchParams is aborted; + // otherwise return a network error. + return isAborted(fetchParams) + ? makeNetworkError(Object.assign(new DOMException('The operation was aborted.', 'AbortError'), { cause: err })) + : makeNetworkError(Object.assign(new DOMException('Request was cancelled.'), { cause: err })) +} + +// https://whatpr.org/fetch/1392.html#initialize-a-response +function initializeResponse (response, init, body) { + // 1. If init["status"] is not in the range 200 to 599, inclusive, then + // throw a RangeError. + if (init.status !== null && (init.status < 200 || init.status > 599)) { + throw new RangeError('init["status"] must be in the range of 200 to 599, inclusive.') + } + + // 2. If init["statusText"] does not match the reason-phrase token production, + // then throw a TypeError. + if ('statusText' in init && init.statusText != null) { + // See, https://datatracker.ietf.org/doc/html/rfc7230#section-3.1.2: + // reason-phrase = *( HTAB / SP / VCHAR / obs-text ) + if (!isValidReasonPhrase(String(init.statusText))) { + throw new TypeError('Invalid statusText') + } + } + + // 3. Set response’s response’s status to init["status"]. + if ('status' in init && init.status != null) { + response[kState].status = init.status + } + + // 4. Set response’s response’s status message to init["statusText"]. + if ('statusText' in init && init.statusText != null) { + response[kState].statusText = init.statusText + } + + // 5. If init["headers"] exists, then fill response’s headers with init["headers"]. + if ('headers' in init && init.headers != null) { + fill(response[kHeaders], init.headers) + } + + // 6. If body was given, then: + if (body) { + // 1. If response's status is a null body status, then throw a TypeError. + if (nullBodyStatus.includes(response.status)) { + throw webidl.errors.exception({ + header: 'Response constructor', + message: `Invalid response status code ${response.status}` + }) + } + + // 2. Set response's body to body's body. + response[kState].body = body.body + + // 3. If body's type is non-null and response's header list does not contain + // `Content-Type`, then append (`Content-Type`, body's type) to response's header list. + if (body.type != null && !response[kState].headersList.contains('content-type', true)) { + response[kState].headersList.append('content-type', body.type, true) + } + } +} + +/** + * @see https://fetch.spec.whatwg.org/#response-create + * @param {any} innerResponse + * @param {'request' | 'immutable' | 'request-no-cors' | 'response' | 'none'} guard + * @returns {Response} + */ +function fromInnerResponse (innerResponse, guard) { + const response = new Response(kConstruct) + response[kState] = innerResponse + response[kHeaders] = new Headers(kConstruct) + setHeadersList(response[kHeaders], innerResponse.headersList) + setHeadersGuard(response[kHeaders], guard) + + if (hasFinalizationRegistry && innerResponse.body?.stream) { + // If the target (response) is reclaimed, the cleanup callback may be called at some point with + // the held value provided for it (innerResponse.body.stream). The held value can be any value: + // a primitive or an object, even undefined. If the held value is an object, the registry keeps + // a strong reference to it (so it can pass it to the cleanup callback later). Reworded from + // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/FinalizationRegistry + streamRegistry.register(response, new WeakRef(innerResponse.body.stream)) + } + + return response +} + +webidl.converters.ReadableStream = webidl.interfaceConverter( + ReadableStream +) + +webidl.converters.FormData = webidl.interfaceConverter( + FormData +) + +webidl.converters.URLSearchParams = webidl.interfaceConverter( + URLSearchParams +) + +// https://fetch.spec.whatwg.org/#typedefdef-xmlhttprequestbodyinit +webidl.converters.XMLHttpRequestBodyInit = function (V, prefix, name) { + if (typeof V === 'string') { + return webidl.converters.USVString(V, prefix, name) + } + + if (isBlobLike(V)) { + return webidl.converters.Blob(V, prefix, name, { strict: false }) + } + + if (ArrayBuffer.isView(V) || types.isArrayBuffer(V)) { + return webidl.converters.BufferSource(V, prefix, name) + } + + if (util.isFormDataLike(V)) { + return webidl.converters.FormData(V, prefix, name, { strict: false }) + } + + if (V instanceof URLSearchParams) { + return webidl.converters.URLSearchParams(V, prefix, name) + } + + return webidl.converters.DOMString(V, prefix, name) +} + +// https://fetch.spec.whatwg.org/#bodyinit +webidl.converters.BodyInit = function (V, prefix, argument) { + if (V instanceof ReadableStream) { + return webidl.converters.ReadableStream(V, prefix, argument) + } + + // Note: the spec doesn't include async iterables, + // this is an undici extension. + if (V?.[Symbol.asyncIterator]) { + return V + } + + return webidl.converters.XMLHttpRequestBodyInit(V, prefix, argument) +} + +webidl.converters.ResponseInit = webidl.dictionaryConverter([ + { + key: 'status', + converter: webidl.converters['unsigned short'], + defaultValue: () => 200 + }, + { + key: 'statusText', + converter: webidl.converters.ByteString, + defaultValue: () => '' + }, + { + key: 'headers', + converter: webidl.converters.HeadersInit + } +]) + +module.exports = { + isNetworkError, + makeNetworkError, + makeResponse, + makeAppropriateNetworkError, + filterResponse, + Response, + cloneResponse, + fromInnerResponse +} + + +/***/ }), + +/***/ 3627: +/***/ ((module) => { + +"use strict"; + + +module.exports = { + kUrl: Symbol('url'), + kHeaders: Symbol('headers'), + kSignal: Symbol('signal'), + kState: Symbol('state'), + kDispatcher: Symbol('dispatcher') +} + + +/***/ }), + +/***/ 3168: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Transform } = __nccwpck_require__(7075) +const zlib = __nccwpck_require__(8522) +const { redirectStatusSet, referrerPolicySet: referrerPolicyTokens, badPortsSet } = __nccwpck_require__(4495) +const { getGlobalOrigin } = __nccwpck_require__(1059) +const { collectASequenceOfCodePoints, collectAnHTTPQuotedString, removeChars, parseMIMEType } = __nccwpck_require__(1900) +const { performance } = __nccwpck_require__(643) +const { isBlobLike, ReadableStreamFrom, isValidHTTPToken, normalizedMethodRecordsBase } = __nccwpck_require__(3440) +const assert = __nccwpck_require__(4589) +const { isUint8Array } = __nccwpck_require__(3429) +const { webidl } = __nccwpck_require__(5893) + +let supportedHashes = [] + +// https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable +/** @type {import('crypto')} */ +let crypto +try { + crypto = __nccwpck_require__(7598) + const possibleRelevantHashes = ['sha256', 'sha384', 'sha512'] + supportedHashes = crypto.getHashes().filter((hash) => possibleRelevantHashes.includes(hash)) +/* c8 ignore next 3 */ +} catch { + +} + +function responseURL (response) { + // https://fetch.spec.whatwg.org/#responses + // A response has an associated URL. It is a pointer to the last URL + // in response’s URL list and null if response’s URL list is empty. + const urlList = response.urlList + const length = urlList.length + return length === 0 ? null : urlList[length - 1].toString() +} + +// https://fetch.spec.whatwg.org/#concept-response-location-url +function responseLocationURL (response, requestFragment) { + // 1. If response’s status is not a redirect status, then return null. + if (!redirectStatusSet.has(response.status)) { + return null + } + + // 2. Let location be the result of extracting header list values given + // `Location` and response’s header list. + let location = response.headersList.get('location', true) + + // 3. If location is a header value, then set location to the result of + // parsing location with response’s URL. + if (location !== null && isValidHeaderValue(location)) { + if (!isValidEncodedURL(location)) { + // Some websites respond location header in UTF-8 form without encoding them as ASCII + // and major browsers redirect them to correctly UTF-8 encoded addresses. + // Here, we handle that behavior in the same way. + location = normalizeBinaryStringToUtf8(location) + } + location = new URL(location, responseURL(response)) + } + + // 4. If location is a URL whose fragment is null, then set location’s + // fragment to requestFragment. + if (location && !location.hash) { + location.hash = requestFragment + } + + // 5. Return location. + return location +} + +/** + * @see https://www.rfc-editor.org/rfc/rfc1738#section-2.2 + * @param {string} url + * @returns {boolean} + */ +function isValidEncodedURL (url) { + for (let i = 0; i < url.length; ++i) { + const code = url.charCodeAt(i) + + if ( + code > 0x7E || // Non-US-ASCII + DEL + code < 0x20 // Control characters NUL - US + ) { + return false + } + } + return true +} + +/** + * If string contains non-ASCII characters, assumes it's UTF-8 encoded and decodes it. + * Since UTF-8 is a superset of ASCII, this will work for ASCII strings as well. + * @param {string} value + * @returns {string} + */ +function normalizeBinaryStringToUtf8 (value) { + return Buffer.from(value, 'binary').toString('utf8') +} + +/** @returns {URL} */ +function requestCurrentURL (request) { + return request.urlList[request.urlList.length - 1] +} + +function requestBadPort (request) { + // 1. Let url be request’s current URL. + const url = requestCurrentURL(request) + + // 2. If url’s scheme is an HTTP(S) scheme and url’s port is a bad port, + // then return blocked. + if (urlIsHttpHttpsScheme(url) && badPortsSet.has(url.port)) { + return 'blocked' + } + + // 3. Return allowed. + return 'allowed' +} + +function isErrorLike (object) { + return object instanceof Error || ( + object?.constructor?.name === 'Error' || + object?.constructor?.name === 'DOMException' + ) +} + +// Check whether |statusText| is a ByteString and +// matches the Reason-Phrase token production. +// RFC 2616: https://tools.ietf.org/html/rfc2616 +// RFC 7230: https://tools.ietf.org/html/rfc7230 +// "reason-phrase = *( HTAB / SP / VCHAR / obs-text )" +// https://github.com/chromium/chromium/blob/94.0.4604.1/third_party/blink/renderer/core/fetch/response.cc#L116 +function isValidReasonPhrase (statusText) { + for (let i = 0; i < statusText.length; ++i) { + const c = statusText.charCodeAt(i) + if ( + !( + ( + c === 0x09 || // HTAB + (c >= 0x20 && c <= 0x7e) || // SP / VCHAR + (c >= 0x80 && c <= 0xff) + ) // obs-text + ) + ) { + return false + } + } + return true +} + +/** + * @see https://fetch.spec.whatwg.org/#header-name + * @param {string} potentialValue + */ +const isValidHeaderName = isValidHTTPToken + +/** + * @see https://fetch.spec.whatwg.org/#header-value + * @param {string} potentialValue + */ +function isValidHeaderValue (potentialValue) { + // - Has no leading or trailing HTTP tab or space bytes. + // - Contains no 0x00 (NUL) or HTTP newline bytes. + return ( + potentialValue[0] === '\t' || + potentialValue[0] === ' ' || + potentialValue[potentialValue.length - 1] === '\t' || + potentialValue[potentialValue.length - 1] === ' ' || + potentialValue.includes('\n') || + potentialValue.includes('\r') || + potentialValue.includes('\0') + ) === false +} + +// https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect +function setRequestReferrerPolicyOnRedirect (request, actualResponse) { + // Given a request request and a response actualResponse, this algorithm + // updates request’s referrer policy according to the Referrer-Policy + // header (if any) in actualResponse. + + // 1. Let policy be the result of executing § 8.1 Parse a referrer policy + // from a Referrer-Policy header on actualResponse. + + // 8.1 Parse a referrer policy from a Referrer-Policy header + // 1. Let policy-tokens be the result of extracting header list values given `Referrer-Policy` and response’s header list. + const { headersList } = actualResponse + // 2. Let policy be the empty string. + // 3. For each token in policy-tokens, if token is a referrer policy and token is not the empty string, then set policy to token. + // 4. Return policy. + const policyHeader = (headersList.get('referrer-policy', true) ?? '').split(',') + + // Note: As the referrer-policy can contain multiple policies + // separated by comma, we need to loop through all of them + // and pick the first valid one. + // Ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy#specify_a_fallback_policy + let policy = '' + if (policyHeader.length > 0) { + // The right-most policy takes precedence. + // The left-most policy is the fallback. + for (let i = policyHeader.length; i !== 0; i--) { + const token = policyHeader[i - 1].trim() + if (referrerPolicyTokens.has(token)) { + policy = token + break + } + } + } + + // 2. If policy is not the empty string, then set request’s referrer policy to policy. + if (policy !== '') { + request.referrerPolicy = policy + } +} + +// https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check +function crossOriginResourcePolicyCheck () { + // TODO + return 'allowed' +} + +// https://fetch.spec.whatwg.org/#concept-cors-check +function corsCheck () { + // TODO + return 'success' +} + +// https://fetch.spec.whatwg.org/#concept-tao-check +function TAOCheck () { + // TODO + return 'success' +} + +function appendFetchMetadata (httpRequest) { + // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-dest-header + // TODO + + // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-mode-header + + // 1. Assert: r’s url is a potentially trustworthy URL. + // TODO + + // 2. Let header be a Structured Header whose value is a token. + let header = null + + // 3. Set header’s value to r’s mode. + header = httpRequest.mode + + // 4. Set a structured field value `Sec-Fetch-Mode`/header in r’s header list. + httpRequest.headersList.set('sec-fetch-mode', header, true) + + // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-site-header + // TODO + + // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-user-header + // TODO +} + +// https://fetch.spec.whatwg.org/#append-a-request-origin-header +function appendRequestOriginHeader (request) { + // 1. Let serializedOrigin be the result of byte-serializing a request origin + // with request. + // TODO: implement "byte-serializing a request origin" + let serializedOrigin = request.origin + + // - "'client' is changed to an origin during fetching." + // This doesn't happen in undici (in most cases) because undici, by default, + // has no concept of origin. + // - request.origin can also be set to request.client.origin (client being + // an environment settings object), which is undefined without using + // setGlobalOrigin. + if (serializedOrigin === 'client' || serializedOrigin === undefined) { + return + } + + // 2. If request’s response tainting is "cors" or request’s mode is "websocket", + // then append (`Origin`, serializedOrigin) to request’s header list. + // 3. Otherwise, if request’s method is neither `GET` nor `HEAD`, then: + if (request.responseTainting === 'cors' || request.mode === 'websocket') { + request.headersList.append('origin', serializedOrigin, true) + } else if (request.method !== 'GET' && request.method !== 'HEAD') { + // 1. Switch on request’s referrer policy: + switch (request.referrerPolicy) { + case 'no-referrer': + // Set serializedOrigin to `null`. + serializedOrigin = null + break + case 'no-referrer-when-downgrade': + case 'strict-origin': + case 'strict-origin-when-cross-origin': + // If request’s origin is a tuple origin, its scheme is "https", and + // request’s current URL’s scheme is not "https", then set + // serializedOrigin to `null`. + if (request.origin && urlHasHttpsScheme(request.origin) && !urlHasHttpsScheme(requestCurrentURL(request))) { + serializedOrigin = null + } + break + case 'same-origin': + // If request’s origin is not same origin with request’s current URL’s + // origin, then set serializedOrigin to `null`. + if (!sameOrigin(request, requestCurrentURL(request))) { + serializedOrigin = null + } + break + default: + // Do nothing. + } + + // 2. Append (`Origin`, serializedOrigin) to request’s header list. + request.headersList.append('origin', serializedOrigin, true) + } +} + +// https://w3c.github.io/hr-time/#dfn-coarsen-time +function coarsenTime (timestamp, crossOriginIsolatedCapability) { + // TODO + return timestamp +} + +// https://fetch.spec.whatwg.org/#clamp-and-coarsen-connection-timing-info +function clampAndCoarsenConnectionTimingInfo (connectionTimingInfo, defaultStartTime, crossOriginIsolatedCapability) { + if (!connectionTimingInfo?.startTime || connectionTimingInfo.startTime < defaultStartTime) { + return { + domainLookupStartTime: defaultStartTime, + domainLookupEndTime: defaultStartTime, + connectionStartTime: defaultStartTime, + connectionEndTime: defaultStartTime, + secureConnectionStartTime: defaultStartTime, + ALPNNegotiatedProtocol: connectionTimingInfo?.ALPNNegotiatedProtocol + } + } + + return { + domainLookupStartTime: coarsenTime(connectionTimingInfo.domainLookupStartTime, crossOriginIsolatedCapability), + domainLookupEndTime: coarsenTime(connectionTimingInfo.domainLookupEndTime, crossOriginIsolatedCapability), + connectionStartTime: coarsenTime(connectionTimingInfo.connectionStartTime, crossOriginIsolatedCapability), + connectionEndTime: coarsenTime(connectionTimingInfo.connectionEndTime, crossOriginIsolatedCapability), + secureConnectionStartTime: coarsenTime(connectionTimingInfo.secureConnectionStartTime, crossOriginIsolatedCapability), + ALPNNegotiatedProtocol: connectionTimingInfo.ALPNNegotiatedProtocol + } +} + +// https://w3c.github.io/hr-time/#dfn-coarsened-shared-current-time +function coarsenedSharedCurrentTime (crossOriginIsolatedCapability) { + return coarsenTime(performance.now(), crossOriginIsolatedCapability) +} + +// https://fetch.spec.whatwg.org/#create-an-opaque-timing-info +function createOpaqueTimingInfo (timingInfo) { + return { + startTime: timingInfo.startTime ?? 0, + redirectStartTime: 0, + redirectEndTime: 0, + postRedirectStartTime: timingInfo.startTime ?? 0, + finalServiceWorkerStartTime: 0, + finalNetworkResponseStartTime: 0, + finalNetworkRequestStartTime: 0, + endTime: 0, + encodedBodySize: 0, + decodedBodySize: 0, + finalConnectionTimingInfo: null + } +} + +// https://html.spec.whatwg.org/multipage/origin.html#policy-container +function makePolicyContainer () { + // Note: the fetch spec doesn't make use of embedder policy or CSP list + return { + referrerPolicy: 'strict-origin-when-cross-origin' + } +} + +// https://html.spec.whatwg.org/multipage/origin.html#clone-a-policy-container +function clonePolicyContainer (policyContainer) { + return { + referrerPolicy: policyContainer.referrerPolicy + } +} + +// https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer +function determineRequestsReferrer (request) { + // 1. Let policy be request's referrer policy. + const policy = request.referrerPolicy + + // Note: policy cannot (shouldn't) be null or an empty string. + assert(policy) + + // 2. Let environment be request’s client. + + let referrerSource = null + + // 3. Switch on request’s referrer: + if (request.referrer === 'client') { + // Note: node isn't a browser and doesn't implement document/iframes, + // so we bypass this step and replace it with our own. + + const globalOrigin = getGlobalOrigin() + + if (!globalOrigin || globalOrigin.origin === 'null') { + return 'no-referrer' + } + + // note: we need to clone it as it's mutated + referrerSource = new URL(globalOrigin) + } else if (request.referrer instanceof URL) { + // Let referrerSource be request’s referrer. + referrerSource = request.referrer + } + + // 4. Let request’s referrerURL be the result of stripping referrerSource for + // use as a referrer. + let referrerURL = stripURLForReferrer(referrerSource) + + // 5. Let referrerOrigin be the result of stripping referrerSource for use as + // a referrer, with the origin-only flag set to true. + const referrerOrigin = stripURLForReferrer(referrerSource, true) + + // 6. If the result of serializing referrerURL is a string whose length is + // greater than 4096, set referrerURL to referrerOrigin. + if (referrerURL.toString().length > 4096) { + referrerURL = referrerOrigin + } + + const areSameOrigin = sameOrigin(request, referrerURL) + const isNonPotentiallyTrustWorthy = isURLPotentiallyTrustworthy(referrerURL) && + !isURLPotentiallyTrustworthy(request.url) + + // 8. Execute the switch statements corresponding to the value of policy: + switch (policy) { + case 'origin': return referrerOrigin != null ? referrerOrigin : stripURLForReferrer(referrerSource, true) + case 'unsafe-url': return referrerURL + case 'same-origin': + return areSameOrigin ? referrerOrigin : 'no-referrer' + case 'origin-when-cross-origin': + return areSameOrigin ? referrerURL : referrerOrigin + case 'strict-origin-when-cross-origin': { + const currentURL = requestCurrentURL(request) + + // 1. If the origin of referrerURL and the origin of request’s current + // URL are the same, then return referrerURL. + if (sameOrigin(referrerURL, currentURL)) { + return referrerURL + } + + // 2. If referrerURL is a potentially trustworthy URL and request’s + // current URL is not a potentially trustworthy URL, then return no + // referrer. + if (isURLPotentiallyTrustworthy(referrerURL) && !isURLPotentiallyTrustworthy(currentURL)) { + return 'no-referrer' + } + + // 3. Return referrerOrigin. + return referrerOrigin + } + case 'strict-origin': // eslint-disable-line + /** + * 1. If referrerURL is a potentially trustworthy URL and + * request’s current URL is not a potentially trustworthy URL, + * then return no referrer. + * 2. Return referrerOrigin + */ + case 'no-referrer-when-downgrade': // eslint-disable-line + /** + * 1. If referrerURL is a potentially trustworthy URL and + * request’s current URL is not a potentially trustworthy URL, + * then return no referrer. + * 2. Return referrerOrigin + */ + + default: // eslint-disable-line + return isNonPotentiallyTrustWorthy ? 'no-referrer' : referrerOrigin + } +} + +/** + * @see https://w3c.github.io/webappsec-referrer-policy/#strip-url + * @param {URL} url + * @param {boolean|undefined} originOnly + */ +function stripURLForReferrer (url, originOnly) { + // 1. Assert: url is a URL. + assert(url instanceof URL) + + url = new URL(url) + + // 2. If url’s scheme is a local scheme, then return no referrer. + if (url.protocol === 'file:' || url.protocol === 'about:' || url.protocol === 'blank:') { + return 'no-referrer' + } + + // 3. Set url’s username to the empty string. + url.username = '' + + // 4. Set url’s password to the empty string. + url.password = '' + + // 5. Set url’s fragment to null. + url.hash = '' + + // 6. If the origin-only flag is true, then: + if (originOnly) { + // 1. Set url’s path to « the empty string ». + url.pathname = '' + + // 2. Set url’s query to null. + url.search = '' + } + + // 7. Return url. + return url +} + +function isURLPotentiallyTrustworthy (url) { + if (!(url instanceof URL)) { + return false + } + + // If child of about, return true + if (url.href === 'about:blank' || url.href === 'about:srcdoc') { + return true + } + + // If scheme is data, return true + if (url.protocol === 'data:') return true + + // If file, return true + if (url.protocol === 'file:') return true + + return isOriginPotentiallyTrustworthy(url.origin) + + function isOriginPotentiallyTrustworthy (origin) { + // If origin is explicitly null, return false + if (origin == null || origin === 'null') return false + + const originAsURL = new URL(origin) + + // If secure, return true + if (originAsURL.protocol === 'https:' || originAsURL.protocol === 'wss:') { + return true + } + + // If localhost or variants, return true + if (/^127(?:\.[0-9]+){0,2}\.[0-9]+$|^\[(?:0*:)*?:?0*1\]$/.test(originAsURL.hostname) || + (originAsURL.hostname === 'localhost' || originAsURL.hostname.includes('localhost.')) || + (originAsURL.hostname.endsWith('.localhost'))) { + return true + } + + // If any other, return false + return false + } +} + +/** + * @see https://w3c.github.io/webappsec-subresource-integrity/#does-response-match-metadatalist + * @param {Uint8Array} bytes + * @param {string} metadataList + */ +function bytesMatch (bytes, metadataList) { + // If node is not built with OpenSSL support, we cannot check + // a request's integrity, so allow it by default (the spec will + // allow requests if an invalid hash is given, as precedence). + /* istanbul ignore if: only if node is built with --without-ssl */ + if (crypto === undefined) { + return true + } + + // 1. Let parsedMetadata be the result of parsing metadataList. + const parsedMetadata = parseMetadata(metadataList) + + // 2. If parsedMetadata is no metadata, return true. + if (parsedMetadata === 'no metadata') { + return true + } + + // 3. If response is not eligible for integrity validation, return false. + // TODO + + // 4. If parsedMetadata is the empty set, return true. + if (parsedMetadata.length === 0) { + return true + } + + // 5. Let metadata be the result of getting the strongest + // metadata from parsedMetadata. + const strongest = getStrongestMetadata(parsedMetadata) + const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest) + + // 6. For each item in metadata: + for (const item of metadata) { + // 1. Let algorithm be the alg component of item. + const algorithm = item.algo + + // 2. Let expectedValue be the val component of item. + const expectedValue = item.hash + + // See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e + // "be liberal with padding". This is annoying, and it's not even in the spec. + + // 3. Let actualValue be the result of applying algorithm to bytes. + let actualValue = crypto.createHash(algorithm).update(bytes).digest('base64') + + if (actualValue[actualValue.length - 1] === '=') { + if (actualValue[actualValue.length - 2] === '=') { + actualValue = actualValue.slice(0, -2) + } else { + actualValue = actualValue.slice(0, -1) + } + } + + // 4. If actualValue is a case-sensitive match for expectedValue, + // return true. + if (compareBase64Mixed(actualValue, expectedValue)) { + return true + } + } + + // 7. Return false. + return false +} + +// https://w3c.github.io/webappsec-subresource-integrity/#grammardef-hash-with-options +// https://www.w3.org/TR/CSP2/#source-list-syntax +// https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1 +const parseHashWithOptions = /(?sha256|sha384|sha512)-((?[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i + +/** + * @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata + * @param {string} metadata + */ +function parseMetadata (metadata) { + // 1. Let result be the empty set. + /** @type {{ algo: string, hash: string }[]} */ + const result = [] + + // 2. Let empty be equal to true. + let empty = true + + // 3. For each token returned by splitting metadata on spaces: + for (const token of metadata.split(' ')) { + // 1. Set empty to false. + empty = false + + // 2. Parse token as a hash-with-options. + const parsedToken = parseHashWithOptions.exec(token) + + // 3. If token does not parse, continue to the next token. + if ( + parsedToken === null || + parsedToken.groups === undefined || + parsedToken.groups.algo === undefined + ) { + // Note: Chromium blocks the request at this point, but Firefox + // gives a warning that an invalid integrity was given. The + // correct behavior is to ignore these, and subsequently not + // check the integrity of the resource. + continue + } + + // 4. Let algorithm be the hash-algo component of token. + const algorithm = parsedToken.groups.algo.toLowerCase() + + // 5. If algorithm is a hash function recognized by the user + // agent, add the parsed token to result. + if (supportedHashes.includes(algorithm)) { + result.push(parsedToken.groups) + } + } + + // 4. Return no metadata if empty is true, otherwise return result. + if (empty === true) { + return 'no metadata' + } + + return result +} + +/** + * @param {{ algo: 'sha256' | 'sha384' | 'sha512' }[]} metadataList + */ +function getStrongestMetadata (metadataList) { + // Let algorithm be the algo component of the first item in metadataList. + // Can be sha256 + let algorithm = metadataList[0].algo + // If the algorithm is sha512, then it is the strongest + // and we can return immediately + if (algorithm[3] === '5') { + return algorithm + } + + for (let i = 1; i < metadataList.length; ++i) { + const metadata = metadataList[i] + // If the algorithm is sha512, then it is the strongest + // and we can break the loop immediately + if (metadata.algo[3] === '5') { + algorithm = 'sha512' + break + // If the algorithm is sha384, then a potential sha256 or sha384 is ignored + } else if (algorithm[3] === '3') { + continue + // algorithm is sha256, check if algorithm is sha384 and if so, set it as + // the strongest + } else if (metadata.algo[3] === '3') { + algorithm = 'sha384' + } + } + return algorithm +} + +function filterMetadataListByAlgorithm (metadataList, algorithm) { + if (metadataList.length === 1) { + return metadataList + } + + let pos = 0 + for (let i = 0; i < metadataList.length; ++i) { + if (metadataList[i].algo === algorithm) { + metadataList[pos++] = metadataList[i] + } + } + + metadataList.length = pos + + return metadataList +} + +/** + * Compares two base64 strings, allowing for base64url + * in the second string. + * +* @param {string} actualValue always base64 + * @param {string} expectedValue base64 or base64url + * @returns {boolean} + */ +function compareBase64Mixed (actualValue, expectedValue) { + if (actualValue.length !== expectedValue.length) { + return false + } + for (let i = 0; i < actualValue.length; ++i) { + if (actualValue[i] !== expectedValue[i]) { + if ( + (actualValue[i] === '+' && expectedValue[i] === '-') || + (actualValue[i] === '/' && expectedValue[i] === '_') + ) { + continue + } + return false + } + } + + return true +} + +// https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request +function tryUpgradeRequestToAPotentiallyTrustworthyURL (request) { + // TODO +} + +/** + * @link {https://html.spec.whatwg.org/multipage/origin.html#same-origin} + * @param {URL} A + * @param {URL} B + */ +function sameOrigin (A, B) { + // 1. If A and B are the same opaque origin, then return true. + if (A.origin === B.origin && A.origin === 'null') { + return true + } + + // 2. If A and B are both tuple origins and their schemes, + // hosts, and port are identical, then return true. + if (A.protocol === B.protocol && A.hostname === B.hostname && A.port === B.port) { + return true + } + + // 3. Return false. + return false +} + +function createDeferredPromise () { + let res + let rej + const promise = new Promise((resolve, reject) => { + res = resolve + rej = reject + }) + + return { promise, resolve: res, reject: rej } +} + +function isAborted (fetchParams) { + return fetchParams.controller.state === 'aborted' +} + +function isCancelled (fetchParams) { + return fetchParams.controller.state === 'aborted' || + fetchParams.controller.state === 'terminated' +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-method-normalize + * @param {string} method + */ +function normalizeMethod (method) { + return normalizedMethodRecordsBase[method.toLowerCase()] ?? method +} + +// https://infra.spec.whatwg.org/#serialize-a-javascript-value-to-a-json-string +function serializeJavascriptValueToJSONString (value) { + // 1. Let result be ? Call(%JSON.stringify%, undefined, « value »). + const result = JSON.stringify(value) + + // 2. If result is undefined, then throw a TypeError. + if (result === undefined) { + throw new TypeError('Value is not JSON serializable') + } + + // 3. Assert: result is a string. + assert(typeof result === 'string') + + // 4. Return result. + return result +} + +// https://tc39.es/ecma262/#sec-%25iteratorprototype%25-object +const esIteratorPrototype = Object.getPrototypeOf(Object.getPrototypeOf([][Symbol.iterator]())) + +/** + * @see https://webidl.spec.whatwg.org/#dfn-iterator-prototype-object + * @param {string} name name of the instance + * @param {symbol} kInternalIterator + * @param {string | number} [keyIndex] + * @param {string | number} [valueIndex] + */ +function createIterator (name, kInternalIterator, keyIndex = 0, valueIndex = 1) { + class FastIterableIterator { + /** @type {any} */ + #target + /** @type {'key' | 'value' | 'key+value'} */ + #kind + /** @type {number} */ + #index + + /** + * @see https://webidl.spec.whatwg.org/#dfn-default-iterator-object + * @param {unknown} target + * @param {'key' | 'value' | 'key+value'} kind + */ + constructor (target, kind) { + this.#target = target + this.#kind = kind + this.#index = 0 + } + + next () { + // 1. Let interface be the interface for which the iterator prototype object exists. + // 2. Let thisValue be the this value. + // 3. Let object be ? ToObject(thisValue). + // 4. If object is a platform object, then perform a security + // check, passing: + // 5. If object is not a default iterator object for interface, + // then throw a TypeError. + if (typeof this !== 'object' || this === null || !(#target in this)) { + throw new TypeError( + `'next' called on an object that does not implement interface ${name} Iterator.` + ) + } + + // 6. Let index be object’s index. + // 7. Let kind be object’s kind. + // 8. Let values be object’s target's value pairs to iterate over. + const index = this.#index + const values = this.#target[kInternalIterator] + + // 9. Let len be the length of values. + const len = values.length + + // 10. If index is greater than or equal to len, then return + // CreateIterResultObject(undefined, true). + if (index >= len) { + return { + value: undefined, + done: true + } + } + + // 11. Let pair be the entry in values at index index. + const { [keyIndex]: key, [valueIndex]: value } = values[index] + + // 12. Set object’s index to index + 1. + this.#index = index + 1 + + // 13. Return the iterator result for pair and kind. + + // https://webidl.spec.whatwg.org/#iterator-result + + // 1. Let result be a value determined by the value of kind: + let result + switch (this.#kind) { + case 'key': + // 1. Let idlKey be pair’s key. + // 2. Let key be the result of converting idlKey to an + // ECMAScript value. + // 3. result is key. + result = key + break + case 'value': + // 1. Let idlValue be pair’s value. + // 2. Let value be the result of converting idlValue to + // an ECMAScript value. + // 3. result is value. + result = value + break + case 'key+value': + // 1. Let idlKey be pair’s key. + // 2. Let idlValue be pair’s value. + // 3. Let key be the result of converting idlKey to an + // ECMAScript value. + // 4. Let value be the result of converting idlValue to + // an ECMAScript value. + // 5. Let array be ! ArrayCreate(2). + // 6. Call ! CreateDataProperty(array, "0", key). + // 7. Call ! CreateDataProperty(array, "1", value). + // 8. result is array. + result = [key, value] + break + } + + // 2. Return CreateIterResultObject(result, false). + return { + value: result, + done: false + } + } + } + + // https://webidl.spec.whatwg.org/#dfn-iterator-prototype-object + // @ts-ignore + delete FastIterableIterator.prototype.constructor + + Object.setPrototypeOf(FastIterableIterator.prototype, esIteratorPrototype) + + Object.defineProperties(FastIterableIterator.prototype, { + [Symbol.toStringTag]: { + writable: false, + enumerable: false, + configurable: true, + value: `${name} Iterator` + }, + next: { writable: true, enumerable: true, configurable: true } + }) + + /** + * @param {unknown} target + * @param {'key' | 'value' | 'key+value'} kind + * @returns {IterableIterator} + */ + return function (target, kind) { + return new FastIterableIterator(target, kind) + } +} + +/** + * @see https://webidl.spec.whatwg.org/#dfn-iterator-prototype-object + * @param {string} name name of the instance + * @param {any} object class + * @param {symbol} kInternalIterator + * @param {string | number} [keyIndex] + * @param {string | number} [valueIndex] + */ +function iteratorMixin (name, object, kInternalIterator, keyIndex = 0, valueIndex = 1) { + const makeIterator = createIterator(name, kInternalIterator, keyIndex, valueIndex) + + const properties = { + keys: { + writable: true, + enumerable: true, + configurable: true, + value: function keys () { + webidl.brandCheck(this, object) + return makeIterator(this, 'key') + } + }, + values: { + writable: true, + enumerable: true, + configurable: true, + value: function values () { + webidl.brandCheck(this, object) + return makeIterator(this, 'value') + } + }, + entries: { + writable: true, + enumerable: true, + configurable: true, + value: function entries () { + webidl.brandCheck(this, object) + return makeIterator(this, 'key+value') + } + }, + forEach: { + writable: true, + enumerable: true, + configurable: true, + value: function forEach (callbackfn, thisArg = globalThis) { + webidl.brandCheck(this, object) + webidl.argumentLengthCheck(arguments, 1, `${name}.forEach`) + if (typeof callbackfn !== 'function') { + throw new TypeError( + `Failed to execute 'forEach' on '${name}': parameter 1 is not of type 'Function'.` + ) + } + for (const { 0: key, 1: value } of makeIterator(this, 'key+value')) { + callbackfn.call(thisArg, value, key, this) + } + } + } + } + + return Object.defineProperties(object.prototype, { + ...properties, + [Symbol.iterator]: { + writable: true, + enumerable: false, + configurable: true, + value: properties.entries.value + } + }) +} + +/** + * @see https://fetch.spec.whatwg.org/#body-fully-read + */ +async function fullyReadBody (body, processBody, processBodyError) { + // 1. If taskDestination is null, then set taskDestination to + // the result of starting a new parallel queue. + + // 2. Let successSteps given a byte sequence bytes be to queue a + // fetch task to run processBody given bytes, with taskDestination. + const successSteps = processBody + + // 3. Let errorSteps be to queue a fetch task to run processBodyError, + // with taskDestination. + const errorSteps = processBodyError + + // 4. Let reader be the result of getting a reader for body’s stream. + // If that threw an exception, then run errorSteps with that + // exception and return. + let reader + + try { + reader = body.stream.getReader() + } catch (e) { + errorSteps(e) + return + } + + // 5. Read all bytes from reader, given successSteps and errorSteps. + try { + successSteps(await readAllBytes(reader)) + } catch (e) { + errorSteps(e) + } +} + +function isReadableStreamLike (stream) { + return stream instanceof ReadableStream || ( + stream[Symbol.toStringTag] === 'ReadableStream' && + typeof stream.tee === 'function' + ) +} + +/** + * @param {ReadableStreamController} controller + */ +function readableStreamClose (controller) { + try { + controller.close() + controller.byobRequest?.respond(0) + } catch (err) { + // TODO: add comment explaining why this error occurs. + if (!err.message.includes('Controller is already closed') && !err.message.includes('ReadableStream is already closed')) { + throw err + } + } +} + +const invalidIsomorphicEncodeValueRegex = /[^\x00-\xFF]/ // eslint-disable-line + +/** + * @see https://infra.spec.whatwg.org/#isomorphic-encode + * @param {string} input + */ +function isomorphicEncode (input) { + // 1. Assert: input contains no code points greater than U+00FF. + assert(!invalidIsomorphicEncodeValueRegex.test(input)) + + // 2. Return a byte sequence whose length is equal to input’s code + // point length and whose bytes have the same values as the + // values of input’s code points, in the same order + return input +} + +/** + * @see https://streams.spec.whatwg.org/#readablestreamdefaultreader-read-all-bytes + * @see https://streams.spec.whatwg.org/#read-loop + * @param {ReadableStreamDefaultReader} reader + */ +async function readAllBytes (reader) { + const bytes = [] + let byteLength = 0 + + while (true) { + const { done, value: chunk } = await reader.read() + + if (done) { + // 1. Call successSteps with bytes. + return Buffer.concat(bytes, byteLength) + } + + // 1. If chunk is not a Uint8Array object, call failureSteps + // with a TypeError and abort these steps. + if (!isUint8Array(chunk)) { + throw new TypeError('Received non-Uint8Array chunk') + } + + // 2. Append the bytes represented by chunk to bytes. + bytes.push(chunk) + byteLength += chunk.length + + // 3. Read-loop given reader, bytes, successSteps, and failureSteps. + } +} + +/** + * @see https://fetch.spec.whatwg.org/#is-local + * @param {URL} url + */ +function urlIsLocal (url) { + assert('protocol' in url) // ensure it's a url object + + const protocol = url.protocol + + return protocol === 'about:' || protocol === 'blob:' || protocol === 'data:' +} + +/** + * @param {string|URL} url + * @returns {boolean} + */ +function urlHasHttpsScheme (url) { + return ( + ( + typeof url === 'string' && + url[5] === ':' && + url[0] === 'h' && + url[1] === 't' && + url[2] === 't' && + url[3] === 'p' && + url[4] === 's' + ) || + url.protocol === 'https:' + ) +} + +/** + * @see https://fetch.spec.whatwg.org/#http-scheme + * @param {URL} url + */ +function urlIsHttpHttpsScheme (url) { + assert('protocol' in url) // ensure it's a url object + + const protocol = url.protocol + + return protocol === 'http:' || protocol === 'https:' +} + +/** + * @see https://fetch.spec.whatwg.org/#simple-range-header-value + * @param {string} value + * @param {boolean} allowWhitespace + */ +function simpleRangeHeaderValue (value, allowWhitespace) { + // 1. Let data be the isomorphic decoding of value. + // Note: isomorphic decoding takes a sequence of bytes (ie. a Uint8Array) and turns it into a string, + // nothing more. We obviously don't need to do that if value is a string already. + const data = value + + // 2. If data does not start with "bytes", then return failure. + if (!data.startsWith('bytes')) { + return 'failure' + } + + // 3. Let position be a position variable for data, initially pointing at the 5th code point of data. + const position = { position: 5 } + + // 4. If allowWhitespace is true, collect a sequence of code points that are HTTP tab or space, + // from data given position. + if (allowWhitespace) { + collectASequenceOfCodePoints( + (char) => char === '\t' || char === ' ', + data, + position + ) + } + + // 5. If the code point at position within data is not U+003D (=), then return failure. + if (data.charCodeAt(position.position) !== 0x3D) { + return 'failure' + } + + // 6. Advance position by 1. + position.position++ + + // 7. If allowWhitespace is true, collect a sequence of code points that are HTTP tab or space, from + // data given position. + if (allowWhitespace) { + collectASequenceOfCodePoints( + (char) => char === '\t' || char === ' ', + data, + position + ) + } + + // 8. Let rangeStart be the result of collecting a sequence of code points that are ASCII digits, + // from data given position. + const rangeStart = collectASequenceOfCodePoints( + (char) => { + const code = char.charCodeAt(0) + + return code >= 0x30 && code <= 0x39 + }, + data, + position + ) + + // 9. Let rangeStartValue be rangeStart, interpreted as decimal number, if rangeStart is not the + // empty string; otherwise null. + const rangeStartValue = rangeStart.length ? Number(rangeStart) : null + + // 10. If allowWhitespace is true, collect a sequence of code points that are HTTP tab or space, + // from data given position. + if (allowWhitespace) { + collectASequenceOfCodePoints( + (char) => char === '\t' || char === ' ', + data, + position + ) + } + + // 11. If the code point at position within data is not U+002D (-), then return failure. + if (data.charCodeAt(position.position) !== 0x2D) { + return 'failure' + } + + // 12. Advance position by 1. + position.position++ + + // 13. If allowWhitespace is true, collect a sequence of code points that are HTTP tab + // or space, from data given position. + // Note from Khafra: its the same step as in #8 again lol + if (allowWhitespace) { + collectASequenceOfCodePoints( + (char) => char === '\t' || char === ' ', + data, + position + ) + } + + // 14. Let rangeEnd be the result of collecting a sequence of code points that are + // ASCII digits, from data given position. + // Note from Khafra: you wouldn't guess it, but this is also the same step as #8 + const rangeEnd = collectASequenceOfCodePoints( + (char) => { + const code = char.charCodeAt(0) + + return code >= 0x30 && code <= 0x39 + }, + data, + position + ) + + // 15. Let rangeEndValue be rangeEnd, interpreted as decimal number, if rangeEnd + // is not the empty string; otherwise null. + // Note from Khafra: THE SAME STEP, AGAIN!!! + // Note: why interpret as a decimal if we only collect ascii digits? + const rangeEndValue = rangeEnd.length ? Number(rangeEnd) : null + + // 16. If position is not past the end of data, then return failure. + if (position.position < data.length) { + return 'failure' + } + + // 17. If rangeEndValue and rangeStartValue are null, then return failure. + if (rangeEndValue === null && rangeStartValue === null) { + return 'failure' + } + + // 18. If rangeStartValue and rangeEndValue are numbers, and rangeStartValue is + // greater than rangeEndValue, then return failure. + // Note: ... when can they not be numbers? + if (rangeStartValue > rangeEndValue) { + return 'failure' + } + + // 19. Return (rangeStartValue, rangeEndValue). + return { rangeStartValue, rangeEndValue } +} + +/** + * @see https://fetch.spec.whatwg.org/#build-a-content-range + * @param {number} rangeStart + * @param {number} rangeEnd + * @param {number} fullLength + */ +function buildContentRange (rangeStart, rangeEnd, fullLength) { + // 1. Let contentRange be `bytes `. + let contentRange = 'bytes ' + + // 2. Append rangeStart, serialized and isomorphic encoded, to contentRange. + contentRange += isomorphicEncode(`${rangeStart}`) + + // 3. Append 0x2D (-) to contentRange. + contentRange += '-' + + // 4. Append rangeEnd, serialized and isomorphic encoded to contentRange. + contentRange += isomorphicEncode(`${rangeEnd}`) + + // 5. Append 0x2F (/) to contentRange. + contentRange += '/' + + // 6. Append fullLength, serialized and isomorphic encoded to contentRange. + contentRange += isomorphicEncode(`${fullLength}`) + + // 7. Return contentRange. + return contentRange +} + +// A Stream, which pipes the response to zlib.createInflate() or +// zlib.createInflateRaw() depending on the first byte of the Buffer. +// If the lower byte of the first byte is 0x08, then the stream is +// interpreted as a zlib stream, otherwise it's interpreted as a +// raw deflate stream. +class InflateStream extends Transform { + #zlibOptions + + /** @param {zlib.ZlibOptions} [zlibOptions] */ + constructor (zlibOptions) { + super() + this.#zlibOptions = zlibOptions + } + + _transform (chunk, encoding, callback) { + if (!this._inflateStream) { + if (chunk.length === 0) { + callback() + return + } + this._inflateStream = (chunk[0] & 0x0F) === 0x08 + ? zlib.createInflate(this.#zlibOptions) + : zlib.createInflateRaw(this.#zlibOptions) + + this._inflateStream.on('data', this.push.bind(this)) + this._inflateStream.on('end', () => this.push(null)) + this._inflateStream.on('error', (err) => this.destroy(err)) + } + + this._inflateStream.write(chunk, encoding, callback) + } + + _final (callback) { + if (this._inflateStream) { + this._inflateStream.end() + this._inflateStream = null + } + callback() + } +} + +/** + * @param {zlib.ZlibOptions} [zlibOptions] + * @returns {InflateStream} + */ +function createInflate (zlibOptions) { + return new InflateStream(zlibOptions) +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-header-extract-mime-type + * @param {import('./headers').HeadersList} headers + */ +function extractMimeType (headers) { + // 1. Let charset be null. + let charset = null + + // 2. Let essence be null. + let essence = null + + // 3. Let mimeType be null. + let mimeType = null + + // 4. Let values be the result of getting, decoding, and splitting `Content-Type` from headers. + const values = getDecodeSplit('content-type', headers) + + // 5. If values is null, then return failure. + if (values === null) { + return 'failure' + } + + // 6. For each value of values: + for (const value of values) { + // 6.1. Let temporaryMimeType be the result of parsing value. + const temporaryMimeType = parseMIMEType(value) + + // 6.2. If temporaryMimeType is failure or its essence is "*/*", then continue. + if (temporaryMimeType === 'failure' || temporaryMimeType.essence === '*/*') { + continue + } + + // 6.3. Set mimeType to temporaryMimeType. + mimeType = temporaryMimeType + + // 6.4. If mimeType’s essence is not essence, then: + if (mimeType.essence !== essence) { + // 6.4.1. Set charset to null. + charset = null + + // 6.4.2. If mimeType’s parameters["charset"] exists, then set charset to + // mimeType’s parameters["charset"]. + if (mimeType.parameters.has('charset')) { + charset = mimeType.parameters.get('charset') + } + + // 6.4.3. Set essence to mimeType’s essence. + essence = mimeType.essence + } else if (!mimeType.parameters.has('charset') && charset !== null) { + // 6.5. Otherwise, if mimeType’s parameters["charset"] does not exist, and + // charset is non-null, set mimeType’s parameters["charset"] to charset. + mimeType.parameters.set('charset', charset) + } + } + + // 7. If mimeType is null, then return failure. + if (mimeType == null) { + return 'failure' + } + + // 8. Return mimeType. + return mimeType +} + +/** + * @see https://fetch.spec.whatwg.org/#header-value-get-decode-and-split + * @param {string|null} value + */ +function gettingDecodingSplitting (value) { + // 1. Let input be the result of isomorphic decoding value. + const input = value + + // 2. Let position be a position variable for input, initially pointing at the start of input. + const position = { position: 0 } + + // 3. Let values be a list of strings, initially empty. + const values = [] + + // 4. Let temporaryValue be the empty string. + let temporaryValue = '' + + // 5. While position is not past the end of input: + while (position.position < input.length) { + // 5.1. Append the result of collecting a sequence of code points that are not U+0022 (") + // or U+002C (,) from input, given position, to temporaryValue. + temporaryValue += collectASequenceOfCodePoints( + (char) => char !== '"' && char !== ',', + input, + position + ) + + // 5.2. If position is not past the end of input, then: + if (position.position < input.length) { + // 5.2.1. If the code point at position within input is U+0022 ("), then: + if (input.charCodeAt(position.position) === 0x22) { + // 5.2.1.1. Append the result of collecting an HTTP quoted string from input, given position, to temporaryValue. + temporaryValue += collectAnHTTPQuotedString( + input, + position + ) + + // 5.2.1.2. If position is not past the end of input, then continue. + if (position.position < input.length) { + continue + } + } else { + // 5.2.2. Otherwise: + + // 5.2.2.1. Assert: the code point at position within input is U+002C (,). + assert(input.charCodeAt(position.position) === 0x2C) + + // 5.2.2.2. Advance position by 1. + position.position++ + } + } + + // 5.3. Remove all HTTP tab or space from the start and end of temporaryValue. + temporaryValue = removeChars(temporaryValue, true, true, (char) => char === 0x9 || char === 0x20) + + // 5.4. Append temporaryValue to values. + values.push(temporaryValue) + + // 5.6. Set temporaryValue to the empty string. + temporaryValue = '' + } + + // 6. Return values. + return values +} + +/** + * @see https://fetch.spec.whatwg.org/#concept-header-list-get-decode-split + * @param {string} name lowercase header name + * @param {import('./headers').HeadersList} list + */ +function getDecodeSplit (name, list) { + // 1. Let value be the result of getting name from list. + const value = list.get(name, true) + + // 2. If value is null, then return null. + if (value === null) { + return null + } + + // 3. Return the result of getting, decoding, and splitting value. + return gettingDecodingSplitting(value) +} + +const textDecoder = new TextDecoder() + +/** + * @see https://encoding.spec.whatwg.org/#utf-8-decode + * @param {Buffer} buffer + */ +function utf8DecodeBytes (buffer) { + if (buffer.length === 0) { + return '' + } + + // 1. Let buffer be the result of peeking three bytes from + // ioQueue, converted to a byte sequence. + + // 2. If buffer is 0xEF 0xBB 0xBF, then read three + // bytes from ioQueue. (Do nothing with those bytes.) + if (buffer[0] === 0xEF && buffer[1] === 0xBB && buffer[2] === 0xBF) { + buffer = buffer.subarray(3) + } + + // 3. Process a queue with an instance of UTF-8’s + // decoder, ioQueue, output, and "replacement". + const output = textDecoder.decode(buffer) + + // 4. Return output. + return output +} + +class EnvironmentSettingsObjectBase { + get baseUrl () { + return getGlobalOrigin() + } + + get origin () { + return this.baseUrl?.origin + } + + policyContainer = makePolicyContainer() +} + +class EnvironmentSettingsObject { + settingsObject = new EnvironmentSettingsObjectBase() +} + +const environmentSettingsObject = new EnvironmentSettingsObject() + +module.exports = { + isAborted, + isCancelled, + isValidEncodedURL, + createDeferredPromise, + ReadableStreamFrom, + tryUpgradeRequestToAPotentiallyTrustworthyURL, + clampAndCoarsenConnectionTimingInfo, + coarsenedSharedCurrentTime, + determineRequestsReferrer, + makePolicyContainer, + clonePolicyContainer, + appendFetchMetadata, + appendRequestOriginHeader, + TAOCheck, + corsCheck, + crossOriginResourcePolicyCheck, + createOpaqueTimingInfo, + setRequestReferrerPolicyOnRedirect, + isValidHTTPToken, + requestBadPort, + requestCurrentURL, + responseURL, + responseLocationURL, + isBlobLike, + isURLPotentiallyTrustworthy, + isValidReasonPhrase, + sameOrigin, + normalizeMethod, + serializeJavascriptValueToJSONString, + iteratorMixin, + createIterator, + isValidHeaderName, + isValidHeaderValue, + isErrorLike, + fullyReadBody, + bytesMatch, + isReadableStreamLike, + readableStreamClose, + isomorphicEncode, + urlIsLocal, + urlHasHttpsScheme, + urlIsHttpHttpsScheme, + readAllBytes, + simpleRangeHeaderValue, + buildContentRange, + parseMetadata, + createInflate, + extractMimeType, + getDecodeSplit, + utf8DecodeBytes, + environmentSettingsObject +} + + +/***/ }), + +/***/ 5893: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { types, inspect } = __nccwpck_require__(7975) +const { markAsUncloneable } = __nccwpck_require__(5919) +const { toUSVString } = __nccwpck_require__(3440) + +/** @type {import('../../../types/webidl').Webidl} */ +const webidl = {} +webidl.converters = {} +webidl.util = {} +webidl.errors = {} + +webidl.errors.exception = function (message) { + return new TypeError(`${message.header}: ${message.message}`) +} + +webidl.errors.conversionFailed = function (context) { + const plural = context.types.length === 1 ? '' : ' one of' + const message = + `${context.argument} could not be converted to` + + `${plural}: ${context.types.join(', ')}.` + + return webidl.errors.exception({ + header: context.prefix, + message + }) +} + +webidl.errors.invalidArgument = function (context) { + return webidl.errors.exception({ + header: context.prefix, + message: `"${context.value}" is an invalid ${context.type}.` + }) +} + +// https://webidl.spec.whatwg.org/#implements +webidl.brandCheck = function (V, I, opts) { + if (opts?.strict !== false) { + if (!(V instanceof I)) { + const err = new TypeError('Illegal invocation') + err.code = 'ERR_INVALID_THIS' // node compat. + throw err + } + } else { + if (V?.[Symbol.toStringTag] !== I.prototype[Symbol.toStringTag]) { + const err = new TypeError('Illegal invocation') + err.code = 'ERR_INVALID_THIS' // node compat. + throw err + } + } +} + +webidl.argumentLengthCheck = function ({ length }, min, ctx) { + if (length < min) { + throw webidl.errors.exception({ + message: `${min} argument${min !== 1 ? 's' : ''} required, ` + + `but${length ? ' only' : ''} ${length} found.`, + header: ctx + }) + } +} + +webidl.illegalConstructor = function () { + throw webidl.errors.exception({ + header: 'TypeError', + message: 'Illegal constructor' + }) +} + +// https://tc39.es/ecma262/#sec-ecmascript-data-types-and-values +webidl.util.Type = function (V) { + switch (typeof V) { + case 'undefined': return 'Undefined' + case 'boolean': return 'Boolean' + case 'string': return 'String' + case 'symbol': return 'Symbol' + case 'number': return 'Number' + case 'bigint': return 'BigInt' + case 'function': + case 'object': { + if (V === null) { + return 'Null' + } + + return 'Object' + } + } +} + +webidl.util.markAsUncloneable = markAsUncloneable || (() => {}) +// https://webidl.spec.whatwg.org/#abstract-opdef-converttoint +webidl.util.ConvertToInt = function (V, bitLength, signedness, opts) { + let upperBound + let lowerBound + + // 1. If bitLength is 64, then: + if (bitLength === 64) { + // 1. Let upperBound be 2^53 − 1. + upperBound = Math.pow(2, 53) - 1 + + // 2. If signedness is "unsigned", then let lowerBound be 0. + if (signedness === 'unsigned') { + lowerBound = 0 + } else { + // 3. Otherwise let lowerBound be −2^53 + 1. + lowerBound = Math.pow(-2, 53) + 1 + } + } else if (signedness === 'unsigned') { + // 2. Otherwise, if signedness is "unsigned", then: + + // 1. Let lowerBound be 0. + lowerBound = 0 + + // 2. Let upperBound be 2^bitLength − 1. + upperBound = Math.pow(2, bitLength) - 1 + } else { + // 3. Otherwise: + + // 1. Let lowerBound be -2^bitLength − 1. + lowerBound = Math.pow(-2, bitLength) - 1 + + // 2. Let upperBound be 2^bitLength − 1 − 1. + upperBound = Math.pow(2, bitLength - 1) - 1 + } + + // 4. Let x be ? ToNumber(V). + let x = Number(V) + + // 5. If x is −0, then set x to +0. + if (x === 0) { + x = 0 + } + + // 6. If the conversion is to an IDL type associated + // with the [EnforceRange] extended attribute, then: + if (opts?.enforceRange === true) { + // 1. If x is NaN, +∞, or −∞, then throw a TypeError. + if ( + Number.isNaN(x) || + x === Number.POSITIVE_INFINITY || + x === Number.NEGATIVE_INFINITY + ) { + throw webidl.errors.exception({ + header: 'Integer conversion', + message: `Could not convert ${webidl.util.Stringify(V)} to an integer.` + }) + } + + // 2. Set x to IntegerPart(x). + x = webidl.util.IntegerPart(x) + + // 3. If x < lowerBound or x > upperBound, then + // throw a TypeError. + if (x < lowerBound || x > upperBound) { + throw webidl.errors.exception({ + header: 'Integer conversion', + message: `Value must be between ${lowerBound}-${upperBound}, got ${x}.` + }) + } + + // 4. Return x. + return x + } + + // 7. If x is not NaN and the conversion is to an IDL + // type associated with the [Clamp] extended + // attribute, then: + if (!Number.isNaN(x) && opts?.clamp === true) { + // 1. Set x to min(max(x, lowerBound), upperBound). + x = Math.min(Math.max(x, lowerBound), upperBound) + + // 2. Round x to the nearest integer, choosing the + // even integer if it lies halfway between two, + // and choosing +0 rather than −0. + if (Math.floor(x) % 2 === 0) { + x = Math.floor(x) + } else { + x = Math.ceil(x) + } + + // 3. Return x. + return x + } + + // 8. If x is NaN, +0, +∞, or −∞, then return +0. + if ( + Number.isNaN(x) || + (x === 0 && Object.is(0, x)) || + x === Number.POSITIVE_INFINITY || + x === Number.NEGATIVE_INFINITY + ) { + return 0 + } + + // 9. Set x to IntegerPart(x). + x = webidl.util.IntegerPart(x) + + // 10. Set x to x modulo 2^bitLength. + x = x % Math.pow(2, bitLength) + + // 11. If signedness is "signed" and x ≥ 2^bitLength − 1, + // then return x − 2^bitLength. + if (signedness === 'signed' && x >= Math.pow(2, bitLength) - 1) { + return x - Math.pow(2, bitLength) + } + + // 12. Otherwise, return x. + return x +} + +// https://webidl.spec.whatwg.org/#abstract-opdef-integerpart +webidl.util.IntegerPart = function (n) { + // 1. Let r be floor(abs(n)). + const r = Math.floor(Math.abs(n)) + + // 2. If n < 0, then return -1 × r. + if (n < 0) { + return -1 * r + } + + // 3. Otherwise, return r. + return r +} + +webidl.util.Stringify = function (V) { + const type = webidl.util.Type(V) + + switch (type) { + case 'Symbol': + return `Symbol(${V.description})` + case 'Object': + return inspect(V) + case 'String': + return `"${V}"` + default: + return `${V}` + } +} + +// https://webidl.spec.whatwg.org/#es-sequence +webidl.sequenceConverter = function (converter) { + return (V, prefix, argument, Iterable) => { + // 1. If Type(V) is not Object, throw a TypeError. + if (webidl.util.Type(V) !== 'Object') { + throw webidl.errors.exception({ + header: prefix, + message: `${argument} (${webidl.util.Stringify(V)}) is not iterable.` + }) + } + + // 2. Let method be ? GetMethod(V, @@iterator). + /** @type {Generator} */ + const method = typeof Iterable === 'function' ? Iterable() : V?.[Symbol.iterator]?.() + const seq = [] + let index = 0 + + // 3. If method is undefined, throw a TypeError. + if ( + method === undefined || + typeof method.next !== 'function' + ) { + throw webidl.errors.exception({ + header: prefix, + message: `${argument} is not iterable.` + }) + } + + // https://webidl.spec.whatwg.org/#create-sequence-from-iterable + while (true) { + const { done, value } = method.next() + + if (done) { + break + } + + seq.push(converter(value, prefix, `${argument}[${index++}]`)) + } + + return seq + } +} + +// https://webidl.spec.whatwg.org/#es-to-record +webidl.recordConverter = function (keyConverter, valueConverter) { + return (O, prefix, argument) => { + // 1. If Type(O) is not Object, throw a TypeError. + if (webidl.util.Type(O) !== 'Object') { + throw webidl.errors.exception({ + header: prefix, + message: `${argument} ("${webidl.util.Type(O)}") is not an Object.` + }) + } + + // 2. Let result be a new empty instance of record. + const result = {} + + if (!types.isProxy(O)) { + // 1. Let desc be ? O.[[GetOwnProperty]](key). + const keys = [...Object.getOwnPropertyNames(O), ...Object.getOwnPropertySymbols(O)] + + for (const key of keys) { + // 1. Let typedKey be key converted to an IDL value of type K. + const typedKey = keyConverter(key, prefix, argument) + + // 2. Let value be ? Get(O, key). + // 3. Let typedValue be value converted to an IDL value of type V. + const typedValue = valueConverter(O[key], prefix, argument) + + // 4. Set result[typedKey] to typedValue. + result[typedKey] = typedValue + } + + // 5. Return result. + return result + } + + // 3. Let keys be ? O.[[OwnPropertyKeys]](). + const keys = Reflect.ownKeys(O) + + // 4. For each key of keys. + for (const key of keys) { + // 1. Let desc be ? O.[[GetOwnProperty]](key). + const desc = Reflect.getOwnPropertyDescriptor(O, key) + + // 2. If desc is not undefined and desc.[[Enumerable]] is true: + if (desc?.enumerable) { + // 1. Let typedKey be key converted to an IDL value of type K. + const typedKey = keyConverter(key, prefix, argument) + + // 2. Let value be ? Get(O, key). + // 3. Let typedValue be value converted to an IDL value of type V. + const typedValue = valueConverter(O[key], prefix, argument) + + // 4. Set result[typedKey] to typedValue. + result[typedKey] = typedValue + } + } + + // 5. Return result. + return result + } +} + +webidl.interfaceConverter = function (i) { + return (V, prefix, argument, opts) => { + if (opts?.strict !== false && !(V instanceof i)) { + throw webidl.errors.exception({ + header: prefix, + message: `Expected ${argument} ("${webidl.util.Stringify(V)}") to be an instance of ${i.name}.` + }) + } + + return V + } +} + +webidl.dictionaryConverter = function (converters) { + return (dictionary, prefix, argument) => { + const type = webidl.util.Type(dictionary) + const dict = {} + + if (type === 'Null' || type === 'Undefined') { + return dict + } else if (type !== 'Object') { + throw webidl.errors.exception({ + header: prefix, + message: `Expected ${dictionary} to be one of: Null, Undefined, Object.` + }) + } + + for (const options of converters) { + const { key, defaultValue, required, converter } = options + + if (required === true) { + if (!Object.hasOwn(dictionary, key)) { + throw webidl.errors.exception({ + header: prefix, + message: `Missing required key "${key}".` + }) + } + } + + let value = dictionary[key] + const hasDefault = Object.hasOwn(options, 'defaultValue') + + // Only use defaultValue if value is undefined and + // a defaultValue options was provided. + if (hasDefault && value !== null) { + value ??= defaultValue() + } + + // A key can be optional and have no default value. + // When this happens, do not perform a conversion, + // and do not assign the key a value. + if (required || hasDefault || value !== undefined) { + value = converter(value, prefix, `${argument}.${key}`) + + if ( + options.allowedValues && + !options.allowedValues.includes(value) + ) { + throw webidl.errors.exception({ + header: prefix, + message: `${value} is not an accepted type. Expected one of ${options.allowedValues.join(', ')}.` + }) + } + + dict[key] = value + } + } + + return dict + } +} + +webidl.nullableConverter = function (converter) { + return (V, prefix, argument) => { + if (V === null) { + return V + } + + return converter(V, prefix, argument) + } +} + +// https://webidl.spec.whatwg.org/#es-DOMString +webidl.converters.DOMString = function (V, prefix, argument, opts) { + // 1. If V is null and the conversion is to an IDL type + // associated with the [LegacyNullToEmptyString] + // extended attribute, then return the DOMString value + // that represents the empty string. + if (V === null && opts?.legacyNullToEmptyString) { + return '' + } + + // 2. Let x be ? ToString(V). + if (typeof V === 'symbol') { + throw webidl.errors.exception({ + header: prefix, + message: `${argument} is a symbol, which cannot be converted to a DOMString.` + }) + } + + // 3. Return the IDL DOMString value that represents the + // same sequence of code units as the one the + // ECMAScript String value x represents. + return String(V) +} + +// https://webidl.spec.whatwg.org/#es-ByteString +webidl.converters.ByteString = function (V, prefix, argument) { + // 1. Let x be ? ToString(V). + // Note: DOMString converter perform ? ToString(V) + const x = webidl.converters.DOMString(V, prefix, argument) + + // 2. If the value of any element of x is greater than + // 255, then throw a TypeError. + for (let index = 0; index < x.length; index++) { + if (x.charCodeAt(index) > 255) { + throw new TypeError( + 'Cannot convert argument to a ByteString because the character at ' + + `index ${index} has a value of ${x.charCodeAt(index)} which is greater than 255.` + ) + } + } + + // 3. Return an IDL ByteString value whose length is the + // length of x, and where the value of each element is + // the value of the corresponding element of x. + return x +} + +// https://webidl.spec.whatwg.org/#es-USVString +// TODO: rewrite this so we can control the errors thrown +webidl.converters.USVString = toUSVString + +// https://webidl.spec.whatwg.org/#es-boolean +webidl.converters.boolean = function (V) { + // 1. Let x be the result of computing ToBoolean(V). + const x = Boolean(V) + + // 2. Return the IDL boolean value that is the one that represents + // the same truth value as the ECMAScript Boolean value x. + return x +} + +// https://webidl.spec.whatwg.org/#es-any +webidl.converters.any = function (V) { + return V +} + +// https://webidl.spec.whatwg.org/#es-long-long +webidl.converters['long long'] = function (V, prefix, argument) { + // 1. Let x be ? ConvertToInt(V, 64, "signed"). + const x = webidl.util.ConvertToInt(V, 64, 'signed', undefined, prefix, argument) + + // 2. Return the IDL long long value that represents + // the same numeric value as x. + return x +} + +// https://webidl.spec.whatwg.org/#es-unsigned-long-long +webidl.converters['unsigned long long'] = function (V, prefix, argument) { + // 1. Let x be ? ConvertToInt(V, 64, "unsigned"). + const x = webidl.util.ConvertToInt(V, 64, 'unsigned', undefined, prefix, argument) + + // 2. Return the IDL unsigned long long value that + // represents the same numeric value as x. + return x +} + +// https://webidl.spec.whatwg.org/#es-unsigned-long +webidl.converters['unsigned long'] = function (V, prefix, argument) { + // 1. Let x be ? ConvertToInt(V, 32, "unsigned"). + const x = webidl.util.ConvertToInt(V, 32, 'unsigned', undefined, prefix, argument) + + // 2. Return the IDL unsigned long value that + // represents the same numeric value as x. + return x +} + +// https://webidl.spec.whatwg.org/#es-unsigned-short +webidl.converters['unsigned short'] = function (V, prefix, argument, opts) { + // 1. Let x be ? ConvertToInt(V, 16, "unsigned"). + const x = webidl.util.ConvertToInt(V, 16, 'unsigned', opts, prefix, argument) + + // 2. Return the IDL unsigned short value that represents + // the same numeric value as x. + return x +} + +// https://webidl.spec.whatwg.org/#idl-ArrayBuffer +webidl.converters.ArrayBuffer = function (V, prefix, argument, opts) { + // 1. If Type(V) is not Object, or V does not have an + // [[ArrayBufferData]] internal slot, then throw a + // TypeError. + // see: https://tc39.es/ecma262/#sec-properties-of-the-arraybuffer-instances + // see: https://tc39.es/ecma262/#sec-properties-of-the-sharedarraybuffer-instances + if ( + webidl.util.Type(V) !== 'Object' || + !types.isAnyArrayBuffer(V) + ) { + throw webidl.errors.conversionFailed({ + prefix, + argument: `${argument} ("${webidl.util.Stringify(V)}")`, + types: ['ArrayBuffer'] + }) + } + + // 2. If the conversion is not to an IDL type associated + // with the [AllowShared] extended attribute, and + // IsSharedArrayBuffer(V) is true, then throw a + // TypeError. + if (opts?.allowShared === false && types.isSharedArrayBuffer(V)) { + throw webidl.errors.exception({ + header: 'ArrayBuffer', + message: 'SharedArrayBuffer is not allowed.' + }) + } + + // 3. If the conversion is not to an IDL type associated + // with the [AllowResizable] extended attribute, and + // IsResizableArrayBuffer(V) is true, then throw a + // TypeError. + if (V.resizable || V.growable) { + throw webidl.errors.exception({ + header: 'ArrayBuffer', + message: 'Received a resizable ArrayBuffer.' + }) + } + + // 4. Return the IDL ArrayBuffer value that is a + // reference to the same object as V. + return V +} + +webidl.converters.TypedArray = function (V, T, prefix, name, opts) { + // 1. Let T be the IDL type V is being converted to. + + // 2. If Type(V) is not Object, or V does not have a + // [[TypedArrayName]] internal slot with a value + // equal to T’s name, then throw a TypeError. + if ( + webidl.util.Type(V) !== 'Object' || + !types.isTypedArray(V) || + V.constructor.name !== T.name + ) { + throw webidl.errors.conversionFailed({ + prefix, + argument: `${name} ("${webidl.util.Stringify(V)}")`, + types: [T.name] + }) + } + + // 3. If the conversion is not to an IDL type associated + // with the [AllowShared] extended attribute, and + // IsSharedArrayBuffer(V.[[ViewedArrayBuffer]]) is + // true, then throw a TypeError. + if (opts?.allowShared === false && types.isSharedArrayBuffer(V.buffer)) { + throw webidl.errors.exception({ + header: 'ArrayBuffer', + message: 'SharedArrayBuffer is not allowed.' + }) + } + + // 4. If the conversion is not to an IDL type associated + // with the [AllowResizable] extended attribute, and + // IsResizableArrayBuffer(V.[[ViewedArrayBuffer]]) is + // true, then throw a TypeError. + if (V.buffer.resizable || V.buffer.growable) { + throw webidl.errors.exception({ + header: 'ArrayBuffer', + message: 'Received a resizable ArrayBuffer.' + }) + } + + // 5. Return the IDL value of type T that is a reference + // to the same object as V. + return V +} + +webidl.converters.DataView = function (V, prefix, name, opts) { + // 1. If Type(V) is not Object, or V does not have a + // [[DataView]] internal slot, then throw a TypeError. + if (webidl.util.Type(V) !== 'Object' || !types.isDataView(V)) { + throw webidl.errors.exception({ + header: prefix, + message: `${name} is not a DataView.` + }) + } + + // 2. If the conversion is not to an IDL type associated + // with the [AllowShared] extended attribute, and + // IsSharedArrayBuffer(V.[[ViewedArrayBuffer]]) is true, + // then throw a TypeError. + if (opts?.allowShared === false && types.isSharedArrayBuffer(V.buffer)) { + throw webidl.errors.exception({ + header: 'ArrayBuffer', + message: 'SharedArrayBuffer is not allowed.' + }) + } + + // 3. If the conversion is not to an IDL type associated + // with the [AllowResizable] extended attribute, and + // IsResizableArrayBuffer(V.[[ViewedArrayBuffer]]) is + // true, then throw a TypeError. + if (V.buffer.resizable || V.buffer.growable) { + throw webidl.errors.exception({ + header: 'ArrayBuffer', + message: 'Received a resizable ArrayBuffer.' + }) + } + + // 4. Return the IDL DataView value that is a reference + // to the same object as V. + return V +} + +// https://webidl.spec.whatwg.org/#BufferSource +webidl.converters.BufferSource = function (V, prefix, name, opts) { + if (types.isAnyArrayBuffer(V)) { + return webidl.converters.ArrayBuffer(V, prefix, name, { ...opts, allowShared: false }) + } + + if (types.isTypedArray(V)) { + return webidl.converters.TypedArray(V, V.constructor, prefix, name, { ...opts, allowShared: false }) + } + + if (types.isDataView(V)) { + return webidl.converters.DataView(V, prefix, name, { ...opts, allowShared: false }) + } + + throw webidl.errors.conversionFailed({ + prefix, + argument: `${name} ("${webidl.util.Stringify(V)}")`, + types: ['BufferSource'] + }) +} + +webidl.converters['sequence'] = webidl.sequenceConverter( + webidl.converters.ByteString +) + +webidl.converters['sequence>'] = webidl.sequenceConverter( + webidl.converters['sequence'] +) + +webidl.converters['record'] = webidl.recordConverter( + webidl.converters.ByteString, + webidl.converters.ByteString +) + +module.exports = { + webidl +} + + +/***/ }), + +/***/ 2607: +/***/ ((module) => { + +"use strict"; + + +/** + * @see https://encoding.spec.whatwg.org/#concept-encoding-get + * @param {string|undefined} label + */ +function getEncoding (label) { + if (!label) { + return 'failure' + } + + // 1. Remove any leading and trailing ASCII whitespace from label. + // 2. If label is an ASCII case-insensitive match for any of the + // labels listed in the table below, then return the + // corresponding encoding; otherwise return failure. + switch (label.trim().toLowerCase()) { + case 'unicode-1-1-utf-8': + case 'unicode11utf8': + case 'unicode20utf8': + case 'utf-8': + case 'utf8': + case 'x-unicode20utf8': + return 'UTF-8' + case '866': + case 'cp866': + case 'csibm866': + case 'ibm866': + return 'IBM866' + case 'csisolatin2': + case 'iso-8859-2': + case 'iso-ir-101': + case 'iso8859-2': + case 'iso88592': + case 'iso_8859-2': + case 'iso_8859-2:1987': + case 'l2': + case 'latin2': + return 'ISO-8859-2' + case 'csisolatin3': + case 'iso-8859-3': + case 'iso-ir-109': + case 'iso8859-3': + case 'iso88593': + case 'iso_8859-3': + case 'iso_8859-3:1988': + case 'l3': + case 'latin3': + return 'ISO-8859-3' + case 'csisolatin4': + case 'iso-8859-4': + case 'iso-ir-110': + case 'iso8859-4': + case 'iso88594': + case 'iso_8859-4': + case 'iso_8859-4:1988': + case 'l4': + case 'latin4': + return 'ISO-8859-4' + case 'csisolatincyrillic': + case 'cyrillic': + case 'iso-8859-5': + case 'iso-ir-144': + case 'iso8859-5': + case 'iso88595': + case 'iso_8859-5': + case 'iso_8859-5:1988': + return 'ISO-8859-5' + case 'arabic': + case 'asmo-708': + case 'csiso88596e': + case 'csiso88596i': + case 'csisolatinarabic': + case 'ecma-114': + case 'iso-8859-6': + case 'iso-8859-6-e': + case 'iso-8859-6-i': + case 'iso-ir-127': + case 'iso8859-6': + case 'iso88596': + case 'iso_8859-6': + case 'iso_8859-6:1987': + return 'ISO-8859-6' + case 'csisolatingreek': + case 'ecma-118': + case 'elot_928': + case 'greek': + case 'greek8': + case 'iso-8859-7': + case 'iso-ir-126': + case 'iso8859-7': + case 'iso88597': + case 'iso_8859-7': + case 'iso_8859-7:1987': + case 'sun_eu_greek': + return 'ISO-8859-7' + case 'csiso88598e': + case 'csisolatinhebrew': + case 'hebrew': + case 'iso-8859-8': + case 'iso-8859-8-e': + case 'iso-ir-138': + case 'iso8859-8': + case 'iso88598': + case 'iso_8859-8': + case 'iso_8859-8:1988': + case 'visual': + return 'ISO-8859-8' + case 'csiso88598i': + case 'iso-8859-8-i': + case 'logical': + return 'ISO-8859-8-I' + case 'csisolatin6': + case 'iso-8859-10': + case 'iso-ir-157': + case 'iso8859-10': + case 'iso885910': + case 'l6': + case 'latin6': + return 'ISO-8859-10' + case 'iso-8859-13': + case 'iso8859-13': + case 'iso885913': + return 'ISO-8859-13' + case 'iso-8859-14': + case 'iso8859-14': + case 'iso885914': + return 'ISO-8859-14' + case 'csisolatin9': + case 'iso-8859-15': + case 'iso8859-15': + case 'iso885915': + case 'iso_8859-15': + case 'l9': + return 'ISO-8859-15' + case 'iso-8859-16': + return 'ISO-8859-16' + case 'cskoi8r': + case 'koi': + case 'koi8': + case 'koi8-r': + case 'koi8_r': + return 'KOI8-R' + case 'koi8-ru': + case 'koi8-u': + return 'KOI8-U' + case 'csmacintosh': + case 'mac': + case 'macintosh': + case 'x-mac-roman': + return 'macintosh' + case 'iso-8859-11': + case 'iso8859-11': + case 'iso885911': + case 'tis-620': + case 'windows-874': + return 'windows-874' + case 'cp1250': + case 'windows-1250': + case 'x-cp1250': + return 'windows-1250' + case 'cp1251': + case 'windows-1251': + case 'x-cp1251': + return 'windows-1251' + case 'ansi_x3.4-1968': + case 'ascii': + case 'cp1252': + case 'cp819': + case 'csisolatin1': + case 'ibm819': + case 'iso-8859-1': + case 'iso-ir-100': + case 'iso8859-1': + case 'iso88591': + case 'iso_8859-1': + case 'iso_8859-1:1987': + case 'l1': + case 'latin1': + case 'us-ascii': + case 'windows-1252': + case 'x-cp1252': + return 'windows-1252' + case 'cp1253': + case 'windows-1253': + case 'x-cp1253': + return 'windows-1253' + case 'cp1254': + case 'csisolatin5': + case 'iso-8859-9': + case 'iso-ir-148': + case 'iso8859-9': + case 'iso88599': + case 'iso_8859-9': + case 'iso_8859-9:1989': + case 'l5': + case 'latin5': + case 'windows-1254': + case 'x-cp1254': + return 'windows-1254' + case 'cp1255': + case 'windows-1255': + case 'x-cp1255': + return 'windows-1255' + case 'cp1256': + case 'windows-1256': + case 'x-cp1256': + return 'windows-1256' + case 'cp1257': + case 'windows-1257': + case 'x-cp1257': + return 'windows-1257' + case 'cp1258': + case 'windows-1258': + case 'x-cp1258': + return 'windows-1258' + case 'x-mac-cyrillic': + case 'x-mac-ukrainian': + return 'x-mac-cyrillic' + case 'chinese': + case 'csgb2312': + case 'csiso58gb231280': + case 'gb2312': + case 'gb_2312': + case 'gb_2312-80': + case 'gbk': + case 'iso-ir-58': + case 'x-gbk': + return 'GBK' + case 'gb18030': + return 'gb18030' + case 'big5': + case 'big5-hkscs': + case 'cn-big5': + case 'csbig5': + case 'x-x-big5': + return 'Big5' + case 'cseucpkdfmtjapanese': + case 'euc-jp': + case 'x-euc-jp': + return 'EUC-JP' + case 'csiso2022jp': + case 'iso-2022-jp': + return 'ISO-2022-JP' + case 'csshiftjis': + case 'ms932': + case 'ms_kanji': + case 'shift-jis': + case 'shift_jis': + case 'sjis': + case 'windows-31j': + case 'x-sjis': + return 'Shift_JIS' + case 'cseuckr': + case 'csksc56011987': + case 'euc-kr': + case 'iso-ir-149': + case 'korean': + case 'ks_c_5601-1987': + case 'ks_c_5601-1989': + case 'ksc5601': + case 'ksc_5601': + case 'windows-949': + return 'EUC-KR' + case 'csiso2022kr': + case 'hz-gb-2312': + case 'iso-2022-cn': + case 'iso-2022-cn-ext': + case 'iso-2022-kr': + case 'replacement': + return 'replacement' + case 'unicodefffe': + case 'utf-16be': + return 'UTF-16BE' + case 'csunicode': + case 'iso-10646-ucs-2': + case 'ucs-2': + case 'unicode': + case 'unicodefeff': + case 'utf-16': + case 'utf-16le': + return 'UTF-16LE' + case 'x-user-defined': + return 'x-user-defined' + default: return 'failure' + } +} + +module.exports = { + getEncoding +} + + +/***/ }), + +/***/ 8355: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + staticPropertyDescriptors, + readOperation, + fireAProgressEvent +} = __nccwpck_require__(3610) +const { + kState, + kError, + kResult, + kEvents, + kAborted +} = __nccwpck_require__(961) +const { webidl } = __nccwpck_require__(5893) +const { kEnumerableProperty } = __nccwpck_require__(3440) + +class FileReader extends EventTarget { + constructor () { + super() + + this[kState] = 'empty' + this[kResult] = null + this[kError] = null + this[kEvents] = { + loadend: null, + error: null, + abort: null, + load: null, + progress: null, + loadstart: null + } + } + + /** + * @see https://w3c.github.io/FileAPI/#dfn-readAsArrayBuffer + * @param {import('buffer').Blob} blob + */ + readAsArrayBuffer (blob) { + webidl.brandCheck(this, FileReader) + + webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsArrayBuffer') + + blob = webidl.converters.Blob(blob, { strict: false }) + + // The readAsArrayBuffer(blob) method, when invoked, + // must initiate a read operation for blob with ArrayBuffer. + readOperation(this, blob, 'ArrayBuffer') + } + + /** + * @see https://w3c.github.io/FileAPI/#readAsBinaryString + * @param {import('buffer').Blob} blob + */ + readAsBinaryString (blob) { + webidl.brandCheck(this, FileReader) + + webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsBinaryString') + + blob = webidl.converters.Blob(blob, { strict: false }) + + // The readAsBinaryString(blob) method, when invoked, + // must initiate a read operation for blob with BinaryString. + readOperation(this, blob, 'BinaryString') + } + + /** + * @see https://w3c.github.io/FileAPI/#readAsDataText + * @param {import('buffer').Blob} blob + * @param {string?} encoding + */ + readAsText (blob, encoding = undefined) { + webidl.brandCheck(this, FileReader) + + webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsText') + + blob = webidl.converters.Blob(blob, { strict: false }) + + if (encoding !== undefined) { + encoding = webidl.converters.DOMString(encoding, 'FileReader.readAsText', 'encoding') + } + + // The readAsText(blob, encoding) method, when invoked, + // must initiate a read operation for blob with Text and encoding. + readOperation(this, blob, 'Text', encoding) + } + + /** + * @see https://w3c.github.io/FileAPI/#dfn-readAsDataURL + * @param {import('buffer').Blob} blob + */ + readAsDataURL (blob) { + webidl.brandCheck(this, FileReader) + + webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsDataURL') + + blob = webidl.converters.Blob(blob, { strict: false }) + + // The readAsDataURL(blob) method, when invoked, must + // initiate a read operation for blob with DataURL. + readOperation(this, blob, 'DataURL') + } + + /** + * @see https://w3c.github.io/FileAPI/#dfn-abort + */ + abort () { + // 1. If this's state is "empty" or if this's state is + // "done" set this's result to null and terminate + // this algorithm. + if (this[kState] === 'empty' || this[kState] === 'done') { + this[kResult] = null + return + } + + // 2. If this's state is "loading" set this's state to + // "done" and set this's result to null. + if (this[kState] === 'loading') { + this[kState] = 'done' + this[kResult] = null + } + + // 3. If there are any tasks from this on the file reading + // task source in an affiliated task queue, then remove + // those tasks from that task queue. + this[kAborted] = true + + // 4. Terminate the algorithm for the read method being processed. + // TODO + + // 5. Fire a progress event called abort at this. + fireAProgressEvent('abort', this) + + // 6. If this's state is not "loading", fire a progress + // event called loadend at this. + if (this[kState] !== 'loading') { + fireAProgressEvent('loadend', this) + } + } + + /** + * @see https://w3c.github.io/FileAPI/#dom-filereader-readystate + */ + get readyState () { + webidl.brandCheck(this, FileReader) + + switch (this[kState]) { + case 'empty': return this.EMPTY + case 'loading': return this.LOADING + case 'done': return this.DONE + } + } + + /** + * @see https://w3c.github.io/FileAPI/#dom-filereader-result + */ + get result () { + webidl.brandCheck(this, FileReader) + + // The result attribute’s getter, when invoked, must return + // this's result. + return this[kResult] + } + + /** + * @see https://w3c.github.io/FileAPI/#dom-filereader-error + */ + get error () { + webidl.brandCheck(this, FileReader) + + // The error attribute’s getter, when invoked, must return + // this's error. + return this[kError] + } + + get onloadend () { + webidl.brandCheck(this, FileReader) + + return this[kEvents].loadend + } + + set onloadend (fn) { + webidl.brandCheck(this, FileReader) + + if (this[kEvents].loadend) { + this.removeEventListener('loadend', this[kEvents].loadend) + } + + if (typeof fn === 'function') { + this[kEvents].loadend = fn + this.addEventListener('loadend', fn) + } else { + this[kEvents].loadend = null + } + } + + get onerror () { + webidl.brandCheck(this, FileReader) + + return this[kEvents].error + } + + set onerror (fn) { + webidl.brandCheck(this, FileReader) + + if (this[kEvents].error) { + this.removeEventListener('error', this[kEvents].error) + } + + if (typeof fn === 'function') { + this[kEvents].error = fn + this.addEventListener('error', fn) + } else { + this[kEvents].error = null + } + } + + get onloadstart () { + webidl.brandCheck(this, FileReader) + + return this[kEvents].loadstart + } + + set onloadstart (fn) { + webidl.brandCheck(this, FileReader) + + if (this[kEvents].loadstart) { + this.removeEventListener('loadstart', this[kEvents].loadstart) + } + + if (typeof fn === 'function') { + this[kEvents].loadstart = fn + this.addEventListener('loadstart', fn) + } else { + this[kEvents].loadstart = null + } + } + + get onprogress () { + webidl.brandCheck(this, FileReader) + + return this[kEvents].progress + } + + set onprogress (fn) { + webidl.brandCheck(this, FileReader) + + if (this[kEvents].progress) { + this.removeEventListener('progress', this[kEvents].progress) + } + + if (typeof fn === 'function') { + this[kEvents].progress = fn + this.addEventListener('progress', fn) + } else { + this[kEvents].progress = null + } + } + + get onload () { + webidl.brandCheck(this, FileReader) + + return this[kEvents].load + } + + set onload (fn) { + webidl.brandCheck(this, FileReader) + + if (this[kEvents].load) { + this.removeEventListener('load', this[kEvents].load) + } + + if (typeof fn === 'function') { + this[kEvents].load = fn + this.addEventListener('load', fn) + } else { + this[kEvents].load = null + } + } + + get onabort () { + webidl.brandCheck(this, FileReader) + + return this[kEvents].abort + } + + set onabort (fn) { + webidl.brandCheck(this, FileReader) + + if (this[kEvents].abort) { + this.removeEventListener('abort', this[kEvents].abort) + } + + if (typeof fn === 'function') { + this[kEvents].abort = fn + this.addEventListener('abort', fn) + } else { + this[kEvents].abort = null + } + } +} + +// https://w3c.github.io/FileAPI/#dom-filereader-empty +FileReader.EMPTY = FileReader.prototype.EMPTY = 0 +// https://w3c.github.io/FileAPI/#dom-filereader-loading +FileReader.LOADING = FileReader.prototype.LOADING = 1 +// https://w3c.github.io/FileAPI/#dom-filereader-done +FileReader.DONE = FileReader.prototype.DONE = 2 + +Object.defineProperties(FileReader.prototype, { + EMPTY: staticPropertyDescriptors, + LOADING: staticPropertyDescriptors, + DONE: staticPropertyDescriptors, + readAsArrayBuffer: kEnumerableProperty, + readAsBinaryString: kEnumerableProperty, + readAsText: kEnumerableProperty, + readAsDataURL: kEnumerableProperty, + abort: kEnumerableProperty, + readyState: kEnumerableProperty, + result: kEnumerableProperty, + error: kEnumerableProperty, + onloadstart: kEnumerableProperty, + onprogress: kEnumerableProperty, + onload: kEnumerableProperty, + onabort: kEnumerableProperty, + onerror: kEnumerableProperty, + onloadend: kEnumerableProperty, + [Symbol.toStringTag]: { + value: 'FileReader', + writable: false, + enumerable: false, + configurable: true + } +}) + +Object.defineProperties(FileReader, { + EMPTY: staticPropertyDescriptors, + LOADING: staticPropertyDescriptors, + DONE: staticPropertyDescriptors +}) + +module.exports = { + FileReader +} + + +/***/ }), + +/***/ 8573: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { webidl } = __nccwpck_require__(5893) + +const kState = Symbol('ProgressEvent state') + +/** + * @see https://xhr.spec.whatwg.org/#progressevent + */ +class ProgressEvent extends Event { + constructor (type, eventInitDict = {}) { + type = webidl.converters.DOMString(type, 'ProgressEvent constructor', 'type') + eventInitDict = webidl.converters.ProgressEventInit(eventInitDict ?? {}) + + super(type, eventInitDict) + + this[kState] = { + lengthComputable: eventInitDict.lengthComputable, + loaded: eventInitDict.loaded, + total: eventInitDict.total + } + } + + get lengthComputable () { + webidl.brandCheck(this, ProgressEvent) + + return this[kState].lengthComputable + } + + get loaded () { + webidl.brandCheck(this, ProgressEvent) + + return this[kState].loaded + } + + get total () { + webidl.brandCheck(this, ProgressEvent) + + return this[kState].total + } +} + +webidl.converters.ProgressEventInit = webidl.dictionaryConverter([ + { + key: 'lengthComputable', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'loaded', + converter: webidl.converters['unsigned long long'], + defaultValue: () => 0 + }, + { + key: 'total', + converter: webidl.converters['unsigned long long'], + defaultValue: () => 0 + }, + { + key: 'bubbles', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'cancelable', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'composed', + converter: webidl.converters.boolean, + defaultValue: () => false + } +]) + +module.exports = { + ProgressEvent +} + + +/***/ }), + +/***/ 961: +/***/ ((module) => { + +"use strict"; + + +module.exports = { + kState: Symbol('FileReader state'), + kResult: Symbol('FileReader result'), + kError: Symbol('FileReader error'), + kLastProgressEventFired: Symbol('FileReader last progress event fired timestamp'), + kEvents: Symbol('FileReader events'), + kAborted: Symbol('FileReader aborted') +} + + +/***/ }), + +/***/ 3610: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { + kState, + kError, + kResult, + kAborted, + kLastProgressEventFired +} = __nccwpck_require__(961) +const { ProgressEvent } = __nccwpck_require__(8573) +const { getEncoding } = __nccwpck_require__(2607) +const { serializeAMimeType, parseMIMEType } = __nccwpck_require__(1900) +const { types } = __nccwpck_require__(7975) +const { StringDecoder } = __nccwpck_require__(3193) +const { btoa } = __nccwpck_require__(4573) + +/** @type {PropertyDescriptor} */ +const staticPropertyDescriptors = { + enumerable: true, + writable: false, + configurable: false +} + +/** + * @see https://w3c.github.io/FileAPI/#readOperation + * @param {import('./filereader').FileReader} fr + * @param {import('buffer').Blob} blob + * @param {string} type + * @param {string?} encodingName + */ +function readOperation (fr, blob, type, encodingName) { + // 1. If fr’s state is "loading", throw an InvalidStateError + // DOMException. + if (fr[kState] === 'loading') { + throw new DOMException('Invalid state', 'InvalidStateError') + } + + // 2. Set fr’s state to "loading". + fr[kState] = 'loading' + + // 3. Set fr’s result to null. + fr[kResult] = null + + // 4. Set fr’s error to null. + fr[kError] = null + + // 5. Let stream be the result of calling get stream on blob. + /** @type {import('stream/web').ReadableStream} */ + const stream = blob.stream() + + // 6. Let reader be the result of getting a reader from stream. + const reader = stream.getReader() + + // 7. Let bytes be an empty byte sequence. + /** @type {Uint8Array[]} */ + const bytes = [] + + // 8. Let chunkPromise be the result of reading a chunk from + // stream with reader. + let chunkPromise = reader.read() + + // 9. Let isFirstChunk be true. + let isFirstChunk = true + + // 10. In parallel, while true: + // Note: "In parallel" just means non-blocking + // Note 2: readOperation itself cannot be async as double + // reading the body would then reject the promise, instead + // of throwing an error. + ;(async () => { + while (!fr[kAborted]) { + // 1. Wait for chunkPromise to be fulfilled or rejected. + try { + const { done, value } = await chunkPromise + + // 2. If chunkPromise is fulfilled, and isFirstChunk is + // true, queue a task to fire a progress event called + // loadstart at fr. + if (isFirstChunk && !fr[kAborted]) { + queueMicrotask(() => { + fireAProgressEvent('loadstart', fr) + }) + } + + // 3. Set isFirstChunk to false. + isFirstChunk = false + + // 4. If chunkPromise is fulfilled with an object whose + // done property is false and whose value property is + // a Uint8Array object, run these steps: + if (!done && types.isUint8Array(value)) { + // 1. Let bs be the byte sequence represented by the + // Uint8Array object. + + // 2. Append bs to bytes. + bytes.push(value) + + // 3. If roughly 50ms have passed since these steps + // were last invoked, queue a task to fire a + // progress event called progress at fr. + if ( + ( + fr[kLastProgressEventFired] === undefined || + Date.now() - fr[kLastProgressEventFired] >= 50 + ) && + !fr[kAborted] + ) { + fr[kLastProgressEventFired] = Date.now() + queueMicrotask(() => { + fireAProgressEvent('progress', fr) + }) + } + + // 4. Set chunkPromise to the result of reading a + // chunk from stream with reader. + chunkPromise = reader.read() + } else if (done) { + // 5. Otherwise, if chunkPromise is fulfilled with an + // object whose done property is true, queue a task + // to run the following steps and abort this algorithm: + queueMicrotask(() => { + // 1. Set fr’s state to "done". + fr[kState] = 'done' + + // 2. Let result be the result of package data given + // bytes, type, blob’s type, and encodingName. + try { + const result = packageData(bytes, type, blob.type, encodingName) + + // 4. Else: + + if (fr[kAborted]) { + return + } + + // 1. Set fr’s result to result. + fr[kResult] = result + + // 2. Fire a progress event called load at the fr. + fireAProgressEvent('load', fr) + } catch (error) { + // 3. If package data threw an exception error: + + // 1. Set fr’s error to error. + fr[kError] = error + + // 2. Fire a progress event called error at fr. + fireAProgressEvent('error', fr) + } + + // 5. If fr’s state is not "loading", fire a progress + // event called loadend at the fr. + if (fr[kState] !== 'loading') { + fireAProgressEvent('loadend', fr) + } + }) + + break + } + } catch (error) { + if (fr[kAborted]) { + return + } + + // 6. Otherwise, if chunkPromise is rejected with an + // error error, queue a task to run the following + // steps and abort this algorithm: + queueMicrotask(() => { + // 1. Set fr’s state to "done". + fr[kState] = 'done' + + // 2. Set fr’s error to error. + fr[kError] = error + + // 3. Fire a progress event called error at fr. + fireAProgressEvent('error', fr) + + // 4. If fr’s state is not "loading", fire a progress + // event called loadend at fr. + if (fr[kState] !== 'loading') { + fireAProgressEvent('loadend', fr) + } + }) + + break + } + } + })() +} + +/** + * @see https://w3c.github.io/FileAPI/#fire-a-progress-event + * @see https://dom.spec.whatwg.org/#concept-event-fire + * @param {string} e The name of the event + * @param {import('./filereader').FileReader} reader + */ +function fireAProgressEvent (e, reader) { + // The progress event e does not bubble. e.bubbles must be false + // The progress event e is NOT cancelable. e.cancelable must be false + const event = new ProgressEvent(e, { + bubbles: false, + cancelable: false + }) + + reader.dispatchEvent(event) +} + +/** + * @see https://w3c.github.io/FileAPI/#blob-package-data + * @param {Uint8Array[]} bytes + * @param {string} type + * @param {string?} mimeType + * @param {string?} encodingName + */ +function packageData (bytes, type, mimeType, encodingName) { + // 1. A Blob has an associated package data algorithm, given + // bytes, a type, a optional mimeType, and a optional + // encodingName, which switches on type and runs the + // associated steps: + + switch (type) { + case 'DataURL': { + // 1. Return bytes as a DataURL [RFC2397] subject to + // the considerations below: + // * Use mimeType as part of the Data URL if it is + // available in keeping with the Data URL + // specification [RFC2397]. + // * If mimeType is not available return a Data URL + // without a media-type. [RFC2397]. + + // https://datatracker.ietf.org/doc/html/rfc2397#section-3 + // dataurl := "data:" [ mediatype ] [ ";base64" ] "," data + // mediatype := [ type "/" subtype ] *( ";" parameter ) + // data := *urlchar + // parameter := attribute "=" value + let dataURL = 'data:' + + const parsed = parseMIMEType(mimeType || 'application/octet-stream') + + if (parsed !== 'failure') { + dataURL += serializeAMimeType(parsed) + } + + dataURL += ';base64,' + + const decoder = new StringDecoder('latin1') + + for (const chunk of bytes) { + dataURL += btoa(decoder.write(chunk)) + } + + dataURL += btoa(decoder.end()) + + return dataURL + } + case 'Text': { + // 1. Let encoding be failure + let encoding = 'failure' + + // 2. If the encodingName is present, set encoding to the + // result of getting an encoding from encodingName. + if (encodingName) { + encoding = getEncoding(encodingName) + } + + // 3. If encoding is failure, and mimeType is present: + if (encoding === 'failure' && mimeType) { + // 1. Let type be the result of parse a MIME type + // given mimeType. + const type = parseMIMEType(mimeType) + + // 2. If type is not failure, set encoding to the result + // of getting an encoding from type’s parameters["charset"]. + if (type !== 'failure') { + encoding = getEncoding(type.parameters.get('charset')) + } + } + + // 4. If encoding is failure, then set encoding to UTF-8. + if (encoding === 'failure') { + encoding = 'UTF-8' + } + + // 5. Decode bytes using fallback encoding encoding, and + // return the result. + return decode(bytes, encoding) + } + case 'ArrayBuffer': { + // Return a new ArrayBuffer whose contents are bytes. + const sequence = combineByteSequences(bytes) + + return sequence.buffer + } + case 'BinaryString': { + // Return bytes as a binary string, in which every byte + // is represented by a code unit of equal value [0..255]. + let binaryString = '' + + const decoder = new StringDecoder('latin1') + + for (const chunk of bytes) { + binaryString += decoder.write(chunk) + } + + binaryString += decoder.end() + + return binaryString + } + } +} + +/** + * @see https://encoding.spec.whatwg.org/#decode + * @param {Uint8Array[]} ioQueue + * @param {string} encoding + */ +function decode (ioQueue, encoding) { + const bytes = combineByteSequences(ioQueue) + + // 1. Let BOMEncoding be the result of BOM sniffing ioQueue. + const BOMEncoding = BOMSniffing(bytes) + + let slice = 0 + + // 2. If BOMEncoding is non-null: + if (BOMEncoding !== null) { + // 1. Set encoding to BOMEncoding. + encoding = BOMEncoding + + // 2. Read three bytes from ioQueue, if BOMEncoding is + // UTF-8; otherwise read two bytes. + // (Do nothing with those bytes.) + slice = BOMEncoding === 'UTF-8' ? 3 : 2 + } + + // 3. Process a queue with an instance of encoding’s + // decoder, ioQueue, output, and "replacement". + + // 4. Return output. + + const sliced = bytes.slice(slice) + return new TextDecoder(encoding).decode(sliced) +} + +/** + * @see https://encoding.spec.whatwg.org/#bom-sniff + * @param {Uint8Array} ioQueue + */ +function BOMSniffing (ioQueue) { + // 1. Let BOM be the result of peeking 3 bytes from ioQueue, + // converted to a byte sequence. + const [a, b, c] = ioQueue + + // 2. For each of the rows in the table below, starting with + // the first one and going down, if BOM starts with the + // bytes given in the first column, then return the + // encoding given in the cell in the second column of that + // row. Otherwise, return null. + if (a === 0xEF && b === 0xBB && c === 0xBF) { + return 'UTF-8' + } else if (a === 0xFE && b === 0xFF) { + return 'UTF-16BE' + } else if (a === 0xFF && b === 0xFE) { + return 'UTF-16LE' + } + + return null +} + +/** + * @param {Uint8Array[]} sequences + */ +function combineByteSequences (sequences) { + const size = sequences.reduce((a, b) => { + return a + b.byteLength + }, 0) + + let offset = 0 + + return sequences.reduce((a, b) => { + a.set(b, offset) + offset += b.byteLength + return a + }, new Uint8Array(size)) +} + +module.exports = { + staticPropertyDescriptors, + readOperation, + fireAProgressEvent +} + + +/***/ }), + +/***/ 6897: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { uid, states, sentCloseFrameState, emptyBuffer, opcodes } = __nccwpck_require__(736) +const { + kReadyState, + kSentClose, + kByteParser, + kReceivedClose, + kResponse +} = __nccwpck_require__(1216) +const { fireEvent, failWebsocketConnection, isClosing, isClosed, isEstablished, parseExtensions } = __nccwpck_require__(8625) +const { channels } = __nccwpck_require__(2414) +const { CloseEvent } = __nccwpck_require__(5188) +const { makeRequest } = __nccwpck_require__(9967) +const { fetching } = __nccwpck_require__(4398) +const { Headers, getHeadersList } = __nccwpck_require__(660) +const { getDecodeSplit } = __nccwpck_require__(3168) +const { WebsocketFrameSend } = __nccwpck_require__(3264) + +/** @type {import('crypto')} */ +let crypto +try { + crypto = __nccwpck_require__(7598) +/* c8 ignore next 3 */ +} catch { + +} + +/** + * @see https://websockets.spec.whatwg.org/#concept-websocket-establish + * @param {URL} url + * @param {string|string[]} protocols + * @param {import('./websocket').WebSocket} ws + * @param {(response: any, extensions: string[] | undefined) => void} onEstablish + * @param {Partial} options + */ +function establishWebSocketConnection (url, protocols, client, ws, onEstablish, options) { + // 1. Let requestURL be a copy of url, with its scheme set to "http", if url’s + // scheme is "ws", and to "https" otherwise. + const requestURL = url + + requestURL.protocol = url.protocol === 'ws:' ? 'http:' : 'https:' + + // 2. Let request be a new request, whose URL is requestURL, client is client, + // service-workers mode is "none", referrer is "no-referrer", mode is + // "websocket", credentials mode is "include", cache mode is "no-store" , + // and redirect mode is "error". + const request = makeRequest({ + urlList: [requestURL], + client, + serviceWorkers: 'none', + referrer: 'no-referrer', + mode: 'websocket', + credentials: 'include', + cache: 'no-store', + redirect: 'error' + }) + + // Note: undici extension, allow setting custom headers. + if (options.headers) { + const headersList = getHeadersList(new Headers(options.headers)) + + request.headersList = headersList + } + + // 3. Append (`Upgrade`, `websocket`) to request’s header list. + // 4. Append (`Connection`, `Upgrade`) to request’s header list. + // Note: both of these are handled by undici currently. + // https://github.com/nodejs/undici/blob/68c269c4144c446f3f1220951338daef4a6b5ec4/lib/client.js#L1397 + + // 5. Let keyValue be a nonce consisting of a randomly selected + // 16-byte value that has been forgiving-base64-encoded and + // isomorphic encoded. + const keyValue = crypto.randomBytes(16).toString('base64') + + // 6. Append (`Sec-WebSocket-Key`, keyValue) to request’s + // header list. + request.headersList.append('sec-websocket-key', keyValue) + + // 7. Append (`Sec-WebSocket-Version`, `13`) to request’s + // header list. + request.headersList.append('sec-websocket-version', '13') + + // 8. For each protocol in protocols, combine + // (`Sec-WebSocket-Protocol`, protocol) in request’s header + // list. + for (const protocol of protocols) { + request.headersList.append('sec-websocket-protocol', protocol) + } + + // 9. Let permessageDeflate be a user-agent defined + // "permessage-deflate" extension header value. + // https://github.com/mozilla/gecko-dev/blob/ce78234f5e653a5d3916813ff990f053510227bc/netwerk/protocol/websocket/WebSocketChannel.cpp#L2673 + const permessageDeflate = 'permessage-deflate; client_max_window_bits' + + // 10. Append (`Sec-WebSocket-Extensions`, permessageDeflate) to + // request’s header list. + request.headersList.append('sec-websocket-extensions', permessageDeflate) + + // 11. Fetch request with useParallelQueue set to true, and + // processResponse given response being these steps: + const controller = fetching({ + request, + useParallelQueue: true, + dispatcher: options.dispatcher, + processResponse (response) { + // 1. If response is a network error or its status is not 101, + // fail the WebSocket connection. + if (response.type === 'error' || response.status !== 101) { + failWebsocketConnection(ws, 'Received network error or non-101 status code.') + return + } + + // 2. If protocols is not the empty list and extracting header + // list values given `Sec-WebSocket-Protocol` and response’s + // header list results in null, failure, or the empty byte + // sequence, then fail the WebSocket connection. + if (protocols.length !== 0 && !response.headersList.get('Sec-WebSocket-Protocol')) { + failWebsocketConnection(ws, 'Server did not respond with sent protocols.') + return + } + + // 3. Follow the requirements stated step 2 to step 6, inclusive, + // of the last set of steps in section 4.1 of The WebSocket + // Protocol to validate response. This either results in fail + // the WebSocket connection or the WebSocket connection is + // established. + + // 2. If the response lacks an |Upgrade| header field or the |Upgrade| + // header field contains a value that is not an ASCII case- + // insensitive match for the value "websocket", the client MUST + // _Fail the WebSocket Connection_. + if (response.headersList.get('Upgrade')?.toLowerCase() !== 'websocket') { + failWebsocketConnection(ws, 'Server did not set Upgrade header to "websocket".') + return + } + + // 3. If the response lacks a |Connection| header field or the + // |Connection| header field doesn't contain a token that is an + // ASCII case-insensitive match for the value "Upgrade", the client + // MUST _Fail the WebSocket Connection_. + if (response.headersList.get('Connection')?.toLowerCase() !== 'upgrade') { + failWebsocketConnection(ws, 'Server did not set Connection header to "upgrade".') + return + } + + // 4. If the response lacks a |Sec-WebSocket-Accept| header field or + // the |Sec-WebSocket-Accept| contains a value other than the + // base64-encoded SHA-1 of the concatenation of the |Sec-WebSocket- + // Key| (as a string, not base64-decoded) with the string "258EAFA5- + // E914-47DA-95CA-C5AB0DC85B11" but ignoring any leading and + // trailing whitespace, the client MUST _Fail the WebSocket + // Connection_. + const secWSAccept = response.headersList.get('Sec-WebSocket-Accept') + const digest = crypto.createHash('sha1').update(keyValue + uid).digest('base64') + if (secWSAccept !== digest) { + failWebsocketConnection(ws, 'Incorrect hash received in Sec-WebSocket-Accept header.') + return + } + + // 5. If the response includes a |Sec-WebSocket-Extensions| header + // field and this header field indicates the use of an extension + // that was not present in the client's handshake (the server has + // indicated an extension not requested by the client), the client + // MUST _Fail the WebSocket Connection_. (The parsing of this + // header field to determine which extensions are requested is + // discussed in Section 9.1.) + const secExtension = response.headersList.get('Sec-WebSocket-Extensions') + let extensions + + if (secExtension !== null) { + extensions = parseExtensions(secExtension) + + if (!extensions.has('permessage-deflate')) { + failWebsocketConnection(ws, 'Sec-WebSocket-Extensions header does not match.') + return + } + } + + // 6. If the response includes a |Sec-WebSocket-Protocol| header field + // and this header field indicates the use of a subprotocol that was + // not present in the client's handshake (the server has indicated a + // subprotocol not requested by the client), the client MUST _Fail + // the WebSocket Connection_. + const secProtocol = response.headersList.get('Sec-WebSocket-Protocol') + + if (secProtocol !== null) { + const requestProtocols = getDecodeSplit('sec-websocket-protocol', request.headersList) + + // The client can request that the server use a specific subprotocol by + // including the |Sec-WebSocket-Protocol| field in its handshake. If it + // is specified, the server needs to include the same field and one of + // the selected subprotocol values in its response for the connection to + // be established. + if (!requestProtocols.includes(secProtocol)) { + failWebsocketConnection(ws, 'Protocol was not set in the opening handshake.') + return + } + } + + response.socket.on('data', onSocketData) + response.socket.on('close', onSocketClose) + response.socket.on('error', onSocketError) + + if (channels.open.hasSubscribers) { + channels.open.publish({ + address: response.socket.address(), + protocol: secProtocol, + extensions: secExtension + }) + } + + onEstablish(response, extensions) + } + }) + + return controller +} + +function closeWebSocketConnection (ws, code, reason, reasonByteLength) { + if (isClosing(ws) || isClosed(ws)) { + // If this's ready state is CLOSING (2) or CLOSED (3) + // Do nothing. + } else if (!isEstablished(ws)) { + // If the WebSocket connection is not yet established + // Fail the WebSocket connection and set this's ready state + // to CLOSING (2). + failWebsocketConnection(ws, 'Connection was closed before it was established.') + ws[kReadyState] = states.CLOSING + } else if (ws[kSentClose] === sentCloseFrameState.NOT_SENT) { + // If the WebSocket closing handshake has not yet been started + // Start the WebSocket closing handshake and set this's ready + // state to CLOSING (2). + // - If neither code nor reason is present, the WebSocket Close + // message must not have a body. + // - If code is present, then the status code to use in the + // WebSocket Close message must be the integer given by code. + // - If reason is also present, then reasonBytes must be + // provided in the Close message after the status code. + + ws[kSentClose] = sentCloseFrameState.PROCESSING + + const frame = new WebsocketFrameSend() + + // If neither code nor reason is present, the WebSocket Close + // message must not have a body. + + // If code is present, then the status code to use in the + // WebSocket Close message must be the integer given by code. + if (code !== undefined && reason === undefined) { + frame.frameData = Buffer.allocUnsafe(2) + frame.frameData.writeUInt16BE(code, 0) + } else if (code !== undefined && reason !== undefined) { + // If reason is also present, then reasonBytes must be + // provided in the Close message after the status code. + frame.frameData = Buffer.allocUnsafe(2 + reasonByteLength) + frame.frameData.writeUInt16BE(code, 0) + // the body MAY contain UTF-8-encoded data with value /reason/ + frame.frameData.write(reason, 2, 'utf-8') + } else { + frame.frameData = emptyBuffer + } + + /** @type {import('stream').Duplex} */ + const socket = ws[kResponse].socket + + socket.write(frame.createFrame(opcodes.CLOSE)) + + ws[kSentClose] = sentCloseFrameState.SENT + + // Upon either sending or receiving a Close control frame, it is said + // that _The WebSocket Closing Handshake is Started_ and that the + // WebSocket connection is in the CLOSING state. + ws[kReadyState] = states.CLOSING + } else { + // Otherwise + // Set this's ready state to CLOSING (2). + ws[kReadyState] = states.CLOSING + } +} + +/** + * @param {Buffer} chunk + */ +function onSocketData (chunk) { + if (!this.ws[kByteParser].write(chunk)) { + this.pause() + } +} + +/** + * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol + * @see https://datatracker.ietf.org/doc/html/rfc6455#section-7.1.4 + */ +function onSocketClose () { + const { ws } = this + const { [kResponse]: response } = ws + + response.socket.off('data', onSocketData) + response.socket.off('close', onSocketClose) + response.socket.off('error', onSocketError) + + // If the TCP connection was closed after the + // WebSocket closing handshake was completed, the WebSocket connection + // is said to have been closed _cleanly_. + const wasClean = ws[kSentClose] === sentCloseFrameState.SENT && ws[kReceivedClose] + + let code = 1005 + let reason = '' + + const result = ws[kByteParser].closingInfo + + if (result && !result.error) { + code = result.code ?? 1005 + reason = result.reason + } else if (!ws[kReceivedClose]) { + // If _The WebSocket + // Connection is Closed_ and no Close control frame was received by the + // endpoint (such as could occur if the underlying transport connection + // is lost), _The WebSocket Connection Close Code_ is considered to be + // 1006. + code = 1006 + } + + // 1. Change the ready state to CLOSED (3). + ws[kReadyState] = states.CLOSED + + // 2. If the user agent was required to fail the WebSocket + // connection, or if the WebSocket connection was closed + // after being flagged as full, fire an event named error + // at the WebSocket object. + // TODO + + // 3. Fire an event named close at the WebSocket object, + // using CloseEvent, with the wasClean attribute + // initialized to true if the connection closed cleanly + // and false otherwise, the code attribute initialized to + // the WebSocket connection close code, and the reason + // attribute initialized to the result of applying UTF-8 + // decode without BOM to the WebSocket connection close + // reason. + // TODO: process.nextTick + fireEvent('close', ws, (type, init) => new CloseEvent(type, init), { + wasClean, code, reason + }) + + if (channels.close.hasSubscribers) { + channels.close.publish({ + websocket: ws, + code, + reason + }) + } +} + +function onSocketError (error) { + const { ws } = this + + ws[kReadyState] = states.CLOSING + + if (channels.socketError.hasSubscribers) { + channels.socketError.publish(error) + } + + this.destroy() +} + +module.exports = { + establishWebSocketConnection, + closeWebSocketConnection +} + + +/***/ }), + +/***/ 736: +/***/ ((module) => { + +"use strict"; + + +// This is a Globally Unique Identifier unique used +// to validate that the endpoint accepts websocket +// connections. +// See https://www.rfc-editor.org/rfc/rfc6455.html#section-1.3 +const uid = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11' + +/** @type {PropertyDescriptor} */ +const staticPropertyDescriptors = { + enumerable: true, + writable: false, + configurable: false +} + +const states = { + CONNECTING: 0, + OPEN: 1, + CLOSING: 2, + CLOSED: 3 +} + +const sentCloseFrameState = { + NOT_SENT: 0, + PROCESSING: 1, + SENT: 2 +} + +const opcodes = { + CONTINUATION: 0x0, + TEXT: 0x1, + BINARY: 0x2, + CLOSE: 0x8, + PING: 0x9, + PONG: 0xA +} + +const maxUnsigned16Bit = 2 ** 16 - 1 // 65535 + +const parserStates = { + INFO: 0, + PAYLOADLENGTH_16: 2, + PAYLOADLENGTH_64: 3, + READ_DATA: 4 +} + +const emptyBuffer = Buffer.allocUnsafe(0) + +const sendHints = { + string: 1, + typedArray: 2, + arrayBuffer: 3, + blob: 4 +} + +module.exports = { + uid, + sentCloseFrameState, + staticPropertyDescriptors, + states, + opcodes, + maxUnsigned16Bit, + parserStates, + emptyBuffer, + sendHints +} + + +/***/ }), + +/***/ 5188: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { webidl } = __nccwpck_require__(5893) +const { kEnumerableProperty } = __nccwpck_require__(3440) +const { kConstruct } = __nccwpck_require__(6443) +const { MessagePort } = __nccwpck_require__(5919) + +/** + * @see https://html.spec.whatwg.org/multipage/comms.html#messageevent + */ +class MessageEvent extends Event { + #eventInit + + constructor (type, eventInitDict = {}) { + if (type === kConstruct) { + super(arguments[1], arguments[2]) + webidl.util.markAsUncloneable(this) + return + } + + const prefix = 'MessageEvent constructor' + webidl.argumentLengthCheck(arguments, 1, prefix) + + type = webidl.converters.DOMString(type, prefix, 'type') + eventInitDict = webidl.converters.MessageEventInit(eventInitDict, prefix, 'eventInitDict') + + super(type, eventInitDict) + + this.#eventInit = eventInitDict + webidl.util.markAsUncloneable(this) + } + + get data () { + webidl.brandCheck(this, MessageEvent) + + return this.#eventInit.data + } + + get origin () { + webidl.brandCheck(this, MessageEvent) + + return this.#eventInit.origin + } + + get lastEventId () { + webidl.brandCheck(this, MessageEvent) + + return this.#eventInit.lastEventId + } + + get source () { + webidl.brandCheck(this, MessageEvent) + + return this.#eventInit.source + } + + get ports () { + webidl.brandCheck(this, MessageEvent) + + if (!Object.isFrozen(this.#eventInit.ports)) { + Object.freeze(this.#eventInit.ports) + } + + return this.#eventInit.ports + } + + initMessageEvent ( + type, + bubbles = false, + cancelable = false, + data = null, + origin = '', + lastEventId = '', + source = null, + ports = [] + ) { + webidl.brandCheck(this, MessageEvent) + + webidl.argumentLengthCheck(arguments, 1, 'MessageEvent.initMessageEvent') + + return new MessageEvent(type, { + bubbles, cancelable, data, origin, lastEventId, source, ports + }) + } + + static createFastMessageEvent (type, init) { + const messageEvent = new MessageEvent(kConstruct, type, init) + messageEvent.#eventInit = init + messageEvent.#eventInit.data ??= null + messageEvent.#eventInit.origin ??= '' + messageEvent.#eventInit.lastEventId ??= '' + messageEvent.#eventInit.source ??= null + messageEvent.#eventInit.ports ??= [] + return messageEvent + } +} + +const { createFastMessageEvent } = MessageEvent +delete MessageEvent.createFastMessageEvent + +/** + * @see https://websockets.spec.whatwg.org/#the-closeevent-interface + */ +class CloseEvent extends Event { + #eventInit + + constructor (type, eventInitDict = {}) { + const prefix = 'CloseEvent constructor' + webidl.argumentLengthCheck(arguments, 1, prefix) + + type = webidl.converters.DOMString(type, prefix, 'type') + eventInitDict = webidl.converters.CloseEventInit(eventInitDict) + + super(type, eventInitDict) + + this.#eventInit = eventInitDict + webidl.util.markAsUncloneable(this) + } + + get wasClean () { + webidl.brandCheck(this, CloseEvent) + + return this.#eventInit.wasClean + } + + get code () { + webidl.brandCheck(this, CloseEvent) + + return this.#eventInit.code + } + + get reason () { + webidl.brandCheck(this, CloseEvent) + + return this.#eventInit.reason + } +} + +// https://html.spec.whatwg.org/multipage/webappapis.html#the-errorevent-interface +class ErrorEvent extends Event { + #eventInit + + constructor (type, eventInitDict) { + const prefix = 'ErrorEvent constructor' + webidl.argumentLengthCheck(arguments, 1, prefix) + + super(type, eventInitDict) + webidl.util.markAsUncloneable(this) + + type = webidl.converters.DOMString(type, prefix, 'type') + eventInitDict = webidl.converters.ErrorEventInit(eventInitDict ?? {}) + + this.#eventInit = eventInitDict + } + + get message () { + webidl.brandCheck(this, ErrorEvent) + + return this.#eventInit.message + } + + get filename () { + webidl.brandCheck(this, ErrorEvent) + + return this.#eventInit.filename + } + + get lineno () { + webidl.brandCheck(this, ErrorEvent) + + return this.#eventInit.lineno + } + + get colno () { + webidl.brandCheck(this, ErrorEvent) + + return this.#eventInit.colno + } + + get error () { + webidl.brandCheck(this, ErrorEvent) + + return this.#eventInit.error + } +} + +Object.defineProperties(MessageEvent.prototype, { + [Symbol.toStringTag]: { + value: 'MessageEvent', + configurable: true + }, + data: kEnumerableProperty, + origin: kEnumerableProperty, + lastEventId: kEnumerableProperty, + source: kEnumerableProperty, + ports: kEnumerableProperty, + initMessageEvent: kEnumerableProperty +}) + +Object.defineProperties(CloseEvent.prototype, { + [Symbol.toStringTag]: { + value: 'CloseEvent', + configurable: true + }, + reason: kEnumerableProperty, + code: kEnumerableProperty, + wasClean: kEnumerableProperty +}) + +Object.defineProperties(ErrorEvent.prototype, { + [Symbol.toStringTag]: { + value: 'ErrorEvent', + configurable: true + }, + message: kEnumerableProperty, + filename: kEnumerableProperty, + lineno: kEnumerableProperty, + colno: kEnumerableProperty, + error: kEnumerableProperty +}) + +webidl.converters.MessagePort = webidl.interfaceConverter(MessagePort) + +webidl.converters['sequence'] = webidl.sequenceConverter( + webidl.converters.MessagePort +) + +const eventInit = [ + { + key: 'bubbles', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'cancelable', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'composed', + converter: webidl.converters.boolean, + defaultValue: () => false + } +] + +webidl.converters.MessageEventInit = webidl.dictionaryConverter([ + ...eventInit, + { + key: 'data', + converter: webidl.converters.any, + defaultValue: () => null + }, + { + key: 'origin', + converter: webidl.converters.USVString, + defaultValue: () => '' + }, + { + key: 'lastEventId', + converter: webidl.converters.DOMString, + defaultValue: () => '' + }, + { + key: 'source', + // Node doesn't implement WindowProxy or ServiceWorker, so the only + // valid value for source is a MessagePort. + converter: webidl.nullableConverter(webidl.converters.MessagePort), + defaultValue: () => null + }, + { + key: 'ports', + converter: webidl.converters['sequence'], + defaultValue: () => new Array(0) + } +]) + +webidl.converters.CloseEventInit = webidl.dictionaryConverter([ + ...eventInit, + { + key: 'wasClean', + converter: webidl.converters.boolean, + defaultValue: () => false + }, + { + key: 'code', + converter: webidl.converters['unsigned short'], + defaultValue: () => 0 + }, + { + key: 'reason', + converter: webidl.converters.USVString, + defaultValue: () => '' + } +]) + +webidl.converters.ErrorEventInit = webidl.dictionaryConverter([ + ...eventInit, + { + key: 'message', + converter: webidl.converters.DOMString, + defaultValue: () => '' + }, + { + key: 'filename', + converter: webidl.converters.USVString, + defaultValue: () => '' + }, + { + key: 'lineno', + converter: webidl.converters['unsigned long'], + defaultValue: () => 0 + }, + { + key: 'colno', + converter: webidl.converters['unsigned long'], + defaultValue: () => 0 + }, + { + key: 'error', + converter: webidl.converters.any + } +]) + +module.exports = { + MessageEvent, + CloseEvent, + ErrorEvent, + createFastMessageEvent +} + + +/***/ }), + +/***/ 3264: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { maxUnsigned16Bit } = __nccwpck_require__(736) + +const BUFFER_SIZE = 16386 + +/** @type {import('crypto')} */ +let crypto +let buffer = null +let bufIdx = BUFFER_SIZE + +try { + crypto = __nccwpck_require__(7598) +/* c8 ignore next 3 */ +} catch { + crypto = { + // not full compatibility, but minimum. + randomFillSync: function randomFillSync (buffer, _offset, _size) { + for (let i = 0; i < buffer.length; ++i) { + buffer[i] = Math.random() * 255 | 0 + } + return buffer + } + } +} + +function generateMask () { + if (bufIdx === BUFFER_SIZE) { + bufIdx = 0 + crypto.randomFillSync((buffer ??= Buffer.allocUnsafe(BUFFER_SIZE)), 0, BUFFER_SIZE) + } + return [buffer[bufIdx++], buffer[bufIdx++], buffer[bufIdx++], buffer[bufIdx++]] +} + +class WebsocketFrameSend { + /** + * @param {Buffer|undefined} data + */ + constructor (data) { + this.frameData = data + } + + createFrame (opcode) { + const frameData = this.frameData + const maskKey = generateMask() + const bodyLength = frameData?.byteLength ?? 0 + + /** @type {number} */ + let payloadLength = bodyLength // 0-125 + let offset = 6 + + if (bodyLength > maxUnsigned16Bit) { + offset += 8 // payload length is next 8 bytes + payloadLength = 127 + } else if (bodyLength > 125) { + offset += 2 // payload length is next 2 bytes + payloadLength = 126 + } + + const buffer = Buffer.allocUnsafe(bodyLength + offset) + + // Clear first 2 bytes, everything else is overwritten + buffer[0] = buffer[1] = 0 + buffer[0] |= 0x80 // FIN + buffer[0] = (buffer[0] & 0xF0) + opcode // opcode + + /*! ws. MIT License. Einar Otto Stangvik */ + buffer[offset - 4] = maskKey[0] + buffer[offset - 3] = maskKey[1] + buffer[offset - 2] = maskKey[2] + buffer[offset - 1] = maskKey[3] + + buffer[1] = payloadLength + + if (payloadLength === 126) { + buffer.writeUInt16BE(bodyLength, 2) + } else if (payloadLength === 127) { + // Clear extended payload length + buffer[2] = buffer[3] = 0 + buffer.writeUIntBE(bodyLength, 4, 6) + } + + buffer[1] |= 0x80 // MASK + + // mask body + for (let i = 0; i < bodyLength; ++i) { + buffer[offset + i] = frameData[i] ^ maskKey[i & 3] + } + + return buffer + } +} + +module.exports = { + WebsocketFrameSend +} + + +/***/ }), + +/***/ 9469: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { createInflateRaw, Z_DEFAULT_WINDOWBITS } = __nccwpck_require__(8522) +const { isValidClientWindowBits } = __nccwpck_require__(8625) +const { MessageSizeExceededError } = __nccwpck_require__(8707) + +const tail = Buffer.from([0x00, 0x00, 0xff, 0xff]) +const kBuffer = Symbol('kBuffer') +const kLength = Symbol('kLength') + +// Default maximum decompressed message size: 4 MB +const kDefaultMaxDecompressedSize = 4 * 1024 * 1024 + +class PerMessageDeflate { + /** @type {import('node:zlib').InflateRaw} */ + #inflate + + #options = {} + + /** @type {boolean} */ + #aborted = false + + /** @type {Function|null} */ + #currentCallback = null + + /** + * @param {Map} extensions + */ + constructor (extensions) { + this.#options.serverNoContextTakeover = extensions.has('server_no_context_takeover') + this.#options.serverMaxWindowBits = extensions.get('server_max_window_bits') + } + + decompress (chunk, fin, callback) { + // An endpoint uses the following algorithm to decompress a message. + // 1. Append 4 octets of 0x00 0x00 0xff 0xff to the tail end of the + // payload of the message. + // 2. Decompress the resulting data using DEFLATE. + + if (this.#aborted) { + callback(new MessageSizeExceededError()) + return + } + + if (!this.#inflate) { + let windowBits = Z_DEFAULT_WINDOWBITS + + if (this.#options.serverMaxWindowBits) { // empty values default to Z_DEFAULT_WINDOWBITS + if (!isValidClientWindowBits(this.#options.serverMaxWindowBits)) { + callback(new Error('Invalid server_max_window_bits')) + return + } + + windowBits = Number.parseInt(this.#options.serverMaxWindowBits) + } + + try { + this.#inflate = createInflateRaw({ windowBits }) + } catch (err) { + callback(err) + return + } + this.#inflate[kBuffer] = [] + this.#inflate[kLength] = 0 + + this.#inflate.on('data', (data) => { + if (this.#aborted) { + return + } + + this.#inflate[kLength] += data.length + + if (this.#inflate[kLength] > kDefaultMaxDecompressedSize) { + this.#aborted = true + this.#inflate.removeAllListeners() + this.#inflate.destroy() + this.#inflate = null + + if (this.#currentCallback) { + const cb = this.#currentCallback + this.#currentCallback = null + cb(new MessageSizeExceededError()) + } + return + } + + this.#inflate[kBuffer].push(data) + }) + + this.#inflate.on('error', (err) => { + this.#inflate = null + callback(err) + }) + } + + this.#currentCallback = callback + this.#inflate.write(chunk) + if (fin) { + this.#inflate.write(tail) + } + + this.#inflate.flush(() => { + if (this.#aborted || !this.#inflate) { + return + } + + const full = Buffer.concat(this.#inflate[kBuffer], this.#inflate[kLength]) + + this.#inflate[kBuffer].length = 0 + this.#inflate[kLength] = 0 + this.#currentCallback = null + + callback(null, full) + }) + } +} + +module.exports = { PerMessageDeflate } + + +/***/ }), + +/***/ 1652: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { Writable } = __nccwpck_require__(7075) +const assert = __nccwpck_require__(4589) +const { parserStates, opcodes, states, emptyBuffer, sentCloseFrameState } = __nccwpck_require__(736) +const { kReadyState, kSentClose, kResponse, kReceivedClose } = __nccwpck_require__(1216) +const { channels } = __nccwpck_require__(2414) +const { + isValidStatusCode, + isValidOpcode, + failWebsocketConnection, + websocketMessageReceived, + utf8Decode, + isControlFrame, + isTextBinaryFrame, + isContinuationFrame +} = __nccwpck_require__(8625) +const { WebsocketFrameSend } = __nccwpck_require__(3264) +const { closeWebSocketConnection } = __nccwpck_require__(6897) +const { PerMessageDeflate } = __nccwpck_require__(9469) + +// This code was influenced by ws released under the MIT license. +// Copyright (c) 2011 Einar Otto Stangvik +// Copyright (c) 2013 Arnout Kazemier and contributors +// Copyright (c) 2016 Luigi Pinca and contributors + +class ByteParser extends Writable { + #buffers = [] + #byteOffset = 0 + #loop = false + + #state = parserStates.INFO + + #info = {} + #fragments = [] + + /** @type {Map} */ + #extensions + + /** + * @param {import('./websocket').WebSocket} ws + * @param {Map|null} extensions + */ + constructor (ws, extensions) { + super() + + this.ws = ws + this.#extensions = extensions == null ? new Map() : extensions + + if (this.#extensions.has('permessage-deflate')) { + this.#extensions.set('permessage-deflate', new PerMessageDeflate(extensions)) + } + } + + /** + * @param {Buffer} chunk + * @param {() => void} callback + */ + _write (chunk, _, callback) { + this.#buffers.push(chunk) + this.#byteOffset += chunk.length + this.#loop = true + + this.run(callback) + } + + /** + * Runs whenever a new chunk is received. + * Callback is called whenever there are no more chunks buffering, + * or not enough bytes are buffered to parse. + */ + run (callback) { + while (this.#loop) { + if (this.#state === parserStates.INFO) { + // If there aren't enough bytes to parse the payload length, etc. + if (this.#byteOffset < 2) { + return callback() + } + + const buffer = this.consume(2) + const fin = (buffer[0] & 0x80) !== 0 + const opcode = buffer[0] & 0x0F + const masked = (buffer[1] & 0x80) === 0x80 + + const fragmented = !fin && opcode !== opcodes.CONTINUATION + const payloadLength = buffer[1] & 0x7F + + const rsv1 = buffer[0] & 0x40 + const rsv2 = buffer[0] & 0x20 + const rsv3 = buffer[0] & 0x10 + + if (!isValidOpcode(opcode)) { + failWebsocketConnection(this.ws, 'Invalid opcode received') + return callback() + } + + if (masked) { + failWebsocketConnection(this.ws, 'Frame cannot be masked') + return callback() + } + + // MUST be 0 unless an extension is negotiated that defines meanings + // for non-zero values. If a nonzero value is received and none of + // the negotiated extensions defines the meaning of such a nonzero + // value, the receiving endpoint MUST _Fail the WebSocket + // Connection_. + // This document allocates the RSV1 bit of the WebSocket header for + // PMCEs and calls the bit the "Per-Message Compressed" bit. On a + // WebSocket connection where a PMCE is in use, this bit indicates + // whether a message is compressed or not. + if (rsv1 !== 0 && !this.#extensions.has('permessage-deflate')) { + failWebsocketConnection(this.ws, 'Expected RSV1 to be clear.') + return + } + + if (rsv2 !== 0 || rsv3 !== 0) { + failWebsocketConnection(this.ws, 'RSV1, RSV2, RSV3 must be clear') + return + } + + if (fragmented && !isTextBinaryFrame(opcode)) { + // Only text and binary frames can be fragmented + failWebsocketConnection(this.ws, 'Invalid frame type was fragmented.') + return + } + + // If we are already parsing a text/binary frame and do not receive either + // a continuation frame or close frame, fail the connection. + if (isTextBinaryFrame(opcode) && this.#fragments.length > 0) { + failWebsocketConnection(this.ws, 'Expected continuation frame') + return + } + + if (this.#info.fragmented && fragmented) { + // A fragmented frame can't be fragmented itself + failWebsocketConnection(this.ws, 'Fragmented frame exceeded 125 bytes.') + return + } + + // "All control frames MUST have a payload length of 125 bytes or less + // and MUST NOT be fragmented." + if ((payloadLength > 125 || fragmented) && isControlFrame(opcode)) { + failWebsocketConnection(this.ws, 'Control frame either too large or fragmented') + return + } + + if (isContinuationFrame(opcode) && this.#fragments.length === 0 && !this.#info.compressed) { + failWebsocketConnection(this.ws, 'Unexpected continuation frame') + return + } + + if (payloadLength <= 125) { + this.#info.payloadLength = payloadLength + this.#state = parserStates.READ_DATA + } else if (payloadLength === 126) { + this.#state = parserStates.PAYLOADLENGTH_16 + } else if (payloadLength === 127) { + this.#state = parserStates.PAYLOADLENGTH_64 + } + + if (isTextBinaryFrame(opcode)) { + this.#info.binaryType = opcode + this.#info.compressed = rsv1 !== 0 + } + + this.#info.opcode = opcode + this.#info.masked = masked + this.#info.fin = fin + this.#info.fragmented = fragmented + } else if (this.#state === parserStates.PAYLOADLENGTH_16) { + if (this.#byteOffset < 2) { + return callback() + } + + const buffer = this.consume(2) + + this.#info.payloadLength = buffer.readUInt16BE(0) + this.#state = parserStates.READ_DATA + } else if (this.#state === parserStates.PAYLOADLENGTH_64) { + if (this.#byteOffset < 8) { + return callback() + } + + const buffer = this.consume(8) + const upper = buffer.readUInt32BE(0) + const lower = buffer.readUInt32BE(4) + + // 2^31 is the maximum bytes an arraybuffer can contain + // on 32-bit systems. Although, on 64-bit systems, this is + // 2^53-1 bytes. + // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Invalid_array_length + // https://source.chromium.org/chromium/chromium/src/+/main:v8/src/common/globals.h;drc=1946212ac0100668f14eb9e2843bdd846e510a1e;bpv=1;bpt=1;l=1275 + // https://source.chromium.org/chromium/chromium/src/+/main:v8/src/objects/js-array-buffer.h;l=34;drc=1946212ac0100668f14eb9e2843bdd846e510a1e + if (upper !== 0 || lower > 2 ** 31 - 1) { + failWebsocketConnection(this.ws, 'Received payload length > 2^31 bytes.') + return + } + + this.#info.payloadLength = lower + this.#state = parserStates.READ_DATA + } else if (this.#state === parserStates.READ_DATA) { + if (this.#byteOffset < this.#info.payloadLength) { + return callback() + } + + const body = this.consume(this.#info.payloadLength) + + if (isControlFrame(this.#info.opcode)) { + this.#loop = this.parseControlFrame(body) + this.#state = parserStates.INFO + } else { + if (!this.#info.compressed) { + this.#fragments.push(body) + + // If the frame is not fragmented, a message has been received. + // If the frame is fragmented, it will terminate with a fin bit set + // and an opcode of 0 (continuation), therefore we handle that when + // parsing continuation frames, not here. + if (!this.#info.fragmented && this.#info.fin) { + const fullMessage = Buffer.concat(this.#fragments) + websocketMessageReceived(this.ws, this.#info.binaryType, fullMessage) + this.#fragments.length = 0 + } + + this.#state = parserStates.INFO + } else { + this.#extensions.get('permessage-deflate').decompress(body, this.#info.fin, (error, data) => { + if (error) { + failWebsocketConnection(this.ws, error.message) + return + } + + this.#fragments.push(data) + + if (!this.#info.fin) { + this.#state = parserStates.INFO + this.#loop = true + this.run(callback) + return + } + + websocketMessageReceived(this.ws, this.#info.binaryType, Buffer.concat(this.#fragments)) + + this.#loop = true + this.#state = parserStates.INFO + this.#fragments.length = 0 + this.run(callback) + }) + + this.#loop = false + break + } + } + } + } + } + + /** + * Take n bytes from the buffered Buffers + * @param {number} n + * @returns {Buffer} + */ + consume (n) { + if (n > this.#byteOffset) { + throw new Error('Called consume() before buffers satiated.') + } else if (n === 0) { + return emptyBuffer + } + + if (this.#buffers[0].length === n) { + this.#byteOffset -= this.#buffers[0].length + return this.#buffers.shift() + } + + const buffer = Buffer.allocUnsafe(n) + let offset = 0 + + while (offset !== n) { + const next = this.#buffers[0] + const { length } = next + + if (length + offset === n) { + buffer.set(this.#buffers.shift(), offset) + break + } else if (length + offset > n) { + buffer.set(next.subarray(0, n - offset), offset) + this.#buffers[0] = next.subarray(n - offset) + break + } else { + buffer.set(this.#buffers.shift(), offset) + offset += next.length + } + } + + this.#byteOffset -= n + + return buffer + } + + parseCloseBody (data) { + assert(data.length !== 1) + + // https://datatracker.ietf.org/doc/html/rfc6455#section-7.1.5 + /** @type {number|undefined} */ + let code + + if (data.length >= 2) { + // _The WebSocket Connection Close Code_ is + // defined as the status code (Section 7.4) contained in the first Close + // control frame received by the application + code = data.readUInt16BE(0) + } + + if (code !== undefined && !isValidStatusCode(code)) { + return { code: 1002, reason: 'Invalid status code', error: true } + } + + // https://datatracker.ietf.org/doc/html/rfc6455#section-7.1.6 + /** @type {Buffer} */ + let reason = data.subarray(2) + + // Remove BOM + if (reason[0] === 0xEF && reason[1] === 0xBB && reason[2] === 0xBF) { + reason = reason.subarray(3) + } + + try { + reason = utf8Decode(reason) + } catch { + return { code: 1007, reason: 'Invalid UTF-8', error: true } + } + + return { code, reason, error: false } + } + + /** + * Parses control frames. + * @param {Buffer} body + */ + parseControlFrame (body) { + const { opcode, payloadLength } = this.#info + + if (opcode === opcodes.CLOSE) { + if (payloadLength === 1) { + failWebsocketConnection(this.ws, 'Received close frame with a 1-byte body.') + return false + } + + this.#info.closeInfo = this.parseCloseBody(body) + + if (this.#info.closeInfo.error) { + const { code, reason } = this.#info.closeInfo + + closeWebSocketConnection(this.ws, code, reason, reason.length) + failWebsocketConnection(this.ws, reason) + return false + } + + if (this.ws[kSentClose] !== sentCloseFrameState.SENT) { + // If an endpoint receives a Close frame and did not previously send a + // Close frame, the endpoint MUST send a Close frame in response. (When + // sending a Close frame in response, the endpoint typically echos the + // status code it received.) + let body = emptyBuffer + if (this.#info.closeInfo.code) { + body = Buffer.allocUnsafe(2) + body.writeUInt16BE(this.#info.closeInfo.code, 0) + } + const closeFrame = new WebsocketFrameSend(body) + + this.ws[kResponse].socket.write( + closeFrame.createFrame(opcodes.CLOSE), + (err) => { + if (!err) { + this.ws[kSentClose] = sentCloseFrameState.SENT + } + } + ) + } + + // Upon either sending or receiving a Close control frame, it is said + // that _The WebSocket Closing Handshake is Started_ and that the + // WebSocket connection is in the CLOSING state. + this.ws[kReadyState] = states.CLOSING + this.ws[kReceivedClose] = true + + return false + } else if (opcode === opcodes.PING) { + // Upon receipt of a Ping frame, an endpoint MUST send a Pong frame in + // response, unless it already received a Close frame. + // A Pong frame sent in response to a Ping frame must have identical + // "Application data" + + if (!this.ws[kReceivedClose]) { + const frame = new WebsocketFrameSend(body) + + this.ws[kResponse].socket.write(frame.createFrame(opcodes.PONG)) + + if (channels.ping.hasSubscribers) { + channels.ping.publish({ + payload: body + }) + } + } + } else if (opcode === opcodes.PONG) { + // A Pong frame MAY be sent unsolicited. This serves as a + // unidirectional heartbeat. A response to an unsolicited Pong frame is + // not expected. + + if (channels.pong.hasSubscribers) { + channels.pong.publish({ + payload: body + }) + } + } + + return true + } + + get closingInfo () { + return this.#info.closeInfo + } +} + +module.exports = { + ByteParser +} + + +/***/ }), + +/***/ 3900: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; +const { WebsocketFrameSend } = __nccwpck_require__(3264) +const { opcodes, sendHints } = __nccwpck_require__(736) +const FixedQueue = __nccwpck_require__(4660) + +/** @type {typeof Uint8Array} */ +const FastBuffer = Buffer[Symbol.species] + +/** + * @typedef {object} SendQueueNode + * @property {Promise | null} promise + * @property {((...args: any[]) => any)} callback + * @property {Buffer | null} frame + */ -var _validate = _interopRequireDefault(__nccwpck_require__(6900)); +class SendQueue { + /** + * @type {FixedQueue} + */ + #queue = new FixedQueue() -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + /** + * @type {boolean} + */ + #running = false -function parse(uuid) { - if (!(0, _validate.default)(uuid)) { - throw TypeError('Invalid UUID'); + /** @type {import('node:net').Socket} */ + #socket + + constructor (socket) { + this.#socket = socket } - let v; - const arr = new Uint8Array(16); // Parse ########-....-....-....-............ + add (item, cb, hint) { + if (hint !== sendHints.blob) { + const frame = createFrame(item, hint) + if (!this.#running) { + // fast-path + this.#socket.write(frame, cb) + } else { + /** @type {SendQueueNode} */ + const node = { + promise: null, + callback: cb, + frame + } + this.#queue.push(node) + } + return + } + + /** @type {SendQueueNode} */ + const node = { + promise: item.arrayBuffer().then((ab) => { + node.promise = null + node.frame = createFrame(ab, hint) + }), + callback: cb, + frame: null + } - arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24; - arr[1] = v >>> 16 & 0xff; - arr[2] = v >>> 8 & 0xff; - arr[3] = v & 0xff; // Parse ........-####-....-....-............ + this.#queue.push(node) - arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8; - arr[5] = v & 0xff; // Parse ........-....-####-....-............ + if (!this.#running) { + this.#run() + } + } - arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8; - arr[7] = v & 0xff; // Parse ........-....-....-####-............ + async #run () { + this.#running = true + const queue = this.#queue + while (!queue.isEmpty()) { + const node = queue.shift() + // wait pending promise + if (node.promise !== null) { + await node.promise + } + // write + this.#socket.write(node.frame, node.callback) + // cleanup + node.callback = node.frame = null + } + this.#running = false + } +} - arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8; - arr[9] = v & 0xff; // Parse ........-....-....-....-############ - // (Use "/" to avoid 32-bit truncation when bit-shifting high-order bytes) +function createFrame (data, hint) { + return new WebsocketFrameSend(toBuffer(data, hint)).createFrame(hint === sendHints.string ? opcodes.TEXT : opcodes.BINARY) +} - arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff; - arr[11] = v / 0x100000000 & 0xff; - arr[12] = v >>> 24 & 0xff; - arr[13] = v >>> 16 & 0xff; - arr[14] = v >>> 8 & 0xff; - arr[15] = v & 0xff; - return arr; +function toBuffer (data, hint) { + switch (hint) { + case sendHints.string: + return Buffer.from(data) + case sendHints.arrayBuffer: + case sendHints.blob: + return new FastBuffer(data) + case sendHints.typedArray: + return new FastBuffer(data.buffer, data.byteOffset, data.byteLength) + } } -var _default = parse; -exports["default"] = _default; +module.exports = { SendQueue } + /***/ }), -/***/ 814: -/***/ ((__unused_webpack_module, exports) => { +/***/ 1216: +/***/ ((module) => { "use strict"; -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; -var _default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i; -exports["default"] = _default; +module.exports = { + kWebSocketURL: Symbol('url'), + kReadyState: Symbol('ready state'), + kController: Symbol('controller'), + kResponse: Symbol('response'), + kBinaryType: Symbol('binary type'), + kSentClose: Symbol('sent close'), + kReceivedClose: Symbol('received close'), + kByteParser: Symbol('byte parser') +} + /***/ }), -/***/ 807: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +/***/ 8625: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { "use strict"; -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = rng; +const { kReadyState, kController, kResponse, kBinaryType, kWebSocketURL } = __nccwpck_require__(1216) +const { states, opcodes } = __nccwpck_require__(736) +const { ErrorEvent, createFastMessageEvent } = __nccwpck_require__(5188) +const { isUtf8 } = __nccwpck_require__(4573) +const { collectASequenceOfCodePointsFast, removeHTTPWhitespace } = __nccwpck_require__(1900) + +/* globals Blob */ + +/** + * @param {import('./websocket').WebSocket} ws + * @returns {boolean} + */ +function isConnecting (ws) { + // If the WebSocket connection is not yet established, and the connection + // is not yet closed, then the WebSocket connection is in the CONNECTING state. + return ws[kReadyState] === states.CONNECTING +} + +/** + * @param {import('./websocket').WebSocket} ws + * @returns {boolean} + */ +function isEstablished (ws) { + // If the server's response is validated as provided for above, it is + // said that _The WebSocket Connection is Established_ and that the + // WebSocket Connection is in the OPEN state. + return ws[kReadyState] === states.OPEN +} + +/** + * @param {import('./websocket').WebSocket} ws + * @returns {boolean} + */ +function isClosing (ws) { + // Upon either sending or receiving a Close control frame, it is said + // that _The WebSocket Closing Handshake is Started_ and that the + // WebSocket connection is in the CLOSING state. + return ws[kReadyState] === states.CLOSING +} + +/** + * @param {import('./websocket').WebSocket} ws + * @returns {boolean} + */ +function isClosed (ws) { + return ws[kReadyState] === states.CLOSED +} + +/** + * @see https://dom.spec.whatwg.org/#concept-event-fire + * @param {string} e + * @param {EventTarget} target + * @param {(...args: ConstructorParameters) => Event} eventFactory + * @param {EventInit | undefined} eventInitDict + */ +function fireEvent (e, target, eventFactory = (type, init) => new Event(type, init), eventInitDict = {}) { + // 1. If eventConstructor is not given, then let eventConstructor be Event. + + // 2. Let event be the result of creating an event given eventConstructor, + // in the relevant realm of target. + // 3. Initialize event’s type attribute to e. + const event = eventFactory(e, eventInitDict) + + // 4. Initialize any other IDL attributes of event as described in the + // invocation of this algorithm. + + // 5. Return the result of dispatching event at target, with legacy target + // override flag set if set. + target.dispatchEvent(event) +} + +/** + * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol + * @param {import('./websocket').WebSocket} ws + * @param {number} type Opcode + * @param {Buffer} data application data + */ +function websocketMessageReceived (ws, type, data) { + // 1. If ready state is not OPEN (1), then return. + if (ws[kReadyState] !== states.OPEN) { + return + } + + // 2. Let dataForEvent be determined by switching on type and binary type: + let dataForEvent + + if (type === opcodes.TEXT) { + // -> type indicates that the data is Text + // a new DOMString containing data + try { + dataForEvent = utf8Decode(data) + } catch { + failWebsocketConnection(ws, 'Received invalid UTF-8 in text frame.') + return + } + } else if (type === opcodes.BINARY) { + if (ws[kBinaryType] === 'blob') { + // -> type indicates that the data is Binary and binary type is "blob" + // a new Blob object, created in the relevant Realm of the WebSocket + // object, that represents data as its raw data + dataForEvent = new Blob([data]) + } else { + // -> type indicates that the data is Binary and binary type is "arraybuffer" + // a new ArrayBuffer object, created in the relevant Realm of the + // WebSocket object, whose contents are data + dataForEvent = toArrayBuffer(data) + } + } + + // 3. Fire an event named message at the WebSocket object, using MessageEvent, + // with the origin attribute initialized to the serialization of the WebSocket + // object’s url's origin, and the data attribute initialized to dataForEvent. + fireEvent('message', ws, createFastMessageEvent, { + origin: ws[kWebSocketURL].origin, + data: dataForEvent + }) +} + +function toArrayBuffer (buffer) { + if (buffer.byteLength === buffer.buffer.byteLength) { + return buffer.buffer + } + return buffer.buffer.slice(buffer.byteOffset, buffer.byteOffset + buffer.byteLength) +} + +/** + * @see https://datatracker.ietf.org/doc/html/rfc6455 + * @see https://datatracker.ietf.org/doc/html/rfc2616 + * @see https://bugs.chromium.org/p/chromium/issues/detail?id=398407 + * @param {string} protocol + */ +function isValidSubprotocol (protocol) { + // If present, this value indicates one + // or more comma-separated subprotocol the client wishes to speak, + // ordered by preference. The elements that comprise this value + // MUST be non-empty strings with characters in the range U+0021 to + // U+007E not including separator characters as defined in + // [RFC2616] and MUST all be unique strings. + if (protocol.length === 0) { + return false + } + + for (let i = 0; i < protocol.length; ++i) { + const code = protocol.charCodeAt(i) + + if ( + code < 0x21 || // CTL, contains SP (0x20) and HT (0x09) + code > 0x7E || + code === 0x22 || // " + code === 0x28 || // ( + code === 0x29 || // ) + code === 0x2C || // , + code === 0x2F || // / + code === 0x3A || // : + code === 0x3B || // ; + code === 0x3C || // < + code === 0x3D || // = + code === 0x3E || // > + code === 0x3F || // ? + code === 0x40 || // @ + code === 0x5B || // [ + code === 0x5C || // \ + code === 0x5D || // ] + code === 0x7B || // { + code === 0x7D // } + ) { + return false + } + } + + return true +} + +/** + * @see https://datatracker.ietf.org/doc/html/rfc6455#section-7-4 + * @param {number} code + */ +function isValidStatusCode (code) { + if (code >= 1000 && code < 1015) { + return ( + code !== 1004 && // reserved + code !== 1005 && // "MUST NOT be set as a status code" + code !== 1006 // "MUST NOT be set as a status code" + ) + } + + return code >= 3000 && code <= 4999 +} + +/** + * @param {import('./websocket').WebSocket} ws + * @param {string|undefined} reason + */ +function failWebsocketConnection (ws, reason) { + const { [kController]: controller, [kResponse]: response } = ws + + controller.abort() + + if (response?.socket && !response.socket.destroyed) { + response.socket.destroy() + } + + if (reason) { + // TODO: process.nextTick + fireEvent('error', ws, (type, init) => new ErrorEvent(type, init), { + error: new Error(reason), + message: reason + }) + } +} + +/** + * @see https://datatracker.ietf.org/doc/html/rfc6455#section-5.5 + * @param {number} opcode + */ +function isControlFrame (opcode) { + return ( + opcode === opcodes.CLOSE || + opcode === opcodes.PING || + opcode === opcodes.PONG + ) +} + +function isContinuationFrame (opcode) { + return opcode === opcodes.CONTINUATION +} + +function isTextBinaryFrame (opcode) { + return opcode === opcodes.TEXT || opcode === opcodes.BINARY +} + +function isValidOpcode (opcode) { + return isTextBinaryFrame(opcode) || isContinuationFrame(opcode) || isControlFrame(opcode) +} + +/** + * Parses a Sec-WebSocket-Extensions header value. + * @param {string} extensions + * @returns {Map} + */ +// TODO(@Uzlopak, @KhafraDev): make compliant https://datatracker.ietf.org/doc/html/rfc6455#section-9.1 +function parseExtensions (extensions) { + const position = { position: 0 } + const extensionList = new Map() + + while (position.position < extensions.length) { + const pair = collectASequenceOfCodePointsFast(';', extensions, position) + const [name, value = ''] = pair.split('=') + + extensionList.set( + removeHTTPWhitespace(name, true, false), + removeHTTPWhitespace(value, false, true) + ) + + position.position++ + } + + return extensionList +} + +/** + * @see https://www.rfc-editor.org/rfc/rfc7692#section-7.1.2.2 + * @description "client-max-window-bits = 1*DIGIT" + * @param {string} value + */ +function isValidClientWindowBits (value) { + // Must have at least one character + if (value.length === 0) { + return false + } + + // Check all characters are ASCII digits + for (let i = 0; i < value.length; i++) { + const byte = value.charCodeAt(i) + + if (byte < 0x30 || byte > 0x39) { + return false + } + } + + // Check numeric range: zlib requires windowBits in range 8-15 + const num = Number.parseInt(value, 10) + return num >= 8 && num <= 15 +} + +// https://nodejs.org/api/intl.html#detecting-internationalization-support +const hasIntl = typeof process.versions.icu === 'string' +const fatalDecoder = hasIntl ? new TextDecoder('utf-8', { fatal: true }) : undefined + +/** + * Converts a Buffer to utf-8, even on platforms without icu. + * @param {Buffer} buffer + */ +const utf8Decode = hasIntl + ? fatalDecoder.decode.bind(fatalDecoder) + : function (buffer) { + if (isUtf8(buffer)) { + return buffer.toString('utf-8') + } + throw new TypeError('Invalid utf-8 received.') + } + +module.exports = { + isConnecting, + isEstablished, + isClosing, + isClosed, + fireEvent, + isValidSubprotocol, + isValidStatusCode, + failWebsocketConnection, + websocketMessageReceived, + utf8Decode, + isControlFrame, + isContinuationFrame, + isTextBinaryFrame, + isValidOpcode, + parseExtensions, + isValidClientWindowBits +} + + +/***/ }), + +/***/ 3726: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +"use strict"; + + +const { webidl } = __nccwpck_require__(5893) +const { URLSerializer } = __nccwpck_require__(1900) +const { environmentSettingsObject } = __nccwpck_require__(3168) +const { staticPropertyDescriptors, states, sentCloseFrameState, sendHints } = __nccwpck_require__(736) +const { + kWebSocketURL, + kReadyState, + kController, + kBinaryType, + kResponse, + kSentClose, + kByteParser +} = __nccwpck_require__(1216) +const { + isConnecting, + isEstablished, + isClosing, + isValidSubprotocol, + fireEvent +} = __nccwpck_require__(8625) +const { establishWebSocketConnection, closeWebSocketConnection } = __nccwpck_require__(6897) +const { ByteParser } = __nccwpck_require__(1652) +const { kEnumerableProperty, isBlobLike } = __nccwpck_require__(3440) +const { getGlobalDispatcher } = __nccwpck_require__(2581) +const { types } = __nccwpck_require__(7975) +const { ErrorEvent, CloseEvent } = __nccwpck_require__(5188) +const { SendQueue } = __nccwpck_require__(3900) + +// https://websockets.spec.whatwg.org/#interface-definition +class WebSocket extends EventTarget { + #events = { + open: null, + error: null, + close: null, + message: null + } + + #bufferedAmount = 0 + #protocol = '' + #extensions = '' + + /** @type {SendQueue} */ + #sendQueue + + /** + * @param {string} url + * @param {string|string[]} protocols + */ + constructor (url, protocols = []) { + super() + + webidl.util.markAsUncloneable(this) + + const prefix = 'WebSocket constructor' + webidl.argumentLengthCheck(arguments, 1, prefix) + + const options = webidl.converters['DOMString or sequence or WebSocketInit'](protocols, prefix, 'options') + + url = webidl.converters.USVString(url, prefix, 'url') + protocols = options.protocols + + // 1. Let baseURL be this's relevant settings object's API base URL. + const baseURL = environmentSettingsObject.settingsObject.baseUrl + + // 1. Let urlRecord be the result of applying the URL parser to url with baseURL. + let urlRecord + + try { + urlRecord = new URL(url, baseURL) + } catch (e) { + // 3. If urlRecord is failure, then throw a "SyntaxError" DOMException. + throw new DOMException(e, 'SyntaxError') + } + + // 4. If urlRecord’s scheme is "http", then set urlRecord’s scheme to "ws". + if (urlRecord.protocol === 'http:') { + urlRecord.protocol = 'ws:' + } else if (urlRecord.protocol === 'https:') { + // 5. Otherwise, if urlRecord’s scheme is "https", set urlRecord’s scheme to "wss". + urlRecord.protocol = 'wss:' + } + + // 6. If urlRecord’s scheme is not "ws" or "wss", then throw a "SyntaxError" DOMException. + if (urlRecord.protocol !== 'ws:' && urlRecord.protocol !== 'wss:') { + throw new DOMException( + `Expected a ws: or wss: protocol, got ${urlRecord.protocol}`, + 'SyntaxError' + ) + } + + // 7. If urlRecord’s fragment is non-null, then throw a "SyntaxError" + // DOMException. + if (urlRecord.hash || urlRecord.href.endsWith('#')) { + throw new DOMException('Got fragment', 'SyntaxError') + } + + // 8. If protocols is a string, set protocols to a sequence consisting + // of just that string. + if (typeof protocols === 'string') { + protocols = [protocols] + } + + // 9. If any of the values in protocols occur more than once or otherwise + // fail to match the requirements for elements that comprise the value + // of `Sec-WebSocket-Protocol` fields as defined by The WebSocket + // protocol, then throw a "SyntaxError" DOMException. + if (protocols.length !== new Set(protocols.map(p => p.toLowerCase())).size) { + throw new DOMException('Invalid Sec-WebSocket-Protocol value', 'SyntaxError') + } + + if (protocols.length > 0 && !protocols.every(p => isValidSubprotocol(p))) { + throw new DOMException('Invalid Sec-WebSocket-Protocol value', 'SyntaxError') + } + + // 10. Set this's url to urlRecord. + this[kWebSocketURL] = new URL(urlRecord.href) + + // 11. Let client be this's relevant settings object. + const client = environmentSettingsObject.settingsObject + + // 12. Run this step in parallel: + + // 1. Establish a WebSocket connection given urlRecord, protocols, + // and client. + this[kController] = establishWebSocketConnection( + urlRecord, + protocols, + client, + this, + (response, extensions) => this.#onConnectionEstablished(response, extensions), + options + ) + + // Each WebSocket object has an associated ready state, which is a + // number representing the state of the connection. Initially it must + // be CONNECTING (0). + this[kReadyState] = WebSocket.CONNECTING + + this[kSentClose] = sentCloseFrameState.NOT_SENT + + // The extensions attribute must initially return the empty string. + + // The protocol attribute must initially return the empty string. + + // Each WebSocket object has an associated binary type, which is a + // BinaryType. Initially it must be "blob". + this[kBinaryType] = 'blob' + } + + /** + * @see https://websockets.spec.whatwg.org/#dom-websocket-close + * @param {number|undefined} code + * @param {string|undefined} reason + */ + close (code = undefined, reason = undefined) { + webidl.brandCheck(this, WebSocket) + + const prefix = 'WebSocket.close' + + if (code !== undefined) { + code = webidl.converters['unsigned short'](code, prefix, 'code', { clamp: true }) + } -var _crypto = _interopRequireDefault(__nccwpck_require__(6113)); + if (reason !== undefined) { + reason = webidl.converters.USVString(reason, prefix, 'reason') + } -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + // 1. If code is present, but is neither an integer equal to 1000 nor an + // integer in the range 3000 to 4999, inclusive, throw an + // "InvalidAccessError" DOMException. + if (code !== undefined) { + if (code !== 1000 && (code < 3000 || code > 4999)) { + throw new DOMException('invalid code', 'InvalidAccessError') + } + } -const rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate + let reasonByteLength = 0 -let poolPtr = rnds8Pool.length; + // 2. If reason is present, then run these substeps: + if (reason !== undefined) { + // 1. Let reasonBytes be the result of encoding reason. + // 2. If reasonBytes is longer than 123 bytes, then throw a + // "SyntaxError" DOMException. + reasonByteLength = Buffer.byteLength(reason) -function rng() { - if (poolPtr > rnds8Pool.length - 16) { - _crypto.default.randomFillSync(rnds8Pool); + if (reasonByteLength > 123) { + throw new DOMException( + `Reason must be less than 123 bytes; received ${reasonByteLength}`, + 'SyntaxError' + ) + } + } - poolPtr = 0; - } + // 3. Run the first matching steps from the following list: + closeWebSocketConnection(this, code, reason, reasonByteLength) + } + + /** + * @see https://websockets.spec.whatwg.org/#dom-websocket-send + * @param {NodeJS.TypedArray|ArrayBuffer|Blob|string} data + */ + send (data) { + webidl.brandCheck(this, WebSocket) + + const prefix = 'WebSocket.send' + webidl.argumentLengthCheck(arguments, 1, prefix) + + data = webidl.converters.WebSocketSendData(data, prefix, 'data') + + // 1. If this's ready state is CONNECTING, then throw an + // "InvalidStateError" DOMException. + if (isConnecting(this)) { + throw new DOMException('Sent before connected.', 'InvalidStateError') + } + + // 2. Run the appropriate set of steps from the following list: + // https://datatracker.ietf.org/doc/html/rfc6455#section-6.1 + // https://datatracker.ietf.org/doc/html/rfc6455#section-5.2 + + if (!isEstablished(this) || isClosing(this)) { + return + } + + // If data is a string + if (typeof data === 'string') { + // If the WebSocket connection is established and the WebSocket + // closing handshake has not yet started, then the user agent + // must send a WebSocket Message comprised of the data argument + // using a text frame opcode; if the data cannot be sent, e.g. + // because it would need to be buffered but the buffer is full, + // the user agent must flag the WebSocket as full and then close + // the WebSocket connection. Any invocation of this method with a + // string argument that does not throw an exception must increase + // the bufferedAmount attribute by the number of bytes needed to + // express the argument as UTF-8. - return rnds8Pool.slice(poolPtr, poolPtr += 16); -} + const length = Buffer.byteLength(data) -/***/ }), + this.#bufferedAmount += length + this.#sendQueue.add(data, () => { + this.#bufferedAmount -= length + }, sendHints.string) + } else if (types.isArrayBuffer(data)) { + // If the WebSocket connection is established, and the WebSocket + // closing handshake has not yet started, then the user agent must + // send a WebSocket Message comprised of data using a binary frame + // opcode; if the data cannot be sent, e.g. because it would need + // to be buffered but the buffer is full, the user agent must flag + // the WebSocket as full and then close the WebSocket connection. + // The data to be sent is the data stored in the buffer described + // by the ArrayBuffer object. Any invocation of this method with an + // ArrayBuffer argument that does not throw an exception must + // increase the bufferedAmount attribute by the length of the + // ArrayBuffer in bytes. -/***/ 5274: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { + this.#bufferedAmount += data.byteLength + this.#sendQueue.add(data, () => { + this.#bufferedAmount -= data.byteLength + }, sendHints.arrayBuffer) + } else if (ArrayBuffer.isView(data)) { + // If the WebSocket connection is established, and the WebSocket + // closing handshake has not yet started, then the user agent must + // send a WebSocket Message comprised of data using a binary frame + // opcode; if the data cannot be sent, e.g. because it would need to + // be buffered but the buffer is full, the user agent must flag the + // WebSocket as full and then close the WebSocket connection. The + // data to be sent is the data stored in the section of the buffer + // described by the ArrayBuffer object that data references. Any + // invocation of this method with this kind of argument that does + // not throw an exception must increase the bufferedAmount attribute + // by the length of data’s buffer in bytes. -"use strict"; + this.#bufferedAmount += data.byteLength + this.#sendQueue.add(data, () => { + this.#bufferedAmount -= data.byteLength + }, sendHints.typedArray) + } else if (isBlobLike(data)) { + // If the WebSocket connection is established, and the WebSocket + // closing handshake has not yet started, then the user agent must + // send a WebSocket Message comprised of data using a binary frame + // opcode; if the data cannot be sent, e.g. because it would need to + // be buffered but the buffer is full, the user agent must flag the + // WebSocket as full and then close the WebSocket connection. The data + // to be sent is the raw data represented by the Blob object. Any + // invocation of this method with a Blob argument that does not throw + // an exception must increase the bufferedAmount attribute by the size + // of the Blob object’s raw data, in bytes. + this.#bufferedAmount += data.size + this.#sendQueue.add(data, () => { + this.#bufferedAmount -= data.size + }, sendHints.blob) + } + } -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; + get readyState () { + webidl.brandCheck(this, WebSocket) -var _crypto = _interopRequireDefault(__nccwpck_require__(6113)); + // The readyState getter steps are to return this's ready state. + return this[kReadyState] + } -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + get bufferedAmount () { + webidl.brandCheck(this, WebSocket) -function sha1(bytes) { - if (Array.isArray(bytes)) { - bytes = Buffer.from(bytes); - } else if (typeof bytes === 'string') { - bytes = Buffer.from(bytes, 'utf8'); + return this.#bufferedAmount } - return _crypto.default.createHash('sha1').update(bytes).digest(); -} - -var _default = sha1; -exports["default"] = _default; + get url () { + webidl.brandCheck(this, WebSocket) -/***/ }), + // The url getter steps are to return this's url, serialized. + return URLSerializer(this[kWebSocketURL]) + } -/***/ 8950: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { + get extensions () { + webidl.brandCheck(this, WebSocket) -"use strict"; + return this.#extensions + } + get protocol () { + webidl.brandCheck(this, WebSocket) + + return this.#protocol + } -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; + get onopen () { + webidl.brandCheck(this, WebSocket) -var _validate = _interopRequireDefault(__nccwpck_require__(6900)); + return this.#events.open + } -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + set onopen (fn) { + webidl.brandCheck(this, WebSocket) -/** - * Convert array of 16 byte values to UUID string format of the form: - * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX - */ -const byteToHex = []; + if (this.#events.open) { + this.removeEventListener('open', this.#events.open) + } -for (let i = 0; i < 256; ++i) { - byteToHex.push((i + 0x100).toString(16).substr(1)); -} + if (typeof fn === 'function') { + this.#events.open = fn + this.addEventListener('open', fn) + } else { + this.#events.open = null + } + } -function stringify(arr, offset = 0) { - // Note: Be careful editing this code! It's been tuned for performance - // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434 - const uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID. If this throws, it's likely due to one - // of the following: - // - One or more input array values don't map to a hex octet (leading to - // "undefined" in the uuid) - // - Invalid input values for the RFC `version` or `variant` fields + get onerror () { + webidl.brandCheck(this, WebSocket) - if (!(0, _validate.default)(uuid)) { - throw TypeError('Stringified UUID is invalid'); + return this.#events.error } - return uuid; -} + set onerror (fn) { + webidl.brandCheck(this, WebSocket) -var _default = stringify; -exports["default"] = _default; + if (this.#events.error) { + this.removeEventListener('error', this.#events.error) + } -/***/ }), + if (typeof fn === 'function') { + this.#events.error = fn + this.addEventListener('error', fn) + } else { + this.#events.error = null + } + } -/***/ 8628: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { + get onclose () { + webidl.brandCheck(this, WebSocket) -"use strict"; + return this.#events.close + } + set onclose (fn) { + webidl.brandCheck(this, WebSocket) -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; + if (this.#events.close) { + this.removeEventListener('close', this.#events.close) + } -var _rng = _interopRequireDefault(__nccwpck_require__(807)); + if (typeof fn === 'function') { + this.#events.close = fn + this.addEventListener('close', fn) + } else { + this.#events.close = null + } + } -var _stringify = _interopRequireDefault(__nccwpck_require__(8950)); + get onmessage () { + webidl.brandCheck(this, WebSocket) -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + return this.#events.message + } -// **`v1()` - Generate time-based UUID** -// -// Inspired by https://github.com/LiosK/UUID.js -// and http://docs.python.org/library/uuid.html -let _nodeId; + set onmessage (fn) { + webidl.brandCheck(this, WebSocket) -let _clockseq; // Previous uuid creation time + if (this.#events.message) { + this.removeEventListener('message', this.#events.message) + } + if (typeof fn === 'function') { + this.#events.message = fn + this.addEventListener('message', fn) + } else { + this.#events.message = null + } + } -let _lastMSecs = 0; -let _lastNSecs = 0; // See https://github.com/uuidjs/uuid for API details + get binaryType () { + webidl.brandCheck(this, WebSocket) -function v1(options, buf, offset) { - let i = buf && offset || 0; - const b = buf || new Array(16); - options = options || {}; - let node = options.node || _nodeId; - let clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not - // specified. We do this lazily to minimize issues related to insufficient - // system entropy. See #189 + return this[kBinaryType] + } - if (node == null || clockseq == null) { - const seedBytes = options.random || (options.rng || _rng.default)(); + set binaryType (type) { + webidl.brandCheck(this, WebSocket) - if (node == null) { - // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1) - node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]]; + if (type !== 'blob' && type !== 'arraybuffer') { + this[kBinaryType] = 'blob' + } else { + this[kBinaryType] = type } + } - if (clockseq == null) { - // Per 4.2.2, randomize (14 bit) clockseq - clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff; - } - } // UUID timestamps are 100 nano-second units since the Gregorian epoch, - // (1582-10-15 00:00). JSNumbers aren't precise enough for this, so - // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs' - // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00. + /** + * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol + */ + #onConnectionEstablished (response, parsedExtensions) { + // processResponse is called when the "response's header list has been received and initialized." + // once this happens, the connection is open + this[kResponse] = response + const parser = new ByteParser(this, parsedExtensions) + parser.on('drain', onParserDrain) + parser.on('error', onParserError.bind(this)) - let msecs = options.msecs !== undefined ? options.msecs : Date.now(); // Per 4.2.1.2, use count of uuid's generated during the current clock - // cycle to simulate higher resolution clock + response.socket.ws = this + this[kByteParser] = parser - let nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs) + this.#sendQueue = new SendQueue(response.socket) - const dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per 4.2.1.2, Bump clockseq on clock regression + // 1. Change the ready state to OPEN (1). + this[kReadyState] = states.OPEN - if (dt < 0 && options.clockseq === undefined) { - clockseq = clockseq + 1 & 0x3fff; - } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new - // time interval + // 2. Change the extensions attribute’s value to the extensions in use, if + // it is not the null value. + // https://datatracker.ietf.org/doc/html/rfc6455#section-9.1 + const extensions = response.headersList.get('sec-websocket-extensions') + if (extensions !== null) { + this.#extensions = extensions + } - if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) { - nsecs = 0; - } // Per 4.2.1.2 Throw error if too many uuids are requested + // 3. Change the protocol attribute’s value to the subprotocol in use, if + // it is not the null value. + // https://datatracker.ietf.org/doc/html/rfc6455#section-1.9 + const protocol = response.headersList.get('sec-websocket-protocol') + if (protocol !== null) { + this.#protocol = protocol + } - if (nsecs >= 10000) { - throw new Error("uuid.v1(): Can't create more than 10M uuids/sec"); + // 4. Fire an event named open at the WebSocket object. + fireEvent('open', this) } +} - _lastMSecs = msecs; - _lastNSecs = nsecs; - _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch - - msecs += 12219292800000; // `time_low` +// https://websockets.spec.whatwg.org/#dom-websocket-connecting +WebSocket.CONNECTING = WebSocket.prototype.CONNECTING = states.CONNECTING +// https://websockets.spec.whatwg.org/#dom-websocket-open +WebSocket.OPEN = WebSocket.prototype.OPEN = states.OPEN +// https://websockets.spec.whatwg.org/#dom-websocket-closing +WebSocket.CLOSING = WebSocket.prototype.CLOSING = states.CLOSING +// https://websockets.spec.whatwg.org/#dom-websocket-closed +WebSocket.CLOSED = WebSocket.prototype.CLOSED = states.CLOSED - const tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000; - b[i++] = tl >>> 24 & 0xff; - b[i++] = tl >>> 16 & 0xff; - b[i++] = tl >>> 8 & 0xff; - b[i++] = tl & 0xff; // `time_mid` +Object.defineProperties(WebSocket.prototype, { + CONNECTING: staticPropertyDescriptors, + OPEN: staticPropertyDescriptors, + CLOSING: staticPropertyDescriptors, + CLOSED: staticPropertyDescriptors, + url: kEnumerableProperty, + readyState: kEnumerableProperty, + bufferedAmount: kEnumerableProperty, + onopen: kEnumerableProperty, + onerror: kEnumerableProperty, + onclose: kEnumerableProperty, + close: kEnumerableProperty, + onmessage: kEnumerableProperty, + binaryType: kEnumerableProperty, + send: kEnumerableProperty, + extensions: kEnumerableProperty, + protocol: kEnumerableProperty, + [Symbol.toStringTag]: { + value: 'WebSocket', + writable: false, + enumerable: false, + configurable: true + } +}) - const tmh = msecs / 0x100000000 * 10000 & 0xfffffff; - b[i++] = tmh >>> 8 & 0xff; - b[i++] = tmh & 0xff; // `time_high_and_version` +Object.defineProperties(WebSocket, { + CONNECTING: staticPropertyDescriptors, + OPEN: staticPropertyDescriptors, + CLOSING: staticPropertyDescriptors, + CLOSED: staticPropertyDescriptors +}) - b[i++] = tmh >>> 24 & 0xf | 0x10; // include version +webidl.converters['sequence'] = webidl.sequenceConverter( + webidl.converters.DOMString +) - b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant) +webidl.converters['DOMString or sequence'] = function (V, prefix, argument) { + if (webidl.util.Type(V) === 'Object' && Symbol.iterator in V) { + return webidl.converters['sequence'](V) + } - b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low` + return webidl.converters.DOMString(V, prefix, argument) +} - b[i++] = clockseq & 0xff; // `node` +// This implements the proposal made in https://github.com/whatwg/websockets/issues/42 +webidl.converters.WebSocketInit = webidl.dictionaryConverter([ + { + key: 'protocols', + converter: webidl.converters['DOMString or sequence'], + defaultValue: () => new Array(0) + }, + { + key: 'dispatcher', + converter: webidl.converters.any, + defaultValue: () => getGlobalDispatcher() + }, + { + key: 'headers', + converter: webidl.nullableConverter(webidl.converters.HeadersInit) + } +]) - for (let n = 0; n < 6; ++n) { - b[i + n] = node[n]; +webidl.converters['DOMString or sequence or WebSocketInit'] = function (V) { + if (webidl.util.Type(V) === 'Object' && !(Symbol.iterator in V)) { + return webidl.converters.WebSocketInit(V) } - return buf || (0, _stringify.default)(b); + return { protocols: webidl.converters['DOMString or sequence'](V) } } -var _default = v1; -exports["default"] = _default; +webidl.converters.WebSocketSendData = function (V) { + if (webidl.util.Type(V) === 'Object') { + if (isBlobLike(V)) { + return webidl.converters.Blob(V, { strict: false }) + } -/***/ }), + if (ArrayBuffer.isView(V) || types.isArrayBuffer(V)) { + return webidl.converters.BufferSource(V) + } + } -/***/ 6409: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { + return webidl.converters.USVString(V) +} -"use strict"; +function onParserDrain () { + this.ws[kResponse].socket.resume() +} +function onParserError (err) { + let message + let code -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; + if (err instanceof CloseEvent) { + message = err.reason + code = err.code + } else { + message = err.message + } -var _v = _interopRequireDefault(__nccwpck_require__(5998)); + fireEvent('error', this, () => new ErrorEvent('error', { error: err, message })) -var _md = _interopRequireDefault(__nccwpck_require__(4569)); + closeWebSocketConnection(this, code) +} -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +module.exports = { + WebSocket +} -const v3 = (0, _v.default)('v3', 0x30, _md.default); -var _default = v3; -exports["default"] = _default; /***/ }), -/***/ 5998: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - -"use strict"; - +/***/ 5243: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = _default; -exports.URL = exports.DNS = void 0; +module.exports = require(__nccwpck_require__.ab + "build/Release/cpufeatures.node") -var _stringify = _interopRequireDefault(__nccwpck_require__(8950)); +/***/ }), -var _parse = _interopRequireDefault(__nccwpck_require__(2746)); +/***/ 8440: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +module.exports = require(__nccwpck_require__.ab + "lib/protocol/crypto/build/Release/sshcrypto.node") -function stringToBytes(str) { - str = unescape(encodeURIComponent(str)); // UTF8 escape +/***/ }), - const bytes = []; +/***/ 2613: +/***/ ((module) => { - for (let i = 0; i < str.length; ++i) { - bytes.push(str.charCodeAt(i)); - } +"use strict"; +module.exports = require("assert"); - return bytes; -} +/***/ }), -const DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8'; -exports.DNS = DNS; -const URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8'; -exports.URL = URL; +/***/ 181: +/***/ ((module) => { -function _default(name, version, hashfunc) { - function generateUUID(value, namespace, buf, offset) { - if (typeof value === 'string') { - value = stringToBytes(value); - } +"use strict"; +module.exports = require("buffer"); - if (typeof namespace === 'string') { - namespace = (0, _parse.default)(namespace); - } +/***/ }), - if (namespace.length !== 16) { - throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)'); - } // Compute hash of namespace and value, Per 4.3 - // Future: Use spread syntax when supported on all platforms, e.g. `bytes = - // hashfunc([...namespace, ... value])` +/***/ 5317: +/***/ ((module) => { +"use strict"; +module.exports = require("child_process"); - let bytes = new Uint8Array(16 + value.length); - bytes.set(namespace); - bytes.set(value, namespace.length); - bytes = hashfunc(bytes); - bytes[6] = bytes[6] & 0x0f | version; - bytes[8] = bytes[8] & 0x3f | 0x80; +/***/ }), - if (buf) { - offset = offset || 0; +/***/ 6982: +/***/ ((module) => { - for (let i = 0; i < 16; ++i) { - buf[offset + i] = bytes[i]; - } +"use strict"; +module.exports = require("crypto"); - return buf; - } +/***/ }), - return (0, _stringify.default)(bytes); - } // Function#name is not settable on some platforms (#270) +/***/ 2250: +/***/ ((module) => { +"use strict"; +module.exports = require("dns"); - try { - generateUUID.name = name; // eslint-disable-next-line no-empty - } catch (err) {} // For CommonJS default export support +/***/ }), +/***/ 4434: +/***/ ((module) => { - generateUUID.DNS = DNS; - generateUUID.URL = URL; - return generateUUID; -} +"use strict"; +module.exports = require("events"); /***/ }), -/***/ 5122: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +/***/ 9896: +/***/ ((module) => { "use strict"; +module.exports = require("fs"); +/***/ }), -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; - -var _rng = _interopRequireDefault(__nccwpck_require__(807)); - -var _stringify = _interopRequireDefault(__nccwpck_require__(8950)); +/***/ 8611: +/***/ ((module) => { -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +"use strict"; +module.exports = require("http"); -function v4(options, buf, offset) { - options = options || {}; +/***/ }), - const rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved` +/***/ 5692: +/***/ ((module) => { +"use strict"; +module.exports = require("https"); - rnds[6] = rnds[6] & 0x0f | 0x40; - rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided +/***/ }), - if (buf) { - offset = offset || 0; +/***/ 9278: +/***/ ((module) => { - for (let i = 0; i < 16; ++i) { - buf[offset + i] = rnds[i]; - } +"use strict"; +module.exports = require("net"); - return buf; - } +/***/ }), - return (0, _stringify.default)(rnds); -} +/***/ 4589: +/***/ ((module) => { -var _default = v4; -exports["default"] = _default; +"use strict"; +module.exports = require("node:assert"); /***/ }), -/***/ 9120: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +/***/ 6698: +/***/ ((module) => { "use strict"; +module.exports = require("node:async_hooks"); +/***/ }), -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; +/***/ 4573: +/***/ ((module) => { -var _v = _interopRequireDefault(__nccwpck_require__(5998)); +"use strict"; +module.exports = require("node:buffer"); -var _sha = _interopRequireDefault(__nccwpck_require__(5274)); +/***/ }), -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +/***/ 7540: +/***/ ((module) => { -const v5 = (0, _v.default)('v5', 0x50, _sha.default); -var _default = v5; -exports["default"] = _default; +"use strict"; +module.exports = require("node:console"); /***/ }), -/***/ 6900: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +/***/ 7598: +/***/ ((module) => { "use strict"; +module.exports = require("node:crypto"); +/***/ }), -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; +/***/ 3053: +/***/ ((module) => { -var _regex = _interopRequireDefault(__nccwpck_require__(814)); +"use strict"; +module.exports = require("node:diagnostics_channel"); -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +/***/ }), -function validate(uuid) { - return typeof uuid === 'string' && _regex.default.test(uuid); -} +/***/ 610: +/***/ ((module) => { -var _default = validate; -exports["default"] = _default; +"use strict"; +module.exports = require("node:dns"); /***/ }), -/***/ 1595: -/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { +/***/ 8474: +/***/ ((module) => { "use strict"; +module.exports = require("node:events"); +/***/ }), -Object.defineProperty(exports, "__esModule", ({ - value: true -})); -exports["default"] = void 0; - -var _validate = _interopRequireDefault(__nccwpck_require__(6900)); +/***/ 7067: +/***/ ((module) => { -function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } +"use strict"; +module.exports = require("node:http"); -function version(uuid) { - if (!(0, _validate.default)(uuid)) { - throw TypeError('Invalid UUID'); - } +/***/ }), - return parseInt(uuid.substr(14, 1), 16); -} +/***/ 2467: +/***/ ((module) => { -var _default = version; -exports["default"] = _default; +"use strict"; +module.exports = require("node:http2"); /***/ }), -/***/ 4240: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { +/***/ 7030: +/***/ ((module) => { -module.exports = require(__nccwpck_require__.ab + "build/Release/cpufeatures.node") +"use strict"; +module.exports = require("node:net"); /***/ }), -/***/ 9041: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { +/***/ 643: +/***/ ((module) => { -module.exports = require(__nccwpck_require__.ab + "lib/protocol/crypto/build/Release/sshcrypto.node") +"use strict"; +module.exports = require("node:perf_hooks"); /***/ }), -/***/ 9491: +/***/ 1792: /***/ ((module) => { "use strict"; -module.exports = require("assert"); +module.exports = require("node:querystring"); /***/ }), -/***/ 4300: +/***/ 7075: /***/ ((module) => { "use strict"; -module.exports = require("buffer"); +module.exports = require("node:stream"); /***/ }), -/***/ 2081: +/***/ 1692: /***/ ((module) => { "use strict"; -module.exports = require("child_process"); +module.exports = require("node:tls"); /***/ }), -/***/ 6113: +/***/ 3136: /***/ ((module) => { "use strict"; -module.exports = require("crypto"); +module.exports = require("node:url"); /***/ }), -/***/ 9523: +/***/ 7975: /***/ ((module) => { "use strict"; -module.exports = require("dns"); +module.exports = require("node:util"); /***/ }), -/***/ 2361: +/***/ 3429: /***/ ((module) => { "use strict"; -module.exports = require("events"); +module.exports = require("node:util/types"); /***/ }), -/***/ 7147: +/***/ 5919: /***/ ((module) => { "use strict"; -module.exports = require("fs"); +module.exports = require("node:worker_threads"); /***/ }), -/***/ 3685: +/***/ 8522: /***/ ((module) => { "use strict"; -module.exports = require("http"); +module.exports = require("node:zlib"); /***/ }), -/***/ 5687: +/***/ 857: /***/ ((module) => { "use strict"; -module.exports = require("https"); +module.exports = require("os"); /***/ }), -/***/ 1808: +/***/ 6928: /***/ ((module) => { "use strict"; -module.exports = require("net"); +module.exports = require("path"); /***/ }), -/***/ 2037: +/***/ 2203: /***/ ((module) => { "use strict"; -module.exports = require("os"); +module.exports = require("stream"); /***/ }), -/***/ 1017: +/***/ 3193: /***/ ((module) => { "use strict"; -module.exports = require("path"); +module.exports = require("string_decoder"); /***/ }), -/***/ 2781: +/***/ 3557: /***/ ((module) => { "use strict"; -module.exports = require("stream"); +module.exports = require("timers"); /***/ }), -/***/ 4404: +/***/ 4756: /***/ ((module) => { "use strict"; @@ -27226,7 +57107,7 @@ module.exports = require("tls"); /***/ }), -/***/ 3837: +/***/ 9023: /***/ ((module) => { "use strict"; @@ -27234,7 +57115,7 @@ module.exports = require("util"); /***/ }), -/***/ 9796: +/***/ 3106: /***/ ((module) => { "use strict"; @@ -27242,14 +57123,18 @@ module.exports = require("zlib"); /***/ }), -/***/ 7334: +/***/ 1227: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -27271,15 +57156,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) { }; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.NodeSSH = exports.SSHError = void 0; -const fs_1 = __importDefault(__nccwpck_require__(7147)); -const path_1 = __importDefault(__nccwpck_require__(1017)); -const make_dir_1 = __importDefault(__nccwpck_require__(9126)); -const is_stream_1 = __importDefault(__nccwpck_require__(1554)); -const shell_escape_1 = __importDefault(__nccwpck_require__(8741)); -const sb_scandir_1 = __importDefault(__nccwpck_require__(869)); -const sb_promise_queue_1 = __nccwpck_require__(3779); -const assert_1 = __importStar(__nccwpck_require__(9491)); -const ssh2_1 = __importDefault(__nccwpck_require__(5869)); +const assert_1 = __importStar(__nccwpck_require__(2613)); +const fs_1 = __importDefault(__nccwpck_require__(9896)); +const is_stream_1 = __importDefault(__nccwpck_require__(6543)); +const make_dir_1 = __importDefault(__nccwpck_require__(6512)); +const path_1 = __importDefault(__nccwpck_require__(6928)); +const sb_promise_queue_1 = __nccwpck_require__(6339); +const sb_scandir_1 = __importDefault(__nccwpck_require__(9700)); +const shell_escape_1 = __importDefault(__nccwpck_require__(4646)); +const ssh2_1 = __importDefault(__nccwpck_require__(5472)); const DEFAULT_CONCURRENCY = 1; const DEFAULT_VALIDATE = (path) => !path_1.default.basename(path).startsWith('.'); const DEFAULT_TICK = () => { @@ -27369,28 +57254,28 @@ class NodeSSH { return connection; } async connect(givenConfig) { - assert_1.default(givenConfig != null && typeof givenConfig === 'object', 'config must be a valid object'); + (0, assert_1.default)(givenConfig != null && typeof givenConfig === 'object', 'config must be a valid object'); const config = { ...givenConfig }; - assert_1.default(config.username != null && typeof config.username === 'string', 'config.username must be a valid string'); + (0, assert_1.default)(config.username != null && typeof config.username === 'string', 'config.username must be a valid string'); if (config.host != null) { - assert_1.default(typeof config.host === 'string', 'config.host must be a valid string'); + (0, assert_1.default)(typeof config.host === 'string', 'config.host must be a valid string'); } else if (config.sock != null) { - assert_1.default(typeof config.sock === 'object', 'config.sock must be a valid object'); + (0, assert_1.default)(typeof config.sock === 'object', 'config.sock must be a valid object'); } else { throw new assert_1.AssertionError({ message: 'Either config.host or config.sock must be provided' }); } if (config.privateKey != null || config.privateKeyPath != null) { if (config.privateKey != null) { - assert_1.default(typeof config.privateKey === 'string', 'config.privateKey must be a valid string'); - assert_1.default(config.privateKeyPath == null, 'config.privateKeyPath must not be specified when config.privateKey is specified'); + (0, assert_1.default)(typeof config.privateKey === 'string', 'config.privateKey must be a valid string'); + (0, assert_1.default)(config.privateKeyPath == null, 'config.privateKeyPath must not be specified when config.privateKey is specified'); } else if (config.privateKeyPath != null) { - assert_1.default(typeof config.privateKeyPath === 'string', 'config.privateKeyPath must be a valid string'); - assert_1.default(config.privateKey == null, 'config.privateKey must not be specified when config.privateKeyPath is specified'); + (0, assert_1.default)(typeof config.privateKeyPath === 'string', 'config.privateKeyPath must be a valid string'); + (0, assert_1.default)(config.privateKey == null, 'config.privateKey must not be specified when config.privateKeyPath is specified'); } - assert_1.default(config.passphrase == null || typeof config.passphrase === 'string', 'config.passphrase must be null or a valid string'); + (0, assert_1.default)(config.passphrase == null || typeof config.passphrase === 'string', 'config.passphrase must be null or a valid string'); if (config.privateKeyPath != null) { // Must be an fs path try { @@ -27405,15 +57290,15 @@ class NodeSSH { } } else if (config.password != null) { - assert_1.default(typeof config.password === 'string', 'config.password must be a valid string'); + (0, assert_1.default)(typeof config.password === 'string', 'config.password must be a valid string'); } if (config.tryKeyboard != null) { - assert_1.default(typeof config.tryKeyboard === 'boolean', 'config.tryKeyboard must be a valid boolean'); + (0, assert_1.default)(typeof config.tryKeyboard === 'boolean', 'config.tryKeyboard must be a valid boolean'); } if (config.tryKeyboard) { const { password } = config; if (config.onKeyboardInteractive != null) { - assert_1.default(typeof config.onKeyboardInteractive === 'function', 'config.onKeyboardInteractive must be a valid function'); + (0, assert_1.default)(typeof config.onKeyboardInteractive === 'function', 'config.onKeyboardInteractive must be a valid function'); } else if (password != null) { config.onKeyboardInteractive = (name, instructions, instructionsLang, prompts, finish) => { @@ -27474,17 +57359,13 @@ class NodeSSH { }); } async withShell(callback, options) { - assert_1.default(typeof callback === 'function', 'callback must be a valid function'); + (0, assert_1.default)(typeof callback === 'function', 'callback must be a valid function'); const shell = await this.requestShell(options); try { await callback(shell); } finally { - // Try to close gracefully - if (!shell.close()) { - // Destroy local socket if it doesn't work - shell.destroy(); - } + shell.destroy(); } } async requestSFTP() { @@ -27503,7 +57384,7 @@ class NodeSSH { }); } async withSFTP(callback) { - assert_1.default(typeof callback === 'function', 'callback must be a valid function'); + (0, assert_1.default)(typeof callback === 'function', 'callback must be a valid function'); const sftp = await this.requestSFTP(); try { await callback(sftp); @@ -27513,18 +57394,19 @@ class NodeSSH { } } async execCommand(givenCommand, options = {}) { - assert_1.default(typeof givenCommand === 'string', 'command must be a valid string'); - assert_1.default(options != null && typeof options === 'object', 'options must be a valid object'); - assert_1.default(options.cwd == null || typeof options.cwd === 'string', 'options.cwd must be a valid string'); - assert_1.default(options.stdin == null || typeof options.stdin === 'string' || is_stream_1.default.readable(options.stdin), 'options.stdin must be a valid string or readable stream'); - assert_1.default(options.execOptions == null || typeof options.execOptions === 'object', 'options.execOptions must be a valid object'); - assert_1.default(options.encoding == null || typeof options.encoding === 'string', 'options.encoding must be a valid string'); - assert_1.default(options.onChannel == null || typeof options.onChannel === 'function', 'options.onChannel must be a valid function'); - assert_1.default(options.onStdout == null || typeof options.onStdout === 'function', 'options.onStdout must be a valid function'); - assert_1.default(options.onStderr == null || typeof options.onStderr === 'function', 'options.onStderr must be a valid function'); + (0, assert_1.default)(typeof givenCommand === 'string', 'command must be a valid string'); + (0, assert_1.default)(options != null && typeof options === 'object', 'options must be a valid object'); + (0, assert_1.default)(options.cwd == null || typeof options.cwd === 'string', 'options.cwd must be a valid string'); + (0, assert_1.default)(options.stdin == null || typeof options.stdin === 'string' || is_stream_1.default.readable(options.stdin), 'options.stdin must be a valid string or readable stream'); + (0, assert_1.default)(options.execOptions == null || typeof options.execOptions === 'object', 'options.execOptions must be a valid object'); + (0, assert_1.default)(options.encoding == null || typeof options.encoding === 'string', 'options.encoding must be a valid string'); + (0, assert_1.default)(options.onChannel == null || typeof options.onChannel === 'function', 'options.onChannel must be a valid function'); + (0, assert_1.default)(options.onStdout == null || typeof options.onStdout === 'function', 'options.onStdout must be a valid function'); + (0, assert_1.default)(options.onStderr == null || typeof options.onStderr === 'function', 'options.onStderr must be a valid function'); + (0, assert_1.default)(options.noTrim == null || typeof options.noTrim === 'boolean', 'options.noTrim must be a boolean'); let command = givenCommand; if (options.cwd) { - command = `cd ${shell_escape_1.default([options.cwd])} ; ${command}`; + command = `cd ${(0, shell_escape_1.default)([options.cwd])} ; ${command}`; } const connection = this.getConnection(); const output = { stdout: [], stderr: [] }; @@ -27570,25 +57452,31 @@ class NodeSSH { signal = signal_ !== null && signal_ !== void 0 ? signal_ : null; }); channel.on('close', () => { + let stdout = output.stdout.join(''); + let stderr = output.stderr.join(''); + if (options.noTrim !== true) { + stdout = stdout.trim(); + stderr = stderr.trim(); + } resolve({ code: code != null ? code : null, signal: signal != null ? signal : null, - stdout: output.stdout.join('').trim(), - stderr: output.stderr.join('').trim(), + stdout, + stderr, }); }); }); }); } async exec(command, parameters, options = {}) { - assert_1.default(typeof command === 'string', 'command must be a valid string'); - assert_1.default(Array.isArray(parameters), 'parameters must be a valid array'); - assert_1.default(options != null && typeof options === 'object', 'options must be a valid object'); - assert_1.default(options.stream == null || ['both', 'stdout', 'stderr'].includes(options.stream), 'options.stream must be one of both, stdout, stderr'); + (0, assert_1.default)(typeof command === 'string', 'command must be a valid string'); + (0, assert_1.default)(Array.isArray(parameters), 'parameters must be a valid array'); + (0, assert_1.default)(options != null && typeof options === 'object', 'options must be a valid object'); + (0, assert_1.default)(options.stream == null || ['both', 'stdout', 'stderr'].includes(options.stream), 'options.stream must be one of both, stdout, stderr'); for (let i = 0, { length } = parameters; i < length; i += 1) { - assert_1.default(typeof parameters[i] === 'string', `parameters[${i}] must be a valid string`); + (0, assert_1.default)(typeof parameters[i] === 'string', `parameters[${i}] must be a valid string`); } - const completeCommand = `${command} ${shell_escape_1.default(parameters)}`; + const completeCommand = `${command}${parameters.length > 0 ? ` ${(0, shell_escape_1.default)(parameters)}` : ''}`; const response = await this.execCommand(completeCommand, options); if (options.stream == null || options.stream === 'stdout') { if (response.stderr) { @@ -27602,9 +57490,9 @@ class NodeSSH { return response; } async mkdir(path, method = 'sftp', givenSftp = null) { - assert_1.default(typeof path === 'string', 'path must be a valid string'); - assert_1.default(typeof method === 'string' && (method === 'sftp' || method === 'exec'), 'method must be either sftp or exec'); - assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object'); + (0, assert_1.default)(typeof path === 'string', 'path must be a valid string'); + (0, assert_1.default)(typeof method === 'string' && (method === 'sftp' || method === 'exec'), 'method must be either sftp or exec'); + (0, assert_1.default)(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object'); if (method === 'exec') { await this.exec('mkdir', ['-p', unixifyPath(path)]); return; @@ -27627,10 +57515,10 @@ class NodeSSH { } } async getFile(localFile, remoteFile, givenSftp = null, transferOptions = null) { - assert_1.default(typeof localFile === 'string', 'localFile must be a valid string'); - assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string'); - assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object'); - assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object'); + (0, assert_1.default)(typeof localFile === 'string', 'localFile must be a valid string'); + (0, assert_1.default)(typeof remoteFile === 'string', 'remoteFile must be a valid string'); + (0, assert_1.default)(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object'); + (0, assert_1.default)(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object'); const sftp = givenSftp || (await this.requestSFTP()); try { await new Promise((resolve, reject) => { @@ -27651,11 +57539,11 @@ class NodeSSH { } } async putFile(localFile, remoteFile, givenSftp = null, transferOptions = null) { - assert_1.default(typeof localFile === 'string', 'localFile must be a valid string'); - assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string'); - assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object'); - assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object'); - assert_1.default(await new Promise((resolve) => { + (0, assert_1.default)(typeof localFile === 'string', 'localFile must be a valid string'); + (0, assert_1.default)(typeof remoteFile === 'string', 'remoteFile must be a valid string'); + (0, assert_1.default)(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object'); + (0, assert_1.default)(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object'); + (0, assert_1.default)(await new Promise((resolve) => { fs_1.default.access(localFile, fs_1.default.constants.R_OK, (err) => { resolve(err === null); }); @@ -27687,12 +57575,12 @@ class NodeSSH { } } async putFiles(files, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {} } = {}) { - assert_1.default(Array.isArray(files), 'files must be an array'); + (0, assert_1.default)(Array.isArray(files), 'files must be an array'); for (let i = 0, { length } = files; i < length; i += 1) { const file = files[i]; - assert_1.default(file, 'files items must be valid objects'); - assert_1.default(file.local && typeof file.local === 'string', `files[${i}].local must be a string`); - assert_1.default(file.remote && typeof file.remote === 'string', `files[${i}].remote must be a string`); + (0, assert_1.default)(file, 'files items must be valid objects'); + (0, assert_1.default)(file.local && typeof file.local === 'string', `files[${i}].local must be a string`); + (0, assert_1.default)(file.remote && typeof file.remote === 'string', `files[${i}].remote must be a string`); } const transferred = []; const sftp = givenSftp || (await this.requestSFTP()); @@ -27723,17 +57611,17 @@ class NodeSSH { } } async putDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) { - assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string'); - assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string'); + (0, assert_1.default)(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string'); + (0, assert_1.default)(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string'); const localDirectoryStat = await new Promise((resolve) => { fs_1.default.stat(localDirectory, (err, stat) => { resolve(stat || null); }); }); - assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`); - assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`); + (0, assert_1.default)(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`); + (0, assert_1.default)(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`); const sftp = givenSftp || (await this.requestSFTP()); - const scanned = await sb_scandir_1.default(localDirectory, { + const scanned = await (0, sb_scandir_1.default)(localDirectory, { recursive, validate, }); @@ -27785,17 +57673,17 @@ class NodeSSH { return !failed; } async getDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) { - assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string'); - assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string'); + (0, assert_1.default)(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string'); + (0, assert_1.default)(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string'); const localDirectoryStat = await new Promise((resolve) => { fs_1.default.stat(localDirectory, (err, stat) => { resolve(stat || null); }); }); - assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`); - assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`); + (0, assert_1.default)(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`); + (0, assert_1.default)(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`); const sftp = givenSftp || (await this.requestSFTP()); - const scanned = await sb_scandir_1.default(remoteDirectory, { + const scanned = await (0, sb_scandir_1.default)(remoteDirectory, { recursive, validate, concurrency, @@ -27845,7 +57733,7 @@ class NodeSSH { directories.forEach((directory) => { queue .add(async () => { - await make_dir_1.default(path_1.default.join(localDirectory, directory)); + await (0, make_dir_1.default)(path_1.default.join(localDirectory, directory)); }) .catch(reject); }); @@ -27880,6 +57768,92 @@ class NodeSSH { } return !failed; } + forwardIn(remoteAddr, remotePort, onConnection) { + const connection = this.getConnection(); + return new Promise((resolve, reject) => { + connection.forwardIn(remoteAddr, remotePort, (error, port) => { + if (error) { + reject(error); + return; + } + const handler = (details, acceptConnection, rejectConnection) => { + if (details.destIP === remoteAddr && details.destPort === port) { + onConnection === null || onConnection === void 0 ? void 0 : onConnection(details, acceptConnection, rejectConnection); + } + }; + if (onConnection) { + connection.on('tcp connection', handler); + } + const dispose = () => { + return new Promise((_resolve, _reject) => { + connection.off('tcp connection', handler); + connection.unforwardIn(remoteAddr, port, (_error) => { + if (_error) { + _reject(error); + } + _resolve(); + }); + }); + }; + resolve({ port, dispose }); + }); + }); + } + forwardOut(srcIP, srcPort, dstIP, dstPort) { + const connection = this.getConnection(); + return new Promise((resolve, reject) => { + connection.forwardOut(srcIP, srcPort, dstIP, dstPort, (error, channel) => { + if (error) { + reject(error); + return; + } + resolve(channel); + }); + }); + } + forwardInStreamLocal(socketPath, onConnection) { + const connection = this.getConnection(); + return new Promise((resolve, reject) => { + connection.openssh_forwardInStreamLocal(socketPath, (error) => { + if (error) { + reject(error); + return; + } + const handler = (details, acceptConnection, rejectConnection) => { + if (details.socketPath === socketPath) { + onConnection === null || onConnection === void 0 ? void 0 : onConnection(details, acceptConnection, rejectConnection); + } + }; + if (onConnection) { + connection.on('unix connection', handler); + } + const dispose = () => { + return new Promise((_resolve, _reject) => { + connection.off('unix connection', handler); + connection.openssh_unforwardInStreamLocal(socketPath, (_error) => { + if (_error) { + _reject(_error); + } + _resolve(); + }); + }); + }; + resolve({ dispose }); + }); + }); + } + forwardOutStreamLocal(socketPath) { + const connection = this.getConnection(); + return new Promise((resolve, reject) => { + connection.openssh_forwardOutStreamLocal(socketPath, (error, channel) => { + if (error) { + reject(error); + return; + } + resolve(channel); + }); + }); + } dispose() { if (this.connection) { this.connection.end(); @@ -27892,7 +57866,7 @@ exports.NodeSSH = NodeSSH; /***/ }), -/***/ 3779: +/***/ 6339: /***/ ((__unused_webpack_module, exports) => { "use strict"; @@ -27977,7 +57951,7 @@ exports.PromiseQueue = PromiseQueue; /***/ }), -/***/ 869: +/***/ 9700: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -28035,10 +58009,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) { }; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.defaultFilesystem = void 0; -var fs_1 = __importDefault(__nccwpck_require__(7147)); -var path_1 = __importDefault(__nccwpck_require__(1017)); -var assert_1 = __importDefault(__nccwpck_require__(9491)); -var sb_promise_queue_1 = __nccwpck_require__(3779); +var fs_1 = __importDefault(__nccwpck_require__(9896)); +var path_1 = __importDefault(__nccwpck_require__(6928)); +var assert_1 = __importDefault(__nccwpck_require__(2613)); +var sb_promise_queue_1 = __nccwpck_require__(6339); exports.defaultFilesystem = { join: function (pathA, pathB) { return path_1.default.join(pathA, pathB); @@ -28158,11 +58132,11 @@ exports["default"] = scanDirectory; /***/ }), -/***/ 6674: +/***/ 8342: /***/ ((module) => { "use strict"; -module.exports = {"i8":"1.11.0"}; +module.exports = {"rE":"1.17.0"}; /***/ }) @@ -28208,7 +58182,7 @@ module.exports = {"i8":"1.11.0"}; /******/ // startup /******/ // Load entry module and return exports /******/ // This entry module is referenced by other modules so it can't be inlined -/******/ var __webpack_exports__ = __nccwpck_require__(4822); +/******/ var __webpack_exports__ = __nccwpck_require__(1188); /******/ module.exports = __webpack_exports__; /******/ /******/ })() diff --git a/dist/index.js.map b/dist/index.js.map index e65737a..eae98fc 100644 --- a/dist/index.js.map +++ b/dist/index.js.map @@ -1 +1 @@ -{"version":3,"file":"index.js","mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACTA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC3FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1RA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5lBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;AC5DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACrQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACnCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5TA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3iBA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1mDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtSA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuKA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkDA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC79DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5hEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvxHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACjkDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7rCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtyDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC18CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9PA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACt1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn1EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC9EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACPA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACPA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC7EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACpCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;ACpBA;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjoBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;;;;;;;AC5KA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AC7BA;AACA;;;;AEDA;AACA;AACA;AACA","sources":["../webpack://@garygrossgarten/github-action-ssh/./lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./lib/keyboard.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/command.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/core.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/file-command.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/oidc-utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/path-utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/summary.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/auth.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/proxy.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/errors.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/reader.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/types.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/writer.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/bcrypt-pbkdf/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/cpu-features/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/is-stream/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/make-dir/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/safer-buffer/safer.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/semver/semver.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/shell-escape/shell-escape.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/Channel.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/agent.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/client.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/http-agents.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/Protocol.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/SFTP.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/constants.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto/poly1305.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/handlers.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/handlers.misc.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/kex.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/keyParser.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/node-fs-compat.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/zlib.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/server.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tunnel/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tunnel/lib/tunnel.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tweetnacl/nacl-fast.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/md5.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/nil.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/parse.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/regex.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/rng.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/sha1.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/stringify.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v1.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v3.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v35.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v4.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v5.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/validate.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/version.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/cpu-features/build/Release/cpufeatures.node","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"assert\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"buffer\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"child_process\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"crypto\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"dns\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"events\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"fs\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"http\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"https\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"net\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"os\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"path\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"stream\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"tls\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"util\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"zlib\"","../webpack://@garygrossgarten/github-action-ssh/./node_modules/node-ssh/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/sb-promise-queue/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/sb-scandir/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/webpack/bootstrap","../webpack://@garygrossgarten/github-action-ssh/webpack/runtime/compat","../webpack://@garygrossgarten/github-action-ssh/webpack/before-startup","../webpack://@garygrossgarten/github-action-ssh/webpack/startup","../webpack://@garygrossgarten/github-action-ssh/webpack/after-startup"],"sourcesContent":["\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nconst core = __importStar(require(\"@actions/core\"));\nconst node_ssh_1 = require(\"node-ssh\");\nconst keyboard_1 = require(\"./keyboard\");\nfunction run() {\n return __awaiter(this, void 0, void 0, function* () {\n const command = core.getInput('command');\n const host = core.getInput('host') || 'localhost';\n const username = core.getInput('username');\n const port = +core.getInput('port') || 22;\n const privateKey = core.getInput('privateKey');\n const password = core.getInput('password');\n const passphrase = core.getInput('passphrase');\n const tryKeyboard = !!core.getInput('tryKeyboard');\n try {\n const ssh = yield connect(host, username, port, privateKey, password, passphrase, tryKeyboard);\n yield executeCommand(ssh, command);\n ssh.dispose();\n }\n catch (err) {\n core.setFailed(err);\n }\n });\n}\nfunction connect(host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) {\n return __awaiter(this, void 0, void 0, function* () {\n const ssh = new node_ssh_1.NodeSSH();\n console.log(`Establishing a SSH connection to ${host}.`);\n try {\n const config = {\n host: host,\n port: port,\n username: username,\n password: password,\n passphrase: passphrase,\n tryKeyboard: tryKeyboard,\n onKeyboardInteractive: tryKeyboard ? (0, keyboard_1.keyboardFunction)(password) : null\n };\n if (privateKey) {\n console.log('using provided private key');\n config.privateKey = privateKey;\n }\n yield ssh.connect(config);\n console.log(`🤝 Connected to ${host}.`);\n }\n catch (err) {\n console.error(`⚠️ The GitHub Action couldn't connect to ${host}.`, err);\n core.setFailed(err.message);\n }\n return ssh;\n });\n}\nfunction executeCommand(ssh, command) {\n var _a;\n return __awaiter(this, void 0, void 0, function* () {\n console.log(`Executing command: ${command}`);\n try {\n const { code } = yield ssh.exec(command, [], {\n stream: 'both',\n onStdout(chunk) {\n console.log(chunk.toString('utf8'));\n },\n onStderr(chunk) {\n console.log(chunk.toString('utf8'));\n }\n });\n if (code > 0) {\n throw Error(`Command exited with code ${code}`);\n }\n console.log('✅ SSH Action finished.');\n if (ssh.isConnected()) {\n ssh.dispose();\n }\n }\n catch (err) {\n console.error(`⚠️ An error happened executing command ${command}.`, (_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err);\n core.setFailed(err.message);\n process.abort();\n }\n });\n}\nprocess.on('uncaughtException', (err) => {\n if (err['code'] !== 'ECONNRESET')\n throw err;\n});\nrun();\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.keyboardFunction = void 0;\nconst keyboardFunction = password => (name, instructions, instructionsLang, prompts, finish) => {\n if (prompts.length > 0 &&\n prompts[0].prompt.toLowerCase().includes(\"password\")) {\n finish([password]);\n }\n};\nexports.keyboardFunction = keyboardFunction;\n","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.issue = exports.issueCommand = void 0;\nconst os = __importStar(require(\"os\"));\nconst utils_1 = require(\"./utils\");\n/**\n * Commands\n *\n * Command Format:\n * ::name key=value,key=value::message\n *\n * Examples:\n * ::warning::This is the message\n * ::set-env name=MY_VAR::some value\n */\nfunction issueCommand(command, properties, message) {\n const cmd = new Command(command, properties, message);\n process.stdout.write(cmd.toString() + os.EOL);\n}\nexports.issueCommand = issueCommand;\nfunction issue(name, message = '') {\n issueCommand(name, {}, message);\n}\nexports.issue = issue;\nconst CMD_STRING = '::';\nclass Command {\n constructor(command, properties, message) {\n if (!command) {\n command = 'missing.command';\n }\n this.command = command;\n this.properties = properties;\n this.message = message;\n }\n toString() {\n let cmdStr = CMD_STRING + this.command;\n if (this.properties && Object.keys(this.properties).length > 0) {\n cmdStr += ' ';\n let first = true;\n for (const key in this.properties) {\n if (this.properties.hasOwnProperty(key)) {\n const val = this.properties[key];\n if (val) {\n if (first) {\n first = false;\n }\n else {\n cmdStr += ',';\n }\n cmdStr += `${key}=${escapeProperty(val)}`;\n }\n }\n }\n }\n cmdStr += `${CMD_STRING}${escapeData(this.message)}`;\n return cmdStr;\n }\n}\nfunction escapeData(s) {\n return utils_1.toCommandValue(s)\n .replace(/%/g, '%25')\n .replace(/\\r/g, '%0D')\n .replace(/\\n/g, '%0A');\n}\nfunction escapeProperty(s) {\n return utils_1.toCommandValue(s)\n .replace(/%/g, '%25')\n .replace(/\\r/g, '%0D')\n .replace(/\\n/g, '%0A')\n .replace(/:/g, '%3A')\n .replace(/,/g, '%2C');\n}\n//# sourceMappingURL=command.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0;\nconst command_1 = require(\"./command\");\nconst file_command_1 = require(\"./file-command\");\nconst utils_1 = require(\"./utils\");\nconst os = __importStar(require(\"os\"));\nconst path = __importStar(require(\"path\"));\nconst oidc_utils_1 = require(\"./oidc-utils\");\n/**\n * The code to exit an action\n */\nvar ExitCode;\n(function (ExitCode) {\n /**\n * A code indicating that the action was successful\n */\n ExitCode[ExitCode[\"Success\"] = 0] = \"Success\";\n /**\n * A code indicating that the action was a failure\n */\n ExitCode[ExitCode[\"Failure\"] = 1] = \"Failure\";\n})(ExitCode = exports.ExitCode || (exports.ExitCode = {}));\n//-----------------------------------------------------------------------\n// Variables\n//-----------------------------------------------------------------------\n/**\n * Sets env variable for this action and future actions in the job\n * @param name the name of the variable to set\n * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction exportVariable(name, val) {\n const convertedVal = utils_1.toCommandValue(val);\n process.env[name] = convertedVal;\n const filePath = process.env['GITHUB_ENV'] || '';\n if (filePath) {\n return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val));\n }\n command_1.issueCommand('set-env', { name }, convertedVal);\n}\nexports.exportVariable = exportVariable;\n/**\n * Registers a secret which will get masked from logs\n * @param secret value of the secret\n */\nfunction setSecret(secret) {\n command_1.issueCommand('add-mask', {}, secret);\n}\nexports.setSecret = setSecret;\n/**\n * Prepends inputPath to the PATH (for this action and future actions)\n * @param inputPath\n */\nfunction addPath(inputPath) {\n const filePath = process.env['GITHUB_PATH'] || '';\n if (filePath) {\n file_command_1.issueFileCommand('PATH', inputPath);\n }\n else {\n command_1.issueCommand('add-path', {}, inputPath);\n }\n process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;\n}\nexports.addPath = addPath;\n/**\n * Gets the value of an input.\n * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed.\n * Returns an empty string if the value is not defined.\n *\n * @param name name of the input to get\n * @param options optional. See InputOptions.\n * @returns string\n */\nfunction getInput(name, options) {\n const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || '';\n if (options && options.required && !val) {\n throw new Error(`Input required and not supplied: ${name}`);\n }\n if (options && options.trimWhitespace === false) {\n return val;\n }\n return val.trim();\n}\nexports.getInput = getInput;\n/**\n * Gets the values of an multiline input. Each value is also trimmed.\n *\n * @param name name of the input to get\n * @param options optional. See InputOptions.\n * @returns string[]\n *\n */\nfunction getMultilineInput(name, options) {\n const inputs = getInput(name, options)\n .split('\\n')\n .filter(x => x !== '');\n if (options && options.trimWhitespace === false) {\n return inputs;\n }\n return inputs.map(input => input.trim());\n}\nexports.getMultilineInput = getMultilineInput;\n/**\n * Gets the input value of the boolean type in the YAML 1.2 \"core schema\" specification.\n * Support boolean input list: `true | True | TRUE | false | False | FALSE` .\n * The return value is also in boolean type.\n * ref: https://yaml.org/spec/1.2/spec.html#id2804923\n *\n * @param name name of the input to get\n * @param options optional. See InputOptions.\n * @returns boolean\n */\nfunction getBooleanInput(name, options) {\n const trueValue = ['true', 'True', 'TRUE'];\n const falseValue = ['false', 'False', 'FALSE'];\n const val = getInput(name, options);\n if (trueValue.includes(val))\n return true;\n if (falseValue.includes(val))\n return false;\n throw new TypeError(`Input does not meet YAML 1.2 \"Core Schema\" specification: ${name}\\n` +\n `Support boolean input list: \\`true | True | TRUE | false | False | FALSE\\``);\n}\nexports.getBooleanInput = getBooleanInput;\n/**\n * Sets the value of an output.\n *\n * @param name name of the output to set\n * @param value value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction setOutput(name, value) {\n const filePath = process.env['GITHUB_OUTPUT'] || '';\n if (filePath) {\n return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value));\n }\n process.stdout.write(os.EOL);\n command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value));\n}\nexports.setOutput = setOutput;\n/**\n * Enables or disables the echoing of commands into stdout for the rest of the step.\n * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.\n *\n */\nfunction setCommandEcho(enabled) {\n command_1.issue('echo', enabled ? 'on' : 'off');\n}\nexports.setCommandEcho = setCommandEcho;\n//-----------------------------------------------------------------------\n// Results\n//-----------------------------------------------------------------------\n/**\n * Sets the action status to failed.\n * When the action exits it will be with an exit code of 1\n * @param message add error issue message\n */\nfunction setFailed(message) {\n process.exitCode = ExitCode.Failure;\n error(message);\n}\nexports.setFailed = setFailed;\n//-----------------------------------------------------------------------\n// Logging Commands\n//-----------------------------------------------------------------------\n/**\n * Gets whether Actions Step Debug is on or not\n */\nfunction isDebug() {\n return process.env['RUNNER_DEBUG'] === '1';\n}\nexports.isDebug = isDebug;\n/**\n * Writes debug message to user log\n * @param message debug message\n */\nfunction debug(message) {\n command_1.issueCommand('debug', {}, message);\n}\nexports.debug = debug;\n/**\n * Adds an error issue\n * @param message error issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction error(message, properties = {}) {\n command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.error = error;\n/**\n * Adds a warning issue\n * @param message warning issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction warning(message, properties = {}) {\n command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.warning = warning;\n/**\n * Adds a notice issue\n * @param message notice issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction notice(message, properties = {}) {\n command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.notice = notice;\n/**\n * Writes info to log with console.log.\n * @param message info message\n */\nfunction info(message) {\n process.stdout.write(message + os.EOL);\n}\nexports.info = info;\n/**\n * Begin an output group.\n *\n * Output until the next `groupEnd` will be foldable in this group\n *\n * @param name The name of the output group\n */\nfunction startGroup(name) {\n command_1.issue('group', name);\n}\nexports.startGroup = startGroup;\n/**\n * End an output group.\n */\nfunction endGroup() {\n command_1.issue('endgroup');\n}\nexports.endGroup = endGroup;\n/**\n * Wrap an asynchronous function call in a group.\n *\n * Returns the same type as the function itself.\n *\n * @param name The name of the group\n * @param fn The function to wrap in the group\n */\nfunction group(name, fn) {\n return __awaiter(this, void 0, void 0, function* () {\n startGroup(name);\n let result;\n try {\n result = yield fn();\n }\n finally {\n endGroup();\n }\n return result;\n });\n}\nexports.group = group;\n//-----------------------------------------------------------------------\n// Wrapper action state\n//-----------------------------------------------------------------------\n/**\n * Saves state for current action, the state can only be retrieved by this action's post job execution.\n *\n * @param name name of the state to store\n * @param value value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction saveState(name, value) {\n const filePath = process.env['GITHUB_STATE'] || '';\n if (filePath) {\n return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value));\n }\n command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value));\n}\nexports.saveState = saveState;\n/**\n * Gets the value of an state set by this action's main execution.\n *\n * @param name name of the state to get\n * @returns string\n */\nfunction getState(name) {\n return process.env[`STATE_${name}`] || '';\n}\nexports.getState = getState;\nfunction getIDToken(aud) {\n return __awaiter(this, void 0, void 0, function* () {\n return yield oidc_utils_1.OidcClient.getIDToken(aud);\n });\n}\nexports.getIDToken = getIDToken;\n/**\n * Summary exports\n */\nvar summary_1 = require(\"./summary\");\nObject.defineProperty(exports, \"summary\", { enumerable: true, get: function () { return summary_1.summary; } });\n/**\n * @deprecated use core.summary\n */\nvar summary_2 = require(\"./summary\");\nObject.defineProperty(exports, \"markdownSummary\", { enumerable: true, get: function () { return summary_2.markdownSummary; } });\n/**\n * Path exports\n */\nvar path_utils_1 = require(\"./path-utils\");\nObject.defineProperty(exports, \"toPosixPath\", { enumerable: true, get: function () { return path_utils_1.toPosixPath; } });\nObject.defineProperty(exports, \"toWin32Path\", { enumerable: true, get: function () { return path_utils_1.toWin32Path; } });\nObject.defineProperty(exports, \"toPlatformPath\", { enumerable: true, get: function () { return path_utils_1.toPlatformPath; } });\n//# sourceMappingURL=core.js.map","\"use strict\";\n// For internal use, subject to change.\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.prepareKeyValueMessage = exports.issueFileCommand = void 0;\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nconst fs = __importStar(require(\"fs\"));\nconst os = __importStar(require(\"os\"));\nconst uuid_1 = require(\"uuid\");\nconst utils_1 = require(\"./utils\");\nfunction issueFileCommand(command, message) {\n const filePath = process.env[`GITHUB_${command}`];\n if (!filePath) {\n throw new Error(`Unable to find environment variable for file command ${command}`);\n }\n if (!fs.existsSync(filePath)) {\n throw new Error(`Missing file at path: ${filePath}`);\n }\n fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, {\n encoding: 'utf8'\n });\n}\nexports.issueFileCommand = issueFileCommand;\nfunction prepareKeyValueMessage(key, value) {\n const delimiter = `ghadelimiter_${uuid_1.v4()}`;\n const convertedValue = utils_1.toCommandValue(value);\n // These should realistically never happen, but just in case someone finds a\n // way to exploit uuid generation let's not allow keys or values that contain\n // the delimiter.\n if (key.includes(delimiter)) {\n throw new Error(`Unexpected input: name should not contain the delimiter \"${delimiter}\"`);\n }\n if (convertedValue.includes(delimiter)) {\n throw new Error(`Unexpected input: value should not contain the delimiter \"${delimiter}\"`);\n }\n return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`;\n}\nexports.prepareKeyValueMessage = prepareKeyValueMessage;\n//# sourceMappingURL=file-command.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.OidcClient = void 0;\nconst http_client_1 = require(\"@actions/http-client\");\nconst auth_1 = require(\"@actions/http-client/lib/auth\");\nconst core_1 = require(\"./core\");\nclass OidcClient {\n static createHttpClient(allowRetry = true, maxRetry = 10) {\n const requestOptions = {\n allowRetries: allowRetry,\n maxRetries: maxRetry\n };\n return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions);\n }\n static getRequestToken() {\n const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'];\n if (!token) {\n throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable');\n }\n return token;\n }\n static getIDTokenUrl() {\n const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL'];\n if (!runtimeUrl) {\n throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable');\n }\n return runtimeUrl;\n }\n static getCall(id_token_url) {\n var _a;\n return __awaiter(this, void 0, void 0, function* () {\n const httpclient = OidcClient.createHttpClient();\n const res = yield httpclient\n .getJson(id_token_url)\n .catch(error => {\n throw new Error(`Failed to get ID Token. \\n \n Error Code : ${error.statusCode}\\n \n Error Message: ${error.result.message}`);\n });\n const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;\n if (!id_token) {\n throw new Error('Response json body do not have ID Token field');\n }\n return id_token;\n });\n }\n static getIDToken(audience) {\n return __awaiter(this, void 0, void 0, function* () {\n try {\n // New ID Token is requested from action service\n let id_token_url = OidcClient.getIDTokenUrl();\n if (audience) {\n const encodedAudience = encodeURIComponent(audience);\n id_token_url = `${id_token_url}&audience=${encodedAudience}`;\n }\n core_1.debug(`ID token url is ${id_token_url}`);\n const id_token = yield OidcClient.getCall(id_token_url);\n core_1.setSecret(id_token);\n return id_token;\n }\n catch (error) {\n throw new Error(`Error message: ${error.message}`);\n }\n });\n }\n}\nexports.OidcClient = OidcClient;\n//# sourceMappingURL=oidc-utils.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0;\nconst path = __importStar(require(\"path\"));\n/**\n * toPosixPath converts the given path to the posix form. On Windows, \\\\ will be\n * replaced with /.\n *\n * @param pth. Path to transform.\n * @return string Posix path.\n */\nfunction toPosixPath(pth) {\n return pth.replace(/[\\\\]/g, '/');\n}\nexports.toPosixPath = toPosixPath;\n/**\n * toWin32Path converts the given path to the win32 form. On Linux, / will be\n * replaced with \\\\.\n *\n * @param pth. Path to transform.\n * @return string Win32 path.\n */\nfunction toWin32Path(pth) {\n return pth.replace(/[/]/g, '\\\\');\n}\nexports.toWin32Path = toWin32Path;\n/**\n * toPlatformPath converts the given path to a platform-specific path. It does\n * this by replacing instances of / and \\ with the platform-specific path\n * separator.\n *\n * @param pth The path to platformize.\n * @return string The platform-specific path.\n */\nfunction toPlatformPath(pth) {\n return pth.replace(/[/\\\\]/g, path.sep);\n}\nexports.toPlatformPath = toPlatformPath;\n//# sourceMappingURL=path-utils.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0;\nconst os_1 = require(\"os\");\nconst fs_1 = require(\"fs\");\nconst { access, appendFile, writeFile } = fs_1.promises;\nexports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY';\nexports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary';\nclass Summary {\n constructor() {\n this._buffer = '';\n }\n /**\n * Finds the summary file path from the environment, rejects if env var is not found or file does not exist\n * Also checks r/w permissions.\n *\n * @returns step summary file path\n */\n filePath() {\n return __awaiter(this, void 0, void 0, function* () {\n if (this._filePath) {\n return this._filePath;\n }\n const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR];\n if (!pathFromEnv) {\n throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`);\n }\n try {\n yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK);\n }\n catch (_a) {\n throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`);\n }\n this._filePath = pathFromEnv;\n return this._filePath;\n });\n }\n /**\n * Wraps content in an HTML tag, adding any HTML attributes\n *\n * @param {string} tag HTML tag to wrap\n * @param {string | null} content content within the tag\n * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add\n *\n * @returns {string} content wrapped in HTML element\n */\n wrap(tag, content, attrs = {}) {\n const htmlAttrs = Object.entries(attrs)\n .map(([key, value]) => ` ${key}=\"${value}\"`)\n .join('');\n if (!content) {\n return `<${tag}${htmlAttrs}>`;\n }\n return `<${tag}${htmlAttrs}>${content}`;\n }\n /**\n * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default.\n *\n * @param {SummaryWriteOptions} [options] (optional) options for write operation\n *\n * @returns {Promise} summary instance\n */\n write(options) {\n return __awaiter(this, void 0, void 0, function* () {\n const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);\n const filePath = yield this.filePath();\n const writeFunc = overwrite ? writeFile : appendFile;\n yield writeFunc(filePath, this._buffer, { encoding: 'utf8' });\n return this.emptyBuffer();\n });\n }\n /**\n * Clears the summary buffer and wipes the summary file\n *\n * @returns {Summary} summary instance\n */\n clear() {\n return __awaiter(this, void 0, void 0, function* () {\n return this.emptyBuffer().write({ overwrite: true });\n });\n }\n /**\n * Returns the current summary buffer as a string\n *\n * @returns {string} string of summary buffer\n */\n stringify() {\n return this._buffer;\n }\n /**\n * If the summary buffer is empty\n *\n * @returns {boolen} true if the buffer is empty\n */\n isEmptyBuffer() {\n return this._buffer.length === 0;\n }\n /**\n * Resets the summary buffer without writing to summary file\n *\n * @returns {Summary} summary instance\n */\n emptyBuffer() {\n this._buffer = '';\n return this;\n }\n /**\n * Adds raw text to the summary buffer\n *\n * @param {string} text content to add\n * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false)\n *\n * @returns {Summary} summary instance\n */\n addRaw(text, addEOL = false) {\n this._buffer += text;\n return addEOL ? this.addEOL() : this;\n }\n /**\n * Adds the operating system-specific end-of-line marker to the buffer\n *\n * @returns {Summary} summary instance\n */\n addEOL() {\n return this.addRaw(os_1.EOL);\n }\n /**\n * Adds an HTML codeblock to the summary buffer\n *\n * @param {string} code content to render within fenced code block\n * @param {string} lang (optional) language to syntax highlight code\n *\n * @returns {Summary} summary instance\n */\n addCodeBlock(code, lang) {\n const attrs = Object.assign({}, (lang && { lang }));\n const element = this.wrap('pre', this.wrap('code', code), attrs);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML list to the summary buffer\n *\n * @param {string[]} items list of items to render\n * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false)\n *\n * @returns {Summary} summary instance\n */\n addList(items, ordered = false) {\n const tag = ordered ? 'ol' : 'ul';\n const listItems = items.map(item => this.wrap('li', item)).join('');\n const element = this.wrap(tag, listItems);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML table to the summary buffer\n *\n * @param {SummaryTableCell[]} rows table rows\n *\n * @returns {Summary} summary instance\n */\n addTable(rows) {\n const tableBody = rows\n .map(row => {\n const cells = row\n .map(cell => {\n if (typeof cell === 'string') {\n return this.wrap('td', cell);\n }\n const { header, data, colspan, rowspan } = cell;\n const tag = header ? 'th' : 'td';\n const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan }));\n return this.wrap(tag, data, attrs);\n })\n .join('');\n return this.wrap('tr', cells);\n })\n .join('');\n const element = this.wrap('table', tableBody);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds a collapsable HTML details element to the summary buffer\n *\n * @param {string} label text for the closed state\n * @param {string} content collapsable content\n *\n * @returns {Summary} summary instance\n */\n addDetails(label, content) {\n const element = this.wrap('details', this.wrap('summary', label) + content);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML image tag to the summary buffer\n *\n * @param {string} src path to the image you to embed\n * @param {string} alt text description of the image\n * @param {SummaryImageOptions} options (optional) addition image attributes\n *\n * @returns {Summary} summary instance\n */\n addImage(src, alt, options) {\n const { width, height } = options || {};\n const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height }));\n const element = this.wrap('img', null, Object.assign({ src, alt }, attrs));\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML section heading element\n *\n * @param {string} text heading text\n * @param {number | string} [level=1] (optional) the heading level, default: 1\n *\n * @returns {Summary} summary instance\n */\n addHeading(text, level) {\n const tag = `h${level}`;\n const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag)\n ? tag\n : 'h1';\n const element = this.wrap(allowedTag, text);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML thematic break (
) to the summary buffer\n *\n * @returns {Summary} summary instance\n */\n addSeparator() {\n const element = this.wrap('hr', null);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML line break (
) to the summary buffer\n *\n * @returns {Summary} summary instance\n */\n addBreak() {\n const element = this.wrap('br', null);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML blockquote to the summary buffer\n *\n * @param {string} text quote text\n * @param {string} cite (optional) citation url\n *\n * @returns {Summary} summary instance\n */\n addQuote(text, cite) {\n const attrs = Object.assign({}, (cite && { cite }));\n const element = this.wrap('blockquote', text, attrs);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML anchor tag to the summary buffer\n *\n * @param {string} text link text/content\n * @param {string} href hyperlink\n *\n * @returns {Summary} summary instance\n */\n addLink(text, href) {\n const element = this.wrap('a', text, { href });\n return this.addRaw(element).addEOL();\n }\n}\nconst _summary = new Summary();\n/**\n * @deprecated use `core.summary`\n */\nexports.markdownSummary = _summary;\nexports.summary = _summary;\n//# sourceMappingURL=summary.js.map","\"use strict\";\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toCommandProperties = exports.toCommandValue = void 0;\n/**\n * Sanitizes an input into a string so it can be passed into issueCommand safely\n * @param input input to sanitize into a string\n */\nfunction toCommandValue(input) {\n if (input === null || input === undefined) {\n return '';\n }\n else if (typeof input === 'string' || input instanceof String) {\n return input;\n }\n return JSON.stringify(input);\n}\nexports.toCommandValue = toCommandValue;\n/**\n *\n * @param annotationProperties\n * @returns The command properties to send with the actual annotation command\n * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646\n */\nfunction toCommandProperties(annotationProperties) {\n if (!Object.keys(annotationProperties).length) {\n return {};\n }\n return {\n title: annotationProperties.title,\n file: annotationProperties.file,\n line: annotationProperties.startLine,\n endLine: annotationProperties.endLine,\n col: annotationProperties.startColumn,\n endColumn: annotationProperties.endColumn\n };\n}\nexports.toCommandProperties = toCommandProperties;\n//# sourceMappingURL=utils.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0;\nclass BasicCredentialHandler {\n constructor(username, password) {\n this.username = username;\n this.password = password;\n }\n prepareRequest(options) {\n if (!options.headers) {\n throw Error('The request has no headers');\n }\n options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`;\n }\n // This handler cannot handle 401\n canHandleAuthentication() {\n return false;\n }\n handleAuthentication() {\n return __awaiter(this, void 0, void 0, function* () {\n throw new Error('not implemented');\n });\n }\n}\nexports.BasicCredentialHandler = BasicCredentialHandler;\nclass BearerCredentialHandler {\n constructor(token) {\n this.token = token;\n }\n // currently implements pre-authorization\n // TODO: support preAuth = false where it hooks on 401\n prepareRequest(options) {\n if (!options.headers) {\n throw Error('The request has no headers');\n }\n options.headers['Authorization'] = `Bearer ${this.token}`;\n }\n // This handler cannot handle 401\n canHandleAuthentication() {\n return false;\n }\n handleAuthentication() {\n return __awaiter(this, void 0, void 0, function* () {\n throw new Error('not implemented');\n });\n }\n}\nexports.BearerCredentialHandler = BearerCredentialHandler;\nclass PersonalAccessTokenCredentialHandler {\n constructor(token) {\n this.token = token;\n }\n // currently implements pre-authorization\n // TODO: support preAuth = false where it hooks on 401\n prepareRequest(options) {\n if (!options.headers) {\n throw Error('The request has no headers');\n }\n options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`;\n }\n // This handler cannot handle 401\n canHandleAuthentication() {\n return false;\n }\n handleAuthentication() {\n return __awaiter(this, void 0, void 0, function* () {\n throw new Error('not implemented');\n });\n }\n}\nexports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler;\n//# sourceMappingURL=auth.js.map","\"use strict\";\n/* eslint-disable @typescript-eslint/no-explicit-any */\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0;\nconst http = __importStar(require(\"http\"));\nconst https = __importStar(require(\"https\"));\nconst pm = __importStar(require(\"./proxy\"));\nconst tunnel = __importStar(require(\"tunnel\"));\nvar HttpCodes;\n(function (HttpCodes) {\n HttpCodes[HttpCodes[\"OK\"] = 200] = \"OK\";\n HttpCodes[HttpCodes[\"MultipleChoices\"] = 300] = \"MultipleChoices\";\n HttpCodes[HttpCodes[\"MovedPermanently\"] = 301] = \"MovedPermanently\";\n HttpCodes[HttpCodes[\"ResourceMoved\"] = 302] = \"ResourceMoved\";\n HttpCodes[HttpCodes[\"SeeOther\"] = 303] = \"SeeOther\";\n HttpCodes[HttpCodes[\"NotModified\"] = 304] = \"NotModified\";\n HttpCodes[HttpCodes[\"UseProxy\"] = 305] = \"UseProxy\";\n HttpCodes[HttpCodes[\"SwitchProxy\"] = 306] = \"SwitchProxy\";\n HttpCodes[HttpCodes[\"TemporaryRedirect\"] = 307] = \"TemporaryRedirect\";\n HttpCodes[HttpCodes[\"PermanentRedirect\"] = 308] = \"PermanentRedirect\";\n HttpCodes[HttpCodes[\"BadRequest\"] = 400] = \"BadRequest\";\n HttpCodes[HttpCodes[\"Unauthorized\"] = 401] = \"Unauthorized\";\n HttpCodes[HttpCodes[\"PaymentRequired\"] = 402] = \"PaymentRequired\";\n HttpCodes[HttpCodes[\"Forbidden\"] = 403] = \"Forbidden\";\n HttpCodes[HttpCodes[\"NotFound\"] = 404] = \"NotFound\";\n HttpCodes[HttpCodes[\"MethodNotAllowed\"] = 405] = \"MethodNotAllowed\";\n HttpCodes[HttpCodes[\"NotAcceptable\"] = 406] = \"NotAcceptable\";\n HttpCodes[HttpCodes[\"ProxyAuthenticationRequired\"] = 407] = \"ProxyAuthenticationRequired\";\n HttpCodes[HttpCodes[\"RequestTimeout\"] = 408] = \"RequestTimeout\";\n HttpCodes[HttpCodes[\"Conflict\"] = 409] = \"Conflict\";\n HttpCodes[HttpCodes[\"Gone\"] = 410] = \"Gone\";\n HttpCodes[HttpCodes[\"TooManyRequests\"] = 429] = \"TooManyRequests\";\n HttpCodes[HttpCodes[\"InternalServerError\"] = 500] = \"InternalServerError\";\n HttpCodes[HttpCodes[\"NotImplemented\"] = 501] = \"NotImplemented\";\n HttpCodes[HttpCodes[\"BadGateway\"] = 502] = \"BadGateway\";\n HttpCodes[HttpCodes[\"ServiceUnavailable\"] = 503] = \"ServiceUnavailable\";\n HttpCodes[HttpCodes[\"GatewayTimeout\"] = 504] = \"GatewayTimeout\";\n})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {}));\nvar Headers;\n(function (Headers) {\n Headers[\"Accept\"] = \"accept\";\n Headers[\"ContentType\"] = \"content-type\";\n})(Headers = exports.Headers || (exports.Headers = {}));\nvar MediaTypes;\n(function (MediaTypes) {\n MediaTypes[\"ApplicationJson\"] = \"application/json\";\n})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {}));\n/**\n * Returns the proxy URL, depending upon the supplied url and proxy environment variables.\n * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com\n */\nfunction getProxyUrl(serverUrl) {\n const proxyUrl = pm.getProxyUrl(new URL(serverUrl));\n return proxyUrl ? proxyUrl.href : '';\n}\nexports.getProxyUrl = getProxyUrl;\nconst HttpRedirectCodes = [\n HttpCodes.MovedPermanently,\n HttpCodes.ResourceMoved,\n HttpCodes.SeeOther,\n HttpCodes.TemporaryRedirect,\n HttpCodes.PermanentRedirect\n];\nconst HttpResponseRetryCodes = [\n HttpCodes.BadGateway,\n HttpCodes.ServiceUnavailable,\n HttpCodes.GatewayTimeout\n];\nconst RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD'];\nconst ExponentialBackoffCeiling = 10;\nconst ExponentialBackoffTimeSlice = 5;\nclass HttpClientError extends Error {\n constructor(message, statusCode) {\n super(message);\n this.name = 'HttpClientError';\n this.statusCode = statusCode;\n Object.setPrototypeOf(this, HttpClientError.prototype);\n }\n}\nexports.HttpClientError = HttpClientError;\nclass HttpClientResponse {\n constructor(message) {\n this.message = message;\n }\n readBody() {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () {\n let output = Buffer.alloc(0);\n this.message.on('data', (chunk) => {\n output = Buffer.concat([output, chunk]);\n });\n this.message.on('end', () => {\n resolve(output.toString());\n });\n }));\n });\n }\n}\nexports.HttpClientResponse = HttpClientResponse;\nfunction isHttps(requestUrl) {\n const parsedUrl = new URL(requestUrl);\n return parsedUrl.protocol === 'https:';\n}\nexports.isHttps = isHttps;\nclass HttpClient {\n constructor(userAgent, handlers, requestOptions) {\n this._ignoreSslError = false;\n this._allowRedirects = true;\n this._allowRedirectDowngrade = false;\n this._maxRedirects = 50;\n this._allowRetries = false;\n this._maxRetries = 1;\n this._keepAlive = false;\n this._disposed = false;\n this.userAgent = userAgent;\n this.handlers = handlers || [];\n this.requestOptions = requestOptions;\n if (requestOptions) {\n if (requestOptions.ignoreSslError != null) {\n this._ignoreSslError = requestOptions.ignoreSslError;\n }\n this._socketTimeout = requestOptions.socketTimeout;\n if (requestOptions.allowRedirects != null) {\n this._allowRedirects = requestOptions.allowRedirects;\n }\n if (requestOptions.allowRedirectDowngrade != null) {\n this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade;\n }\n if (requestOptions.maxRedirects != null) {\n this._maxRedirects = Math.max(requestOptions.maxRedirects, 0);\n }\n if (requestOptions.keepAlive != null) {\n this._keepAlive = requestOptions.keepAlive;\n }\n if (requestOptions.allowRetries != null) {\n this._allowRetries = requestOptions.allowRetries;\n }\n if (requestOptions.maxRetries != null) {\n this._maxRetries = requestOptions.maxRetries;\n }\n }\n }\n options(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('OPTIONS', requestUrl, null, additionalHeaders || {});\n });\n }\n get(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('GET', requestUrl, null, additionalHeaders || {});\n });\n }\n del(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('DELETE', requestUrl, null, additionalHeaders || {});\n });\n }\n post(requestUrl, data, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('POST', requestUrl, data, additionalHeaders || {});\n });\n }\n patch(requestUrl, data, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('PATCH', requestUrl, data, additionalHeaders || {});\n });\n }\n put(requestUrl, data, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('PUT', requestUrl, data, additionalHeaders || {});\n });\n }\n head(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('HEAD', requestUrl, null, additionalHeaders || {});\n });\n }\n sendStream(verb, requestUrl, stream, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request(verb, requestUrl, stream, additionalHeaders);\n });\n }\n /**\n * Gets a typed object from an endpoint\n * Be aware that not found returns a null. Other errors (4xx, 5xx) reject the promise\n */\n getJson(requestUrl, additionalHeaders = {}) {\n return __awaiter(this, void 0, void 0, function* () {\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n const res = yield this.get(requestUrl, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n postJson(requestUrl, obj, additionalHeaders = {}) {\n return __awaiter(this, void 0, void 0, function* () {\n const data = JSON.stringify(obj, null, 2);\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n const res = yield this.post(requestUrl, data, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n putJson(requestUrl, obj, additionalHeaders = {}) {\n return __awaiter(this, void 0, void 0, function* () {\n const data = JSON.stringify(obj, null, 2);\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n const res = yield this.put(requestUrl, data, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n patchJson(requestUrl, obj, additionalHeaders = {}) {\n return __awaiter(this, void 0, void 0, function* () {\n const data = JSON.stringify(obj, null, 2);\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n const res = yield this.patch(requestUrl, data, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n /**\n * Makes a raw http request.\n * All other methods such as get, post, patch, and request ultimately call this.\n * Prefer get, del, post and patch\n */\n request(verb, requestUrl, data, headers) {\n return __awaiter(this, void 0, void 0, function* () {\n if (this._disposed) {\n throw new Error('Client has already been disposed.');\n }\n const parsedUrl = new URL(requestUrl);\n let info = this._prepareRequest(verb, parsedUrl, headers);\n // Only perform retries on reads since writes may not be idempotent.\n const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb)\n ? this._maxRetries + 1\n : 1;\n let numTries = 0;\n let response;\n do {\n response = yield this.requestRaw(info, data);\n // Check if it's an authentication challenge\n if (response &&\n response.message &&\n response.message.statusCode === HttpCodes.Unauthorized) {\n let authenticationHandler;\n for (const handler of this.handlers) {\n if (handler.canHandleAuthentication(response)) {\n authenticationHandler = handler;\n break;\n }\n }\n if (authenticationHandler) {\n return authenticationHandler.handleAuthentication(this, info, data);\n }\n else {\n // We have received an unauthorized response but have no handlers to handle it.\n // Let the response return to the caller.\n return response;\n }\n }\n let redirectsRemaining = this._maxRedirects;\n while (response.message.statusCode &&\n HttpRedirectCodes.includes(response.message.statusCode) &&\n this._allowRedirects &&\n redirectsRemaining > 0) {\n const redirectUrl = response.message.headers['location'];\n if (!redirectUrl) {\n // if there's no location to redirect to, we won't\n break;\n }\n const parsedRedirectUrl = new URL(redirectUrl);\n if (parsedUrl.protocol === 'https:' &&\n parsedUrl.protocol !== parsedRedirectUrl.protocol &&\n !this._allowRedirectDowngrade) {\n throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.');\n }\n // we need to finish reading the response before reassigning response\n // which will leak the open socket.\n yield response.readBody();\n // strip authorization header if redirected to a different hostname\n if (parsedRedirectUrl.hostname !== parsedUrl.hostname) {\n for (const header in headers) {\n // header names are case insensitive\n if (header.toLowerCase() === 'authorization') {\n delete headers[header];\n }\n }\n }\n // let's make the request with the new redirectUrl\n info = this._prepareRequest(verb, parsedRedirectUrl, headers);\n response = yield this.requestRaw(info, data);\n redirectsRemaining--;\n }\n if (!response.message.statusCode ||\n !HttpResponseRetryCodes.includes(response.message.statusCode)) {\n // If not a retry code, return immediately instead of retrying\n return response;\n }\n numTries += 1;\n if (numTries < maxTries) {\n yield response.readBody();\n yield this._performExponentialBackoff(numTries);\n }\n } while (numTries < maxTries);\n return response;\n });\n }\n /**\n * Needs to be called if keepAlive is set to true in request options.\n */\n dispose() {\n if (this._agent) {\n this._agent.destroy();\n }\n this._disposed = true;\n }\n /**\n * Raw request.\n * @param info\n * @param data\n */\n requestRaw(info, data) {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve, reject) => {\n function callbackForResult(err, res) {\n if (err) {\n reject(err);\n }\n else if (!res) {\n // If `err` is not passed, then `res` must be passed.\n reject(new Error('Unknown error'));\n }\n else {\n resolve(res);\n }\n }\n this.requestRawWithCallback(info, data, callbackForResult);\n });\n });\n }\n /**\n * Raw request with callback.\n * @param info\n * @param data\n * @param onResult\n */\n requestRawWithCallback(info, data, onResult) {\n if (typeof data === 'string') {\n if (!info.options.headers) {\n info.options.headers = {};\n }\n info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8');\n }\n let callbackCalled = false;\n function handleResult(err, res) {\n if (!callbackCalled) {\n callbackCalled = true;\n onResult(err, res);\n }\n }\n const req = info.httpModule.request(info.options, (msg) => {\n const res = new HttpClientResponse(msg);\n handleResult(undefined, res);\n });\n let socket;\n req.on('socket', sock => {\n socket = sock;\n });\n // If we ever get disconnected, we want the socket to timeout eventually\n req.setTimeout(this._socketTimeout || 3 * 60000, () => {\n if (socket) {\n socket.end();\n }\n handleResult(new Error(`Request timeout: ${info.options.path}`));\n });\n req.on('error', function (err) {\n // err has statusCode property\n // res should have headers\n handleResult(err);\n });\n if (data && typeof data === 'string') {\n req.write(data, 'utf8');\n }\n if (data && typeof data !== 'string') {\n data.on('close', function () {\n req.end();\n });\n data.pipe(req);\n }\n else {\n req.end();\n }\n }\n /**\n * Gets an http agent. This function is useful when you need an http agent that handles\n * routing through a proxy server - depending upon the url and proxy environment variables.\n * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com\n */\n getAgent(serverUrl) {\n const parsedUrl = new URL(serverUrl);\n return this._getAgent(parsedUrl);\n }\n _prepareRequest(method, requestUrl, headers) {\n const info = {};\n info.parsedUrl = requestUrl;\n const usingSsl = info.parsedUrl.protocol === 'https:';\n info.httpModule = usingSsl ? https : http;\n const defaultPort = usingSsl ? 443 : 80;\n info.options = {};\n info.options.host = info.parsedUrl.hostname;\n info.options.port = info.parsedUrl.port\n ? parseInt(info.parsedUrl.port)\n : defaultPort;\n info.options.path =\n (info.parsedUrl.pathname || '') + (info.parsedUrl.search || '');\n info.options.method = method;\n info.options.headers = this._mergeHeaders(headers);\n if (this.userAgent != null) {\n info.options.headers['user-agent'] = this.userAgent;\n }\n info.options.agent = this._getAgent(info.parsedUrl);\n // gives handlers an opportunity to participate\n if (this.handlers) {\n for (const handler of this.handlers) {\n handler.prepareRequest(info.options);\n }\n }\n return info;\n }\n _mergeHeaders(headers) {\n if (this.requestOptions && this.requestOptions.headers) {\n return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {}));\n }\n return lowercaseKeys(headers || {});\n }\n _getExistingOrDefaultHeader(additionalHeaders, header, _default) {\n let clientHeader;\n if (this.requestOptions && this.requestOptions.headers) {\n clientHeader = lowercaseKeys(this.requestOptions.headers)[header];\n }\n return additionalHeaders[header] || clientHeader || _default;\n }\n _getAgent(parsedUrl) {\n let agent;\n const proxyUrl = pm.getProxyUrl(parsedUrl);\n const useProxy = proxyUrl && proxyUrl.hostname;\n if (this._keepAlive && useProxy) {\n agent = this._proxyAgent;\n }\n if (this._keepAlive && !useProxy) {\n agent = this._agent;\n }\n // if agent is already assigned use that agent.\n if (agent) {\n return agent;\n }\n const usingSsl = parsedUrl.protocol === 'https:';\n let maxSockets = 100;\n if (this.requestOptions) {\n maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets;\n }\n // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis.\n if (proxyUrl && proxyUrl.hostname) {\n const agentOptions = {\n maxSockets,\n keepAlive: this._keepAlive,\n proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && {\n proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`\n })), { host: proxyUrl.hostname, port: proxyUrl.port })\n };\n let tunnelAgent;\n const overHttps = proxyUrl.protocol === 'https:';\n if (usingSsl) {\n tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp;\n }\n else {\n tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp;\n }\n agent = tunnelAgent(agentOptions);\n this._proxyAgent = agent;\n }\n // if reusing agent across request and tunneling agent isn't assigned create a new agent\n if (this._keepAlive && !agent) {\n const options = { keepAlive: this._keepAlive, maxSockets };\n agent = usingSsl ? new https.Agent(options) : new http.Agent(options);\n this._agent = agent;\n }\n // if not using private agent and tunnel agent isn't setup then use global agent\n if (!agent) {\n agent = usingSsl ? https.globalAgent : http.globalAgent;\n }\n if (usingSsl && this._ignoreSslError) {\n // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process\n // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options\n // we have to cast it to any and change it directly\n agent.options = Object.assign(agent.options || {}, {\n rejectUnauthorized: false\n });\n }\n return agent;\n }\n _performExponentialBackoff(retryNumber) {\n return __awaiter(this, void 0, void 0, function* () {\n retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber);\n const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber);\n return new Promise(resolve => setTimeout(() => resolve(), ms));\n });\n }\n _processResponse(res, options) {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {\n const statusCode = res.message.statusCode || 0;\n const response = {\n statusCode,\n result: null,\n headers: {}\n };\n // not found leads to null obj returned\n if (statusCode === HttpCodes.NotFound) {\n resolve(response);\n }\n // get the result from the body\n function dateTimeDeserializer(key, value) {\n if (typeof value === 'string') {\n const a = new Date(value);\n if (!isNaN(a.valueOf())) {\n return a;\n }\n }\n return value;\n }\n let obj;\n let contents;\n try {\n contents = yield res.readBody();\n if (contents && contents.length > 0) {\n if (options && options.deserializeDates) {\n obj = JSON.parse(contents, dateTimeDeserializer);\n }\n else {\n obj = JSON.parse(contents);\n }\n response.result = obj;\n }\n response.headers = res.message.headers;\n }\n catch (err) {\n // Invalid resource (contents not json); leaving result obj null\n }\n // note that 3xx redirects are handled by the http layer.\n if (statusCode > 299) {\n let msg;\n // if exception/error in body, attempt to get better error\n if (obj && obj.message) {\n msg = obj.message;\n }\n else if (contents && contents.length > 0) {\n // it may be the case that the exception is in the body message as string\n msg = contents;\n }\n else {\n msg = `Failed request: (${statusCode})`;\n }\n const err = new HttpClientError(msg, statusCode);\n err.result = response.result;\n reject(err);\n }\n else {\n resolve(response);\n }\n }));\n });\n }\n}\nexports.HttpClient = HttpClient;\nconst lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {});\n//# sourceMappingURL=index.js.map","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.checkBypass = exports.getProxyUrl = void 0;\nfunction getProxyUrl(reqUrl) {\n const usingSsl = reqUrl.protocol === 'https:';\n if (checkBypass(reqUrl)) {\n return undefined;\n }\n const proxyVar = (() => {\n if (usingSsl) {\n return process.env['https_proxy'] || process.env['HTTPS_PROXY'];\n }\n else {\n return process.env['http_proxy'] || process.env['HTTP_PROXY'];\n }\n })();\n if (proxyVar) {\n return new URL(proxyVar);\n }\n else {\n return undefined;\n }\n}\nexports.getProxyUrl = getProxyUrl;\nfunction checkBypass(reqUrl) {\n if (!reqUrl.hostname) {\n return false;\n }\n const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || '';\n if (!noProxy) {\n return false;\n }\n // Determine the request port\n let reqPort;\n if (reqUrl.port) {\n reqPort = Number(reqUrl.port);\n }\n else if (reqUrl.protocol === 'http:') {\n reqPort = 80;\n }\n else if (reqUrl.protocol === 'https:') {\n reqPort = 443;\n }\n // Format the request hostname and hostname with port\n const upperReqHosts = [reqUrl.hostname.toUpperCase()];\n if (typeof reqPort === 'number') {\n upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`);\n }\n // Compare request host against noproxy\n for (const upperNoProxyItem of noProxy\n .split(',')\n .map(x => x.trim().toUpperCase())\n .filter(x => x)) {\n if (upperReqHosts.some(x => x === upperNoProxyItem)) {\n return true;\n }\n }\n return false;\n}\nexports.checkBypass = checkBypass;\n//# sourceMappingURL=proxy.js.map","// Copyright 2011 Mark Cavage All rights reserved.\n\n\nmodule.exports = {\n\n newInvalidAsn1Error: function (msg) {\n var e = new Error();\n e.name = 'InvalidAsn1Error';\n e.message = msg || '';\n return e;\n }\n\n};\n","// Copyright 2011 Mark Cavage All rights reserved.\n\nvar errors = require('./errors');\nvar types = require('./types');\n\nvar Reader = require('./reader');\nvar Writer = require('./writer');\n\n\n// --- Exports\n\nmodule.exports = {\n\n Reader: Reader,\n\n Writer: Writer\n\n};\n\nfor (var t in types) {\n if (types.hasOwnProperty(t))\n module.exports[t] = types[t];\n}\nfor (var e in errors) {\n if (errors.hasOwnProperty(e))\n module.exports[e] = errors[e];\n}\n","// Copyright 2011 Mark Cavage All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\n\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\n\n\n// --- API\n\nfunction Reader(data) {\n if (!data || !Buffer.isBuffer(data))\n throw new TypeError('data must be a node Buffer');\n\n this._buf = data;\n this._size = data.length;\n\n // These hold the \"current\" state\n this._len = 0;\n this._offset = 0;\n}\n\nObject.defineProperty(Reader.prototype, 'length', {\n enumerable: true,\n get: function () { return (this._len); }\n});\n\nObject.defineProperty(Reader.prototype, 'offset', {\n enumerable: true,\n get: function () { return (this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'remain', {\n get: function () { return (this._size - this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'buffer', {\n get: function () { return (this._buf.slice(this._offset)); }\n});\n\n\n/**\n * Reads a single byte and advances offset; you can pass in `true` to make this\n * a \"peek\" operation (i.e., get the byte, but don't advance the offset).\n *\n * @param {Boolean} peek true means don't move offset.\n * @return {Number} the next byte, null if not enough data.\n */\nReader.prototype.readByte = function (peek) {\n if (this._size - this._offset < 1)\n return null;\n\n var b = this._buf[this._offset] & 0xff;\n\n if (!peek)\n this._offset += 1;\n\n return b;\n};\n\n\nReader.prototype.peek = function () {\n return this.readByte(true);\n};\n\n\n/**\n * Reads a (potentially) variable length off the BER buffer. This call is\n * not really meant to be called directly, as callers have to manipulate\n * the internal buffer afterwards.\n *\n * As a result of this call, you can call `Reader.length`, until the\n * next thing called that does a readLength.\n *\n * @return {Number} the amount of offset to advance the buffer.\n * @throws {InvalidAsn1Error} on bad ASN.1\n */\nReader.prototype.readLength = function (offset) {\n if (offset === undefined)\n offset = this._offset;\n\n if (offset >= this._size)\n return null;\n\n var lenB = this._buf[offset++] & 0xff;\n if (lenB === null)\n return null;\n\n if ((lenB & 0x80) === 0x80) {\n lenB &= 0x7f;\n\n if (lenB === 0)\n throw newInvalidAsn1Error('Indefinite length not supported');\n\n if (lenB > 4)\n throw newInvalidAsn1Error('encoding too long');\n\n if (this._size - offset < lenB)\n return null;\n\n this._len = 0;\n for (var i = 0; i < lenB; i++)\n this._len = (this._len << 8) + (this._buf[offset++] & 0xff);\n\n } else {\n // Wasn't a variable length\n this._len = lenB;\n }\n\n return offset;\n};\n\n\n/**\n * Parses the next sequence in this BER buffer.\n *\n * To get the length of the sequence, call `Reader.length`.\n *\n * @return {Number} the sequence's tag.\n */\nReader.prototype.readSequence = function (tag) {\n var seq = this.peek();\n if (seq === null)\n return null;\n if (tag !== undefined && tag !== seq)\n throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n ': got 0x' + seq.toString(16));\n\n var o = this.readLength(this._offset + 1); // stored in `length`\n if (o === null)\n return null;\n\n this._offset = o;\n return seq;\n};\n\n\nReader.prototype.readInt = function () {\n return this._readTag(ASN1.Integer);\n};\n\n\nReader.prototype.readBoolean = function () {\n return (this._readTag(ASN1.Boolean) === 0 ? false : true);\n};\n\n\nReader.prototype.readEnumeration = function () {\n return this._readTag(ASN1.Enumeration);\n};\n\n\nReader.prototype.readString = function (tag, retbuf) {\n if (!tag)\n tag = ASN1.OctetString;\n\n var b = this.peek();\n if (b === null)\n return null;\n\n if (b !== tag)\n throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n ': got 0x' + b.toString(16));\n\n var o = this.readLength(this._offset + 1); // stored in `length`\n\n if (o === null)\n return null;\n\n if (this.length > this._size - o)\n return null;\n\n this._offset = o;\n\n if (this.length === 0)\n return retbuf ? Buffer.alloc(0) : '';\n\n var str = this._buf.slice(this._offset, this._offset + this.length);\n this._offset += this.length;\n\n return retbuf ? str : str.toString('utf8');\n};\n\nReader.prototype.readOID = function (tag) {\n if (!tag)\n tag = ASN1.OID;\n\n var b = this.readString(tag, true);\n if (b === null)\n return null;\n\n var values = [];\n var value = 0;\n\n for (var i = 0; i < b.length; i++) {\n var byte = b[i] & 0xff;\n\n value <<= 7;\n value += byte & 0x7f;\n if ((byte & 0x80) === 0) {\n values.push(value);\n value = 0;\n }\n }\n\n value = values.shift();\n values.unshift(value % 40);\n values.unshift((value / 40) >> 0);\n\n return values.join('.');\n};\n\n\nReader.prototype._readTag = function (tag) {\n assert.ok(tag !== undefined);\n\n var b = this.peek();\n\n if (b === null)\n return null;\n\n if (b !== tag)\n throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n ': got 0x' + b.toString(16));\n\n var o = this.readLength(this._offset + 1); // stored in `length`\n if (o === null)\n return null;\n\n if (this.length > 4)\n throw newInvalidAsn1Error('Integer too long: ' + this.length);\n\n if (this.length > this._size - o)\n return null;\n this._offset = o;\n\n var fb = this._buf[this._offset];\n var value = 0;\n\n for (var i = 0; i < this.length; i++) {\n value <<= 8;\n value |= (this._buf[this._offset++] & 0xff);\n }\n\n if ((fb & 0x80) === 0x80 && i !== 4)\n value -= (1 << (i * 8));\n\n return value >> 0;\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Reader;\n","// Copyright 2011 Mark Cavage All rights reserved.\n\n\nmodule.exports = {\n EOC: 0,\n Boolean: 1,\n Integer: 2,\n BitString: 3,\n OctetString: 4,\n Null: 5,\n OID: 6,\n ObjectDescriptor: 7,\n External: 8,\n Real: 9, // float\n Enumeration: 10,\n PDV: 11,\n Utf8String: 12,\n RelativeOID: 13,\n Sequence: 16,\n Set: 17,\n NumericString: 18,\n PrintableString: 19,\n T61String: 20,\n VideotexString: 21,\n IA5String: 22,\n UTCTime: 23,\n GeneralizedTime: 24,\n GraphicString: 25,\n VisibleString: 26,\n GeneralString: 28,\n UniversalString: 29,\n CharacterString: 30,\n BMPString: 31,\n Constructor: 32,\n Context: 128\n};\n","// Copyright 2011 Mark Cavage All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\nvar DEFAULT_OPTS = {\n size: 1024,\n growthFactor: 8\n};\n\n\n// --- Helpers\n\nfunction merge(from, to) {\n assert.ok(from);\n assert.equal(typeof (from), 'object');\n assert.ok(to);\n assert.equal(typeof (to), 'object');\n\n var keys = Object.getOwnPropertyNames(from);\n keys.forEach(function (key) {\n if (to[key])\n return;\n\n var value = Object.getOwnPropertyDescriptor(from, key);\n Object.defineProperty(to, key, value);\n });\n\n return to;\n}\n\n\n\n// --- API\n\nfunction Writer(options) {\n options = merge(DEFAULT_OPTS, options || {});\n\n this._buf = Buffer.alloc(options.size || 1024);\n this._size = this._buf.length;\n this._offset = 0;\n this._options = options;\n\n // A list of offsets in the buffer where we need to insert\n // sequence tag/len pairs.\n this._seq = [];\n}\n\nObject.defineProperty(Writer.prototype, 'buffer', {\n get: function () {\n if (this._seq.length)\n throw newInvalidAsn1Error(this._seq.length + ' unended sequence(s)');\n\n return (this._buf.slice(0, this._offset));\n }\n});\n\nWriter.prototype.writeByte = function (b) {\n if (typeof (b) !== 'number')\n throw new TypeError('argument must be a Number');\n\n this._ensure(1);\n this._buf[this._offset++] = b;\n};\n\n\nWriter.prototype.writeInt = function (i, tag) {\n if (typeof (i) !== 'number')\n throw new TypeError('argument must be a Number');\n if (typeof (tag) !== 'number')\n tag = ASN1.Integer;\n\n var sz = 4;\n\n while ((((i & 0xff800000) === 0) || ((i & 0xff800000) === 0xff800000 >> 0)) &&\n (sz > 1)) {\n sz--;\n i <<= 8;\n }\n\n if (sz > 4)\n throw newInvalidAsn1Error('BER ints cannot be > 0xffffffff');\n\n this._ensure(2 + sz);\n this._buf[this._offset++] = tag;\n this._buf[this._offset++] = sz;\n\n while (sz-- > 0) {\n this._buf[this._offset++] = ((i & 0xff000000) >>> 24);\n i <<= 8;\n }\n\n};\n\n\nWriter.prototype.writeNull = function () {\n this.writeByte(ASN1.Null);\n this.writeByte(0x00);\n};\n\n\nWriter.prototype.writeEnumeration = function (i, tag) {\n if (typeof (i) !== 'number')\n throw new TypeError('argument must be a Number');\n if (typeof (tag) !== 'number')\n tag = ASN1.Enumeration;\n\n return this.writeInt(i, tag);\n};\n\n\nWriter.prototype.writeBoolean = function (b, tag) {\n if (typeof (b) !== 'boolean')\n throw new TypeError('argument must be a Boolean');\n if (typeof (tag) !== 'number')\n tag = ASN1.Boolean;\n\n this._ensure(3);\n this._buf[this._offset++] = tag;\n this._buf[this._offset++] = 0x01;\n this._buf[this._offset++] = b ? 0xff : 0x00;\n};\n\n\nWriter.prototype.writeString = function (s, tag) {\n if (typeof (s) !== 'string')\n throw new TypeError('argument must be a string (was: ' + typeof (s) + ')');\n if (typeof (tag) !== 'number')\n tag = ASN1.OctetString;\n\n var len = Buffer.byteLength(s);\n this.writeByte(tag);\n this.writeLength(len);\n if (len) {\n this._ensure(len);\n this._buf.write(s, this._offset);\n this._offset += len;\n }\n};\n\n\nWriter.prototype.writeBuffer = function (buf, tag) {\n if (typeof (tag) !== 'number')\n throw new TypeError('tag must be a number');\n if (!Buffer.isBuffer(buf))\n throw new TypeError('argument must be a buffer');\n\n this.writeByte(tag);\n this.writeLength(buf.length);\n this._ensure(buf.length);\n buf.copy(this._buf, this._offset, 0, buf.length);\n this._offset += buf.length;\n};\n\n\nWriter.prototype.writeStringArray = function (strings) {\n if ((!strings instanceof Array))\n throw new TypeError('argument must be an Array[String]');\n\n var self = this;\n strings.forEach(function (s) {\n self.writeString(s);\n });\n};\n\n// This is really to solve DER cases, but whatever for now\nWriter.prototype.writeOID = function (s, tag) {\n if (typeof (s) !== 'string')\n throw new TypeError('argument must be a string');\n if (typeof (tag) !== 'number')\n tag = ASN1.OID;\n\n if (!/^([0-9]+\\.){3,}[0-9]+$/.test(s))\n throw new Error('argument is not a valid OID string');\n\n function encodeOctet(bytes, octet) {\n if (octet < 128) {\n bytes.push(octet);\n } else if (octet < 16384) {\n bytes.push((octet >>> 7) | 0x80);\n bytes.push(octet & 0x7F);\n } else if (octet < 2097152) {\n bytes.push((octet >>> 14) | 0x80);\n bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n bytes.push(octet & 0x7F);\n } else if (octet < 268435456) {\n bytes.push((octet >>> 21) | 0x80);\n bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n bytes.push(octet & 0x7F);\n } else {\n bytes.push(((octet >>> 28) | 0x80) & 0xFF);\n bytes.push(((octet >>> 21) | 0x80) & 0xFF);\n bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n bytes.push(octet & 0x7F);\n }\n }\n\n var tmp = s.split('.');\n var bytes = [];\n bytes.push(parseInt(tmp[0], 10) * 40 + parseInt(tmp[1], 10));\n tmp.slice(2).forEach(function (b) {\n encodeOctet(bytes, parseInt(b, 10));\n });\n\n var self = this;\n this._ensure(2 + bytes.length);\n this.writeByte(tag);\n this.writeLength(bytes.length);\n bytes.forEach(function (b) {\n self.writeByte(b);\n });\n};\n\n\nWriter.prototype.writeLength = function (len) {\n if (typeof (len) !== 'number')\n throw new TypeError('argument must be a Number');\n\n this._ensure(4);\n\n if (len <= 0x7f) {\n this._buf[this._offset++] = len;\n } else if (len <= 0xff) {\n this._buf[this._offset++] = 0x81;\n this._buf[this._offset++] = len;\n } else if (len <= 0xffff) {\n this._buf[this._offset++] = 0x82;\n this._buf[this._offset++] = len >> 8;\n this._buf[this._offset++] = len;\n } else if (len <= 0xffffff) {\n this._buf[this._offset++] = 0x83;\n this._buf[this._offset++] = len >> 16;\n this._buf[this._offset++] = len >> 8;\n this._buf[this._offset++] = len;\n } else {\n throw newInvalidAsn1Error('Length too long (> 4 bytes)');\n }\n};\n\nWriter.prototype.startSequence = function (tag) {\n if (typeof (tag) !== 'number')\n tag = ASN1.Sequence | ASN1.Constructor;\n\n this.writeByte(tag);\n this._seq.push(this._offset);\n this._ensure(3);\n this._offset += 3;\n};\n\n\nWriter.prototype.endSequence = function () {\n var seq = this._seq.pop();\n var start = seq + 3;\n var len = this._offset - start;\n\n if (len <= 0x7f) {\n this._shift(start, len, -2);\n this._buf[seq] = len;\n } else if (len <= 0xff) {\n this._shift(start, len, -1);\n this._buf[seq] = 0x81;\n this._buf[seq + 1] = len;\n } else if (len <= 0xffff) {\n this._buf[seq] = 0x82;\n this._buf[seq + 1] = len >> 8;\n this._buf[seq + 2] = len;\n } else if (len <= 0xffffff) {\n this._shift(start, len, 1);\n this._buf[seq] = 0x83;\n this._buf[seq + 1] = len >> 16;\n this._buf[seq + 2] = len >> 8;\n this._buf[seq + 3] = len;\n } else {\n throw newInvalidAsn1Error('Sequence too long');\n }\n};\n\n\nWriter.prototype._shift = function (start, len, shift) {\n assert.ok(start !== undefined);\n assert.ok(len !== undefined);\n assert.ok(shift);\n\n this._buf.copy(this._buf, start + shift, start, start + len);\n this._offset += shift;\n};\n\nWriter.prototype._ensure = function (len) {\n assert.ok(len);\n\n if (this._size - this._offset < len) {\n var sz = this._size * this._options.growthFactor;\n if (sz - this._offset < len)\n sz += len;\n\n var buf = Buffer.alloc(sz);\n\n this._buf.copy(buf, 0, 0, this._offset);\n this._buf = buf;\n this._size = sz;\n }\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Writer;\n","// Copyright 2011 Mark Cavage All rights reserved.\n\n// If you have no idea what ASN.1 or BER is, see this:\n// ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc\n\nvar Ber = require('./ber/index');\n\n\n\n// --- Exported API\n\nmodule.exports = {\n\n Ber: Ber,\n\n BerReader: Ber.Reader,\n\n BerWriter: Ber.Writer\n\n};\n","'use strict';\n\nvar crypto_hash_sha512 = require('tweetnacl').lowlevel.crypto_hash;\n\n/*\n * This file is a 1:1 port from the OpenBSD blowfish.c and bcrypt_pbkdf.c. As a\n * result, it retains the original copyright and license. The two files are\n * under slightly different (but compatible) licenses, and are here combined in\n * one file.\n *\n * Credit for the actual porting work goes to:\n * Devi Mandiri \n */\n\n/*\n * The Blowfish portions are under the following license:\n *\n * Blowfish block cipher for OpenBSD\n * Copyright 1997 Niels Provos \n * All rights reserved.\n *\n * Implementation advice by David Mazieres .\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n */\n\n/*\n * The bcrypt_pbkdf portions are under the following license:\n *\n * Copyright (c) 2013 Ted Unangst \n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n/*\n * Performance improvements (Javascript-specific):\n *\n * Copyright 2016, Joyent Inc\n * Author: Alex Wilson \n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n// Ported from OpenBSD bcrypt_pbkdf.c v1.9\n\nvar BLF_J = 0;\n\nvar Blowfish = function() {\n this.S = [\n new Uint32Array([\n 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7,\n 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,\n 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,\n 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,\n 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee,\n 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,\n 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef,\n 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e,\n 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,\n 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440,\n 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce,\n 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,\n 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e,\n 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677,\n 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,\n 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032,\n 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88,\n 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,\n 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e,\n 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0,\n 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,\n 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98,\n 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88,\n 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,\n 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6,\n 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d,\n 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,\n 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7,\n 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba,\n 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,\n 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f,\n 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09,\n 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,\n 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb,\n 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279,\n 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,\n 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab,\n 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82,\n 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,\n 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573,\n 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0,\n 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,\n 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790,\n 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8,\n 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,\n 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0,\n 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7,\n 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,\n 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad,\n 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1,\n 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,\n 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9,\n 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477,\n 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,\n 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49,\n 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af,\n 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,\n 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5,\n 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41,\n 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,\n 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,\n 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,\n 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,\n 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a]),\n new Uint32Array([\n 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623,\n 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,\n 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1,\n 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e,\n 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6,\n 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1,\n 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e,\n 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1,\n 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737,\n 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8,\n 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff,\n 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd,\n 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701,\n 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7,\n 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41,\n 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331,\n 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf,\n 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af,\n 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e,\n 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87,\n 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c,\n 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2,\n 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16,\n 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd,\n 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b,\n 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509,\n 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,\n 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3,\n 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f,\n 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a,\n 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4,\n 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960,\n 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66,\n 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28,\n 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802,\n 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,\n 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510,\n 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf,\n 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14,\n 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e,\n 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50,\n 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,\n 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8,\n 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281,\n 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99,\n 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696,\n 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128,\n 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73,\n 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0,\n 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0,\n 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105,\n 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250,\n 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3,\n 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285,\n 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00,\n 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061,\n 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb,\n 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e,\n 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735,\n 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc,\n 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9,\n 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340,\n 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,\n 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7]),\n new Uint32Array([\n 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934,\n 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,\n 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af,\n 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840,\n 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45,\n 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504,\n 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a,\n 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb,\n 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee,\n 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6,\n 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42,\n 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b,\n 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2,\n 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb,\n 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527,\n 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b,\n 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33,\n 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c,\n 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3,\n 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc,\n 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17,\n 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564,\n 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b,\n 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115,\n 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922,\n 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728,\n 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0,\n 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e,\n 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37,\n 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,\n 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804,\n 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b,\n 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,\n 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb,\n 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d,\n 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c,\n 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350,\n 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9,\n 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a,\n 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe,\n 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d,\n 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc,\n 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f,\n 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61,\n 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2,\n 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9,\n 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2,\n 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c,\n 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e,\n 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633,\n 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10,\n 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169,\n 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52,\n 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027,\n 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5,\n 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62,\n 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634,\n 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76,\n 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24,\n 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,\n 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4,\n 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c,\n 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,\n 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0]),\n new Uint32Array([\n 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b,\n 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,\n 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b,\n 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4,\n 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8,\n 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6,\n 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304,\n 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22,\n 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,\n 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6,\n 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9,\n 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59,\n 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593,\n 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51,\n 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,\n 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c,\n 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b,\n 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28,\n 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c,\n 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd,\n 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a,\n 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319,\n 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb,\n 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f,\n 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991,\n 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32,\n 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680,\n 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166,\n 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae,\n 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb,\n 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5,\n 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47,\n 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370,\n 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d,\n 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84,\n 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048,\n 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8,\n 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd,\n 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9,\n 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7,\n 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38,\n 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f,\n 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c,\n 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525,\n 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1,\n 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442,\n 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964,\n 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e,\n 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8,\n 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d,\n 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f,\n 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299,\n 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02,\n 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc,\n 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614,\n 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a,\n 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,\n 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,\n 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0,\n 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060,\n 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e,\n 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9,\n 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,\n 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6])\n ];\n this.P = new Uint32Array([\n 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,\n 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89,\n 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,\n 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917,\n 0x9216d5d9, 0x8979fb1b]);\n};\n\nfunction F(S, x8, i) {\n return (((S[0][x8[i+3]] +\n S[1][x8[i+2]]) ^\n S[2][x8[i+1]]) +\n S[3][x8[i]]);\n};\n\nBlowfish.prototype.encipher = function(x, x8) {\n if (x8 === undefined) {\n x8 = new Uint8Array(x.buffer);\n if (x.byteOffset !== 0)\n x8 = x8.subarray(x.byteOffset);\n }\n x[0] ^= this.P[0];\n for (var i = 1; i < 16; i += 2) {\n x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n x[0] ^= F(this.S, x8, 4) ^ this.P[i+1];\n }\n var t = x[0];\n x[0] = x[1] ^ this.P[17];\n x[1] = t;\n};\n\nBlowfish.prototype.decipher = function(x) {\n var x8 = new Uint8Array(x.buffer);\n if (x.byteOffset !== 0)\n x8 = x8.subarray(x.byteOffset);\n x[0] ^= this.P[17];\n for (var i = 16; i > 0; i -= 2) {\n x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n x[0] ^= F(this.S, x8, 4) ^ this.P[i-1];\n }\n var t = x[0];\n x[0] = x[1] ^ this.P[0];\n x[1] = t;\n};\n\nfunction stream2word(data, databytes){\n var i, temp = 0;\n for (i = 0; i < 4; i++, BLF_J++) {\n if (BLF_J >= databytes) BLF_J = 0;\n temp = (temp << 8) | data[BLF_J];\n }\n return temp;\n};\n\nBlowfish.prototype.expand0state = function(key, keybytes) {\n var d = new Uint32Array(2), i, k;\n var d8 = new Uint8Array(d.buffer);\n\n for (i = 0, BLF_J = 0; i < 18; i++) {\n this.P[i] ^= stream2word(key, keybytes);\n }\n BLF_J = 0;\n\n for (i = 0; i < 18; i += 2) {\n this.encipher(d, d8);\n this.P[i] = d[0];\n this.P[i+1] = d[1];\n }\n\n for (i = 0; i < 4; i++) {\n for (k = 0; k < 256; k += 2) {\n this.encipher(d, d8);\n this.S[i][k] = d[0];\n this.S[i][k+1] = d[1];\n }\n }\n};\n\nBlowfish.prototype.expandstate = function(data, databytes, key, keybytes) {\n var d = new Uint32Array(2), i, k;\n\n for (i = 0, BLF_J = 0; i < 18; i++) {\n this.P[i] ^= stream2word(key, keybytes);\n }\n\n for (i = 0, BLF_J = 0; i < 18; i += 2) {\n d[0] ^= stream2word(data, databytes);\n d[1] ^= stream2word(data, databytes);\n this.encipher(d);\n this.P[i] = d[0];\n this.P[i+1] = d[1];\n }\n\n for (i = 0; i < 4; i++) {\n for (k = 0; k < 256; k += 2) {\n d[0] ^= stream2word(data, databytes);\n d[1] ^= stream2word(data, databytes);\n this.encipher(d);\n this.S[i][k] = d[0];\n this.S[i][k+1] = d[1];\n }\n }\n BLF_J = 0;\n};\n\nBlowfish.prototype.enc = function(data, blocks) {\n for (var i = 0; i < blocks; i++) {\n this.encipher(data.subarray(i*2));\n }\n};\n\nBlowfish.prototype.dec = function(data, blocks) {\n for (var i = 0; i < blocks; i++) {\n this.decipher(data.subarray(i*2));\n }\n};\n\nvar BCRYPT_BLOCKS = 8,\n BCRYPT_HASHSIZE = 32;\n\nfunction bcrypt_hash(sha2pass, sha2salt, out) {\n var state = new Blowfish(),\n cdata = new Uint32Array(BCRYPT_BLOCKS), i,\n ciphertext = new Uint8Array([79,120,121,99,104,114,111,109,97,116,105,\n 99,66,108,111,119,102,105,115,104,83,119,97,116,68,121,110,97,109,\n 105,116,101]); //\"OxychromaticBlowfishSwatDynamite\"\n\n state.expandstate(sha2salt, 64, sha2pass, 64);\n for (i = 0; i < 64; i++) {\n state.expand0state(sha2salt, 64);\n state.expand0state(sha2pass, 64);\n }\n\n for (i = 0; i < BCRYPT_BLOCKS; i++)\n cdata[i] = stream2word(ciphertext, ciphertext.byteLength);\n for (i = 0; i < 64; i++)\n state.enc(cdata, cdata.byteLength / 8);\n\n for (i = 0; i < BCRYPT_BLOCKS; i++) {\n out[4*i+3] = cdata[i] >>> 24;\n out[4*i+2] = cdata[i] >>> 16;\n out[4*i+1] = cdata[i] >>> 8;\n out[4*i+0] = cdata[i];\n }\n};\n\nfunction bcrypt_pbkdf(pass, passlen, salt, saltlen, key, keylen, rounds) {\n var sha2pass = new Uint8Array(64),\n sha2salt = new Uint8Array(64),\n out = new Uint8Array(BCRYPT_HASHSIZE),\n tmpout = new Uint8Array(BCRYPT_HASHSIZE),\n countsalt = new Uint8Array(saltlen+4),\n i, j, amt, stride, dest, count,\n origkeylen = keylen;\n\n if (rounds < 1)\n return -1;\n if (passlen === 0 || saltlen === 0 || keylen === 0 ||\n keylen > (out.byteLength * out.byteLength) || saltlen > (1<<20))\n return -1;\n\n stride = Math.floor((keylen + out.byteLength - 1) / out.byteLength);\n amt = Math.floor((keylen + stride - 1) / stride);\n\n for (i = 0; i < saltlen; i++)\n countsalt[i] = salt[i];\n\n crypto_hash_sha512(sha2pass, pass, passlen);\n\n for (count = 1; keylen > 0; count++) {\n countsalt[saltlen+0] = count >>> 24;\n countsalt[saltlen+1] = count >>> 16;\n countsalt[saltlen+2] = count >>> 8;\n countsalt[saltlen+3] = count;\n\n crypto_hash_sha512(sha2salt, countsalt, saltlen + 4);\n bcrypt_hash(sha2pass, sha2salt, tmpout);\n for (i = out.byteLength; i--;)\n out[i] = tmpout[i];\n\n for (i = 1; i < rounds; i++) {\n crypto_hash_sha512(sha2salt, tmpout, tmpout.byteLength);\n bcrypt_hash(sha2pass, sha2salt, tmpout);\n for (j = 0; j < out.byteLength; j++)\n out[j] ^= tmpout[j];\n }\n\n amt = Math.min(amt, keylen);\n for (i = 0; i < amt; i++) {\n dest = i * stride + (count - 1);\n if (dest >= origkeylen)\n break;\n key[dest] = out[i];\n }\n keylen -= i;\n }\n\n return 0;\n};\n\nmodule.exports = {\n BLOCKS: BCRYPT_BLOCKS,\n HASHSIZE: BCRYPT_HASHSIZE,\n hash: bcrypt_hash,\n pbkdf: bcrypt_pbkdf\n};\n","'use strict';\n\nconst binding = require('../build/Release/cpufeatures.node');\n\nmodule.exports = binding.getCPUInfo;\n","'use strict';\n\nconst isStream = stream =>\n\tstream !== null &&\n\ttypeof stream === 'object' &&\n\ttypeof stream.pipe === 'function';\n\nisStream.writable = stream =>\n\tisStream(stream) &&\n\tstream.writable !== false &&\n\ttypeof stream._write === 'function' &&\n\ttypeof stream._writableState === 'object';\n\nisStream.readable = stream =>\n\tisStream(stream) &&\n\tstream.readable !== false &&\n\ttypeof stream._read === 'function' &&\n\ttypeof stream._readableState === 'object';\n\nisStream.duplex = stream =>\n\tisStream.writable(stream) &&\n\tisStream.readable(stream);\n\nisStream.transform = stream =>\n\tisStream.duplex(stream) &&\n\ttypeof stream._transform === 'function';\n\nmodule.exports = isStream;\n","'use strict';\nconst fs = require('fs');\nconst path = require('path');\nconst {promisify} = require('util');\nconst semver = require('semver');\n\nconst useNativeRecursiveOption = semver.satisfies(process.version, '>=10.12.0');\n\n// https://github.com/nodejs/node/issues/8987\n// https://github.com/libuv/libuv/pull/1088\nconst checkPath = pth => {\n\tif (process.platform === 'win32') {\n\t\tconst pathHasInvalidWinCharacters = /[<>:\"|?*]/.test(pth.replace(path.parse(pth).root, ''));\n\n\t\tif (pathHasInvalidWinCharacters) {\n\t\t\tconst error = new Error(`Path contains invalid characters: ${pth}`);\n\t\t\terror.code = 'EINVAL';\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n\nconst processOptions = options => {\n\t// https://github.com/sindresorhus/make-dir/issues/18\n\tconst defaults = {\n\t\tmode: 0o777,\n\t\tfs\n\t};\n\n\treturn {\n\t\t...defaults,\n\t\t...options\n\t};\n};\n\nconst permissionError = pth => {\n\t// This replicates the exception of `fs.mkdir` with native the\n\t// `recusive` option when run on an invalid drive under Windows.\n\tconst error = new Error(`operation not permitted, mkdir '${pth}'`);\n\terror.code = 'EPERM';\n\terror.errno = -4048;\n\terror.path = pth;\n\terror.syscall = 'mkdir';\n\treturn error;\n};\n\nconst makeDir = async (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tconst mkdir = promisify(options.fs.mkdir);\n\tconst stat = promisify(options.fs.stat);\n\n\tif (useNativeRecursiveOption && options.fs.mkdir === fs.mkdir) {\n\t\tconst pth = path.resolve(input);\n\n\t\tawait mkdir(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = async pth => {\n\t\ttry {\n\t\t\tawait mkdir(pth, options.mode);\n\n\t\t\treturn pth;\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tawait make(path.dirname(pth));\n\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tconst stats = await stat(pth);\n\t\t\t\tif (!stats.isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\treturn pth;\n\t\t}\n\t};\n\n\treturn make(path.resolve(input));\n};\n\nmodule.exports = makeDir;\n\nmodule.exports.sync = (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tif (useNativeRecursiveOption && options.fs.mkdirSync === fs.mkdirSync) {\n\t\tconst pth = path.resolve(input);\n\n\t\tfs.mkdirSync(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = pth => {\n\t\ttry {\n\t\t\toptions.fs.mkdirSync(pth, options.mode);\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tmake(path.dirname(pth));\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tif (!options.fs.statSync(pth).isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\t\t}\n\n\t\treturn pth;\n\t};\n\n\treturn make(path.resolve(input));\n};\n","/* eslint-disable node/no-deprecated-api */\n\n'use strict'\n\nvar buffer = require('buffer')\nvar Buffer = buffer.Buffer\n\nvar safer = {}\n\nvar key\n\nfor (key in buffer) {\n if (!buffer.hasOwnProperty(key)) continue\n if (key === 'SlowBuffer' || key === 'Buffer') continue\n safer[key] = buffer[key]\n}\n\nvar Safer = safer.Buffer = {}\nfor (key in Buffer) {\n if (!Buffer.hasOwnProperty(key)) continue\n if (key === 'allocUnsafe' || key === 'allocUnsafeSlow') continue\n Safer[key] = Buffer[key]\n}\n\nsafer.Buffer.prototype = Buffer.prototype\n\nif (!Safer.from || Safer.from === Uint8Array.from) {\n Safer.from = function (value, encodingOrOffset, length) {\n if (typeof value === 'number') {\n throw new TypeError('The \"value\" argument must not be of type number. Received type ' + typeof value)\n }\n if (value && typeof value.length === 'undefined') {\n throw new TypeError('The first argument must be one of type string, Buffer, ArrayBuffer, Array, or Array-like Object. Received type ' + typeof value)\n }\n return Buffer(value, encodingOrOffset, length)\n }\n}\n\nif (!Safer.alloc) {\n Safer.alloc = function (size, fill, encoding) {\n if (typeof size !== 'number') {\n throw new TypeError('The \"size\" argument must be of type number. Received type ' + typeof size)\n }\n if (size < 0 || size >= 2 * (1 << 30)) {\n throw new RangeError('The value \"' + size + '\" is invalid for option \"size\"')\n }\n var buf = Buffer(size)\n if (!fill || fill.length === 0) {\n buf.fill(0)\n } else if (typeof encoding === 'string') {\n buf.fill(fill, encoding)\n } else {\n buf.fill(fill)\n }\n return buf\n }\n}\n\nif (!safer.kStringMaxLength) {\n try {\n safer.kStringMaxLength = process.binding('buffer').kStringMaxLength\n } catch (e) {\n // we can't determine kStringMaxLength in environments where process.binding\n // is unsupported, so let's not set it\n }\n}\n\nif (!safer.constants) {\n safer.constants = {\n MAX_LENGTH: safer.kMaxLength\n }\n if (safer.kStringMaxLength) {\n safer.constants.MAX_STRING_LENGTH = safer.kStringMaxLength\n }\n}\n\nmodule.exports = safer\n","exports = module.exports = SemVer\n\nvar debug\n/* istanbul ignore next */\nif (typeof process === 'object' &&\n process.env &&\n process.env.NODE_DEBUG &&\n /\\bsemver\\b/i.test(process.env.NODE_DEBUG)) {\n debug = function () {\n var args = Array.prototype.slice.call(arguments, 0)\n args.unshift('SEMVER')\n console.log.apply(console, args)\n }\n} else {\n debug = function () {}\n}\n\n// Note: this is the semver.org version of the spec that it implements\n// Not necessarily the package version of this code.\nexports.SEMVER_SPEC_VERSION = '2.0.0'\n\nvar MAX_LENGTH = 256\nvar MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER ||\n /* istanbul ignore next */ 9007199254740991\n\n// Max safe segment length for coercion.\nvar MAX_SAFE_COMPONENT_LENGTH = 16\n\nvar MAX_SAFE_BUILD_LENGTH = MAX_LENGTH - 6\n\n// The actual regexps go on exports.re\nvar re = exports.re = []\nvar safeRe = exports.safeRe = []\nvar src = exports.src = []\nvar t = exports.tokens = {}\nvar R = 0\n\nfunction tok (n) {\n t[n] = R++\n}\n\nvar LETTERDASHNUMBER = '[a-zA-Z0-9-]'\n\n// Replace some greedy regex tokens to prevent regex dos issues. These regex are\n// used internally via the safeRe object since all inputs in this library get\n// normalized first to trim and collapse all extra whitespace. The original\n// regexes are exported for userland consumption and lower level usage. A\n// future breaking change could export the safer regex only with a note that\n// all input should have extra whitespace removed.\nvar safeRegexReplacements = [\n ['\\\\s', 1],\n ['\\\\d', MAX_LENGTH],\n [LETTERDASHNUMBER, MAX_SAFE_BUILD_LENGTH],\n]\n\nfunction makeSafeRe (value) {\n for (var i = 0; i < safeRegexReplacements.length; i++) {\n var token = safeRegexReplacements[i][0]\n var max = safeRegexReplacements[i][1]\n value = value\n .split(token + '*').join(token + '{0,' + max + '}')\n .split(token + '+').join(token + '{1,' + max + '}')\n }\n return value\n}\n\n// The following Regular Expressions can be used for tokenizing,\n// validating, and parsing SemVer version strings.\n\n// ## Numeric Identifier\n// A single `0`, or a non-zero digit followed by zero or more digits.\n\ntok('NUMERICIDENTIFIER')\nsrc[t.NUMERICIDENTIFIER] = '0|[1-9]\\\\d*'\ntok('NUMERICIDENTIFIERLOOSE')\nsrc[t.NUMERICIDENTIFIERLOOSE] = '\\\\d+'\n\n// ## Non-numeric Identifier\n// Zero or more digits, followed by a letter or hyphen, and then zero or\n// more letters, digits, or hyphens.\n\ntok('NONNUMERICIDENTIFIER')\nsrc[t.NONNUMERICIDENTIFIER] = '\\\\d*[a-zA-Z-]' + LETTERDASHNUMBER + '*'\n\n// ## Main Version\n// Three dot-separated numeric identifiers.\n\ntok('MAINVERSION')\nsrc[t.MAINVERSION] = '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIER] + ')'\n\ntok('MAINVERSIONLOOSE')\nsrc[t.MAINVERSIONLOOSE] = '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')'\n\n// ## Pre-release Version Identifier\n// A numeric identifier, or a non-numeric identifier.\n\ntok('PRERELEASEIDENTIFIER')\nsrc[t.PRERELEASEIDENTIFIER] = '(?:' + src[t.NUMERICIDENTIFIER] +\n '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\ntok('PRERELEASEIDENTIFIERLOOSE')\nsrc[t.PRERELEASEIDENTIFIERLOOSE] = '(?:' + src[t.NUMERICIDENTIFIERLOOSE] +\n '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\n// ## Pre-release Version\n// Hyphen, followed by one or more dot-separated pre-release version\n// identifiers.\n\ntok('PRERELEASE')\nsrc[t.PRERELEASE] = '(?:-(' + src[t.PRERELEASEIDENTIFIER] +\n '(?:\\\\.' + src[t.PRERELEASEIDENTIFIER] + ')*))'\n\ntok('PRERELEASELOOSE')\nsrc[t.PRERELEASELOOSE] = '(?:-?(' + src[t.PRERELEASEIDENTIFIERLOOSE] +\n '(?:\\\\.' + src[t.PRERELEASEIDENTIFIERLOOSE] + ')*))'\n\n// ## Build Metadata Identifier\n// Any combination of digits, letters, or hyphens.\n\ntok('BUILDIDENTIFIER')\nsrc[t.BUILDIDENTIFIER] = LETTERDASHNUMBER + '+'\n\n// ## Build Metadata\n// Plus sign, followed by one or more period-separated build metadata\n// identifiers.\n\ntok('BUILD')\nsrc[t.BUILD] = '(?:\\\\+(' + src[t.BUILDIDENTIFIER] +\n '(?:\\\\.' + src[t.BUILDIDENTIFIER] + ')*))'\n\n// ## Full Version String\n// A main version, followed optionally by a pre-release version and\n// build metadata.\n\n// Note that the only major, minor, patch, and pre-release sections of\n// the version string are capturing groups. The build metadata is not a\n// capturing group, because it should not ever be used in version\n// comparison.\n\ntok('FULL')\ntok('FULLPLAIN')\nsrc[t.FULLPLAIN] = 'v?' + src[t.MAINVERSION] +\n src[t.PRERELEASE] + '?' +\n src[t.BUILD] + '?'\n\nsrc[t.FULL] = '^' + src[t.FULLPLAIN] + '$'\n\n// like full, but allows v1.2.3 and =1.2.3, which people do sometimes.\n// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty\n// common in the npm registry.\ntok('LOOSEPLAIN')\nsrc[t.LOOSEPLAIN] = '[v=\\\\s]*' + src[t.MAINVERSIONLOOSE] +\n src[t.PRERELEASELOOSE] + '?' +\n src[t.BUILD] + '?'\n\ntok('LOOSE')\nsrc[t.LOOSE] = '^' + src[t.LOOSEPLAIN] + '$'\n\ntok('GTLT')\nsrc[t.GTLT] = '((?:<|>)?=?)'\n\n// Something like \"2.*\" or \"1.2.x\".\n// Note that \"x.x\" is a valid xRange identifer, meaning \"any version\"\n// Only the first item is strictly required.\ntok('XRANGEIDENTIFIERLOOSE')\nsrc[t.XRANGEIDENTIFIERLOOSE] = src[t.NUMERICIDENTIFIERLOOSE] + '|x|X|\\\\*'\ntok('XRANGEIDENTIFIER')\nsrc[t.XRANGEIDENTIFIER] = src[t.NUMERICIDENTIFIER] + '|x|X|\\\\*'\n\ntok('XRANGEPLAIN')\nsrc[t.XRANGEPLAIN] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIER] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n '(?:' + src[t.PRERELEASE] + ')?' +\n src[t.BUILD] + '?' +\n ')?)?'\n\ntok('XRANGEPLAINLOOSE')\nsrc[t.XRANGEPLAINLOOSE] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n '(?:' + src[t.PRERELEASELOOSE] + ')?' +\n src[t.BUILD] + '?' +\n ')?)?'\n\ntok('XRANGE')\nsrc[t.XRANGE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAIN] + '$'\ntok('XRANGELOOSE')\nsrc[t.XRANGELOOSE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Coercion.\n// Extract anything that could conceivably be a part of a valid semver\ntok('COERCE')\nsrc[t.COERCE] = '(^|[^\\\\d])' +\n '(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '})' +\n '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n '(?:$|[^\\\\d])'\ntok('COERCERTL')\nre[t.COERCERTL] = new RegExp(src[t.COERCE], 'g')\nsafeRe[t.COERCERTL] = new RegExp(makeSafeRe(src[t.COERCE]), 'g')\n\n// Tilde ranges.\n// Meaning is \"reasonably at or greater than\"\ntok('LONETILDE')\nsrc[t.LONETILDE] = '(?:~>?)'\n\ntok('TILDETRIM')\nsrc[t.TILDETRIM] = '(\\\\s*)' + src[t.LONETILDE] + '\\\\s+'\nre[t.TILDETRIM] = new RegExp(src[t.TILDETRIM], 'g')\nsafeRe[t.TILDETRIM] = new RegExp(makeSafeRe(src[t.TILDETRIM]), 'g')\nvar tildeTrimReplace = '$1~'\n\ntok('TILDE')\nsrc[t.TILDE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAIN] + '$'\ntok('TILDELOOSE')\nsrc[t.TILDELOOSE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Caret ranges.\n// Meaning is \"at least and backwards compatible with\"\ntok('LONECARET')\nsrc[t.LONECARET] = '(?:\\\\^)'\n\ntok('CARETTRIM')\nsrc[t.CARETTRIM] = '(\\\\s*)' + src[t.LONECARET] + '\\\\s+'\nre[t.CARETTRIM] = new RegExp(src[t.CARETTRIM], 'g')\nsafeRe[t.CARETTRIM] = new RegExp(makeSafeRe(src[t.CARETTRIM]), 'g')\nvar caretTrimReplace = '$1^'\n\ntok('CARET')\nsrc[t.CARET] = '^' + src[t.LONECARET] + src[t.XRANGEPLAIN] + '$'\ntok('CARETLOOSE')\nsrc[t.CARETLOOSE] = '^' + src[t.LONECARET] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// A simple gt/lt/eq thing, or just \"\" to indicate \"any version\"\ntok('COMPARATORLOOSE')\nsrc[t.COMPARATORLOOSE] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.LOOSEPLAIN] + ')$|^$'\ntok('COMPARATOR')\nsrc[t.COMPARATOR] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.FULLPLAIN] + ')$|^$'\n\n// An expression to strip any whitespace between the gtlt and the thing\n// it modifies, so that `> 1.2.3` ==> `>1.2.3`\ntok('COMPARATORTRIM')\nsrc[t.COMPARATORTRIM] = '(\\\\s*)' + src[t.GTLT] +\n '\\\\s*(' + src[t.LOOSEPLAIN] + '|' + src[t.XRANGEPLAIN] + ')'\n\n// this one has to use the /g flag\nre[t.COMPARATORTRIM] = new RegExp(src[t.COMPARATORTRIM], 'g')\nsafeRe[t.COMPARATORTRIM] = new RegExp(makeSafeRe(src[t.COMPARATORTRIM]), 'g')\nvar comparatorTrimReplace = '$1$2$3'\n\n// Something like `1.2.3 - 1.2.4`\n// Note that these all use the loose form, because they'll be\n// checked against either the strict or loose comparator form\n// later.\ntok('HYPHENRANGE')\nsrc[t.HYPHENRANGE] = '^\\\\s*(' + src[t.XRANGEPLAIN] + ')' +\n '\\\\s+-\\\\s+' +\n '(' + src[t.XRANGEPLAIN] + ')' +\n '\\\\s*$'\n\ntok('HYPHENRANGELOOSE')\nsrc[t.HYPHENRANGELOOSE] = '^\\\\s*(' + src[t.XRANGEPLAINLOOSE] + ')' +\n '\\\\s+-\\\\s+' +\n '(' + src[t.XRANGEPLAINLOOSE] + ')' +\n '\\\\s*$'\n\n// Star ranges basically just allow anything at all.\ntok('STAR')\nsrc[t.STAR] = '(<|>)?=?\\\\s*\\\\*'\n\n// Compile to actual regexp objects.\n// All are flag-free, unless they were created above with a flag.\nfor (var i = 0; i < R; i++) {\n debug(i, src[i])\n if (!re[i]) {\n re[i] = new RegExp(src[i])\n\n // Replace all greedy whitespace to prevent regex dos issues. These regex are\n // used internally via the safeRe object since all inputs in this library get\n // normalized first to trim and collapse all extra whitespace. The original\n // regexes are exported for userland consumption and lower level usage. A\n // future breaking change could export the safer regex only with a note that\n // all input should have extra whitespace removed.\n safeRe[i] = new RegExp(makeSafeRe(src[i]))\n }\n}\n\nexports.parse = parse\nfunction parse (version, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n if (version instanceof SemVer) {\n return version\n }\n\n if (typeof version !== 'string') {\n return null\n }\n\n if (version.length > MAX_LENGTH) {\n return null\n }\n\n var r = options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL]\n if (!r.test(version)) {\n return null\n }\n\n try {\n return new SemVer(version, options)\n } catch (er) {\n return null\n }\n}\n\nexports.valid = valid\nfunction valid (version, options) {\n var v = parse(version, options)\n return v ? v.version : null\n}\n\nexports.clean = clean\nfunction clean (version, options) {\n var s = parse(version.trim().replace(/^[=v]+/, ''), options)\n return s ? s.version : null\n}\n\nexports.SemVer = SemVer\n\nfunction SemVer (version, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n if (version instanceof SemVer) {\n if (version.loose === options.loose) {\n return version\n } else {\n version = version.version\n }\n } else if (typeof version !== 'string') {\n throw new TypeError('Invalid Version: ' + version)\n }\n\n if (version.length > MAX_LENGTH) {\n throw new TypeError('version is longer than ' + MAX_LENGTH + ' characters')\n }\n\n if (!(this instanceof SemVer)) {\n return new SemVer(version, options)\n }\n\n debug('SemVer', version, options)\n this.options = options\n this.loose = !!options.loose\n\n var m = version.trim().match(options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL])\n\n if (!m) {\n throw new TypeError('Invalid Version: ' + version)\n }\n\n this.raw = version\n\n // these are actually numbers\n this.major = +m[1]\n this.minor = +m[2]\n this.patch = +m[3]\n\n if (this.major > MAX_SAFE_INTEGER || this.major < 0) {\n throw new TypeError('Invalid major version')\n }\n\n if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) {\n throw new TypeError('Invalid minor version')\n }\n\n if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) {\n throw new TypeError('Invalid patch version')\n }\n\n // numberify any prerelease numeric ids\n if (!m[4]) {\n this.prerelease = []\n } else {\n this.prerelease = m[4].split('.').map(function (id) {\n if (/^[0-9]+$/.test(id)) {\n var num = +id\n if (num >= 0 && num < MAX_SAFE_INTEGER) {\n return num\n }\n }\n return id\n })\n }\n\n this.build = m[5] ? m[5].split('.') : []\n this.format()\n}\n\nSemVer.prototype.format = function () {\n this.version = this.major + '.' + this.minor + '.' + this.patch\n if (this.prerelease.length) {\n this.version += '-' + this.prerelease.join('.')\n }\n return this.version\n}\n\nSemVer.prototype.toString = function () {\n return this.version\n}\n\nSemVer.prototype.compare = function (other) {\n debug('SemVer.compare', this.version, this.options, other)\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n return this.compareMain(other) || this.comparePre(other)\n}\n\nSemVer.prototype.compareMain = function (other) {\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n return compareIdentifiers(this.major, other.major) ||\n compareIdentifiers(this.minor, other.minor) ||\n compareIdentifiers(this.patch, other.patch)\n}\n\nSemVer.prototype.comparePre = function (other) {\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n // NOT having a prerelease is > having one\n if (this.prerelease.length && !other.prerelease.length) {\n return -1\n } else if (!this.prerelease.length && other.prerelease.length) {\n return 1\n } else if (!this.prerelease.length && !other.prerelease.length) {\n return 0\n }\n\n var i = 0\n do {\n var a = this.prerelease[i]\n var b = other.prerelease[i]\n debug('prerelease compare', i, a, b)\n if (a === undefined && b === undefined) {\n return 0\n } else if (b === undefined) {\n return 1\n } else if (a === undefined) {\n return -1\n } else if (a === b) {\n continue\n } else {\n return compareIdentifiers(a, b)\n }\n } while (++i)\n}\n\nSemVer.prototype.compareBuild = function (other) {\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n var i = 0\n do {\n var a = this.build[i]\n var b = other.build[i]\n debug('prerelease compare', i, a, b)\n if (a === undefined && b === undefined) {\n return 0\n } else if (b === undefined) {\n return 1\n } else if (a === undefined) {\n return -1\n } else if (a === b) {\n continue\n } else {\n return compareIdentifiers(a, b)\n }\n } while (++i)\n}\n\n// preminor will bump the version up to the next minor release, and immediately\n// down to pre-release. premajor and prepatch work the same way.\nSemVer.prototype.inc = function (release, identifier) {\n switch (release) {\n case 'premajor':\n this.prerelease.length = 0\n this.patch = 0\n this.minor = 0\n this.major++\n this.inc('pre', identifier)\n break\n case 'preminor':\n this.prerelease.length = 0\n this.patch = 0\n this.minor++\n this.inc('pre', identifier)\n break\n case 'prepatch':\n // If this is already a prerelease, it will bump to the next version\n // drop any prereleases that might already exist, since they are not\n // relevant at this point.\n this.prerelease.length = 0\n this.inc('patch', identifier)\n this.inc('pre', identifier)\n break\n // If the input is a non-prerelease version, this acts the same as\n // prepatch.\n case 'prerelease':\n if (this.prerelease.length === 0) {\n this.inc('patch', identifier)\n }\n this.inc('pre', identifier)\n break\n\n case 'major':\n // If this is a pre-major version, bump up to the same major version.\n // Otherwise increment major.\n // 1.0.0-5 bumps to 1.0.0\n // 1.1.0 bumps to 2.0.0\n if (this.minor !== 0 ||\n this.patch !== 0 ||\n this.prerelease.length === 0) {\n this.major++\n }\n this.minor = 0\n this.patch = 0\n this.prerelease = []\n break\n case 'minor':\n // If this is a pre-minor version, bump up to the same minor version.\n // Otherwise increment minor.\n // 1.2.0-5 bumps to 1.2.0\n // 1.2.1 bumps to 1.3.0\n if (this.patch !== 0 || this.prerelease.length === 0) {\n this.minor++\n }\n this.patch = 0\n this.prerelease = []\n break\n case 'patch':\n // If this is not a pre-release version, it will increment the patch.\n // If it is a pre-release it will bump up to the same patch version.\n // 1.2.0-5 patches to 1.2.0\n // 1.2.0 patches to 1.2.1\n if (this.prerelease.length === 0) {\n this.patch++\n }\n this.prerelease = []\n break\n // This probably shouldn't be used publicly.\n // 1.0.0 \"pre\" would become 1.0.0-0 which is the wrong direction.\n case 'pre':\n if (this.prerelease.length === 0) {\n this.prerelease = [0]\n } else {\n var i = this.prerelease.length\n while (--i >= 0) {\n if (typeof this.prerelease[i] === 'number') {\n this.prerelease[i]++\n i = -2\n }\n }\n if (i === -1) {\n // didn't increment anything\n this.prerelease.push(0)\n }\n }\n if (identifier) {\n // 1.2.0-beta.1 bumps to 1.2.0-beta.2,\n // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0\n if (this.prerelease[0] === identifier) {\n if (isNaN(this.prerelease[1])) {\n this.prerelease = [identifier, 0]\n }\n } else {\n this.prerelease = [identifier, 0]\n }\n }\n break\n\n default:\n throw new Error('invalid increment argument: ' + release)\n }\n this.format()\n this.raw = this.version\n return this\n}\n\nexports.inc = inc\nfunction inc (version, release, loose, identifier) {\n if (typeof (loose) === 'string') {\n identifier = loose\n loose = undefined\n }\n\n try {\n return new SemVer(version, loose).inc(release, identifier).version\n } catch (er) {\n return null\n }\n}\n\nexports.diff = diff\nfunction diff (version1, version2) {\n if (eq(version1, version2)) {\n return null\n } else {\n var v1 = parse(version1)\n var v2 = parse(version2)\n var prefix = ''\n if (v1.prerelease.length || v2.prerelease.length) {\n prefix = 'pre'\n var defaultResult = 'prerelease'\n }\n for (var key in v1) {\n if (key === 'major' || key === 'minor' || key === 'patch') {\n if (v1[key] !== v2[key]) {\n return prefix + key\n }\n }\n }\n return defaultResult // may be undefined\n }\n}\n\nexports.compareIdentifiers = compareIdentifiers\n\nvar numeric = /^[0-9]+$/\nfunction compareIdentifiers (a, b) {\n var anum = numeric.test(a)\n var bnum = numeric.test(b)\n\n if (anum && bnum) {\n a = +a\n b = +b\n }\n\n return a === b ? 0\n : (anum && !bnum) ? -1\n : (bnum && !anum) ? 1\n : a < b ? -1\n : 1\n}\n\nexports.rcompareIdentifiers = rcompareIdentifiers\nfunction rcompareIdentifiers (a, b) {\n return compareIdentifiers(b, a)\n}\n\nexports.major = major\nfunction major (a, loose) {\n return new SemVer(a, loose).major\n}\n\nexports.minor = minor\nfunction minor (a, loose) {\n return new SemVer(a, loose).minor\n}\n\nexports.patch = patch\nfunction patch (a, loose) {\n return new SemVer(a, loose).patch\n}\n\nexports.compare = compare\nfunction compare (a, b, loose) {\n return new SemVer(a, loose).compare(new SemVer(b, loose))\n}\n\nexports.compareLoose = compareLoose\nfunction compareLoose (a, b) {\n return compare(a, b, true)\n}\n\nexports.compareBuild = compareBuild\nfunction compareBuild (a, b, loose) {\n var versionA = new SemVer(a, loose)\n var versionB = new SemVer(b, loose)\n return versionA.compare(versionB) || versionA.compareBuild(versionB)\n}\n\nexports.rcompare = rcompare\nfunction rcompare (a, b, loose) {\n return compare(b, a, loose)\n}\n\nexports.sort = sort\nfunction sort (list, loose) {\n return list.sort(function (a, b) {\n return exports.compareBuild(a, b, loose)\n })\n}\n\nexports.rsort = rsort\nfunction rsort (list, loose) {\n return list.sort(function (a, b) {\n return exports.compareBuild(b, a, loose)\n })\n}\n\nexports.gt = gt\nfunction gt (a, b, loose) {\n return compare(a, b, loose) > 0\n}\n\nexports.lt = lt\nfunction lt (a, b, loose) {\n return compare(a, b, loose) < 0\n}\n\nexports.eq = eq\nfunction eq (a, b, loose) {\n return compare(a, b, loose) === 0\n}\n\nexports.neq = neq\nfunction neq (a, b, loose) {\n return compare(a, b, loose) !== 0\n}\n\nexports.gte = gte\nfunction gte (a, b, loose) {\n return compare(a, b, loose) >= 0\n}\n\nexports.lte = lte\nfunction lte (a, b, loose) {\n return compare(a, b, loose) <= 0\n}\n\nexports.cmp = cmp\nfunction cmp (a, op, b, loose) {\n switch (op) {\n case '===':\n if (typeof a === 'object')\n a = a.version\n if (typeof b === 'object')\n b = b.version\n return a === b\n\n case '!==':\n if (typeof a === 'object')\n a = a.version\n if (typeof b === 'object')\n b = b.version\n return a !== b\n\n case '':\n case '=':\n case '==':\n return eq(a, b, loose)\n\n case '!=':\n return neq(a, b, loose)\n\n case '>':\n return gt(a, b, loose)\n\n case '>=':\n return gte(a, b, loose)\n\n case '<':\n return lt(a, b, loose)\n\n case '<=':\n return lte(a, b, loose)\n\n default:\n throw new TypeError('Invalid operator: ' + op)\n }\n}\n\nexports.Comparator = Comparator\nfunction Comparator (comp, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n if (comp instanceof Comparator) {\n if (comp.loose === !!options.loose) {\n return comp\n } else {\n comp = comp.value\n }\n }\n\n if (!(this instanceof Comparator)) {\n return new Comparator(comp, options)\n }\n\n comp = comp.trim().split(/\\s+/).join(' ')\n debug('comparator', comp, options)\n this.options = options\n this.loose = !!options.loose\n this.parse(comp)\n\n if (this.semver === ANY) {\n this.value = ''\n } else {\n this.value = this.operator + this.semver.version\n }\n\n debug('comp', this)\n}\n\nvar ANY = {}\nComparator.prototype.parse = function (comp) {\n var r = this.options.loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]\n var m = comp.match(r)\n\n if (!m) {\n throw new TypeError('Invalid comparator: ' + comp)\n }\n\n this.operator = m[1] !== undefined ? m[1] : ''\n if (this.operator === '=') {\n this.operator = ''\n }\n\n // if it literally is just '>' or '' then allow anything.\n if (!m[2]) {\n this.semver = ANY\n } else {\n this.semver = new SemVer(m[2], this.options.loose)\n }\n}\n\nComparator.prototype.toString = function () {\n return this.value\n}\n\nComparator.prototype.test = function (version) {\n debug('Comparator.test', version, this.options.loose)\n\n if (this.semver === ANY || version === ANY) {\n return true\n }\n\n if (typeof version === 'string') {\n try {\n version = new SemVer(version, this.options)\n } catch (er) {\n return false\n }\n }\n\n return cmp(version, this.operator, this.semver, this.options)\n}\n\nComparator.prototype.intersects = function (comp, options) {\n if (!(comp instanceof Comparator)) {\n throw new TypeError('a Comparator is required')\n }\n\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n var rangeTmp\n\n if (this.operator === '') {\n if (this.value === '') {\n return true\n }\n rangeTmp = new Range(comp.value, options)\n return satisfies(this.value, rangeTmp, options)\n } else if (comp.operator === '') {\n if (comp.value === '') {\n return true\n }\n rangeTmp = new Range(this.value, options)\n return satisfies(comp.semver, rangeTmp, options)\n }\n\n var sameDirectionIncreasing =\n (this.operator === '>=' || this.operator === '>') &&\n (comp.operator === '>=' || comp.operator === '>')\n var sameDirectionDecreasing =\n (this.operator === '<=' || this.operator === '<') &&\n (comp.operator === '<=' || comp.operator === '<')\n var sameSemVer = this.semver.version === comp.semver.version\n var differentDirectionsInclusive =\n (this.operator === '>=' || this.operator === '<=') &&\n (comp.operator === '>=' || comp.operator === '<=')\n var oppositeDirectionsLessThan =\n cmp(this.semver, '<', comp.semver, options) &&\n ((this.operator === '>=' || this.operator === '>') &&\n (comp.operator === '<=' || comp.operator === '<'))\n var oppositeDirectionsGreaterThan =\n cmp(this.semver, '>', comp.semver, options) &&\n ((this.operator === '<=' || this.operator === '<') &&\n (comp.operator === '>=' || comp.operator === '>'))\n\n return sameDirectionIncreasing || sameDirectionDecreasing ||\n (sameSemVer && differentDirectionsInclusive) ||\n oppositeDirectionsLessThan || oppositeDirectionsGreaterThan\n}\n\nexports.Range = Range\nfunction Range (range, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n if (range instanceof Range) {\n if (range.loose === !!options.loose &&\n range.includePrerelease === !!options.includePrerelease) {\n return range\n } else {\n return new Range(range.raw, options)\n }\n }\n\n if (range instanceof Comparator) {\n return new Range(range.value, options)\n }\n\n if (!(this instanceof Range)) {\n return new Range(range, options)\n }\n\n this.options = options\n this.loose = !!options.loose\n this.includePrerelease = !!options.includePrerelease\n\n // First reduce all whitespace as much as possible so we do not have to rely\n // on potentially slow regexes like \\s*. This is then stored and used for\n // future error messages as well.\n this.raw = range\n .trim()\n .split(/\\s+/)\n .join(' ')\n\n // First, split based on boolean or ||\n this.set = this.raw.split('||').map(function (range) {\n return this.parseRange(range.trim())\n }, this).filter(function (c) {\n // throw out any that are not relevant for whatever reason\n return c.length\n })\n\n if (!this.set.length) {\n throw new TypeError('Invalid SemVer Range: ' + this.raw)\n }\n\n this.format()\n}\n\nRange.prototype.format = function () {\n this.range = this.set.map(function (comps) {\n return comps.join(' ').trim()\n }).join('||').trim()\n return this.range\n}\n\nRange.prototype.toString = function () {\n return this.range\n}\n\nRange.prototype.parseRange = function (range) {\n var loose = this.options.loose\n // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4`\n var hr = loose ? safeRe[t.HYPHENRANGELOOSE] : safeRe[t.HYPHENRANGE]\n range = range.replace(hr, hyphenReplace)\n debug('hyphen replace', range)\n // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5`\n range = range.replace(safeRe[t.COMPARATORTRIM], comparatorTrimReplace)\n debug('comparator trim', range, safeRe[t.COMPARATORTRIM])\n\n // `~ 1.2.3` => `~1.2.3`\n range = range.replace(safeRe[t.TILDETRIM], tildeTrimReplace)\n\n // `^ 1.2.3` => `^1.2.3`\n range = range.replace(safeRe[t.CARETTRIM], caretTrimReplace)\n\n // normalize spaces\n range = range.split(/\\s+/).join(' ')\n\n // At this point, the range is completely trimmed and\n // ready to be split into comparators.\n\n var compRe = loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]\n var set = range.split(' ').map(function (comp) {\n return parseComparator(comp, this.options)\n }, this).join(' ').split(/\\s+/)\n if (this.options.loose) {\n // in loose mode, throw out any that are not valid comparators\n set = set.filter(function (comp) {\n return !!comp.match(compRe)\n })\n }\n set = set.map(function (comp) {\n return new Comparator(comp, this.options)\n }, this)\n\n return set\n}\n\nRange.prototype.intersects = function (range, options) {\n if (!(range instanceof Range)) {\n throw new TypeError('a Range is required')\n }\n\n return this.set.some(function (thisComparators) {\n return (\n isSatisfiable(thisComparators, options) &&\n range.set.some(function (rangeComparators) {\n return (\n isSatisfiable(rangeComparators, options) &&\n thisComparators.every(function (thisComparator) {\n return rangeComparators.every(function (rangeComparator) {\n return thisComparator.intersects(rangeComparator, options)\n })\n })\n )\n })\n )\n })\n}\n\n// take a set of comparators and determine whether there\n// exists a version which can satisfy it\nfunction isSatisfiable (comparators, options) {\n var result = true\n var remainingComparators = comparators.slice()\n var testComparator = remainingComparators.pop()\n\n while (result && remainingComparators.length) {\n result = remainingComparators.every(function (otherComparator) {\n return testComparator.intersects(otherComparator, options)\n })\n\n testComparator = remainingComparators.pop()\n }\n\n return result\n}\n\n// Mostly just for testing and legacy API reasons\nexports.toComparators = toComparators\nfunction toComparators (range, options) {\n return new Range(range, options).set.map(function (comp) {\n return comp.map(function (c) {\n return c.value\n }).join(' ').trim().split(' ')\n })\n}\n\n// comprised of xranges, tildes, stars, and gtlt's at this point.\n// already replaced the hyphen ranges\n// turn into a set of JUST comparators.\nfunction parseComparator (comp, options) {\n debug('comp', comp, options)\n comp = replaceCarets(comp, options)\n debug('caret', comp)\n comp = replaceTildes(comp, options)\n debug('tildes', comp)\n comp = replaceXRanges(comp, options)\n debug('xrange', comp)\n comp = replaceStars(comp, options)\n debug('stars', comp)\n return comp\n}\n\nfunction isX (id) {\n return !id || id.toLowerCase() === 'x' || id === '*'\n}\n\n// ~, ~> --> * (any, kinda silly)\n// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0\n// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0\n// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0\n// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0\n// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0\nfunction replaceTildes (comp, options) {\n return comp.trim().split(/\\s+/).map(function (comp) {\n return replaceTilde(comp, options)\n }).join(' ')\n}\n\nfunction replaceTilde (comp, options) {\n var r = options.loose ? safeRe[t.TILDELOOSE] : safeRe[t.TILDE]\n return comp.replace(r, function (_, M, m, p, pr) {\n debug('tilde', comp, _, M, m, p, pr)\n var ret\n\n if (isX(M)) {\n ret = ''\n } else if (isX(m)) {\n ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n } else if (isX(p)) {\n // ~1.2 == >=1.2.0 <1.3.0\n ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n } else if (pr) {\n debug('replaceTilde pr', pr)\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + M + '.' + (+m + 1) + '.0'\n } else {\n // ~1.2.3 == >=1.2.3 <1.3.0\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + M + '.' + (+m + 1) + '.0'\n }\n\n debug('tilde return', ret)\n return ret\n })\n}\n\n// ^ --> * (any, kinda silly)\n// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0\n// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0\n// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0\n// ^1.2.3 --> >=1.2.3 <2.0.0\n// ^1.2.0 --> >=1.2.0 <2.0.0\nfunction replaceCarets (comp, options) {\n return comp.trim().split(/\\s+/).map(function (comp) {\n return replaceCaret(comp, options)\n }).join(' ')\n}\n\nfunction replaceCaret (comp, options) {\n debug('caret', comp, options)\n var r = options.loose ? safeRe[t.CARETLOOSE] : safeRe[t.CARET]\n return comp.replace(r, function (_, M, m, p, pr) {\n debug('caret', comp, _, M, m, p, pr)\n var ret\n\n if (isX(M)) {\n ret = ''\n } else if (isX(m)) {\n ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n } else if (isX(p)) {\n if (M === '0') {\n ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n } else {\n ret = '>=' + M + '.' + m + '.0 <' + (+M + 1) + '.0.0'\n }\n } else if (pr) {\n debug('replaceCaret pr', pr)\n if (M === '0') {\n if (m === '0') {\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + M + '.' + m + '.' + (+p + 1)\n } else {\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + M + '.' + (+m + 1) + '.0'\n }\n } else {\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + (+M + 1) + '.0.0'\n }\n } else {\n debug('no pr')\n if (M === '0') {\n if (m === '0') {\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + M + '.' + m + '.' + (+p + 1)\n } else {\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + M + '.' + (+m + 1) + '.0'\n }\n } else {\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + (+M + 1) + '.0.0'\n }\n }\n\n debug('caret return', ret)\n return ret\n })\n}\n\nfunction replaceXRanges (comp, options) {\n debug('replaceXRanges', comp, options)\n return comp.split(/\\s+/).map(function (comp) {\n return replaceXRange(comp, options)\n }).join(' ')\n}\n\nfunction replaceXRange (comp, options) {\n comp = comp.trim()\n var r = options.loose ? safeRe[t.XRANGELOOSE] : safeRe[t.XRANGE]\n return comp.replace(r, function (ret, gtlt, M, m, p, pr) {\n debug('xRange', comp, ret, gtlt, M, m, p, pr)\n var xM = isX(M)\n var xm = xM || isX(m)\n var xp = xm || isX(p)\n var anyX = xp\n\n if (gtlt === '=' && anyX) {\n gtlt = ''\n }\n\n // if we're including prereleases in the match, then we need\n // to fix this to -0, the lowest possible prerelease value\n pr = options.includePrerelease ? '-0' : ''\n\n if (xM) {\n if (gtlt === '>' || gtlt === '<') {\n // nothing is allowed\n ret = '<0.0.0-0'\n } else {\n // nothing is forbidden\n ret = '*'\n }\n } else if (gtlt && anyX) {\n // we know patch is an x, because we have any x at all.\n // replace X with 0\n if (xm) {\n m = 0\n }\n p = 0\n\n if (gtlt === '>') {\n // >1 => >=2.0.0\n // >1.2 => >=1.3.0\n // >1.2.3 => >= 1.2.4\n gtlt = '>='\n if (xm) {\n M = +M + 1\n m = 0\n p = 0\n } else {\n m = +m + 1\n p = 0\n }\n } else if (gtlt === '<=') {\n // <=0.7.x is actually <0.8.0, since any 0.7.x should\n // pass. Similarly, <=7.x is actually <8.0.0, etc.\n gtlt = '<'\n if (xm) {\n M = +M + 1\n } else {\n m = +m + 1\n }\n }\n\n ret = gtlt + M + '.' + m + '.' + p + pr\n } else if (xm) {\n ret = '>=' + M + '.0.0' + pr + ' <' + (+M + 1) + '.0.0' + pr\n } else if (xp) {\n ret = '>=' + M + '.' + m + '.0' + pr +\n ' <' + M + '.' + (+m + 1) + '.0' + pr\n }\n\n debug('xRange return', ret)\n\n return ret\n })\n}\n\n// Because * is AND-ed with everything else in the comparator,\n// and '' means \"any version\", just remove the *s entirely.\nfunction replaceStars (comp, options) {\n debug('replaceStars', comp, options)\n // Looseness is ignored here. star is always as loose as it gets!\n return comp.trim().replace(safeRe[t.STAR], '')\n}\n\n// This function is passed to string.replace(re[t.HYPHENRANGE])\n// M, m, patch, prerelease, build\n// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5\n// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do\n// 1.2 - 3.4 => >=1.2.0 <3.5.0\nfunction hyphenReplace ($0,\n from, fM, fm, fp, fpr, fb,\n to, tM, tm, tp, tpr, tb) {\n if (isX(fM)) {\n from = ''\n } else if (isX(fm)) {\n from = '>=' + fM + '.0.0'\n } else if (isX(fp)) {\n from = '>=' + fM + '.' + fm + '.0'\n } else {\n from = '>=' + from\n }\n\n if (isX(tM)) {\n to = ''\n } else if (isX(tm)) {\n to = '<' + (+tM + 1) + '.0.0'\n } else if (isX(tp)) {\n to = '<' + tM + '.' + (+tm + 1) + '.0'\n } else if (tpr) {\n to = '<=' + tM + '.' + tm + '.' + tp + '-' + tpr\n } else {\n to = '<=' + to\n }\n\n return (from + ' ' + to).trim()\n}\n\n// if ANY of the sets match ALL of its comparators, then pass\nRange.prototype.test = function (version) {\n if (!version) {\n return false\n }\n\n if (typeof version === 'string') {\n try {\n version = new SemVer(version, this.options)\n } catch (er) {\n return false\n }\n }\n\n for (var i = 0; i < this.set.length; i++) {\n if (testSet(this.set[i], version, this.options)) {\n return true\n }\n }\n return false\n}\n\nfunction testSet (set, version, options) {\n for (var i = 0; i < set.length; i++) {\n if (!set[i].test(version)) {\n return false\n }\n }\n\n if (version.prerelease.length && !options.includePrerelease) {\n // Find the set of versions that are allowed to have prereleases\n // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0\n // That should allow `1.2.3-pr.2` to pass.\n // However, `1.2.4-alpha.notready` should NOT be allowed,\n // even though it's within the range set by the comparators.\n for (i = 0; i < set.length; i++) {\n debug(set[i].semver)\n if (set[i].semver === ANY) {\n continue\n }\n\n if (set[i].semver.prerelease.length > 0) {\n var allowed = set[i].semver\n if (allowed.major === version.major &&\n allowed.minor === version.minor &&\n allowed.patch === version.patch) {\n return true\n }\n }\n }\n\n // Version has a -pre, but it's not one of the ones we like.\n return false\n }\n\n return true\n}\n\nexports.satisfies = satisfies\nfunction satisfies (version, range, options) {\n try {\n range = new Range(range, options)\n } catch (er) {\n return false\n }\n return range.test(version)\n}\n\nexports.maxSatisfying = maxSatisfying\nfunction maxSatisfying (versions, range, options) {\n var max = null\n var maxSV = null\n try {\n var rangeObj = new Range(range, options)\n } catch (er) {\n return null\n }\n versions.forEach(function (v) {\n if (rangeObj.test(v)) {\n // satisfies(v, range, options)\n if (!max || maxSV.compare(v) === -1) {\n // compare(max, v, true)\n max = v\n maxSV = new SemVer(max, options)\n }\n }\n })\n return max\n}\n\nexports.minSatisfying = minSatisfying\nfunction minSatisfying (versions, range, options) {\n var min = null\n var minSV = null\n try {\n var rangeObj = new Range(range, options)\n } catch (er) {\n return null\n }\n versions.forEach(function (v) {\n if (rangeObj.test(v)) {\n // satisfies(v, range, options)\n if (!min || minSV.compare(v) === 1) {\n // compare(min, v, true)\n min = v\n minSV = new SemVer(min, options)\n }\n }\n })\n return min\n}\n\nexports.minVersion = minVersion\nfunction minVersion (range, loose) {\n range = new Range(range, loose)\n\n var minver = new SemVer('0.0.0')\n if (range.test(minver)) {\n return minver\n }\n\n minver = new SemVer('0.0.0-0')\n if (range.test(minver)) {\n return minver\n }\n\n minver = null\n for (var i = 0; i < range.set.length; ++i) {\n var comparators = range.set[i]\n\n comparators.forEach(function (comparator) {\n // Clone to avoid manipulating the comparator's semver object.\n var compver = new SemVer(comparator.semver.version)\n switch (comparator.operator) {\n case '>':\n if (compver.prerelease.length === 0) {\n compver.patch++\n } else {\n compver.prerelease.push(0)\n }\n compver.raw = compver.format()\n /* fallthrough */\n case '':\n case '>=':\n if (!minver || gt(minver, compver)) {\n minver = compver\n }\n break\n case '<':\n case '<=':\n /* Ignore maximum versions */\n break\n /* istanbul ignore next */\n default:\n throw new Error('Unexpected operation: ' + comparator.operator)\n }\n })\n }\n\n if (minver && range.test(minver)) {\n return minver\n }\n\n return null\n}\n\nexports.validRange = validRange\nfunction validRange (range, options) {\n try {\n // Return '*' instead of '' so that truthiness works.\n // This will throw if it's invalid anyway\n return new Range(range, options).range || '*'\n } catch (er) {\n return null\n }\n}\n\n// Determine if version is less than all the versions possible in the range\nexports.ltr = ltr\nfunction ltr (version, range, options) {\n return outside(version, range, '<', options)\n}\n\n// Determine if version is greater than all the versions possible in the range.\nexports.gtr = gtr\nfunction gtr (version, range, options) {\n return outside(version, range, '>', options)\n}\n\nexports.outside = outside\nfunction outside (version, range, hilo, options) {\n version = new SemVer(version, options)\n range = new Range(range, options)\n\n var gtfn, ltefn, ltfn, comp, ecomp\n switch (hilo) {\n case '>':\n gtfn = gt\n ltefn = lte\n ltfn = lt\n comp = '>'\n ecomp = '>='\n break\n case '<':\n gtfn = lt\n ltefn = gte\n ltfn = gt\n comp = '<'\n ecomp = '<='\n break\n default:\n throw new TypeError('Must provide a hilo val of \"<\" or \">\"')\n }\n\n // If it satisifes the range it is not outside\n if (satisfies(version, range, options)) {\n return false\n }\n\n // From now on, variable terms are as if we're in \"gtr\" mode.\n // but note that everything is flipped for the \"ltr\" function.\n\n for (var i = 0; i < range.set.length; ++i) {\n var comparators = range.set[i]\n\n var high = null\n var low = null\n\n comparators.forEach(function (comparator) {\n if (comparator.semver === ANY) {\n comparator = new Comparator('>=0.0.0')\n }\n high = high || comparator\n low = low || comparator\n if (gtfn(comparator.semver, high.semver, options)) {\n high = comparator\n } else if (ltfn(comparator.semver, low.semver, options)) {\n low = comparator\n }\n })\n\n // If the edge version comparator has a operator then our version\n // isn't outside it\n if (high.operator === comp || high.operator === ecomp) {\n return false\n }\n\n // If the lowest version comparator has an operator and our version\n // is less than it then it isn't higher than the range\n if ((!low.operator || low.operator === comp) &&\n ltefn(version, low.semver)) {\n return false\n } else if (low.operator === ecomp && ltfn(version, low.semver)) {\n return false\n }\n }\n return true\n}\n\nexports.prerelease = prerelease\nfunction prerelease (version, options) {\n var parsed = parse(version, options)\n return (parsed && parsed.prerelease.length) ? parsed.prerelease : null\n}\n\nexports.intersects = intersects\nfunction intersects (r1, r2, options) {\n r1 = new Range(r1, options)\n r2 = new Range(r2, options)\n return r1.intersects(r2)\n}\n\nexports.coerce = coerce\nfunction coerce (version, options) {\n if (version instanceof SemVer) {\n return version\n }\n\n if (typeof version === 'number') {\n version = String(version)\n }\n\n if (typeof version !== 'string') {\n return null\n }\n\n options = options || {}\n\n var match = null\n if (!options.rtl) {\n match = version.match(safeRe[t.COERCE])\n } else {\n // Find the right-most coercible string that does not share\n // a terminus with a more left-ward coercible string.\n // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4'\n //\n // Walk through the string checking with a /g regexp\n // Manually set the index so as to pick up overlapping matches.\n // Stop when we get a match that ends at the string end, since no\n // coercible string can be more right-ward without the same terminus.\n var next\n while ((next = safeRe[t.COERCERTL].exec(version)) &&\n (!match || match.index + match[0].length !== version.length)\n ) {\n if (!match ||\n next.index + next[0].length !== match.index + match[0].length) {\n match = next\n }\n safeRe[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length\n }\n // leave it in a clean state\n safeRe[t.COERCERTL].lastIndex = -1\n }\n\n if (match === null) {\n return null\n }\n\n return parse(match[2] +\n '.' + (match[3] || '0') +\n '.' + (match[4] || '0'), options)\n}\n","module.exports = shellescape;\n\n// return a shell compatible format\nfunction shellescape(a) {\n var ret = [];\n\n a.forEach(function(s) {\n if (!/^[A-Za-z0-9_\\/-]+$/.test(s)) {\n s = \"'\"+s.replace(/'/g,\"'\\\\''\")+\"'\";\n s = s.replace(/^(?:'')+/g, '') // unduplicate single-quote at the beginning\n .replace(/\\\\'''/g, \"\\\\'\" ); // remove non-escaped single-quote if there are enclosed between 2 escaped\n }\n ret.push(s);\n });\n\n return ret.join(' ');\n}\n","'use strict';\n\nconst {\n Duplex: DuplexStream,\n Readable: ReadableStream,\n Writable: WritableStream,\n} = require('stream');\n\nconst {\n CHANNEL_EXTENDED_DATATYPE: { STDERR },\n} = require('./protocol/constants.js');\nconst { bufferSlice } = require('./protocol/utils.js');\n\nconst PACKET_SIZE = 32 * 1024;\nconst MAX_WINDOW = 2 * 1024 * 1024;\nconst WINDOW_THRESHOLD = MAX_WINDOW / 2;\n\nclass ClientStderr extends ReadableStream {\n constructor(channel, streamOpts) {\n super(streamOpts);\n\n this._channel = channel;\n }\n _read(n) {\n if (this._channel._waitChanDrain) {\n this._channel._waitChanDrain = false;\n if (this._channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(this._channel);\n }\n }\n}\n\nclass ServerStderr extends WritableStream {\n constructor(channel) {\n super({ highWaterMark: MAX_WINDOW });\n\n this._channel = channel;\n }\n\n _write(data, encoding, cb) {\n const channel = this._channel;\n const protocol = channel._client._protocol;\n const outgoing = channel.outgoing;\n const packetSize = outgoing.packetSize;\n const id = outgoing.id;\n let window = outgoing.window;\n const len = data.length;\n let p = 0;\n\n if (outgoing.state !== 'open')\n return;\n\n while (len - p > 0 && window > 0) {\n let sliceLen = len - p;\n if (sliceLen > window)\n sliceLen = window;\n if (sliceLen > packetSize)\n sliceLen = packetSize;\n\n if (p === 0 && sliceLen === len)\n protocol.channelExtData(id, data, STDERR);\n else\n protocol.channelExtData(id, bufferSlice(data, p, p + sliceLen), STDERR);\n\n p += sliceLen;\n window -= sliceLen;\n }\n\n outgoing.window = window;\n\n if (len - p > 0) {\n if (window === 0)\n channel._waitWindow = true;\n if (p > 0)\n channel._chunkErr = bufferSlice(data, p, len);\n else\n channel._chunkErr = data;\n channel._chunkcbErr = cb;\n return;\n }\n\n cb();\n }\n}\n\nclass Channel extends DuplexStream {\n constructor(client, info, opts) {\n const streamOpts = {\n highWaterMark: MAX_WINDOW,\n allowHalfOpen: (!opts || (opts && opts.allowHalfOpen !== false)),\n emitClose: false,\n };\n super(streamOpts);\n this.allowHalfOpen = streamOpts.allowHalfOpen;\n\n const server = !!(opts && opts.server);\n\n this.server = server;\n this.type = info.type;\n this.subtype = undefined;\n\n /*\n incoming and outgoing contain these properties:\n {\n id: undefined,\n window: undefined,\n packetSize: undefined,\n state: 'closed'\n }\n */\n this.incoming = info.incoming;\n this.outgoing = info.outgoing;\n this._callbacks = [];\n\n this._client = client;\n this._hasX11 = false;\n this._exit = {\n code: undefined,\n signal: undefined,\n dump: undefined,\n desc: undefined,\n };\n\n this.stdin = this.stdout = this;\n\n if (server)\n this.stderr = new ServerStderr(this);\n else\n this.stderr = new ClientStderr(this, streamOpts);\n\n // Outgoing data\n this._waitWindow = false; // SSH-level backpressure\n\n // Incoming data\n this._waitChanDrain = false; // Channel Readable side backpressure\n\n this._chunk = undefined;\n this._chunkcb = undefined;\n this._chunkErr = undefined;\n this._chunkcbErr = undefined;\n\n this.on('finish', onFinish)\n .on('prefinish', onFinish); // For node v0.11+\n\n this.on('end', onEnd).on('close', onEnd);\n }\n\n _read(n) {\n if (this._waitChanDrain) {\n this._waitChanDrain = false;\n if (this.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(this);\n }\n }\n\n _write(data, encoding, cb) {\n const protocol = this._client._protocol;\n const outgoing = this.outgoing;\n const packetSize = outgoing.packetSize;\n const id = outgoing.id;\n let window = outgoing.window;\n const len = data.length;\n let p = 0;\n\n if (outgoing.state !== 'open')\n return;\n\n while (len - p > 0 && window > 0) {\n let sliceLen = len - p;\n if (sliceLen > window)\n sliceLen = window;\n if (sliceLen > packetSize)\n sliceLen = packetSize;\n\n if (p === 0 && sliceLen === len)\n protocol.channelData(id, data);\n else\n protocol.channelData(id, bufferSlice(data, p, p + sliceLen));\n\n p += sliceLen;\n window -= sliceLen;\n }\n\n outgoing.window = window;\n\n if (len - p > 0) {\n if (window === 0)\n this._waitWindow = true;\n if (p > 0)\n this._chunk = bufferSlice(data, p, len);\n else\n this._chunk = data;\n this._chunkcb = cb;\n return;\n }\n\n cb();\n }\n\n eof() {\n if (this.outgoing.state === 'open') {\n this.outgoing.state = 'eof';\n this._client._protocol.channelEOF(this.outgoing.id);\n }\n }\n\n close() {\n if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n this.outgoing.state = 'closing';\n this._client._protocol.channelClose(this.outgoing.id);\n }\n }\n\n destroy() {\n this.end();\n this.close();\n return this;\n }\n\n // Session type-specific methods =============================================\n setWindow(rows, cols, height, width) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (this.type === 'session'\n && (this.subtype === 'shell' || this.subtype === 'exec')\n && this.writable\n && this.outgoing.state === 'open') {\n this._client._protocol.windowChange(this.outgoing.id,\n rows,\n cols,\n height,\n width);\n }\n }\n\n signal(signalName) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (this.type === 'session'\n && this.writable\n && this.outgoing.state === 'open') {\n this._client._protocol.signal(this.outgoing.id, signalName);\n }\n }\n\n exit(statusOrSignal, coreDumped, msg) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (this.type === 'session'\n && this.writable\n && this.outgoing.state === 'open') {\n if (typeof statusOrSignal === 'number') {\n this._client._protocol.exitStatus(this.outgoing.id, statusOrSignal);\n } else {\n this._client._protocol.exitSignal(this.outgoing.id,\n statusOrSignal,\n coreDumped,\n msg);\n }\n }\n }\n\n}\n\nfunction onFinish() {\n this.eof();\n if (this.server || !this.allowHalfOpen)\n this.close();\n this.writable = false;\n}\n\nfunction onEnd() {\n this.readable = false;\n}\n\nfunction windowAdjust(self) {\n if (self.outgoing.state === 'closed')\n return;\n const amt = MAX_WINDOW - self.incoming.window;\n if (amt <= 0)\n return;\n self.incoming.window += amt;\n self._client._protocol.channelWindowAdjust(self.outgoing.id, amt);\n}\n\nmodule.exports = {\n Channel,\n MAX_WINDOW,\n PACKET_SIZE,\n windowAdjust,\n WINDOW_THRESHOLD,\n};\n",null,"// TODO:\n// * add `.connected` or similar property to allow immediate connection\n// status checking\n// * add/improve debug output during user authentication phase\n'use strict';\n\nconst {\n createHash,\n getHashes,\n randomFillSync,\n} = require('crypto');\nconst { Socket } = require('net');\nconst { lookup: dnsLookup } = require('dns');\nconst EventEmitter = require('events');\nconst HASHES = getHashes();\n\nconst {\n COMPAT,\n CHANNEL_EXTENDED_DATATYPE: { STDERR },\n CHANNEL_OPEN_FAILURE,\n DEFAULT_CIPHER,\n DEFAULT_COMPRESSION,\n DEFAULT_KEX,\n DEFAULT_MAC,\n DEFAULT_SERVER_HOST_KEY,\n DISCONNECT_REASON,\n DISCONNECT_REASON_BY_VALUE,\n SUPPORTED_CIPHER,\n SUPPORTED_COMPRESSION,\n SUPPORTED_KEX,\n SUPPORTED_MAC,\n SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst {\n bufferCopy,\n makeBufferParser,\n makeError,\n readUInt32BE,\n sigSSHToASN1,\n writeUInt32BE,\n} = require('./protocol/utils.js');\n\nconst { AgentContext, createAgent, isAgent } = require('./agent.js');\nconst {\n Channel,\n MAX_WINDOW,\n PACKET_SIZE,\n windowAdjust,\n WINDOW_THRESHOLD,\n} = require('./Channel.js');\nconst {\n ChannelManager,\n generateAlgorithmList,\n isWritable,\n onChannelOpenFailure,\n onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst bufferParser = makeBufferParser();\nconst sigParser = makeBufferParser();\nconst RE_OPENSSH = /^OpenSSH_(?:(?![0-4])\\d)|(?:\\d{2,})/;\nconst noop = (err) => {};\n\nclass Client extends EventEmitter {\n constructor() {\n super();\n\n this.config = {\n host: undefined,\n port: undefined,\n localAddress: undefined,\n localPort: undefined,\n forceIPv4: undefined,\n forceIPv6: undefined,\n keepaliveCountMax: undefined,\n keepaliveInterval: undefined,\n readyTimeout: undefined,\n ident: undefined,\n\n username: undefined,\n password: undefined,\n privateKey: undefined,\n tryKeyboard: undefined,\n agent: undefined,\n allowAgentFwd: undefined,\n authHandler: undefined,\n\n hostHashAlgo: undefined,\n hostHashCb: undefined,\n strictVendor: undefined,\n debug: undefined\n };\n\n this._agent = undefined;\n this._readyTimeout = undefined;\n this._chanMgr = undefined;\n this._callbacks = undefined;\n this._forwarding = undefined;\n this._forwardingUnix = undefined;\n this._acceptX11 = undefined;\n this._agentFwdEnabled = undefined;\n this._remoteVer = undefined;\n\n this._protocol = undefined;\n this._sock = undefined;\n this._resetKA = undefined;\n }\n\n connect(cfg) {\n if (this._sock && isWritable(this._sock)) {\n this.once('close', () => {\n this.connect(cfg);\n });\n this.end();\n return this;\n }\n\n this.config.host = cfg.hostname || cfg.host || 'localhost';\n this.config.port = cfg.port || 22;\n this.config.localAddress = (typeof cfg.localAddress === 'string'\n ? cfg.localAddress\n : undefined);\n this.config.localPort = (typeof cfg.localPort === 'string'\n || typeof cfg.localPort === 'number'\n ? cfg.localPort\n : undefined);\n this.config.forceIPv4 = cfg.forceIPv4 || false;\n this.config.forceIPv6 = cfg.forceIPv6 || false;\n this.config.keepaliveCountMax = (typeof cfg.keepaliveCountMax === 'number'\n && cfg.keepaliveCountMax >= 0\n ? cfg.keepaliveCountMax\n : 3);\n this.config.keepaliveInterval = (typeof cfg.keepaliveInterval === 'number'\n && cfg.keepaliveInterval > 0\n ? cfg.keepaliveInterval\n : 0);\n this.config.readyTimeout = (typeof cfg.readyTimeout === 'number'\n && cfg.readyTimeout >= 0\n ? cfg.readyTimeout\n : 20000);\n this.config.ident = (typeof cfg.ident === 'string'\n || Buffer.isBuffer(cfg.ident)\n ? cfg.ident\n : undefined);\n\n const algorithms = {\n kex: undefined,\n serverHostKey: undefined,\n cs: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: [],\n },\n sc: undefined,\n };\n let allOfferDefaults = true;\n if (typeof cfg.algorithms === 'object' && cfg.algorithms !== null) {\n algorithms.kex = generateAlgorithmList(cfg.algorithms.kex,\n DEFAULT_KEX,\n SUPPORTED_KEX);\n if (algorithms.kex !== DEFAULT_KEX)\n allOfferDefaults = false;\n\n algorithms.serverHostKey =\n generateAlgorithmList(cfg.algorithms.serverHostKey,\n DEFAULT_SERVER_HOST_KEY,\n SUPPORTED_SERVER_HOST_KEY);\n if (algorithms.serverHostKey !== DEFAULT_SERVER_HOST_KEY)\n allOfferDefaults = false;\n\n algorithms.cs.cipher = generateAlgorithmList(cfg.algorithms.cipher,\n DEFAULT_CIPHER,\n SUPPORTED_CIPHER);\n if (algorithms.cs.cipher !== DEFAULT_CIPHER)\n allOfferDefaults = false;\n\n algorithms.cs.mac = generateAlgorithmList(cfg.algorithms.hmac,\n DEFAULT_MAC,\n SUPPORTED_MAC);\n if (algorithms.cs.mac !== DEFAULT_MAC)\n allOfferDefaults = false;\n\n algorithms.cs.compress = generateAlgorithmList(cfg.algorithms.compress,\n DEFAULT_COMPRESSION,\n SUPPORTED_COMPRESSION);\n if (algorithms.cs.compress !== DEFAULT_COMPRESSION)\n allOfferDefaults = false;\n\n if (!allOfferDefaults)\n algorithms.sc = algorithms.cs;\n }\n\n if (typeof cfg.username === 'string')\n this.config.username = cfg.username;\n else if (typeof cfg.user === 'string')\n this.config.username = cfg.user;\n else\n throw new Error('Invalid username');\n\n this.config.password = (typeof cfg.password === 'string'\n ? cfg.password\n : undefined);\n this.config.privateKey = (typeof cfg.privateKey === 'string'\n || Buffer.isBuffer(cfg.privateKey)\n ? cfg.privateKey\n : undefined);\n this.config.localHostname = (typeof cfg.localHostname === 'string'\n ? cfg.localHostname\n : undefined);\n this.config.localUsername = (typeof cfg.localUsername === 'string'\n ? cfg.localUsername\n : undefined);\n this.config.tryKeyboard = (cfg.tryKeyboard === true);\n if (typeof cfg.agent === 'string' && cfg.agent.length)\n this.config.agent = createAgent(cfg.agent);\n else if (isAgent(cfg.agent))\n this.config.agent = cfg.agent;\n else\n this.config.agent = undefined;\n this.config.allowAgentFwd = (cfg.agentForward === true\n && this.config.agent !== undefined);\n let authHandler = this.config.authHandler = (\n typeof cfg.authHandler === 'function'\n || Array.isArray(cfg.authHandler)\n ? cfg.authHandler\n : undefined\n );\n\n this.config.strictVendor = (typeof cfg.strictVendor === 'boolean'\n ? cfg.strictVendor\n : true);\n\n const debug = this.config.debug = (typeof cfg.debug === 'function'\n ? cfg.debug\n : undefined);\n\n if (cfg.agentForward === true && !this.config.allowAgentFwd) {\n throw new Error(\n 'You must set a valid agent path to allow agent forwarding'\n );\n }\n\n let callbacks = this._callbacks = [];\n this._chanMgr = new ChannelManager(this);\n this._forwarding = {};\n this._forwardingUnix = {};\n this._acceptX11 = 0;\n this._agentFwdEnabled = false;\n this._agent = (this.config.agent ? this.config.agent : undefined);\n this._remoteVer = undefined;\n let privateKey;\n\n if (this.config.privateKey) {\n privateKey = parseKey(this.config.privateKey, cfg.passphrase);\n if (privateKey instanceof Error)\n throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n if (Array.isArray(privateKey)) {\n // OpenSSH's newer format only stores 1 key for now\n privateKey = privateKey[0];\n }\n if (privateKey.getPrivatePEM() === null) {\n throw new Error(\n 'privateKey value does not contain a (valid) private key'\n );\n }\n }\n\n let hostVerifier;\n if (typeof cfg.hostVerifier === 'function') {\n const hashCb = cfg.hostVerifier;\n let hasher;\n if (HASHES.indexOf(cfg.hostHash) !== -1) {\n // Default to old behavior of hashing on user's behalf\n hasher = createHash(cfg.hostHash);\n }\n hostVerifier = (key, verify) => {\n if (hasher) {\n hasher.update(key);\n key = hasher.digest('hex');\n }\n const ret = hashCb(key, verify);\n if (ret !== undefined)\n verify(ret);\n };\n }\n\n const sock = this._sock = (cfg.sock || new Socket());\n let ready = false;\n let sawHeader = false;\n if (this._protocol)\n this._protocol.cleanup();\n const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n debug(`Debug output from server: ${JSON.stringify(msg)}`);\n });\n const proto = this._protocol = new Protocol({\n ident: this.config.ident,\n offer: (allOfferDefaults ? undefined : algorithms),\n onWrite: (data) => {\n if (isWritable(sock))\n sock.write(data);\n },\n onError: (err) => {\n if (err.level === 'handshake')\n clearTimeout(this._readyTimeout);\n if (!proto._destruct)\n sock.removeAllListeners('data');\n this.emit('error', err);\n try {\n sock.end();\n } catch {}\n },\n onHeader: (header) => {\n sawHeader = true;\n this._remoteVer = header.versions.software;\n if (header.greeting)\n this.emit('greeting', header.greeting);\n },\n onHandshakeComplete: (negotiated) => {\n this.emit('handshake', negotiated);\n if (!ready) {\n ready = true;\n proto.service('ssh-userauth');\n }\n },\n debug,\n hostVerifier,\n messageHandlers: {\n DEBUG: DEBUG_HANDLER,\n DISCONNECT: (p, reason, desc) => {\n if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n if (!desc) {\n desc = DISCONNECT_REASON_BY_VALUE[reason];\n if (desc === undefined)\n desc = `Unexpected disconnection reason: ${reason}`;\n }\n const err = new Error(desc);\n err.code = reason;\n this.emit('error', err);\n }\n sock.end();\n },\n SERVICE_ACCEPT: (p, name) => {\n if (name === 'ssh-userauth')\n tryNextAuth();\n },\n USERAUTH_BANNER: (p, msg) => {\n this.emit('banner', msg);\n },\n USERAUTH_SUCCESS: (p) => {\n // Start keepalive mechanism\n resetKA();\n\n clearTimeout(this._readyTimeout);\n\n this.emit('ready');\n },\n USERAUTH_FAILURE: (p, authMethods, partialSuccess) => {\n if (curAuth.type === 'agent') {\n const pos = curAuth.agentCtx.pos();\n debug && debug(`Client: Agent key #${pos + 1} failed`);\n return tryNextAgentKey();\n }\n\n debug && debug(`Client: ${curAuth.type} auth failed`);\n\n curPartial = partialSuccess;\n curAuthsLeft = authMethods;\n tryNextAuth();\n },\n USERAUTH_PASSWD_CHANGEREQ: (p, prompt) => {\n if (curAuth.type === 'password') {\n // TODO: support a `changePrompt()` on `curAuth` that defaults to\n // emitting 'change password' as before\n this.emit('change password', prompt, (newPassword) => {\n proto.authPassword(\n this.config.username,\n this.config.password,\n newPassword\n );\n });\n }\n },\n USERAUTH_PK_OK: (p) => {\n if (curAuth.type === 'agent') {\n const key = curAuth.agentCtx.currentKey();\n proto.authPK(curAuth.username, key, (buf, cb) => {\n curAuth.agentCtx.sign(key, buf, {}, (err, signed) => {\n if (err) {\n err.level = 'agent';\n this.emit('error', err);\n } else {\n return cb(signed);\n }\n\n tryNextAgentKey();\n });\n });\n } else if (curAuth.type === 'publickey') {\n proto.authPK(curAuth.username, curAuth.key, (buf, cb) => {\n const signature = curAuth.key.sign(buf);\n if (signature instanceof Error) {\n signature.message =\n `Error signing data with key: ${signature.message}`;\n signature.level = 'client-authentication';\n this.emit('error', signature);\n return tryNextAuth();\n }\n cb(signature);\n });\n }\n },\n USERAUTH_INFO_REQUEST: (p, name, instructions, prompts) => {\n if (curAuth.type === 'keyboard-interactive') {\n const nprompts = (Array.isArray(prompts) ? prompts.length : 0);\n if (nprompts === 0) {\n debug && debug(\n 'Client: Sending automatic USERAUTH_INFO_RESPONSE'\n );\n proto.authInfoRes();\n return;\n }\n // We sent a keyboard-interactive user authentication request and\n // now the server is sending us the prompts we need to present to\n // the user\n curAuth.prompt(\n name,\n instructions,\n '',\n prompts,\n (answers) => {\n proto.authInfoRes(answers);\n }\n );\n }\n },\n REQUEST_SUCCESS: (p, data) => {\n if (callbacks.length)\n callbacks.shift()(false, data);\n },\n REQUEST_FAILURE: (p) => {\n if (callbacks.length)\n callbacks.shift()(true);\n },\n GLOBAL_REQUEST: (p, name, wantReply, data) => {\n switch (name) {\n case 'hostkeys-00@openssh.com':\n // Automatically verify keys before passing to end user\n hostKeysProve(this, data, (err, keys) => {\n if (err)\n return;\n this.emit('hostkeys', keys);\n });\n if (wantReply)\n proto.requestSuccess();\n break;\n default:\n // Auto-reject all other global requests, this can be especially\n // useful if the server is sending us dummy keepalive global\n // requests\n if (wantReply)\n proto.requestFailure();\n }\n },\n CHANNEL_OPEN: (p, info) => {\n // Handle incoming requests from server, typically a forwarded TCP or\n // X11 connection\n onCHANNEL_OPEN(this, info);\n },\n CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n const channel = this._chanMgr.get(info.recipient);\n if (typeof channel !== 'function')\n return;\n\n const isSFTP = (channel.type === 'sftp');\n const type = (isSFTP ? 'session' : channel.type);\n const chanInfo = {\n type,\n incoming: {\n id: info.recipient,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n const instance = (\n isSFTP\n ? new SFTP(this, chanInfo, { debug })\n : new Channel(this, chanInfo)\n );\n this._chanMgr.update(info.recipient, instance);\n channel(undefined, instance);\n },\n CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'function')\n return;\n\n const info = { reason, description };\n onChannelOpenFailure(this, recipient, info, channel);\n },\n CHANNEL_DATA: (p, recipient, data) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n // The remote party should not be sending us data if there is no\n // window space available ...\n // TODO: raise error on data with not enough window?\n if (channel.incoming.window === 0)\n return;\n\n channel.incoming.window -= data.length;\n\n if (channel.push(data) === false) {\n channel._waitChanDrain = true;\n return;\n }\n\n if (channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(channel);\n },\n CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n if (type !== STDERR)\n return;\n\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n // The remote party should not be sending us data if there is no\n // window space available ...\n // TODO: raise error on data with not enough window?\n if (channel.incoming.window === 0)\n return;\n\n channel.incoming.window -= data.length;\n\n if (!channel.stderr.push(data)) {\n channel._waitChanDrain = true;\n return;\n }\n\n if (channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(channel);\n },\n CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n // The other side is allowing us to send `amount` more bytes of data\n channel.outgoing.window += amount;\n\n if (channel._waitWindow) {\n channel._waitWindow = false;\n\n if (channel._chunk) {\n channel._write(channel._chunk, null, channel._chunkcb);\n } else if (channel._chunkcb) {\n channel._chunkcb();\n } else if (channel._chunkErr) {\n channel.stderr._write(channel._chunkErr,\n null,\n channel._chunkcbErr);\n } else if (channel._chunkcbErr) {\n channel._chunkcbErr();\n }\n }\n },\n CHANNEL_SUCCESS: (p, recipient) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n this._resetKA();\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(false);\n },\n CHANNEL_FAILURE: (p, recipient) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n this._resetKA();\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(true);\n },\n CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n const exit = channel._exit;\n if (exit.code !== undefined)\n return;\n switch (type) {\n case 'exit-status':\n channel.emit('exit', exit.code = data);\n return;\n case 'exit-signal':\n channel.emit('exit',\n exit.code = null,\n exit.signal = `SIG${data.signal}`,\n exit.dump = data.coreDumped,\n exit.desc = data.errorMessage);\n return;\n }\n\n // Keepalive request? OpenSSH will send one as a channel request if\n // there is a channel open\n\n if (wantReply)\n p.channelFailure(channel.outgoing.id);\n },\n CHANNEL_EOF: (p, recipient) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.incoming.state !== 'open')\n return;\n channel.incoming.state = 'eof';\n\n if (channel.readable)\n channel.push(null);\n if (channel.stderr.readable)\n channel.stderr.push(null);\n },\n CHANNEL_CLOSE: (p, recipient) => {\n onCHANNEL_CLOSE(this, recipient, this._chanMgr.get(recipient));\n },\n },\n });\n\n sock.pause();\n\n // TODO: check keepalive implementation\n // Keepalive-related\n const kainterval = this.config.keepaliveInterval;\n const kacountmax = this.config.keepaliveCountMax;\n let kacount = 0;\n let katimer;\n const sendKA = () => {\n if (++kacount > kacountmax) {\n clearInterval(katimer);\n if (sock.readable) {\n const err = new Error('Keepalive timeout');\n err.level = 'client-timeout';\n this.emit('error', err);\n sock.destroy();\n }\n return;\n }\n if (isWritable(sock)) {\n // Append dummy callback to keep correct callback order\n callbacks.push(resetKA);\n proto.ping();\n } else {\n clearInterval(katimer);\n }\n };\n function resetKA() {\n if (kainterval > 0) {\n kacount = 0;\n clearInterval(katimer);\n if (isWritable(sock))\n katimer = setInterval(sendKA, kainterval);\n }\n }\n this._resetKA = resetKA;\n\n const onDone = (() => {\n let called = false;\n return () => {\n if (called)\n return;\n called = true;\n if (wasConnected && !sawHeader) {\n const err =\n makeError('Connection lost before handshake', 'protocol', true);\n this.emit('error', err);\n }\n };\n })();\n const onConnect = (() => {\n let called = false;\n return () => {\n if (called)\n return;\n called = true;\n\n wasConnected = true;\n debug && debug('Socket connected');\n this.emit('connect');\n\n cryptoInit.then(() => {\n proto.start();\n sock.on('data', (data) => {\n try {\n proto.parse(data, 0, data.length);\n } catch (ex) {\n this.emit('error', ex);\n try {\n if (isWritable(sock))\n sock.end();\n } catch {}\n }\n });\n\n // Drain stderr if we are connection hopping using an exec stream\n if (sock.stderr && typeof sock.stderr.resume === 'function')\n sock.stderr.resume();\n\n sock.resume();\n }).catch((err) => {\n this.emit('error', err);\n try {\n if (isWritable(sock))\n sock.end();\n } catch {}\n });\n };\n })();\n let wasConnected = false;\n sock.on('connect', onConnect)\n .on('timeout', () => {\n this.emit('timeout');\n }).on('error', (err) => {\n debug && debug(`Socket error: ${err.message}`);\n clearTimeout(this._readyTimeout);\n err.level = 'client-socket';\n this.emit('error', err);\n }).on('end', () => {\n debug && debug('Socket ended');\n onDone();\n proto.cleanup();\n clearTimeout(this._readyTimeout);\n clearInterval(katimer);\n this.emit('end');\n }).on('close', () => {\n debug && debug('Socket closed');\n onDone();\n proto.cleanup();\n clearTimeout(this._readyTimeout);\n clearInterval(katimer);\n this.emit('close');\n\n // Notify outstanding channel requests of disconnection ...\n const callbacks_ = callbacks;\n callbacks = this._callbacks = [];\n const err = new Error('No response from server');\n for (let i = 0; i < callbacks_.length; ++i)\n callbacks_[i](err);\n\n // Simulate error for any channels waiting to be opened\n this._chanMgr.cleanup(err);\n });\n\n // Begin authentication handling ===========================================\n let curAuth;\n let curPartial = null;\n let curAuthsLeft = null;\n const authsAllowed = ['none'];\n if (this.config.password !== undefined)\n authsAllowed.push('password');\n if (privateKey !== undefined)\n authsAllowed.push('publickey');\n if (this._agent !== undefined)\n authsAllowed.push('agent');\n if (this.config.tryKeyboard)\n authsAllowed.push('keyboard-interactive');\n if (privateKey !== undefined\n && this.config.localHostname !== undefined\n && this.config.localUsername !== undefined) {\n authsAllowed.push('hostbased');\n }\n\n if (Array.isArray(authHandler))\n authHandler = makeSimpleAuthHandler(authHandler);\n else if (typeof authHandler !== 'function')\n authHandler = makeSimpleAuthHandler(authsAllowed);\n\n let hasSentAuth = false;\n const doNextAuth = (nextAuth) => {\n if (hasSentAuth)\n return;\n hasSentAuth = true;\n\n if (nextAuth === false) {\n const err = new Error('All configured authentication methods failed');\n err.level = 'client-authentication';\n this.emit('error', err);\n this.end();\n return;\n }\n\n if (typeof nextAuth === 'string') {\n // Remain backwards compatible with original `authHandler()` usage,\n // which only supported passing names of next method to try using data\n // from the `connect()` config object\n\n const type = nextAuth;\n if (authsAllowed.indexOf(type) === -1)\n return skipAuth(`Authentication method not allowed: ${type}`);\n\n const username = this.config.username;\n switch (type) {\n case 'password':\n nextAuth = { type, username, password: this.config.password };\n break;\n case 'publickey':\n nextAuth = { type, username, key: privateKey };\n break;\n case 'hostbased':\n nextAuth = {\n type,\n username,\n key: privateKey,\n localHostname: this.config.localHostname,\n localUsername: this.config.localUsername,\n };\n break;\n case 'agent':\n nextAuth = {\n type,\n username,\n agentCtx: new AgentContext(this._agent),\n };\n break;\n case 'keyboard-interactive':\n nextAuth = {\n type,\n username,\n prompt: (...args) => this.emit('keyboard-interactive', ...args),\n };\n break;\n case 'none':\n nextAuth = { type, username };\n break;\n default:\n return skipAuth(\n `Skipping unsupported authentication method: ${nextAuth}`\n );\n }\n } else if (typeof nextAuth !== 'object' || nextAuth === null) {\n return skipAuth(\n `Skipping invalid authentication attempt: ${nextAuth}`\n );\n } else {\n const username = nextAuth.username;\n if (typeof username !== 'string') {\n return skipAuth(\n `Skipping invalid authentication attempt: ${nextAuth}`\n );\n }\n const type = nextAuth.type;\n switch (type) {\n case 'password': {\n const { password } = nextAuth;\n if (typeof password !== 'string' && !Buffer.isBuffer(password))\n return skipAuth('Skipping invalid password auth attempt');\n nextAuth = { type, username, password };\n break;\n }\n case 'publickey': {\n const key = parseKey(nextAuth.key, nextAuth.passphrase);\n if (key instanceof Error)\n return skipAuth('Skipping invalid key auth attempt');\n if (!key.isPrivateKey())\n return skipAuth('Skipping non-private key');\n nextAuth = { type, username, key };\n break;\n }\n case 'hostbased': {\n const { localHostname, localUsername } = nextAuth;\n const key = parseKey(nextAuth.key, nextAuth.passphrase);\n if (key instanceof Error\n || typeof localHostname !== 'string'\n || typeof localUsername !== 'string') {\n return skipAuth('Skipping invalid hostbased auth attempt');\n }\n if (!key.isPrivateKey())\n return skipAuth('Skipping non-private key');\n nextAuth = { type, username, key, localHostname, localUsername };\n break;\n }\n case 'agent': {\n let agent = nextAuth.agent;\n if (typeof agent === 'string' && agent.length) {\n agent = createAgent(agent);\n } else if (!isAgent(agent)) {\n return skipAuth(\n `Skipping invalid agent: ${nextAuth.agent}`\n );\n }\n nextAuth = { type, username, agentCtx: new AgentContext(agent) };\n break;\n }\n case 'keyboard-interactive': {\n const { prompt } = nextAuth;\n if (typeof prompt !== 'function') {\n return skipAuth(\n 'Skipping invalid keyboard-interactive auth attempt'\n );\n }\n nextAuth = { type, username, prompt };\n break;\n }\n case 'none':\n nextAuth = { type, username };\n break;\n default:\n return skipAuth(\n `Skipping unsupported authentication method: ${nextAuth}`\n );\n }\n }\n curAuth = nextAuth;\n\n // Begin authentication method's process\n try {\n const username = curAuth.username;\n switch (curAuth.type) {\n case 'password':\n proto.authPassword(username, curAuth.password);\n break;\n case 'publickey':\n proto.authPK(username, curAuth.key);\n break;\n case 'hostbased':\n proto.authHostbased(username,\n curAuth.key,\n curAuth.localHostname,\n curAuth.localUsername,\n (buf, cb) => {\n const signature = curAuth.key.sign(buf);\n if (signature instanceof Error) {\n signature.message =\n `Error while signing with key: ${signature.message}`;\n signature.level = 'client-authentication';\n this.emit('error', signature);\n return tryNextAuth();\n }\n\n cb(signature);\n });\n break;\n case 'agent':\n curAuth.agentCtx.init((err) => {\n if (err) {\n err.level = 'agent';\n this.emit('error', err);\n return tryNextAuth();\n }\n tryNextAgentKey();\n });\n break;\n case 'keyboard-interactive':\n proto.authKeyboard(username);\n break;\n case 'none':\n proto.authNone(username);\n break;\n }\n } finally {\n hasSentAuth = false;\n }\n };\n\n function skipAuth(msg) {\n debug && debug(msg);\n process.nextTick(tryNextAuth);\n }\n\n function tryNextAuth() {\n hasSentAuth = false;\n const auth = authHandler(curAuthsLeft, curPartial, doNextAuth);\n if (hasSentAuth || auth === undefined)\n return;\n doNextAuth(auth);\n }\n\n const tryNextAgentKey = () => {\n if (curAuth.type === 'agent') {\n const key = curAuth.agentCtx.nextKey();\n if (key === false) {\n debug && debug('Agent: No more keys left to try');\n debug && debug('Client: agent auth failed');\n tryNextAuth();\n } else {\n const pos = curAuth.agentCtx.pos();\n debug && debug(`Agent: Trying key #${pos + 1}`);\n proto.authPK(curAuth.username, key);\n }\n }\n };\n\n const startTimeout = () => {\n if (this.config.readyTimeout > 0) {\n this._readyTimeout = setTimeout(() => {\n const err = new Error('Timed out while waiting for handshake');\n err.level = 'client-timeout';\n this.emit('error', err);\n sock.destroy();\n }, this.config.readyTimeout);\n }\n };\n\n if (!cfg.sock) {\n let host = this.config.host;\n const forceIPv4 = this.config.forceIPv4;\n const forceIPv6 = this.config.forceIPv6;\n\n debug && debug(`Client: Trying ${host} on port ${this.config.port} ...`);\n\n const doConnect = () => {\n startTimeout();\n sock.connect({\n host,\n port: this.config.port,\n localAddress: this.config.localAddress,\n localPort: this.config.localPort\n });\n sock.setNoDelay(true);\n sock.setMaxListeners(0);\n sock.setTimeout(typeof cfg.timeout === 'number' ? cfg.timeout : 0);\n };\n\n if ((!forceIPv4 && !forceIPv6) || (forceIPv4 && forceIPv6)) {\n doConnect();\n } else {\n dnsLookup(host, (forceIPv4 ? 4 : 6), (err, address, family) => {\n if (err) {\n const type = (forceIPv4 ? 'IPv4' : 'IPv6');\n const error = new Error(\n `Error while looking up ${type} address for '${host}': ${err}`\n );\n clearTimeout(this._readyTimeout);\n error.level = 'client-dns';\n this.emit('error', error);\n this.emit('close');\n return;\n }\n host = address;\n doConnect();\n });\n }\n } else {\n // Custom socket passed in\n startTimeout();\n if (typeof sock.connecting === 'boolean') {\n // net.Socket\n\n if (!sock.connecting) {\n // Already connected\n onConnect();\n }\n } else {\n // Assume socket/stream is already \"connected\"\n onConnect();\n }\n }\n\n return this;\n }\n\n end() {\n if (this._sock && isWritable(this._sock)) {\n this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n this._sock.end();\n }\n return this;\n }\n\n destroy() {\n this._sock && isWritable(this._sock) && this._sock.destroy();\n return this;\n }\n\n exec(cmd, opts, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n\n const extraOpts = { allowHalfOpen: (opts.allowHalfOpen !== false) };\n\n openChannel(this, 'session', extraOpts, (err, chan) => {\n if (err) {\n cb(err);\n return;\n }\n\n const todo = [];\n\n function reqCb(err) {\n if (err) {\n chan.close();\n cb(err);\n return;\n }\n if (todo.length)\n todo.shift()();\n }\n\n if (this.config.allowAgentFwd === true\n || (opts\n && opts.agentForward === true\n && this._agent !== undefined)) {\n todo.push(() => reqAgentFwd(chan, reqCb));\n }\n\n if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.env === 'object' && opts.env !== null)\n reqEnv(chan, opts.env);\n if ((typeof opts.pty === 'object' && opts.pty !== null)\n || opts.pty === true) {\n todo.push(() => reqPty(chan, opts.pty, reqCb));\n }\n if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n || opts.x11 === 'number'\n || opts.x11 === true) {\n todo.push(() => reqX11(chan, opts.x11, reqCb));\n }\n }\n\n todo.push(() => reqExec(chan, cmd, opts, cb));\n todo.shift()();\n });\n\n return this;\n }\n\n shell(wndopts, opts, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof wndopts === 'function') {\n cb = wndopts;\n wndopts = opts = undefined;\n } else if (typeof opts === 'function') {\n cb = opts;\n opts = undefined;\n }\n if (wndopts && (wndopts.x11 !== undefined || wndopts.env !== undefined)) {\n opts = wndopts;\n wndopts = undefined;\n }\n\n openChannel(this, 'session', (err, chan) => {\n if (err) {\n cb(err);\n return;\n }\n\n const todo = [];\n\n function reqCb(err) {\n if (err) {\n chan.close();\n cb(err);\n return;\n }\n if (todo.length)\n todo.shift()();\n }\n\n if (this.config.allowAgentFwd === true\n || (opts\n && opts.agentForward === true\n && this._agent !== undefined)) {\n todo.push(() => reqAgentFwd(chan, reqCb));\n }\n\n if (wndopts !== false)\n todo.push(() => reqPty(chan, wndopts, reqCb));\n\n if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.env === 'object' && opts.env !== null)\n reqEnv(chan, opts.env);\n if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n || opts.x11 === 'number'\n || opts.x11 === true) {\n todo.push(() => reqX11(chan, opts.x11, reqCb));\n }\n }\n\n todo.push(() => reqShell(chan, cb));\n todo.shift()();\n });\n\n return this;\n }\n\n subsys(name, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n openChannel(this, 'session', (err, chan) => {\n if (err) {\n cb(err);\n return;\n }\n\n reqSubsystem(chan, name, (err, stream) => {\n if (err) {\n cb(err);\n return;\n }\n\n cb(undefined, stream);\n });\n });\n\n return this;\n }\n\n forwardIn(bindAddr, bindPort, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n // Send a request for the server to start forwarding TCP connections to us\n // on a particular address and port\n\n const wantReply = (typeof cb === 'function');\n\n if (wantReply) {\n this._callbacks.push((had_err, data) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to bind to ${bindAddr}:${bindPort}`));\n return;\n }\n\n let realPort = bindPort;\n if (bindPort === 0 && data && data.length >= 4) {\n realPort = readUInt32BE(data, 0);\n if (!(this._protocol._compatFlags & COMPAT.DYN_RPORT_BUG))\n bindPort = realPort;\n }\n\n this._forwarding[`${bindAddr}:${bindPort}`] = realPort;\n\n cb(undefined, realPort);\n });\n }\n\n this._protocol.tcpipForward(bindAddr, bindPort, wantReply);\n\n return this;\n }\n\n unforwardIn(bindAddr, bindPort, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n // Send a request to stop forwarding us new connections for a particular\n // address and port\n\n const wantReply = (typeof cb === 'function');\n\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to unbind from ${bindAddr}:${bindPort}`));\n return;\n }\n\n delete this._forwarding[`${bindAddr}:${bindPort}`];\n\n cb();\n });\n }\n\n this._protocol.cancelTcpipForward(bindAddr, bindPort, wantReply);\n\n return this;\n }\n\n forwardOut(srcIP, srcPort, dstIP, dstPort, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n // Send a request to forward a TCP connection to the server\n\n const cfg = {\n srcIP: srcIP,\n srcPort: srcPort,\n dstIP: dstIP,\n dstPort: dstPort\n };\n\n if (typeof cb !== 'function')\n cb = noop;\n\n openChannel(this, 'direct-tcpip', cfg, cb);\n\n return this;\n }\n\n openssh_noMoreSessions(cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n const wantReply = (typeof cb === 'function');\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to disable future sessions'));\n return;\n }\n\n cb();\n });\n }\n\n this._protocol.openssh_noMoreSessions(wantReply);\n return this;\n }\n\n if (!wantReply)\n return this;\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n openssh_forwardInStreamLocal(socketPath, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n const wantReply = (typeof cb === 'function');\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to bind to ${socketPath}`));\n return;\n }\n this._forwardingUnix[socketPath] = true;\n cb();\n });\n }\n\n this._protocol.openssh_streamLocalForward(socketPath, wantReply);\n return this;\n }\n\n if (!wantReply)\n return this;\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n openssh_unforwardInStreamLocal(socketPath, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n const wantReply = (typeof cb === 'function');\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to unbind from ${socketPath}`));\n return;\n }\n delete this._forwardingUnix[socketPath];\n cb();\n });\n }\n\n this._protocol.openssh_cancelStreamLocalForward(socketPath, wantReply);\n return this;\n }\n\n if (!wantReply)\n return this;\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n openssh_forwardOutStreamLocal(socketPath, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof cb !== 'function')\n cb = noop;\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n openChannel(this, 'direct-streamlocal@openssh.com', { socketPath }, cb);\n return this;\n }\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n sftp(cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n openChannel(this, 'sftp', (err, sftp) => {\n if (err) {\n cb(err);\n return;\n }\n\n reqSubsystem(sftp, 'sftp', (err, sftp_) => {\n if (err) {\n cb(err);\n return;\n }\n\n function removeListeners() {\n sftp.removeListener('ready', onReady);\n sftp.removeListener('error', onError);\n sftp.removeListener('exit', onExit);\n sftp.removeListener('close', onExit);\n }\n\n function onReady() {\n // TODO: do not remove exit/close in case remote end closes the\n // channel abruptly and we need to notify outstanding callbacks\n removeListeners();\n cb(undefined, sftp);\n }\n\n function onError(err) {\n removeListeners();\n cb(err);\n }\n\n function onExit(code, signal) {\n removeListeners();\n let msg;\n if (typeof code === 'number')\n msg = `Received exit code ${code} while establishing SFTP session`;\n else if (signal !== undefined)\n msg = `Received signal ${signal} while establishing SFTP session`;\n else\n msg = 'Received unexpected SFTP session termination';\n const err = new Error(msg);\n err.code = code;\n err.signal = signal;\n cb(err);\n }\n\n sftp.on('ready', onReady)\n .on('error', onError)\n .on('exit', onExit)\n .on('close', onExit);\n\n sftp._init();\n });\n });\n\n return this;\n }\n}\n\nfunction openChannel(self, type, opts, cb) {\n // Ask the server to open a channel for some purpose\n // (e.g. session (sftp, exec, shell), or forwarding a TCP connection\n const initWindow = MAX_WINDOW;\n const maxPacket = PACKET_SIZE;\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n\n const wrapper = (err, stream) => {\n cb(err, stream);\n };\n wrapper.type = type;\n\n const localChan = self._chanMgr.add(wrapper);\n\n if (localChan === -1) {\n cb(new Error('No free channels available'));\n return;\n }\n\n switch (type) {\n case 'session':\n case 'sftp':\n self._protocol.session(localChan, initWindow, maxPacket);\n break;\n case 'direct-tcpip':\n self._protocol.directTcpip(localChan, initWindow, maxPacket, opts);\n break;\n case 'direct-streamlocal@openssh.com':\n self._protocol.openssh_directStreamLocal(\n localChan, initWindow, maxPacket, opts\n );\n break;\n default:\n throw new Error(`Unsupported channel type: ${type}`);\n }\n}\n\nfunction reqX11(chan, screen, cb) {\n // Asks server to start sending us X11 connections\n const cfg = {\n single: false,\n protocol: 'MIT-MAGIC-COOKIE-1',\n cookie: undefined,\n screen: 0\n };\n\n if (typeof screen === 'function') {\n cb = screen;\n } else if (typeof screen === 'object' && screen !== null) {\n if (typeof screen.single === 'boolean')\n cfg.single = screen.single;\n if (typeof screen.screen === 'number')\n cfg.screen = screen.screen;\n if (typeof screen.protocol === 'string')\n cfg.protocol = screen.protocol;\n if (typeof screen.cookie === 'string')\n cfg.cookie = screen.cookie;\n else if (Buffer.isBuffer(screen.cookie))\n cfg.cookie = screen.cookie.hexSlice(0, screen.cookie.length);\n }\n if (cfg.cookie === undefined)\n cfg.cookie = randomCookie();\n\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n if (wantReply)\n cb(new Error('Channel is not open'));\n return;\n }\n\n if (wantReply) {\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true ? had_err : new Error('Unable to request X11'));\n return;\n }\n\n chan._hasX11 = true;\n ++chan._client._acceptX11;\n chan.once('close', () => {\n if (chan._client._acceptX11)\n --chan._client._acceptX11;\n });\n\n cb();\n });\n }\n\n chan._client._protocol.x11Forward(chan.outgoing.id, cfg, wantReply);\n}\n\nfunction reqPty(chan, opts, cb) {\n let rows = 24;\n let cols = 80;\n let width = 640;\n let height = 480;\n let term = 'vt100';\n let modes = null;\n\n if (typeof opts === 'function') {\n cb = opts;\n } else if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.rows === 'number')\n rows = opts.rows;\n if (typeof opts.cols === 'number')\n cols = opts.cols;\n if (typeof opts.width === 'number')\n width = opts.width;\n if (typeof opts.height === 'number')\n height = opts.height;\n if (typeof opts.term === 'string')\n term = opts.term;\n if (typeof opts.modes === 'object')\n modes = opts.modes;\n }\n\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n if (wantReply)\n cb(new Error('Channel is not open'));\n return;\n }\n\n if (wantReply) {\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to request a pseudo-terminal'));\n return;\n }\n cb();\n });\n }\n\n chan._client._protocol.pty(chan.outgoing.id,\n rows,\n cols,\n height,\n width,\n term,\n modes,\n wantReply);\n}\n\nfunction reqAgentFwd(chan, cb) {\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n wantReply && cb(new Error('Channel is not open'));\n return;\n }\n if (chan._client._agentFwdEnabled) {\n wantReply && cb(false);\n return;\n }\n\n chan._client._agentFwdEnabled = true;\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n chan._client._agentFwdEnabled = false;\n if (wantReply) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to request agent forwarding'));\n }\n return;\n }\n\n if (wantReply)\n cb();\n });\n\n chan._client._protocol.openssh_agentForward(chan.outgoing.id, true);\n}\n\nfunction reqShell(chan, cb) {\n if (chan.outgoing.state !== 'open') {\n cb(new Error('Channel is not open'));\n return;\n }\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true ? had_err : new Error('Unable to open shell'));\n return;\n }\n chan.subtype = 'shell';\n cb(undefined, chan);\n });\n\n chan._client._protocol.shell(chan.outgoing.id, true);\n}\n\nfunction reqExec(chan, cmd, opts, cb) {\n if (chan.outgoing.state !== 'open') {\n cb(new Error('Channel is not open'));\n return;\n }\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true ? had_err : new Error('Unable to exec'));\n return;\n }\n chan.subtype = 'exec';\n chan.allowHalfOpen = (opts.allowHalfOpen !== false);\n cb(undefined, chan);\n });\n\n chan._client._protocol.exec(chan.outgoing.id, cmd, true);\n}\n\nfunction reqEnv(chan, env) {\n if (chan.outgoing.state !== 'open')\n return;\n\n const keys = Object.keys(env || {});\n\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i];\n const val = env[key];\n chan._client._protocol.env(chan.outgoing.id, key, val, false);\n }\n}\n\nfunction reqSubsystem(chan, name, cb) {\n if (chan.outgoing.state !== 'open') {\n cb(new Error('Channel is not open'));\n return;\n }\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to start subsystem: ${name}`));\n return;\n }\n chan.subtype = 'subsystem';\n cb(undefined, chan);\n });\n\n chan._client._protocol.subsystem(chan.outgoing.id, name, true);\n}\n\n// TODO: inline implementation into single call site\nfunction onCHANNEL_OPEN(self, info) {\n // The server is trying to open a channel with us, this is usually when\n // we asked the server to forward us connections on some port and now they\n // are asking us to accept/deny an incoming connection on their side\n\n let localChan = -1;\n let reason;\n\n const accept = () => {\n const chanInfo = {\n type: info.type,\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n const stream = new Channel(self, chanInfo);\n self._chanMgr.update(localChan, stream);\n\n self._protocol.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n return stream;\n };\n const reject = () => {\n if (reason === undefined) {\n if (localChan === -1)\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n else\n reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n }\n\n if (localChan !== -1)\n self._chanMgr.remove(localChan);\n\n self._protocol.channelOpenFail(info.sender, reason, '');\n };\n const reserveChannel = () => {\n localChan = self._chanMgr.add();\n\n if (localChan === -1) {\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n if (self.config.debug) {\n self.config.debug(\n 'Client: Automatic rejection of incoming channel open: '\n + 'no channels available'\n );\n }\n }\n\n return (localChan !== -1);\n };\n\n const data = info.data;\n switch (info.type) {\n case 'forwarded-tcpip': {\n const val = self._forwarding[`${data.destIP}:${data.destPort}`];\n if (val !== undefined && reserveChannel()) {\n if (data.destPort === 0)\n data.destPort = val;\n self.emit('tcp connection', data, accept, reject);\n return;\n }\n break;\n }\n case 'forwarded-streamlocal@openssh.com':\n if (self._forwardingUnix[data.socketPath] !== undefined\n && reserveChannel()) {\n self.emit('unix connection', data, accept, reject);\n return;\n }\n break;\n case 'auth-agent@openssh.com':\n if (self._agentFwdEnabled\n && typeof self._agent.getStream === 'function'\n && reserveChannel()) {\n self._agent.getStream((err, stream) => {\n if (err)\n return reject();\n\n const upstream = accept();\n upstream.pipe(stream).pipe(upstream);\n });\n return;\n }\n break;\n case 'x11':\n if (self._acceptX11 !== 0 && reserveChannel()) {\n self.emit('x11', data, accept, reject);\n return;\n }\n break;\n default:\n // Automatically reject any unsupported channel open requests\n reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n if (self.config.debug) {\n self.config.debug(\n 'Client: Automatic rejection of unsupported incoming channel open '\n + `type: ${info.type}`\n );\n }\n }\n\n if (reason === undefined) {\n reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n if (self.config.debug) {\n self.config.debug(\n 'Client: Automatic rejection of unexpected incoming channel open for: '\n + info.type\n );\n }\n }\n\n reject();\n}\n\nconst randomCookie = (() => {\n const buffer = Buffer.allocUnsafe(16);\n return () => {\n randomFillSync(buffer, 0, 16);\n return buffer.hexSlice(0, 16);\n };\n})();\n\nfunction makeSimpleAuthHandler(authList) {\n if (!Array.isArray(authList))\n throw new Error('authList must be an array');\n\n let a = 0;\n return (authsLeft, partialSuccess, cb) => {\n if (a === authList.length)\n return false;\n return authList[a++];\n };\n}\n\nfunction hostKeysProve(client, keys_, cb) {\n if (!client._sock || !isWritable(client._sock))\n return;\n\n if (typeof cb !== 'function')\n cb = noop;\n\n if (!Array.isArray(keys_))\n throw new TypeError('Invalid keys argument type');\n\n const keys = [];\n for (const key of keys_) {\n const parsed = parseKey(key);\n if (parsed instanceof Error)\n throw parsed;\n keys.push(parsed);\n }\n\n if (!client.config.strictVendor\n || (client.config.strictVendor && RE_OPENSSH.test(client._remoteVer))) {\n client._callbacks.push((had_err, data) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Server failed to prove supplied keys'));\n return;\n }\n\n // TODO: move all of this parsing/verifying logic out of the client?\n const ret = [];\n let keyIdx = 0;\n bufferParser.init(data, 0);\n while (bufferParser.avail()) {\n if (keyIdx === keys.length)\n break;\n const key = keys[keyIdx++];\n const keyPublic = key.getPublicSSH();\n\n const sigEntry = bufferParser.readString();\n sigParser.init(sigEntry, 0);\n const type = sigParser.readString(true);\n let value = sigParser.readString();\n\n let algo;\n if (type !== key.type) {\n if (key.type === 'ssh-rsa') {\n switch (type) {\n case 'rsa-sha2-256':\n algo = 'sha256';\n break;\n case 'rsa-sha2-512':\n algo = 'sha512';\n break;\n default:\n continue;\n }\n } else {\n continue;\n }\n }\n\n const sessionID = client._protocol._kex.sessionID;\n const verifyData = Buffer.allocUnsafe(\n 4 + 29 + 4 + sessionID.length + 4 + keyPublic.length\n );\n let p = 0;\n writeUInt32BE(verifyData, 29, p);\n verifyData.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n writeUInt32BE(verifyData, sessionID.length, p += 29);\n bufferCopy(sessionID, verifyData, 0, sessionID.length, p += 4);\n writeUInt32BE(verifyData, keyPublic.length, p += sessionID.length);\n bufferCopy(keyPublic, verifyData, 0, keyPublic.length, p += 4);\n\n if (!(value = sigSSHToASN1(value, type)))\n continue;\n if (key.verify(verifyData, value, algo) === true)\n ret.push(key);\n }\n sigParser.clear();\n bufferParser.clear();\n\n cb(null, ret);\n });\n\n client._protocol.openssh_hostKeysProve(keys);\n return;\n }\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n}\n\nmodule.exports = Client;\n","'use strict';\n\nconst { Agent: HttpAgent } = require('http');\nconst { Agent: HttpsAgent } = require('https');\nconst { connect: tlsConnect } = require('tls');\n\nlet Client;\n\nfor (const ctor of [HttpAgent, HttpsAgent]) {\n class SSHAgent extends ctor {\n constructor(connectCfg, agentOptions) {\n super(agentOptions);\n\n this._connectCfg = connectCfg;\n this._defaultSrcIP = (agentOptions && agentOptions.srcIP) || 'localhost';\n }\n\n createConnection(options, cb) {\n const srcIP = (options && options.localAddress) || this._defaultSrcIP;\n const srcPort = (options && options.localPort) || 0;\n const dstIP = options.host;\n const dstPort = options.port;\n\n if (Client === undefined)\n Client = require('./client.js');\n\n const client = new Client();\n let triedForward = false;\n client.on('ready', () => {\n client.forwardOut(srcIP, srcPort, dstIP, dstPort, (err, stream) => {\n triedForward = true;\n if (err) {\n client.end();\n return cb(err);\n }\n stream.once('close', () => client.end());\n cb(null, decorateStream(stream, ctor, options));\n });\n }).on('error', cb).on('close', () => {\n if (!triedForward)\n cb(new Error('Unexpected connection close'));\n }).connect(this._connectCfg);\n }\n }\n\n exports[ctor === HttpAgent ? 'SSHTTPAgent' : 'SSHTTPSAgent'] = SSHAgent;\n}\n\nfunction noop() {}\n\nfunction decorateStream(stream, ctor, options) {\n if (ctor === HttpAgent) {\n // HTTP\n stream.setKeepAlive = noop;\n stream.setNoDelay = noop;\n stream.setTimeout = noop;\n stream.ref = noop;\n stream.unref = noop;\n stream.destroySoon = stream.destroy;\n return stream;\n }\n\n // HTTPS\n options.socket = stream;\n const wrapped = tlsConnect(options);\n\n // This is a workaround for a regression in node v12.16.3+\n // https://github.com/nodejs/node/issues/35904\n const onClose = (() => {\n let called = false;\n return () => {\n if (called)\n return;\n called = true;\n if (stream.isPaused())\n stream.resume();\n };\n })();\n // 'end' listener is needed because 'close' is not emitted in some scenarios\n // in node v12.x for some unknown reason\n wrapped.on('end', onClose).on('close', onClose);\n\n return wrapped;\n}\n","'use strict';\n\nconst {\n AgentProtocol,\n BaseAgent,\n createAgent,\n CygwinAgent,\n OpenSSHAgent,\n PageantAgent,\n} = require('./agent.js');\nconst {\n SSHTTPAgent: HTTPAgent,\n SSHTTPSAgent: HTTPSAgent,\n} = require('./http-agents.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst {\n flagsToString,\n OPEN_MODE,\n STATUS_CODE,\n stringToFlags,\n} = require('./protocol/SFTP.js');\n\nmodule.exports = {\n AgentProtocol,\n BaseAgent,\n createAgent,\n Client: require('./client.js'),\n CygwinAgent,\n HTTPAgent,\n HTTPSAgent,\n OpenSSHAgent,\n PageantAgent,\n Server: require('./server.js'),\n utils: {\n parseKey,\n sftp: {\n flagsToString,\n OPEN_MODE,\n STATUS_CODE,\n stringToFlags,\n },\n },\n};\n","/*\n TODO:\n * Replace `buffer._pos` usage in keyParser.js and elsewhere\n * Utilize optional \"writev\" support when writing packets from\n cipher.encrypt()\n * Built-in support for automatic re-keying, on by default\n * Revisit receiving unexpected/unknown packets\n * Error (fatal or otherwise) or ignore or pass on to user (in some or all\n cases)?\n * Including server/client check for single directional packet types?\n * Check packets for validity or bail as early as possible?\n * Automatic re-key every 2**31 packets after the last key exchange (sent or\n received), as suggested by RFC4344. OpenSSH currently does this.\n * Automatic re-key every so many blocks depending on cipher. RFC4344:\n Because of a birthday property of block ciphers and some modes of\n operation, implementations must be careful not to encrypt too many\n blocks with the same encryption key.\n\n Let L be the block length (in bits) of an SSH encryption method's\n block cipher (e.g., 128 for AES). If L is at least 128, then, after\n rekeying, an SSH implementation SHOULD NOT encrypt more than 2**(L/4)\n blocks before rekeying again. If L is at least 128, then SSH\n implementations should also attempt to force a rekey before receiving\n more than 2**(L/4) blocks. If L is less than 128 (which is the case\n for older ciphers such as 3DES, Blowfish, CAST-128, and IDEA), then,\n although it may be too expensive to rekey every 2**(L/4) blocks, it\n is still advisable for SSH implementations to follow the original\n recommendation in [RFC4253]: rekey at least once for every gigabyte\n of transmitted data.\n\n Note that if L is less than or equal to 128, then the recommendation\n in this subsection supersedes the recommendation in Section 3.1. If\n an SSH implementation uses a block cipher with a larger block size\n (e.g., Rijndael with 256-bit blocks), then the recommendations in\n Section 3.1 may supersede the recommendations in this subsection\n (depending on the lengths of the packets).\n*/\n\n'use strict';\n\nconst { inspect } = require('util');\n\nconst { bindingAvailable, NullCipher, NullDecipher } = require('./crypto.js');\nconst {\n COMPAT_CHECKS,\n DISCONNECT_REASON,\n MESSAGE,\n SIGNALS,\n TERMINAL_MODE,\n} = require('./constants.js');\nconst {\n DEFAULT_KEXINIT,\n KexInit,\n kexinit,\n onKEXPayload,\n} = require('./kex.js');\nconst {\n parseKey,\n} = require('./keyParser.js');\nconst MESSAGE_HANDLERS = require('./handlers.js');\nconst {\n bufferCopy,\n bufferFill,\n bufferSlice,\n convertSignature,\n sendPacket,\n writeUInt32BE,\n} = require('./utils.js');\nconst {\n PacketReader,\n PacketWriter,\n ZlibPacketReader,\n ZlibPacketWriter,\n} = require('./zlib.js');\n\nconst MODULE_VER = require('../../package.json').version;\n\nconst VALID_DISCONNECT_REASONS = new Map(\n Object.values(DISCONNECT_REASON).map((n) => [n, 1])\n);\nconst IDENT_RAW = Buffer.from(`SSH-2.0-ssh2js${MODULE_VER}`);\nconst IDENT = Buffer.from(`${IDENT_RAW}\\r\\n`);\nconst MAX_LINE_LEN = 8192;\nconst MAX_LINES = 1024;\nconst PING_PAYLOAD = Buffer.from([\n MESSAGE.GLOBAL_REQUEST,\n // \"keepalive@openssh.com\"\n 0, 0, 0, 21,\n 107, 101, 101, 112, 97, 108, 105, 118, 101, 64, 111, 112, 101, 110, 115,\n 115, 104, 46, 99, 111, 109,\n // Request a reply\n 1,\n]);\nconst NO_TERMINAL_MODES_BUFFER = Buffer.from([ TERMINAL_MODE.TTY_OP_END ]);\n\nfunction noop() {}\n\n/*\n Inbound:\n * kexinit payload (needed only until exchange hash is generated)\n * raw ident\n * rekey packet queue\n * expected packet (implemented as separate _parse() function?)\n Outbound:\n * kexinit payload (needed only until exchange hash is generated)\n * rekey packet queue\n * kex secret (needed only until NEWKEYS)\n * exchange hash (needed only until NEWKEYS)\n * session ID (set to exchange hash from initial handshake)\n*/\nclass Protocol {\n constructor(config) {\n const onWrite = config.onWrite;\n if (typeof onWrite !== 'function')\n throw new Error('Missing onWrite function');\n this._onWrite = (data) => { onWrite(data); };\n\n const onError = config.onError;\n if (typeof onError !== 'function')\n throw new Error('Missing onError function');\n this._onError = (err) => { onError(err); };\n\n const debug = config.debug;\n this._debug = (typeof debug === 'function'\n ? (msg) => { debug(msg); }\n : undefined);\n\n const onHeader = config.onHeader;\n this._onHeader = (typeof onHeader === 'function'\n ? (...args) => { onHeader(...args); }\n : noop);\n\n const onPacket = config.onPacket;\n this._onPacket = (typeof onPacket === 'function'\n ? () => { onPacket(); }\n : noop);\n\n let onHandshakeComplete = config.onHandshakeComplete;\n if (typeof onHandshakeComplete !== 'function')\n onHandshakeComplete = noop;\n this._onHandshakeComplete = (...args) => {\n this._debug && this._debug('Handshake completed');\n\n // Process packets queued during a rekey where necessary\n const oldQueue = this._queue;\n if (oldQueue) {\n this._queue = undefined;\n this._debug && this._debug(\n `Draining outbound queue (${oldQueue.length}) ...`\n );\n for (let i = 0; i < oldQueue.length; ++i) {\n const data = oldQueue[i];\n // data === payload only\n\n // XXX: hacky\n let finalized = this._packetRW.write.finalize(data);\n if (finalized === data) {\n const packet = this._cipher.allocPacket(data.length);\n packet.set(data, 5);\n finalized = packet;\n }\n\n sendPacket(this, finalized);\n }\n this._debug && this._debug('... finished draining outbound queue');\n }\n\n onHandshakeComplete(...args);\n };\n this._queue = undefined;\n\n const messageHandlers = config.messageHandlers;\n if (typeof messageHandlers === 'object' && messageHandlers !== null)\n this._handlers = messageHandlers;\n else\n this._handlers = {};\n\n this._onPayload = onPayload.bind(this);\n\n this._server = !!config.server;\n this._banner = undefined;\n let greeting;\n if (this._server) {\n if (typeof config.hostKeys !== 'object' || config.hostKeys === null)\n throw new Error('Missing server host key(s)');\n this._hostKeys = config.hostKeys;\n\n // Greeting displayed before the ssh identification string is sent, this\n // is usually ignored by most clients\n if (typeof config.greeting === 'string' && config.greeting.length) {\n greeting = (config.greeting.slice(-2) === '\\r\\n'\n ? config.greeting\n : `${config.greeting}\\r\\n`);\n }\n\n // Banner shown after the handshake completes, but before user\n // authentication begins\n if (typeof config.banner === 'string' && config.banner.length) {\n this._banner = (config.banner.slice(-2) === '\\r\\n'\n ? config.banner\n : `${config.banner}\\r\\n`);\n }\n } else {\n this._hostKeys = undefined;\n }\n\n let offer = config.offer;\n if (typeof offer !== 'object' || offer === null)\n offer = DEFAULT_KEXINIT;\n else if (offer.constructor !== KexInit)\n offer = new KexInit(offer);\n this._kex = undefined;\n this._kexinit = undefined;\n this._offer = offer;\n this._cipher = new NullCipher(0, this._onWrite);\n this._decipher = undefined;\n this._skipNextInboundPacket = false;\n this._packetRW = {\n read: new PacketReader(),\n write: new PacketWriter(this),\n };\n this._hostVerifier = (!this._server\n && typeof config.hostVerifier === 'function'\n ? config.hostVerifier\n : undefined);\n\n this._parse = parseHeader;\n this._buffer = undefined;\n this._authsQueue = [];\n this._authenticated = false;\n this._remoteIdentRaw = undefined;\n let sentIdent;\n if (typeof config.ident === 'string') {\n this._identRaw = Buffer.from(`SSH-2.0-${config.ident}`);\n\n sentIdent = Buffer.allocUnsafe(this._identRaw.length + 2);\n sentIdent.set(this._identRaw, 0);\n sentIdent[sentIdent.length - 2] = 13; // '\\r'\n sentIdent[sentIdent.length - 1] = 10; // '\\n'\n } else if (Buffer.isBuffer(config.ident)) {\n const fullIdent = Buffer.allocUnsafe(8 + config.ident.length);\n fullIdent.latin1Write('SSH-2.0-', 0, 8);\n fullIdent.set(config.ident, 8);\n this._identRaw = fullIdent;\n\n sentIdent = Buffer.allocUnsafe(fullIdent.length + 2);\n sentIdent.set(fullIdent, 0);\n sentIdent[sentIdent.length - 2] = 13; // '\\r'\n sentIdent[sentIdent.length - 1] = 10; // '\\n'\n } else {\n this._identRaw = IDENT_RAW;\n sentIdent = IDENT;\n }\n this._compatFlags = 0;\n\n if (this._debug) {\n if (bindingAvailable)\n this._debug('Custom crypto binding available');\n else\n this._debug('Custom crypto binding not available');\n }\n\n this._debug && this._debug(\n `Local ident: ${inspect(this._identRaw.toString())}`\n );\n this.start = () => {\n this.start = undefined;\n if (greeting)\n this._onWrite(greeting);\n this._onWrite(sentIdent);\n };\n }\n _destruct(reason) {\n this._packetRW.read.cleanup();\n this._packetRW.write.cleanup();\n this._cipher && this._cipher.free();\n this._decipher && this._decipher.free();\n if (typeof reason !== 'string' || reason.length === 0)\n reason = 'fatal error';\n this.parse = () => {\n throw new Error(`Instance unusable after ${reason}`);\n };\n this._onWrite = () => {\n throw new Error(`Instance unusable after ${reason}`);\n };\n this._destruct = undefined;\n }\n cleanup() {\n this._destruct && this._destruct();\n }\n parse(chunk, i, len) {\n while (i < len)\n i = this._parse(chunk, i, len);\n }\n\n // Protocol message API\n\n // ===========================================================================\n // Common/Shared =============================================================\n // ===========================================================================\n\n // Global\n // ------\n disconnect(reason) {\n const pktLen = 1 + 4 + 4 + 4;\n // We don't use _packetRW.write.* here because we need to make sure that\n // we always get a full packet allocated because this message can be sent\n // at any time -- even during a key exchange\n let p = this._packetRW.write.allocStartKEX;\n const packet = this._packetRW.write.alloc(pktLen, true);\n const end = p + pktLen;\n\n if (!VALID_DISCONNECT_REASONS.has(reason))\n reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n\n packet[p] = MESSAGE.DISCONNECT;\n writeUInt32BE(packet, reason, ++p);\n packet.fill(0, p += 4, end);\n\n this._debug && this._debug(`Outbound: Sending DISCONNECT (${reason})`);\n sendPacket(this, this._packetRW.write.finalize(packet, true), true);\n }\n ping() {\n const p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(PING_PAYLOAD.length);\n\n packet.set(PING_PAYLOAD, p);\n\n this._debug && this._debug(\n 'Outbound: Sending ping (GLOBAL_REQUEST: keepalive@openssh.com)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n rekey() {\n if (this._kexinit === undefined) {\n this._debug && this._debug('Outbound: Initiated explicit rekey');\n this._queue = [];\n kexinit(this);\n } else {\n this._debug && this._debug('Outbound: Ignoring rekey during handshake');\n }\n }\n\n // 'ssh-connection' service-specific\n // ---------------------------------\n requestSuccess(data) {\n let p = this._packetRW.write.allocStart;\n let packet;\n if (Buffer.isBuffer(data)) {\n packet = this._packetRW.write.alloc(1 + data.length);\n\n packet[p] = MESSAGE.REQUEST_SUCCESS;\n\n packet.set(data, ++p);\n } else {\n packet = this._packetRW.write.alloc(1);\n\n packet[p] = MESSAGE.REQUEST_SUCCESS;\n }\n\n this._debug && this._debug('Outbound: Sending REQUEST_SUCCESS');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n requestFailure() {\n const p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1);\n\n packet[p] = MESSAGE.REQUEST_FAILURE;\n\n this._debug && this._debug('Outbound: Sending REQUEST_FAILURE');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelSuccess(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_SUCCESS;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_SUCCESS (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelFailure(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_FAILURE;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_FAILURE (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelEOF(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_EOF;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_EOF (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelClose(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_CLOSE;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_CLOSE (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelWindowAdjust(chan, amount) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_WINDOW_ADJUST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, amount, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_WINDOW_ADJUST (r:${chan}, ${amount})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelData(chan, data) {\n const isBuffer = Buffer.isBuffer(data);\n const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + dataLen);\n\n packet[p] = MESSAGE.CHANNEL_DATA;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, dataLen, p += 4);\n\n if (isBuffer)\n packet.set(data, p += 4);\n else\n packet.utf8Write(data, p += 4, dataLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_DATA (r:${chan}, ${dataLen})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelExtData(chan, data, type) {\n const isBuffer = Buffer.isBuffer(data);\n const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + dataLen);\n\n packet[p] = MESSAGE.CHANNEL_EXTENDED_DATA;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, type, p += 4);\n\n writeUInt32BE(packet, dataLen, p += 4);\n\n if (isBuffer)\n packet.set(data, p += 4);\n else\n packet.utf8Write(data, p += 4, dataLen);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_EXTENDED_DATA (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelOpenConfirm(remote, local, initWindow, maxPacket) {\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN_CONFIRMATION;\n\n writeUInt32BE(packet, remote, ++p);\n\n writeUInt32BE(packet, local, p += 4);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN_CONFIRMATION (r:${remote}, l:${local})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelOpenFail(remote, reason, desc) {\n if (typeof desc !== 'string')\n desc = '';\n\n const descLen = Buffer.byteLength(desc);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + descLen + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN_FAILURE;\n\n writeUInt32BE(packet, remote, ++p);\n\n writeUInt32BE(packet, reason, p += 4);\n\n writeUInt32BE(packet, descLen, p += 4);\n\n p += 4;\n if (descLen) {\n packet.utf8Write(desc, p, descLen);\n p += descLen;\n }\n\n writeUInt32BE(packet, 0, p); // Empty language tag\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_OPEN_FAILURE (r:${remote})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // ===========================================================================\n // Client-specific ===========================================================\n // ===========================================================================\n\n // Global\n // ------\n service(name) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const nameLen = Buffer.byteLength(name);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + nameLen);\n\n packet[p] = MESSAGE.SERVICE_REQUEST;\n\n writeUInt32BE(packet, nameLen, ++p);\n packet.utf8Write(name, p += 4, nameLen);\n\n this._debug && this._debug(`Outbound: Sending SERVICE_REQUEST (${name})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // 'ssh-userauth' service-specific\n // -------------------------------\n authPassword(username, password, newPassword) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const userLen = Buffer.byteLength(username);\n const passLen = Buffer.byteLength(password);\n const newPassLen = (newPassword ? Buffer.byteLength(newPassword) : 0);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + userLen + 4 + 14 + 4 + 8 + 1 + 4 + passLen\n + (newPassword ? 4 + newPassLen : 0)\n );\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 8, p += 14);\n packet.utf8Write('password', p += 4, 8);\n\n packet[p += 8] = (newPassword ? 1 : 0);\n\n writeUInt32BE(packet, passLen, ++p);\n if (Buffer.isBuffer(password))\n bufferCopy(password, packet, 0, passLen, p += 4);\n else\n packet.utf8Write(password, p += 4, passLen);\n\n if (newPassword) {\n writeUInt32BE(packet, newPassLen, p += passLen);\n if (Buffer.isBuffer(newPassword))\n bufferCopy(newPassword, packet, 0, newPassLen, p += 4);\n else\n packet.utf8Write(newPassword, p += 4, newPassLen);\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (changed password)'\n );\n } else {\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (password)'\n );\n }\n\n this._authsQueue.push('password');\n\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authPK(username, pubKey, cbSign) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n pubKey = parseKey(pubKey);\n if (pubKey instanceof Error)\n throw new Error('Invalid key');\n\n const keyType = pubKey.type;\n pubKey = pubKey.getPublicSSH();\n\n const userLen = Buffer.byteLength(username);\n const algoLen = Buffer.byteLength(keyType);\n const pubKeyLen = pubKey.length;\n const sessionID = this._kex.sessionID;\n const sesLen = sessionID.length;\n const payloadLen =\n (cbSign ? 4 + sesLen : 0)\n + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen;\n let packet;\n let p;\n if (cbSign) {\n packet = Buffer.allocUnsafe(payloadLen);\n p = 0;\n writeUInt32BE(packet, sesLen, p);\n packet.set(sessionID, p += 4);\n p += sesLen;\n } else {\n packet = this._packetRW.write.alloc(payloadLen);\n p = this._packetRW.write.allocStart;\n }\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 9, p += 14);\n packet.utf8Write('publickey', p += 4, 9);\n\n packet[p += 9] = (cbSign ? 1 : 0);\n\n writeUInt32BE(packet, algoLen, ++p);\n packet.utf8Write(keyType, p += 4, algoLen);\n\n writeUInt32BE(packet, pubKeyLen, p += algoLen);\n packet.set(pubKey, p += 4);\n\n if (!cbSign) {\n this._authsQueue.push('publickey');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (publickey -- check)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n return;\n }\n\n cbSign(packet, (signature) => {\n signature = convertSignature(signature, keyType);\n if (signature === false)\n throw new Error('Error while converting handshake signature');\n\n const sigLen = signature.length;\n p = this._packetRW.write.allocStart;\n packet = this._packetRW.write.alloc(\n 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen + 4\n + 4 + algoLen + 4 + sigLen\n );\n\n // TODO: simply copy from original \"packet\" to new `packet` to avoid\n // having to write each individual field a second time?\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 9, p += 14);\n packet.utf8Write('publickey', p += 4, 9);\n\n packet[p += 9] = 1;\n\n writeUInt32BE(packet, algoLen, ++p);\n packet.utf8Write(keyType, p += 4, algoLen);\n\n writeUInt32BE(packet, pubKeyLen, p += algoLen);\n packet.set(pubKey, p += 4);\n\n writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += pubKeyLen);\n\n writeUInt32BE(packet, algoLen, p += 4);\n packet.utf8Write(keyType, p += 4, algoLen);\n\n writeUInt32BE(packet, sigLen, p += algoLen);\n packet.set(signature, p += 4);\n\n // Servers shouldn't send packet type 60 in response to signed publickey\n // attempts, but if they do, interpret as type 60.\n this._authsQueue.push('publickey');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (publickey)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n });\n }\n authHostbased(username, pubKey, hostname, userlocal, cbSign) {\n // TODO: Make DRY by sharing similar code with authPK()\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n pubKey = parseKey(pubKey);\n if (pubKey instanceof Error)\n throw new Error('Invalid key');\n\n const keyType = pubKey.type;\n pubKey = pubKey.getPublicSSH();\n\n const userLen = Buffer.byteLength(username);\n const algoLen = Buffer.byteLength(keyType);\n const pubKeyLen = pubKey.length;\n const sessionID = this._kex.sessionID;\n const sesLen = sessionID.length;\n const hostnameLen = Buffer.byteLength(hostname);\n const userlocalLen = Buffer.byteLength(userlocal);\n const data = Buffer.allocUnsafe(\n 4 + sesLen + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 4 + algoLen\n + 4 + pubKeyLen + 4 + hostnameLen + 4 + userlocalLen\n );\n let p = 0;\n\n writeUInt32BE(data, sesLen, p);\n data.set(sessionID, p += 4);\n\n data[p += sesLen] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(data, userLen, ++p);\n data.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(data, 14, p += userLen);\n data.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(data, 9, p += 14);\n data.utf8Write('hostbased', p += 4, 9);\n\n writeUInt32BE(data, algoLen, p += 9);\n data.utf8Write(keyType, p += 4, algoLen);\n\n writeUInt32BE(data, pubKeyLen, p += algoLen);\n data.set(pubKey, p += 4);\n\n writeUInt32BE(data, hostnameLen, p += pubKeyLen);\n data.utf8Write(hostname, p += 4, hostnameLen);\n\n writeUInt32BE(data, userlocalLen, p += hostnameLen);\n data.utf8Write(userlocal, p += 4, userlocalLen);\n\n cbSign(data, (signature) => {\n signature = convertSignature(signature, keyType);\n if (!signature)\n throw new Error('Error while converting handshake signature');\n\n const sigLen = signature.length;\n const reqDataLen = (data.length - sesLen - 4);\n p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n reqDataLen + 4 + 4 + algoLen + 4 + sigLen\n );\n\n bufferCopy(data, packet, 4 + sesLen, data.length, p);\n\n writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += reqDataLen);\n writeUInt32BE(packet, algoLen, p += 4);\n packet.utf8Write(keyType, p += 4, algoLen);\n writeUInt32BE(packet, sigLen, p += algoLen);\n packet.set(signature, p += 4);\n\n this._authsQueue.push('hostbased');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (hostbased)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n });\n }\n authKeyboard(username) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const userLen = Buffer.byteLength(username);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + userLen + 4 + 14 + 4 + 20 + 4 + 4\n );\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 20, p += 14);\n packet.utf8Write('keyboard-interactive', p += 4, 20);\n\n writeUInt32BE(packet, 0, p += 20);\n\n writeUInt32BE(packet, 0, p += 4);\n\n this._authsQueue.push('keyboard-interactive');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (keyboard-interactive)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authNone(username) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const userLen = Buffer.byteLength(username);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + userLen + 4 + 14 + 4 + 4);\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 4, p += 14);\n packet.utf8Write('none', p += 4, 4);\n\n this._authsQueue.push('none');\n\n this._debug && this._debug('Outbound: Sending USERAUTH_REQUEST (none)');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authInfoRes(responses) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n let responsesTotalLen = 0;\n let responseLens;\n\n if (responses) {\n responseLens = new Array(responses.length);\n for (let i = 0; i < responses.length; ++i) {\n const len = Buffer.byteLength(responses[i]);\n responseLens[i] = len;\n responsesTotalLen += 4 + len;\n }\n }\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + responsesTotalLen);\n\n packet[p] = MESSAGE.USERAUTH_INFO_RESPONSE;\n\n if (responses) {\n writeUInt32BE(packet, responses.length, ++p);\n p += 4;\n for (let i = 0; i < responses.length; ++i) {\n const len = responseLens[i];\n writeUInt32BE(packet, len, p);\n p += 4;\n if (len) {\n packet.utf8Write(responses[i], p, len);\n p += len;\n }\n }\n } else {\n writeUInt32BE(packet, 0, ++p);\n }\n\n this._debug && this._debug('Outbound: Sending USERAUTH_INFO_RESPONSE');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // 'ssh-connection' service-specific\n // ---------------------------------\n tcpipForward(bindAddr, bindPort, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const addrLen = Buffer.byteLength(bindAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 13 + 1 + 4 + addrLen + 4);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 13, ++p);\n packet.utf8Write('tcpip-forward', p += 4, 13);\n\n packet[p += 13] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, addrLen, ++p);\n packet.utf8Write(bindAddr, p += 4, addrLen);\n\n writeUInt32BE(packet, bindPort, p += addrLen);\n\n this._debug\n && this._debug('Outbound: Sending GLOBAL_REQUEST (tcpip-forward)');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n cancelTcpipForward(bindAddr, bindPort, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const addrLen = Buffer.byteLength(bindAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 20 + 1 + 4 + addrLen + 4);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 20, ++p);\n packet.utf8Write('cancel-tcpip-forward', p += 4, 20);\n\n packet[p += 20] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, addrLen, ++p);\n packet.utf8Write(bindAddr, p += 4, addrLen);\n\n writeUInt32BE(packet, bindPort, p += addrLen);\n\n this._debug\n && this._debug('Outbound: Sending GLOBAL_REQUEST (cancel-tcpip-forward)');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_streamLocalForward(socketPath, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const socketPathLen = Buffer.byteLength(socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 31 + 1 + 4 + socketPathLen\n );\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 31, ++p);\n packet.utf8Write('streamlocal-forward@openssh.com', p += 4, 31);\n\n packet[p += 31] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, socketPathLen, ++p);\n packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n this._debug && this._debug(\n 'Outbound: Sending GLOBAL_REQUEST (streamlocal-forward@openssh.com)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_cancelStreamLocalForward(socketPath, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const socketPathLen = Buffer.byteLength(socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 38 + 1 + 4 + socketPathLen\n );\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 38, ++p);\n packet.utf8Write('cancel-streamlocal-forward@openssh.com', p += 4, 38);\n\n packet[p += 38] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, socketPathLen, ++p);\n packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending GLOBAL_REQUEST '\n + '(cancel-streamlocal-forward@openssh.com)'\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n directTcpip(chan, initWindow, maxPacket, cfg) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const srcLen = Buffer.byteLength(cfg.srcIP);\n const dstLen = Buffer.byteLength(cfg.dstIP);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 12 + 4 + 4 + 4 + 4 + srcLen + 4 + 4 + dstLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 12, ++p);\n packet.utf8Write('direct-tcpip', p += 4, 12);\n\n writeUInt32BE(packet, chan, p += 12);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, dstLen, p += 4);\n packet.utf8Write(cfg.dstIP, p += 4, dstLen);\n\n writeUInt32BE(packet, cfg.dstPort, p += dstLen);\n\n writeUInt32BE(packet, srcLen, p += 4);\n packet.utf8Write(cfg.srcIP, p += 4, srcLen);\n\n writeUInt32BE(packet, cfg.srcPort, p += srcLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, direct-tcpip)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_directStreamLocal(chan, initWindow, maxPacket, cfg) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const pathLen = Buffer.byteLength(cfg.socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 30 + 4 + 4 + 4 + 4 + pathLen + 4 + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 30, ++p);\n packet.utf8Write('direct-streamlocal@openssh.com', p += 4, 30);\n\n writeUInt32BE(packet, chan, p += 30);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, pathLen, p += 4);\n packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n // zero-fill reserved fields (string and uint32)\n bufferFill(packet, 0, p += pathLen, p + 8);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending CHANNEL_OPEN '\n + `(r:${chan}, direct-streamlocal@openssh.com)`\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_noMoreSessions(wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 28 + 1);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 28, ++p);\n packet.utf8Write('no-more-sessions@openssh.com', p += 4, 28);\n\n packet[p += 28] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n this._debug && this._debug(\n 'Outbound: Sending GLOBAL_REQUEST (no-more-sessions@openssh.com)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n session(chan, initWindow, maxPacket) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 7 + 4 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 7, ++p);\n packet.utf8Write('session', p += 4, 7);\n\n writeUInt32BE(packet, chan, p += 7);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_OPEN (r:${chan}, session)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n windowChange(chan, rows, cols, height, width) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 13 + 1 + 4 + 4 + 4 + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 13, p += 4);\n packet.utf8Write('window-change', p += 4, 13);\n\n packet[p += 13] = 0;\n\n writeUInt32BE(packet, cols, ++p);\n\n writeUInt32BE(packet, rows, p += 4);\n\n writeUInt32BE(packet, width, p += 4);\n\n writeUInt32BE(packet, height, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, window-change)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n pty(chan, rows, cols, height, width, term, modes, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n if (!term || !term.length)\n term = 'vt100';\n if (modes\n && !Buffer.isBuffer(modes)\n && !Array.isArray(modes)\n && typeof modes === 'object'\n && modes !== null) {\n modes = modesToBytes(modes);\n }\n if (!modes || !modes.length)\n modes = NO_TERMINAL_MODES_BUFFER;\n\n const termLen = term.length;\n const modesLen = modes.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 7 + 1 + 4 + termLen + 4 + 4 + 4 + 4 + 4 + modesLen\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 7, p += 4);\n packet.utf8Write('pty-req', p += 4, 7);\n\n packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, termLen, ++p);\n packet.utf8Write(term, p += 4, termLen);\n\n writeUInt32BE(packet, cols, p += termLen);\n\n writeUInt32BE(packet, rows, p += 4);\n\n writeUInt32BE(packet, width, p += 4);\n\n writeUInt32BE(packet, height, p += 4);\n\n writeUInt32BE(packet, modesLen, p += 4);\n p += 4;\n if (Array.isArray(modes)) {\n for (let i = 0; i < modesLen; ++i)\n packet[p++] = modes[i];\n } else if (Buffer.isBuffer(modes)) {\n packet.set(modes, p);\n }\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, pty-req)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n shell(chan, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 5 + 1);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 5, p += 4);\n packet.utf8Write('shell', p += 4, 5);\n\n packet[p += 5] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, shell)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n exec(chan, cmd, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const isBuf = Buffer.isBuffer(cmd);\n const cmdLen = (isBuf ? cmd.length : Buffer.byteLength(cmd));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 1 + 4 + cmdLen);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 4, p += 4);\n packet.utf8Write('exec', p += 4, 4);\n\n packet[p += 4] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, cmdLen, ++p);\n if (isBuf)\n packet.set(cmd, p += 4);\n else\n packet.utf8Write(cmd, p += 4, cmdLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exec: ${cmd})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n signal(chan, signal) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const origSignal = signal;\n\n signal = signal.toUpperCase();\n if (signal.slice(0, 3) === 'SIG')\n signal = signal.slice(3);\n\n if (SIGNALS[signal] !== 1)\n throw new Error(`Invalid signal: ${origSignal}`);\n\n const signalLen = signal.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 6 + 1 + 4 + signalLen\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 6, p += 4);\n packet.utf8Write('signal', p += 4, 6);\n\n packet[p += 6] = 0;\n\n writeUInt32BE(packet, signalLen, ++p);\n packet.utf8Write(signal, p += 4, signalLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, signal: ${signal})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n env(chan, key, val, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const keyLen = Buffer.byteLength(key);\n const isBuf = Buffer.isBuffer(val);\n const valLen = (isBuf ? val.length : Buffer.byteLength(val));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 3 + 1 + 4 + keyLen + 4 + valLen\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 3, p += 4);\n packet.utf8Write('env', p += 4, 3);\n\n packet[p += 3] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, keyLen, ++p);\n packet.utf8Write(key, p += 4, keyLen);\n\n writeUInt32BE(packet, valLen, p += keyLen);\n if (isBuf)\n packet.set(val, p += 4);\n else\n packet.utf8Write(val, p += 4, valLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, env: ${key}=${val})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n x11Forward(chan, cfg, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const protocol = cfg.protocol;\n const cookie = cfg.cookie;\n const isBufProto = Buffer.isBuffer(protocol);\n const protoLen = (isBufProto\n ? protocol.length\n : Buffer.byteLength(protocol));\n const isBufCookie = Buffer.isBuffer(cookie);\n const cookieLen = (isBufCookie\n ? cookie.length\n : Buffer.byteLength(cookie));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 7 + 1 + 1 + 4 + protoLen + 4 + cookieLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 7, p += 4);\n packet.utf8Write('x11-req', p += 4, 7);\n\n packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n packet[++p] = (cfg.single ? 1 : 0);\n\n writeUInt32BE(packet, protoLen, ++p);\n if (isBufProto)\n packet.set(protocol, p += 4);\n else\n packet.utf8Write(protocol, p += 4, protoLen);\n\n writeUInt32BE(packet, cookieLen, p += protoLen);\n if (isBufCookie)\n packet.set(cookie, p += 4);\n else\n packet.latin1Write(cookie, p += 4, cookieLen);\n\n writeUInt32BE(packet, (cfg.screen || 0), p += cookieLen);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, x11-req)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n subsystem(chan, name, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n const nameLen = Buffer.byteLength(name);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 9 + 1 + 4 + nameLen);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 9, p += 4);\n packet.utf8Write('subsystem', p += 4, 9);\n\n packet[p += 9] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, nameLen, ++p);\n packet.utf8Write(name, p += 4, nameLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, subsystem: ${name})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_agentForward(chan, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 26 + 1);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 26, p += 4);\n packet.utf8Write('auth-agent-req@openssh.com', p += 4, 26);\n\n packet[p += 26] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending CHANNEL_REQUEST '\n + `(r:${chan}, auth-agent-req@openssh.com)`\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_hostKeysProve(keys) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n let keysTotal = 0;\n const publicKeys = [];\n for (const key of keys) {\n const publicKey = key.getPublicSSH();\n keysTotal += 4 + publicKey.length;\n publicKeys.push(publicKey);\n }\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 29 + 1 + keysTotal);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 29, ++p);\n packet.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n\n packet[p += 29] = 1; // want reply\n\n ++p;\n for (const buf of publicKeys) {\n writeUInt32BE(packet, buf.length, p);\n bufferCopy(buf, packet, 0, buf.length, p += 4);\n p += buf.length;\n }\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending GLOBAL_REQUEST (hostkeys-prove-00@openssh.com)'\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // ===========================================================================\n // Server-specific ===========================================================\n // ===========================================================================\n\n // Global\n // ------\n serviceAccept(svcName) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const svcNameLen = Buffer.byteLength(svcName);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + svcNameLen);\n\n packet[p] = MESSAGE.SERVICE_ACCEPT;\n\n writeUInt32BE(packet, svcNameLen, ++p);\n packet.utf8Write(svcName, p += 4, svcNameLen);\n\n this._debug && this._debug(`Outbound: Sending SERVICE_ACCEPT (${svcName})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n\n if (this._server && this._banner && svcName === 'ssh-userauth') {\n const banner = this._banner;\n this._banner = undefined; // Prevent banner from being displayed again\n const bannerLen = Buffer.byteLength(banner);\n p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + bannerLen + 4);\n\n packet[p] = MESSAGE.USERAUTH_BANNER;\n\n writeUInt32BE(packet, bannerLen, ++p);\n packet.utf8Write(banner, p += 4, bannerLen);\n\n writeUInt32BE(packet, 0, p += bannerLen); // Empty language tag\n\n this._debug && this._debug('Outbound: Sending USERAUTH_BANNER');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n }\n // 'ssh-connection' service-specific\n forwardedTcpip(chan, initWindow, maxPacket, cfg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const boundAddrLen = Buffer.byteLength(cfg.boundAddr);\n const remoteAddrLen = Buffer.byteLength(cfg.remoteAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 15 + 4 + 4 + 4 + 4 + boundAddrLen + 4 + 4 + remoteAddrLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 15, ++p);\n packet.utf8Write('forwarded-tcpip', p += 4, 15);\n\n writeUInt32BE(packet, chan, p += 15);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, boundAddrLen, p += 4);\n packet.utf8Write(cfg.boundAddr, p += 4, boundAddrLen);\n\n writeUInt32BE(packet, cfg.boundPort, p += boundAddrLen);\n\n writeUInt32BE(packet, remoteAddrLen, p += 4);\n packet.utf8Write(cfg.remoteAddr, p += 4, remoteAddrLen);\n\n writeUInt32BE(packet, cfg.remotePort, p += remoteAddrLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, forwarded-tcpip)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n x11(chan, initWindow, maxPacket, cfg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const addrLen = Buffer.byteLength(cfg.originAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 3 + 4 + 4 + 4 + 4 + addrLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 3, ++p);\n packet.utf8Write('x11', p += 4, 3);\n\n writeUInt32BE(packet, chan, p += 3);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, addrLen, p += 4);\n packet.utf8Write(cfg.originAddr, p += 4, addrLen);\n\n writeUInt32BE(packet, cfg.originPort, p += addrLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, x11)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_authAgent(chan, initWindow, maxPacket) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 22 + 4 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 22, ++p);\n packet.utf8Write('auth-agent@openssh.com', p += 4, 22);\n\n writeUInt32BE(packet, chan, p += 22);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, auth-agent@openssh.com)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_forwardedStreamLocal(chan, initWindow, maxPacket, cfg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const pathLen = Buffer.byteLength(cfg.socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 33 + 4 + 4 + 4 + 4 + pathLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 33, ++p);\n packet.utf8Write('forwarded-streamlocal@openssh.com', p += 4, 33);\n\n writeUInt32BE(packet, chan, p += 33);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, pathLen, p += 4);\n packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n writeUInt32BE(packet, 0, p += pathLen);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending CHANNEL_OPEN '\n + `(r:${chan}, forwarded-streamlocal@openssh.com)`\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n exitStatus(chan, status) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n // Does not consume window space\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 11 + 1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 11, p += 4);\n packet.utf8Write('exit-status', p += 4, 11);\n\n packet[p += 11] = 0;\n\n writeUInt32BE(packet, status, ++p);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-status: ${status})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n exitSignal(chan, name, coreDumped, msg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n // Does not consume window space\n\n const origSignal = name;\n\n if (typeof origSignal !== 'string' || !origSignal)\n throw new Error(`Invalid signal: ${origSignal}`);\n\n let signal = name.toUpperCase();\n if (signal.slice(0, 3) === 'SIG')\n signal = signal.slice(3);\n\n if (SIGNALS[signal] !== 1)\n throw new Error(`Invalid signal: ${origSignal}`);\n\n const nameLen = Buffer.byteLength(signal);\n const msgLen = (msg ? Buffer.byteLength(msg) : 0);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 11 + 1 + 4 + nameLen + 1 + 4 + msgLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 11, p += 4);\n packet.utf8Write('exit-signal', p += 4, 11);\n\n packet[p += 11] = 0;\n\n writeUInt32BE(packet, nameLen, ++p);\n packet.utf8Write(signal, p += 4, nameLen);\n\n packet[p += nameLen] = (coreDumped ? 1 : 0);\n\n writeUInt32BE(packet, msgLen, ++p);\n\n p += 4;\n if (msgLen) {\n packet.utf8Write(msg, p, msgLen);\n p += msgLen;\n }\n\n writeUInt32BE(packet, 0, p);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-signal: ${name})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n // 'ssh-userauth' service-specific\n authFailure(authMethods, isPartial) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n if (this._authsQueue.length === 0)\n throw new Error('No auth in progress');\n\n let methods;\n\n if (typeof authMethods === 'boolean') {\n isPartial = authMethods;\n authMethods = undefined;\n }\n\n if (authMethods) {\n methods = [];\n for (let i = 0; i < authMethods.length; ++i) {\n if (authMethods[i].toLowerCase() === 'none')\n continue;\n methods.push(authMethods[i]);\n }\n methods = methods.join(',');\n } else {\n methods = '';\n }\n\n const methodsLen = methods.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + methodsLen + 1);\n\n packet[p] = MESSAGE.USERAUTH_FAILURE;\n\n writeUInt32BE(packet, methodsLen, ++p);\n packet.utf8Write(methods, p += 4, methodsLen);\n\n packet[p += methodsLen] = (isPartial === true ? 1 : 0);\n\n this._authsQueue.shift();\n\n this._debug && this._debug('Outbound: Sending USERAUTH_FAILURE');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authSuccess() {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n if (this._authsQueue.length === 0)\n throw new Error('No auth in progress');\n\n const p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1);\n\n packet[p] = MESSAGE.USERAUTH_SUCCESS;\n\n this._authsQueue.shift();\n this._authenticated = true;\n\n this._debug && this._debug('Outbound: Sending USERAUTH_SUCCESS');\n sendPacket(this, this._packetRW.write.finalize(packet));\n\n if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n this._packetRW.read = new ZlibPacketReader();\n if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n this._packetRW.write = new ZlibPacketWriter(this);\n }\n authPKOK(keyAlgo, key) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n if (this._authsQueue.length === 0 || this._authsQueue[0] !== 'publickey')\n throw new Error('\"publickey\" auth not in progress');\n\n // TODO: support parsed key for `key`\n\n const keyAlgoLen = Buffer.byteLength(keyAlgo);\n const keyLen = key.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + keyAlgoLen + 4 + keyLen);\n\n packet[p] = MESSAGE.USERAUTH_PK_OK;\n\n writeUInt32BE(packet, keyAlgoLen, ++p);\n packet.utf8Write(keyAlgo, p += 4, keyAlgoLen);\n\n writeUInt32BE(packet, keyLen, p += keyAlgoLen);\n packet.set(key, p += 4);\n\n this._authsQueue.shift();\n\n this._debug && this._debug('Outbound: Sending USERAUTH_PK_OK');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authPasswdChg(prompt) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const promptLen = Buffer.byteLength(prompt);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + promptLen + 4);\n\n packet[p] = MESSAGE.USERAUTH_PASSWD_CHANGEREQ;\n\n writeUInt32BE(packet, promptLen, ++p);\n packet.utf8Write(prompt, p += 4, promptLen);\n\n writeUInt32BE(packet, 0, p += promptLen); // Empty language tag\n\n this._debug && this._debug('Outbound: Sending USERAUTH_PASSWD_CHANGEREQ');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authInfoReq(name, instructions, prompts) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n let promptsLen = 0;\n const nameLen = name ? Buffer.byteLength(name) : 0;\n const instrLen = instructions ? Buffer.byteLength(instructions) : 0;\n\n for (let i = 0; i < prompts.length; ++i)\n promptsLen += 4 + Buffer.byteLength(prompts[i].prompt) + 1;\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + nameLen + 4 + instrLen + 4 + 4 + promptsLen\n );\n\n packet[p] = MESSAGE.USERAUTH_INFO_REQUEST;\n\n writeUInt32BE(packet, nameLen, ++p);\n p += 4;\n if (name) {\n packet.utf8Write(name, p, nameLen);\n p += nameLen;\n }\n\n writeUInt32BE(packet, instrLen, p);\n p += 4;\n if (instructions) {\n packet.utf8Write(instructions, p, instrLen);\n p += instrLen;\n }\n\n writeUInt32BE(packet, 0, p);\n\n writeUInt32BE(packet, prompts.length, p += 4);\n p += 4;\n for (let i = 0; i < prompts.length; ++i) {\n const prompt = prompts[i];\n const promptLen = Buffer.byteLength(prompt.prompt);\n\n writeUInt32BE(packet, promptLen, p);\n p += 4;\n if (promptLen) {\n packet.utf8Write(prompt.prompt, p, promptLen);\n p += promptLen;\n }\n packet[p++] = (prompt.echo ? 1 : 0);\n }\n\n this._debug && this._debug('Outbound: Sending USERAUTH_INFO_REQUEST');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n}\n\n// SSH-protoversion-softwareversion (SP comments) CR LF\nconst RE_IDENT = /^SSH-(2\\.0|1\\.99)-([^ ]+)(?: (.*))?$/;\n\n// TODO: optimize this by starting n bytes from the end of this._buffer instead\n// of the beginning\nfunction parseHeader(chunk, p, len) {\n let data;\n let chunkOffset;\n if (this._buffer) {\n data = Buffer.allocUnsafe(this._buffer.length + (len - p));\n data.set(this._buffer, 0);\n if (p === 0) {\n data.set(chunk, this._buffer.length);\n } else {\n data.set(new Uint8Array(chunk.buffer,\n chunk.byteOffset + p,\n (len - p)),\n this._buffer.length);\n }\n chunkOffset = this._buffer.length;\n p = 0;\n } else {\n data = chunk;\n chunkOffset = 0;\n }\n const op = p;\n let start = p;\n let end = p;\n let needNL = false;\n let lineLen = 0;\n let lines = 0;\n for (; p < data.length; ++p) {\n const ch = data[p];\n\n if (ch === 13 /* '\\r' */) {\n needNL = true;\n continue;\n }\n\n if (ch === 10 /* '\\n' */) {\n if (end > start\n && end - start > 4\n && data[start] === 83 /* 'S' */\n && data[start + 1] === 83 /* 'S' */\n && data[start + 2] === 72 /* 'H' */\n && data[start + 3] === 45 /* '-' */) {\n\n const full = data.latin1Slice(op, end + 1);\n const identRaw = (start === op ? full : full.slice(start - op));\n const m = RE_IDENT.exec(identRaw);\n if (!m)\n throw new Error('Invalid identification string');\n\n const header = {\n greeting: (start === op ? '' : full.slice(0, start - op)),\n identRaw,\n versions: {\n protocol: m[1],\n software: m[2],\n },\n comments: m[3]\n };\n\n // Needed during handshake\n this._remoteIdentRaw = Buffer.from(identRaw);\n\n this._debug && this._debug(`Remote ident: ${inspect(identRaw)}`);\n this._compatFlags = getCompatFlags(header);\n\n this._buffer = undefined;\n this._decipher =\n new NullDecipher(0, onKEXPayload.bind(this, { firstPacket: true }));\n this._parse = parsePacket;\n\n this._onHeader(header);\n if (!this._destruct) {\n // We disconnected inside _onHeader\n return len;\n }\n\n kexinit(this);\n\n return p + 1 - chunkOffset;\n }\n\n // Only allow pre-ident greetings when we're a client\n if (this._server)\n throw new Error('Greetings from clients not permitted');\n\n if (++lines > MAX_LINES)\n throw new Error('Max greeting lines exceeded');\n\n needNL = false;\n start = p + 1;\n lineLen = 0;\n } else if (needNL) {\n throw new Error('Invalid header: expected newline');\n } else if (++lineLen >= MAX_LINE_LEN) {\n throw new Error('Header line too long');\n }\n\n end = p;\n }\n if (!this._buffer)\n this._buffer = bufferSlice(data, op);\n\n return p - chunkOffset;\n}\n\nfunction parsePacket(chunk, p, len) {\n return this._decipher.decrypt(chunk, p, len);\n}\n\nfunction onPayload(payload) {\n // XXX: move this to the Decipher implementations?\n\n this._onPacket();\n\n if (payload.length === 0) {\n this._debug && this._debug('Inbound: Skipping empty packet payload');\n return;\n }\n\n payload = this._packetRW.read.read(payload);\n\n const type = payload[0];\n if (type === MESSAGE.USERAUTH_SUCCESS\n && !this._server\n && !this._authenticated) {\n this._authenticated = true;\n if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n this._packetRW.write = new ZlibPacketWriter(this);\n if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n this._packetRW.read = new ZlibPacketReader();\n }\n const handler = MESSAGE_HANDLERS[type];\n if (handler === undefined) {\n this._debug && this._debug(`Inbound: Unsupported message type: ${type}`);\n return;\n }\n\n return handler(this, payload);\n}\n\nfunction getCompatFlags(header) {\n const software = header.versions.software;\n\n let flags = 0;\n\n for (const rule of COMPAT_CHECKS) {\n if (typeof rule[0] === 'string') {\n if (software === rule[0])\n flags |= rule[1];\n } else if (rule[0].test(software)) {\n flags |= rule[1];\n }\n }\n\n return flags;\n}\n\nfunction modesToBytes(modes) {\n const keys = Object.keys(modes);\n const bytes = Buffer.allocUnsafe((5 * keys.length) + 1);\n let b = 0;\n\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i];\n if (key === 'TTY_OP_END')\n continue;\n\n const opcode = TERMINAL_MODE[key];\n if (opcode === undefined)\n continue;\n\n const val = modes[key];\n if (typeof val === 'number' && isFinite(val)) {\n bytes[b++] = opcode;\n bytes[b++] = val >>> 24;\n bytes[b++] = val >>> 16;\n bytes[b++] = val >>> 8;\n bytes[b++] = val;\n }\n }\n\n bytes[b++] = TERMINAL_MODE.TTY_OP_END;\n\n if (b < bytes.length)\n return bufferSlice(bytes, 0, b);\n\n return bytes;\n}\n\nmodule.exports = Protocol;\n","'use strict';\n\nconst EventEmitter = require('events');\nconst fs = require('fs');\nconst { constants } = fs;\nconst {\n Readable: ReadableStream,\n Writable: WritableStream\n} = require('stream');\nconst { inherits, isDate } = require('util');\n\nconst FastBuffer = Buffer[Symbol.species];\n\nconst {\n bufferCopy,\n bufferSlice,\n makeBufferParser,\n writeUInt32BE,\n} = require('./utils.js');\n\nconst ATTR = {\n SIZE: 0x00000001,\n UIDGID: 0x00000002,\n PERMISSIONS: 0x00000004,\n ACMODTIME: 0x00000008,\n EXTENDED: 0x80000000,\n};\n\n// Large enough to store all possible attributes\nconst ATTRS_BUF = Buffer.alloc(28);\n\nconst STATUS_CODE = {\n OK: 0,\n EOF: 1,\n NO_SUCH_FILE: 2,\n PERMISSION_DENIED: 3,\n FAILURE: 4,\n BAD_MESSAGE: 5,\n NO_CONNECTION: 6,\n CONNECTION_LOST: 7,\n OP_UNSUPPORTED: 8\n};\n\nconst VALID_STATUS_CODES = new Map(\n Object.values(STATUS_CODE).map((n) => [n, 1])\n);\n\nconst STATUS_CODE_STR = {\n [STATUS_CODE.OK]: 'No error',\n [STATUS_CODE.EOF]: 'End of file',\n [STATUS_CODE.NO_SUCH_FILE]: 'No such file or directory',\n [STATUS_CODE.PERMISSION_DENIED]: 'Permission denied',\n [STATUS_CODE.FAILURE]: 'Failure',\n [STATUS_CODE.BAD_MESSAGE]: 'Bad message',\n [STATUS_CODE.NO_CONNECTION]: 'No connection',\n [STATUS_CODE.CONNECTION_LOST]: 'Connection lost',\n [STATUS_CODE.OP_UNSUPPORTED]: 'Operation unsupported',\n};\n\nconst REQUEST = {\n INIT: 1,\n OPEN: 3,\n CLOSE: 4,\n READ: 5,\n WRITE: 6,\n LSTAT: 7,\n FSTAT: 8,\n SETSTAT: 9,\n FSETSTAT: 10,\n OPENDIR: 11,\n READDIR: 12,\n REMOVE: 13,\n MKDIR: 14,\n RMDIR: 15,\n REALPATH: 16,\n STAT: 17,\n RENAME: 18,\n READLINK: 19,\n SYMLINK: 20,\n EXTENDED: 200\n};\n\nconst RESPONSE = {\n VERSION: 2,\n STATUS: 101,\n HANDLE: 102,\n DATA: 103,\n NAME: 104,\n ATTRS: 105,\n EXTENDED: 201\n};\n\nconst OPEN_MODE = {\n READ: 0x00000001,\n WRITE: 0x00000002,\n APPEND: 0x00000004,\n CREAT: 0x00000008,\n TRUNC: 0x00000010,\n EXCL: 0x00000020\n};\n\nconst PKT_RW_OVERHEAD = 2 * 1024;\nconst MAX_REQID = 2 ** 32 - 1;\nconst CLIENT_VERSION_BUFFER = Buffer.from([\n 0, 0, 0, 5 /* length */,\n REQUEST.INIT,\n 0, 0, 0, 3 /* version */\n]);\nconst SERVER_VERSION_BUFFER = Buffer.from([\n 0, 0, 0, 5 /* length */,\n RESPONSE.VERSION,\n 0, 0, 0, 3 /* version */\n]);\n\nconst RE_OPENSSH = /^SSH-2.0-(?:OpenSSH|dropbear)/;\nconst OPENSSH_MAX_PKT_LEN = 256 * 1024;\n\nconst bufferParser = makeBufferParser();\n\nconst fakeStderr = {\n readable: false,\n writable: false,\n push: (data) => {},\n once: () => {},\n on: () => {},\n emit: () => {},\n end: () => {},\n};\n\nfunction noop() {}\n\n// Emulates enough of `Channel` to be able to be used as a drop-in replacement\n// in order to process incoming data with as little overhead as possible\nclass SFTP extends EventEmitter {\n constructor(client, chanInfo, cfg) {\n super();\n\n if (typeof cfg !== 'object' || !cfg)\n cfg = {};\n\n const remoteIdentRaw = client._protocol._remoteIdentRaw;\n\n this.server = !!cfg.server;\n this._debug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n this._isOpenSSH = (remoteIdentRaw && RE_OPENSSH.test(remoteIdentRaw));\n\n this._version = -1;\n this._extensions = {};\n this._biOpt = cfg.biOpt;\n this._pktLenBytes = 0;\n this._pktLen = 0;\n this._pktPos = 0;\n this._pktType = 0;\n this._pktData = undefined;\n this._writeReqid = -1;\n this._requests = {};\n this._maxInPktLen = OPENSSH_MAX_PKT_LEN;\n this._maxOutPktLen = 34000;\n this._maxReadLen =\n (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n this._maxWriteLen =\n (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n\n this.maxOpenHandles = undefined;\n\n // Channel compatibility\n this._client = client;\n this._protocol = client._protocol;\n this._callbacks = [];\n this._hasX11 = false;\n this._exit = {\n code: undefined,\n signal: undefined,\n dump: undefined,\n desc: undefined,\n };\n this._waitWindow = false; // SSH-level backpressure\n this._chunkcb = undefined;\n this._buffer = [];\n this.type = chanInfo.type;\n this.subtype = undefined;\n this.incoming = chanInfo.incoming;\n this.outgoing = chanInfo.outgoing;\n this.stderr = fakeStderr;\n this.readable = true;\n }\n\n // This handles incoming data to parse\n push(data) {\n if (data === null) {\n cleanupRequests(this);\n if (!this.readable)\n return;\n // No more incoming data from the remote side\n this.readable = false;\n this.emit('end');\n return;\n }\n /*\n uint32 length\n byte type\n byte[length - 1] data payload\n */\n let p = 0;\n\n while (p < data.length) {\n if (this._pktLenBytes < 4) {\n let nb = Math.min(4 - this._pktLenBytes, data.length - p);\n this._pktLenBytes += nb;\n\n while (nb--)\n this._pktLen = (this._pktLen << 8) + data[p++];\n\n if (this._pktLenBytes < 4)\n return;\n if (this._pktLen === 0)\n return doFatalSFTPError(this, 'Invalid packet length');\n if (this._pktLen > this._maxInPktLen) {\n const max = this._maxInPktLen;\n return doFatalSFTPError(\n this,\n `Packet length ${this._pktLen} exceeds max length of ${max}`\n );\n }\n if (p >= data.length)\n return;\n }\n if (this._pktPos < this._pktLen) {\n const nb = Math.min(this._pktLen - this._pktPos, data.length - p);\n if (p !== 0 || nb !== data.length) {\n if (nb === this._pktLen) {\n this._pkt = new FastBuffer(data.buffer, data.byteOffset + p, nb);\n } else {\n if (!this._pkt)\n this._pkt = Buffer.allocUnsafe(this._pktLen);\n this._pkt.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._pktPos\n );\n }\n } else if (nb === this._pktLen) {\n this._pkt = data;\n } else {\n if (!this._pkt)\n this._pkt = Buffer.allocUnsafe(this._pktLen);\n this._pkt.set(data, this._pktPos);\n }\n p += nb;\n this._pktPos += nb;\n if (this._pktPos < this._pktLen)\n return;\n }\n\n const type = this._pkt[0];\n const payload = this._pkt;\n\n // Prepare for next packet\n this._pktLen = 0;\n this._pktLenBytes = 0;\n this._pkt = undefined;\n this._pktPos = 0;\n\n const handler = (this.server\n ? SERVER_HANDLERS[type]\n : CLIENT_HANDLERS[type]);\n if (!handler)\n return doFatalSFTPError(this, `Unknown packet type ${type}`);\n\n if (this._version === -1) {\n if (this.server) {\n if (type !== REQUEST.INIT)\n return doFatalSFTPError(this, `Expected INIT packet, got ${type}`);\n } else if (type !== RESPONSE.VERSION) {\n return doFatalSFTPError(this, `Expected VERSION packet, got ${type}`);\n }\n }\n\n if (handler(this, payload) === false)\n return;\n }\n }\n\n end() {\n this.destroy();\n }\n destroy() {\n if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n this.outgoing.state = 'closing';\n this._protocol.channelClose(this.outgoing.id);\n }\n }\n _init() {\n this._init = noop;\n if (!this.server)\n sendOrBuffer(this, CLIENT_VERSION_BUFFER);\n }\n\n // ===========================================================================\n // Client-specific ===========================================================\n // ===========================================================================\n createReadStream(path, options) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n return new ReadStream(this, path, options);\n }\n createWriteStream(path, options) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n return new WriteStream(this, path, options);\n }\n open(path, flags_, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (typeof attrs === 'function') {\n cb = attrs;\n attrs = undefined;\n }\n\n const flags = (typeof flags_ === 'number' ? flags_ : stringToFlags(flags_));\n if (flags === null)\n throw new Error(`Unknown flags string: ${flags_}`);\n\n let attrsFlags = 0;\n let attrsLen = 0;\n if (typeof attrs === 'string' || typeof attrs === 'number')\n attrs = { mode: attrs };\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n attrsFlags = attrs.flags;\n attrsLen = attrs.nb;\n }\n\n /*\n uint32 id\n string filename\n uint32 pflags\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.OPEN;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n writeUInt32BE(buf, flags, p += pathLen);\n writeUInt32BE(buf, attrsFlags, p += 4);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPEN`\n );\n }\n close(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.CLOSE;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} CLOSE`\n );\n }\n read(handle, buf, off, len, position, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n if (!Buffer.isBuffer(buf))\n throw new Error('buffer is not a Buffer');\n if (off >= buf.length)\n throw new Error('offset is out of bounds');\n if (off + len > buf.length)\n throw new Error('length extends beyond buffer');\n if (position === null)\n throw new Error('null position currently unsupported');\n\n read_(this, handle, buf, off, len, position, cb);\n }\n readData(handle, buf, off, len, position, cb) {\n // Backwards compatibility\n this.read(handle, buf, off, len, position, cb);\n }\n write(handle, buf, off, len, position, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n if (!Buffer.isBuffer(buf))\n throw new Error('buffer is not a Buffer');\n if (off > buf.length)\n throw new Error('offset is out of bounds');\n if (off + len > buf.length)\n throw new Error('length extends beyond buffer');\n if (position === null)\n throw new Error('null position currently unsupported');\n\n if (!len) {\n cb && process.nextTick(cb, undefined, 0);\n return;\n }\n\n const maxDataLen = this._maxWriteLen;\n const overflow = Math.max(len - maxDataLen, 0);\n const origPosition = position;\n\n if (overflow)\n len = maxDataLen;\n\n /*\n uint32 id\n string handle\n uint64 offset\n string data\n */\n const handleLen = handle.length;\n let p = 9;\n const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4 + len);\n\n writeUInt32BE(out, out.length - 4, 0);\n out[4] = REQUEST.WRITE;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(out, reqid, 5);\n\n writeUInt32BE(out, handleLen, p);\n out.set(handle, p += 4);\n p += handleLen;\n for (let i = 7; i >= 0; --i) {\n out[p + i] = position & 0xFF;\n position /= 256;\n }\n writeUInt32BE(out, len, p += 8);\n bufferCopy(buf, out, off, off + len, p += 4);\n\n this._requests[reqid] = {\n cb: (err) => {\n if (err) {\n if (typeof cb === 'function')\n cb(err);\n } else if (overflow) {\n this.write(handle,\n buf,\n off + len,\n overflow,\n origPosition + len,\n cb);\n } else if (typeof cb === 'function') {\n cb(undefined, off + len);\n }\n }\n };\n\n const isSent = sendOrBuffer(this, out);\n if (this._debug) {\n const how = (isSent ? 'Sent' : 'Buffered');\n this._debug(`SFTP: Outbound: ${how} WRITE (id:${reqid})`);\n }\n }\n writeData(handle, buf, off, len, position, cb) {\n // Backwards compatibility\n this.write(handle, buf, off, len, position, cb);\n }\n fastGet(remotePath, localPath, opts, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n fastXfer(this, fs, remotePath, localPath, opts, cb);\n }\n fastPut(localPath, remotePath, opts, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n fastXfer(fs, this, localPath, remotePath, opts, cb);\n }\n readFile(path, options, callback_) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let callback;\n if (typeof callback_ === 'function') {\n callback = callback_;\n } else if (typeof options === 'function') {\n callback = options;\n options = undefined;\n }\n\n if (typeof options === 'string')\n options = { encoding: options, flag: 'r' };\n else if (!options)\n options = { encoding: null, flag: 'r' };\n else if (typeof options !== 'object')\n throw new TypeError('Bad arguments');\n\n const encoding = options.encoding;\n if (encoding && !Buffer.isEncoding(encoding))\n throw new Error(`Unknown encoding: ${encoding}`);\n\n // First stat the file, so we know the size.\n let size;\n let buffer; // Single buffer with file data\n let buffers; // List for when size is unknown\n let pos = 0;\n let handle;\n\n // SFTPv3 does not support using -1 for read position, so we have to track\n // read position manually\n let bytesRead = 0;\n\n const flag = options.flag || 'r';\n\n const read = () => {\n if (size === 0) {\n buffer = Buffer.allocUnsafe(8192);\n this.read(handle, buffer, 0, 8192, bytesRead, afterRead);\n } else {\n this.read(handle, buffer, pos, size - pos, bytesRead, afterRead);\n }\n };\n\n const afterRead = (er, nbytes) => {\n let eof;\n if (er) {\n eof = (er.code === STATUS_CODE.EOF);\n if (!eof) {\n return this.close(handle, () => {\n return callback && callback(er);\n });\n }\n } else {\n eof = false;\n }\n\n if (eof || (size === 0 && nbytes === 0))\n return close();\n\n bytesRead += nbytes;\n pos += nbytes;\n if (size !== 0) {\n if (pos === size)\n close();\n else\n read();\n } else {\n // Unknown size, just read until we don't get bytes.\n buffers.push(bufferSlice(buffer, 0, nbytes));\n read();\n }\n };\n afterRead._wantEOFError = true;\n\n const close = () => {\n this.close(handle, (er) => {\n if (size === 0) {\n // Collect the data into the buffers list.\n buffer = Buffer.concat(buffers, pos);\n } else if (pos < size) {\n buffer = bufferSlice(buffer, 0, pos);\n }\n\n if (encoding)\n buffer = buffer.toString(encoding);\n return callback && callback(er, buffer);\n });\n };\n\n this.open(path, flag, 0o666, (er, handle_) => {\n if (er)\n return callback && callback(er);\n handle = handle_;\n\n const tryStat = (er, st) => {\n if (er) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n this.stat(path, (er_, st_) => {\n if (er_) {\n return this.close(handle, () => {\n callback && callback(er);\n });\n }\n tryStat(null, st_);\n });\n return;\n }\n\n size = st.size || 0;\n if (size === 0) {\n // The kernel lies about many files.\n // Go ahead and try to read some bytes.\n buffers = [];\n return read();\n }\n\n buffer = Buffer.allocUnsafe(size);\n read();\n };\n this.fstat(handle, tryStat);\n });\n }\n writeFile(path, data, options, callback_) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let callback;\n if (typeof callback_ === 'function') {\n callback = callback_;\n } else if (typeof options === 'function') {\n callback = options;\n options = undefined;\n }\n\n if (typeof options === 'string')\n options = { encoding: options, mode: 0o666, flag: 'w' };\n else if (!options)\n options = { encoding: 'utf8', mode: 0o666, flag: 'w' };\n else if (typeof options !== 'object')\n throw new TypeError('Bad arguments');\n\n if (options.encoding && !Buffer.isEncoding(options.encoding))\n throw new Error(`Unknown encoding: ${options.encoding}`);\n\n const flag = options.flag || 'w';\n this.open(path, flag, options.mode, (openErr, handle) => {\n if (openErr) {\n callback && callback(openErr);\n } else {\n const buffer = (Buffer.isBuffer(data)\n ? data\n : Buffer.from('' + data, options.encoding || 'utf8'));\n const position = (/a/.test(flag) ? null : 0);\n\n // SFTPv3 does not support the notion of 'current position'\n // (null position), so we just attempt to append to the end of the file\n // instead\n if (position === null) {\n const tryStat = (er, st) => {\n if (er) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n this.stat(path, (er_, st_) => {\n if (er_) {\n return this.close(handle, () => {\n callback && callback(er);\n });\n }\n tryStat(null, st_);\n });\n return;\n }\n writeAll(this, handle, buffer, 0, buffer.length, st.size, callback);\n };\n this.fstat(handle, tryStat);\n return;\n }\n writeAll(this, handle, buffer, 0, buffer.length, position, callback);\n }\n });\n }\n appendFile(path, data, options, callback_) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let callback;\n if (typeof callback_ === 'function') {\n callback = callback_;\n } else if (typeof options === 'function') {\n callback = options;\n options = undefined;\n }\n\n if (typeof options === 'string')\n options = { encoding: options, mode: 0o666, flag: 'a' };\n else if (!options)\n options = { encoding: 'utf8', mode: 0o666, flag: 'a' };\n else if (typeof options !== 'object')\n throw new TypeError('Bad arguments');\n\n if (!options.flag)\n options = Object.assign({ flag: 'a' }, options);\n this.writeFile(path, data, options, callback);\n }\n exists(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n this.stat(path, (err) => {\n cb && cb(err ? false : true);\n });\n }\n unlink(filename, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string filename\n */\n const fnameLen = Buffer.byteLength(filename);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + fnameLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.REMOVE;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, fnameLen, p);\n buf.utf8Write(filename, p += 4, fnameLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REMOVE`\n );\n }\n rename(oldPath, newPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string oldpath\n string newpath\n */\n const oldLen = Buffer.byteLength(oldPath);\n const newLen = Buffer.byteLength(newPath);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + oldLen + 4 + newLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.RENAME;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, oldLen, p);\n buf.utf8Write(oldPath, p += 4, oldLen);\n writeUInt32BE(buf, newLen, p += oldLen);\n buf.utf8Write(newPath, p += 4, newLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RENAME`\n );\n }\n mkdir(path, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'function') {\n cb = attrs;\n attrs = undefined;\n }\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n }\n\n /*\n uint32 id\n string path\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.MKDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n writeUInt32BE(buf, flags, p += pathLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} MKDIR`\n );\n }\n rmdir(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.RMDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RMDIR`\n );\n }\n readdir(where, opts, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n if (typeof opts !== 'object' || opts === null)\n opts = {};\n\n const doFilter = (opts && opts.full ? false : true);\n\n if (!Buffer.isBuffer(where) && typeof where !== 'string')\n throw new Error('missing directory handle or path');\n\n if (typeof where === 'string') {\n const entries = [];\n let e = 0;\n\n const reread = (err, handle) => {\n if (err)\n return cb(err);\n\n this.readdir(handle, opts, (err, list) => {\n const eof = (err && err.code === STATUS_CODE.EOF);\n\n if (err && !eof)\n return this.close(handle, () => cb(err));\n\n if (eof) {\n return this.close(handle, (err) => {\n if (err)\n return cb(err);\n cb(undefined, entries);\n });\n }\n\n for (let i = 0; i < list.length; ++i, ++e)\n entries[e] = list[i];\n\n reread(undefined, handle);\n });\n };\n return this.opendir(where, reread);\n }\n\n /*\n uint32 id\n string handle\n */\n const handleLen = where.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.READDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(where, p += 4);\n\n this._requests[reqid] = {\n cb: (doFilter\n ? (err, list) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n\n for (let i = list.length - 1; i >= 0; --i) {\n if (list[i].filename === '.' || list[i].filename === '..')\n list.splice(i, 1);\n }\n\n cb(undefined, list);\n }\n : cb)\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READDIR`\n );\n }\n fstat(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.FSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSTAT`\n );\n }\n stat(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.STAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STAT`\n );\n }\n lstat(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.LSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} LSTAT`\n );\n }\n opendir(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.OPENDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPENDIR`\n );\n }\n setstat(path, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n } else if (typeof attrs === 'function') {\n cb = attrs;\n }\n\n /*\n uint32 id\n string path\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.SETSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n writeUInt32BE(buf, flags, p += pathLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SETSTAT`\n );\n }\n fsetstat(handle, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n } else if (typeof attrs === 'function') {\n cb = attrs;\n }\n\n /*\n uint32 id\n string handle\n ATTRS attrs\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.FSETSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(handle, p += 4);\n writeUInt32BE(buf, flags, p += handleLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSETSTAT`\n );\n }\n futimes(handle, atime, mtime, cb) {\n return this.fsetstat(handle, {\n atime: toUnixTimestamp(atime),\n mtime: toUnixTimestamp(mtime)\n }, cb);\n }\n utimes(path, atime, mtime, cb) {\n return this.setstat(path, {\n atime: toUnixTimestamp(atime),\n mtime: toUnixTimestamp(mtime)\n }, cb);\n }\n fchown(handle, uid, gid, cb) {\n return this.fsetstat(handle, {\n uid: uid,\n gid: gid\n }, cb);\n }\n chown(path, uid, gid, cb) {\n return this.setstat(path, {\n uid: uid,\n gid: gid\n }, cb);\n }\n fchmod(handle, mode, cb) {\n return this.fsetstat(handle, {\n mode: mode\n }, cb);\n }\n chmod(path, mode, cb) {\n return this.setstat(path, {\n mode: mode\n }, cb);\n }\n readlink(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.READLINK;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = {\n cb: (err, names) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n if (!names || !names.length)\n return cb(new Error('Response missing link info'));\n cb(undefined, names[0].filename);\n }\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READLINK`\n );\n }\n symlink(targetPath, linkPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string linkpath\n string targetpath\n */\n const linkLen = Buffer.byteLength(linkPath);\n const targetLen = Buffer.byteLength(targetPath);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + linkLen + 4 + targetLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.SYMLINK;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n if (this._isOpenSSH) {\n // OpenSSH has linkpath and targetpath positions switched\n writeUInt32BE(buf, targetLen, p);\n buf.utf8Write(targetPath, p += 4, targetLen);\n writeUInt32BE(buf, linkLen, p += targetLen);\n buf.utf8Write(linkPath, p += 4, linkLen);\n } else {\n writeUInt32BE(buf, linkLen, p);\n buf.utf8Write(linkPath, p += 4, linkLen);\n writeUInt32BE(buf, targetLen, p += linkLen);\n buf.utf8Write(targetPath, p += 4, targetLen);\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SYMLINK`\n );\n }\n realpath(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.REALPATH;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = {\n cb: (err, names) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n if (!names || !names.length)\n return cb(new Error('Response missing path info'));\n cb(undefined, names[0].filename);\n }\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REALPATH`\n );\n }\n // extended requests\n ext_openssh_rename(oldPath, newPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['posix-rename@openssh.com'];\n if (!ext || ext !== '1')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"posix-rename@openssh.com\"\n string oldpath\n string newpath\n */\n const oldLen = Buffer.byteLength(oldPath);\n const newLen = Buffer.byteLength(newPath);\n let p = 9;\n const buf =\n Buffer.allocUnsafe(4 + 1 + 4 + 4 + 24 + 4 + oldLen + 4 + newLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 24, p);\n buf.utf8Write('posix-rename@openssh.com', p += 4, 24);\n writeUInt32BE(buf, oldLen, p += 24);\n buf.utf8Write(oldPath, p += 4, oldLen);\n writeUInt32BE(buf, newLen, p += oldLen);\n buf.utf8Write(newPath, p += 4, newLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} posix-rename@openssh.com`);\n }\n }\n ext_openssh_statvfs(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['statvfs@openssh.com'];\n if (!ext || ext !== '2')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"statvfs@openssh.com\"\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 19 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 19, p);\n buf.utf8Write('statvfs@openssh.com', p += 4, 19);\n writeUInt32BE(buf, pathLen, p += 19);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { extended: 'statvfs@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} statvfs@openssh.com`);\n }\n }\n ext_openssh_fstatvfs(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['fstatvfs@openssh.com'];\n if (!ext || ext !== '2')\n throw new Error('Server does not support this extended request');\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string \"fstatvfs@openssh.com\"\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 20, p);\n buf.utf8Write('fstatvfs@openssh.com', p += 4, 20);\n writeUInt32BE(buf, handleLen, p += 20);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { extended: 'fstatvfs@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} fstatvfs@openssh.com`);\n }\n }\n ext_openssh_hardlink(oldPath, newPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['hardlink@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"hardlink@openssh.com\"\n string oldpath\n string newpath\n */\n const oldLen = Buffer.byteLength(oldPath);\n const newLen = Buffer.byteLength(newPath);\n let p = 9;\n const buf =\n Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + oldLen + 4 + newLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 20, p);\n buf.utf8Write('hardlink@openssh.com', p += 4, 20);\n writeUInt32BE(buf, oldLen, p += 20);\n buf.utf8Write(oldPath, p += 4, oldLen);\n writeUInt32BE(buf, newLen, p += oldLen);\n buf.utf8Write(newPath, p += 4, newLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} hardlink@openssh.com`);\n }\n }\n ext_openssh_fsync(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['fsync@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string \"fsync@openssh.com\"\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 17 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 17, p);\n buf.utf8Write('fsync@openssh.com', p += 4, 17);\n writeUInt32BE(buf, handleLen, p += 17);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} fsync@openssh.com`\n );\n }\n ext_openssh_lsetstat(path, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['lsetstat@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n } else if (typeof attrs === 'function') {\n cb = attrs;\n }\n\n /*\n uint32 id\n string \"lsetstat@openssh.com\"\n string path\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf =\n Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + pathLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 20, p);\n buf.utf8Write('lsetstat@openssh.com', p += 4, 20);\n\n writeUInt32BE(buf, pathLen, p += 20);\n buf.utf8Write(path, p += 4, pathLen);\n\n writeUInt32BE(buf, flags, p += pathLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} lsetstat@openssh.com`);\n }\n }\n ext_openssh_expandPath(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['expand-path@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"expand-path@openssh.com\"\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 23 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 23, p);\n buf.utf8Write('expand-path@openssh.com', p += 4, 23);\n\n writeUInt32BE(buf, pathLen, p += 20);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} expand-path@openssh.com`);\n }\n }\n ext_copy_data(srcHandle, srcOffset, len, dstHandle, dstOffset, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['copy-data'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n if (!Buffer.isBuffer(srcHandle))\n throw new Error('Source handle is not a Buffer');\n\n if (!Buffer.isBuffer(dstHandle))\n throw new Error('Destination handle is not a Buffer');\n\n /*\n uint32 id\n string \"copy-data\"\n string read-from-handle\n uint64 read-from-offset\n uint64 read-data-length\n string write-to-handle\n uint64 write-to-offset\n */\n let p = 0;\n const buf = Buffer.allocUnsafe(\n 4 + 1\n + 4\n + 4 + 9\n + 4 + srcHandle.length\n + 8\n + 8\n + 4 + dstHandle.length\n + 8\n );\n\n writeUInt32BE(buf, buf.length - 4, p);\n p += 4;\n\n buf[p] = REQUEST.EXTENDED;\n ++p;\n\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, p);\n p += 4;\n\n writeUInt32BE(buf, 9, p);\n p += 4;\n buf.utf8Write('copy-data', p, 9);\n p += 9;\n\n writeUInt32BE(buf, srcHandle.length, p);\n p += 4;\n buf.set(srcHandle, p);\n p += srcHandle.length;\n\n for (let i = 7; i >= 0; --i) {\n buf[p + i] = srcOffset & 0xFF;\n srcOffset /= 256;\n }\n p += 8;\n\n for (let i = 7; i >= 0; --i) {\n buf[p + i] = len & 0xFF;\n len /= 256;\n }\n p += 8;\n\n writeUInt32BE(buf, dstHandle.length, p);\n p += 4;\n buf.set(dstHandle, p);\n p += dstHandle.length;\n\n for (let i = 7; i >= 0; --i) {\n buf[p + i] = dstOffset & 0xFF;\n dstOffset /= 256;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} copy-data`);\n }\n }\n // ===========================================================================\n // Server-specific ===========================================================\n // ===========================================================================\n handle(reqid, handle) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n const handleLen = handle.length;\n\n if (handleLen > 256)\n throw new Error('handle too large (> 256 bytes)');\n\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.HANDLE;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n if (handleLen)\n buf.set(handle, p += 4);\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} HANDLE`\n );\n }\n status(reqid, code, message) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (!VALID_STATUS_CODES.has(code))\n throw new Error(`Bad status code: ${code}`);\n\n message || (message = '');\n\n const msgLen = Buffer.byteLength(message);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 4 + msgLen + 4);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.STATUS;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, code, p);\n\n writeUInt32BE(buf, msgLen, p += 4);\n p += 4;\n if (msgLen) {\n buf.utf8Write(message, p, msgLen);\n p += msgLen;\n }\n\n writeUInt32BE(buf, 0, p); // Empty language tag\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STATUS`\n );\n }\n data(reqid, data, encoding) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n const isBuffer = Buffer.isBuffer(data);\n\n if (!isBuffer && typeof data !== 'string')\n throw new Error('data is not a Buffer or string');\n\n let isUTF8;\n if (!isBuffer && !encoding) {\n encoding = undefined;\n isUTF8 = true;\n }\n\n const dataLen = (\n isBuffer\n ? data.length\n : Buffer.byteLength(data, encoding)\n );\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + dataLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.DATA;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, dataLen, p);\n if (dataLen) {\n if (isBuffer)\n buf.set(data, p += 4);\n else if (isUTF8)\n buf.utf8Write(data, p += 4, dataLen);\n else\n buf.write(data, p += 4, dataLen, encoding);\n }\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} DATA`\n );\n }\n name(reqid, names) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (!Array.isArray(names)) {\n if (typeof names !== 'object' || names === null)\n throw new Error('names is not an object or array');\n names = [ names ];\n }\n\n const count = names.length;\n let namesLen = 0;\n let nameAttrs;\n const attrs = [];\n\n for (let i = 0; i < count; ++i) {\n const name = names[i];\n const filename = (\n !name || !name.filename || typeof name.filename !== 'string'\n ? ''\n : name.filename\n );\n namesLen += 4 + Buffer.byteLength(filename);\n const longname = (\n !name || !name.longname || typeof name.longname !== 'string'\n ? ''\n : name.longname\n );\n namesLen += 4 + Buffer.byteLength(longname);\n\n if (typeof name.attrs === 'object' && name.attrs !== null) {\n nameAttrs = attrsToBytes(name.attrs);\n namesLen += 4 + nameAttrs.nb;\n\n if (nameAttrs.nb) {\n let bytes;\n\n if (nameAttrs.nb === ATTRS_BUF.length) {\n bytes = new Uint8Array(ATTRS_BUF);\n } else {\n bytes = new Uint8Array(nameAttrs.nb);\n bufferCopy(ATTRS_BUF, bytes, 0, nameAttrs.nb, 0);\n }\n\n nameAttrs.bytes = bytes;\n }\n\n attrs.push(nameAttrs);\n } else {\n namesLen += 4;\n attrs.push(null);\n }\n }\n\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + namesLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.NAME;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, count, p);\n\n p += 4;\n\n for (let i = 0; i < count; ++i) {\n const name = names[i];\n\n {\n const filename = (\n !name || !name.filename || typeof name.filename !== 'string'\n ? ''\n : name.filename\n );\n const len = Buffer.byteLength(filename);\n writeUInt32BE(buf, len, p);\n p += 4;\n if (len) {\n buf.utf8Write(filename, p, len);\n p += len;\n }\n }\n\n {\n const longname = (\n !name || !name.longname || typeof name.longname !== 'string'\n ? ''\n : name.longname\n );\n const len = Buffer.byteLength(longname);\n writeUInt32BE(buf, len, p);\n p += 4;\n if (len) {\n buf.utf8Write(longname, p, len);\n p += len;\n }\n }\n\n const attr = attrs[i];\n if (attr) {\n writeUInt32BE(buf, attr.flags, p);\n p += 4;\n if (attr.flags && attr.bytes) {\n buf.set(attr.bytes, p);\n p += attr.nb;\n }\n } else {\n writeUInt32BE(buf, 0, p);\n p += 4;\n }\n }\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} NAME`\n );\n }\n attrs(reqid, attrs) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (typeof attrs !== 'object' || attrs === null)\n throw new Error('attrs is not an object');\n\n attrs = attrsToBytes(attrs);\n const flags = attrs.flags;\n const attrsLen = attrs.nb;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.ATTRS;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, flags, p);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} ATTRS`\n );\n }\n}\n\nfunction tryCreateBuffer(size) {\n try {\n return Buffer.allocUnsafe(size);\n } catch (ex) {\n return ex;\n }\n}\n\nfunction read_(self, handle, buf, off, len, position, cb, req_) {\n const maxDataLen = self._maxReadLen;\n const overflow = Math.max(len - maxDataLen, 0);\n\n if (overflow)\n len = maxDataLen;\n\n /*\n uint32 id\n string handle\n uint64 offset\n uint32 len\n */\n const handleLen = handle.length;\n let p = 9;\n let pos = position;\n const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4);\n\n writeUInt32BE(out, out.length - 4, 0);\n out[4] = REQUEST.READ;\n const reqid = self._writeReqid = (self._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(out, reqid, 5);\n\n writeUInt32BE(out, handleLen, p);\n out.set(handle, p += 4);\n p += handleLen;\n for (let i = 7; i >= 0; --i) {\n out[p + i] = pos & 0xFF;\n pos /= 256;\n }\n writeUInt32BE(out, len, p += 8);\n\n if (typeof cb !== 'function')\n cb = noop;\n\n const req = (req_ || {\n nb: 0,\n position,\n off,\n origOff: off,\n len: undefined,\n overflow: undefined,\n cb: (err, data, nb) => {\n const len = req.len;\n const overflow = req.overflow;\n\n if (err) {\n if (cb._wantEOFError || err.code !== STATUS_CODE.EOF)\n return cb(err);\n } else if (nb > len) {\n return cb(new Error('Received more data than requested'));\n } else if (nb === len && overflow) {\n req.nb += nb;\n req.position += nb;\n req.off += nb;\n read_(self, handle, buf, req.off, overflow, req.position, cb, req);\n return;\n }\n\n nb = (nb || 0);\n if (req.origOff === 0 && buf.length === req.nb)\n data = buf;\n else\n data = bufferSlice(buf, req.origOff, req.origOff + req.nb + nb);\n cb(undefined, req.nb + nb, data, req.position);\n },\n buffer: undefined,\n });\n\n req.len = len;\n req.overflow = overflow;\n\n // TODO: avoid creating multiple buffer slices when we need to re-call read_()\n // because of overflow\n req.buffer = bufferSlice(buf, off, off + len);\n\n self._requests[reqid] = req;\n\n const isBuffered = sendOrBuffer(self, out);\n self._debug && self._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READ`\n );\n}\n\nfunction fastXfer(src, dst, srcPath, dstPath, opts, cb) {\n let concurrency = 64;\n let chunkSize = 32768;\n let onstep;\n let mode;\n let fileSize;\n\n if (typeof opts === 'function') {\n cb = opts;\n } else if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.concurrency === 'number'\n && opts.concurrency > 0\n && !isNaN(opts.concurrency)) {\n concurrency = opts.concurrency;\n }\n if (typeof opts.chunkSize === 'number'\n && opts.chunkSize > 0\n && !isNaN(opts.chunkSize)) {\n chunkSize = opts.chunkSize;\n }\n if (typeof opts.fileSize === 'number'\n && opts.fileSize > 0\n && !isNaN(opts.fileSize)) {\n fileSize = opts.fileSize;\n }\n if (typeof opts.step === 'function')\n onstep = opts.step;\n\n if (typeof opts.mode === 'string' || typeof opts.mode === 'number')\n mode = modeNum(opts.mode);\n }\n\n // Internal state variables\n let fsize;\n let pdst = 0;\n let total = 0;\n let hadError = false;\n let srcHandle;\n let dstHandle;\n let readbuf;\n let bufsize = chunkSize * concurrency;\n\n function onerror(err) {\n if (hadError)\n return;\n\n hadError = true;\n\n let left = 0;\n let cbfinal;\n\n if (srcHandle || dstHandle) {\n cbfinal = () => {\n if (--left === 0)\n cb(err);\n };\n if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n ++left;\n if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n ++left;\n if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n src.close(srcHandle, cbfinal);\n if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n dst.close(dstHandle, cbfinal);\n } else {\n cb(err);\n }\n }\n\n src.open(srcPath, 'r', (err, sourceHandle) => {\n if (err)\n return onerror(err);\n\n srcHandle = sourceHandle;\n\n if (fileSize === undefined)\n src.fstat(srcHandle, tryStat);\n else\n tryStat(null, { size: fileSize });\n\n function tryStat(err, attrs) {\n if (err) {\n if (src !== fs) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n src.stat(srcPath, (err_, attrs_) => {\n if (err_)\n return onerror(err);\n tryStat(null, attrs_);\n });\n return;\n }\n return onerror(err);\n }\n fsize = attrs.size;\n\n dst.open(dstPath, 'w', (err, destHandle) => {\n if (err)\n return onerror(err);\n\n dstHandle = destHandle;\n\n if (fsize <= 0)\n return onerror();\n\n // Use less memory where possible\n while (bufsize > fsize) {\n if (concurrency === 1) {\n bufsize = fsize;\n break;\n }\n bufsize -= chunkSize;\n --concurrency;\n }\n\n readbuf = tryCreateBuffer(bufsize);\n if (readbuf instanceof Error)\n return onerror(readbuf);\n\n if (mode !== undefined) {\n dst.fchmod(dstHandle, mode, function tryAgain(err) {\n if (err) {\n // Try chmod() for sftp servers that may not support fchmod()\n // for whatever reason\n dst.chmod(dstPath, mode, (err_) => tryAgain());\n return;\n }\n startReads();\n });\n } else {\n startReads();\n }\n\n function onread(err, nb, data, dstpos, datapos, origChunkLen) {\n if (err)\n return onerror(err);\n\n datapos = datapos || 0;\n\n dst.write(dstHandle, readbuf, datapos, nb, dstpos, writeCb);\n\n function writeCb(err) {\n if (err)\n return onerror(err);\n\n total += nb;\n onstep && onstep(total, nb, fsize);\n\n if (nb < origChunkLen)\n return singleRead(datapos, dstpos + nb, origChunkLen - nb);\n\n if (total === fsize) {\n dst.close(dstHandle, (err) => {\n dstHandle = undefined;\n if (err)\n return onerror(err);\n src.close(srcHandle, (err) => {\n srcHandle = undefined;\n if (err)\n return onerror(err);\n cb();\n });\n });\n return;\n }\n\n if (pdst >= fsize)\n return;\n\n const chunk =\n (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n singleRead(datapos, pdst, chunk);\n pdst += chunk;\n }\n }\n\n function makeCb(psrc, pdst, chunk) {\n return (err, nb, data) => {\n onread(err, nb, data, pdst, psrc, chunk);\n };\n }\n\n function singleRead(psrc, pdst, chunk) {\n src.read(srcHandle,\n readbuf,\n psrc,\n chunk,\n pdst,\n makeCb(psrc, pdst, chunk));\n }\n\n function startReads() {\n let reads = 0;\n let psrc = 0;\n while (pdst < fsize && reads < concurrency) {\n const chunk =\n (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n singleRead(psrc, pdst, chunk);\n psrc += chunk;\n pdst += chunk;\n ++reads;\n }\n }\n });\n }\n });\n}\n\nfunction writeAll(sftp, handle, buffer, offset, length, position, callback_) {\n const callback = (typeof callback_ === 'function' ? callback_ : undefined);\n\n sftp.write(handle,\n buffer,\n offset,\n length,\n position,\n (writeErr, written) => {\n if (writeErr) {\n return sftp.close(handle, () => {\n callback && callback(writeErr);\n });\n }\n if (written === length) {\n sftp.close(handle, callback);\n } else {\n offset += written;\n length -= written;\n position += written;\n writeAll(sftp, handle, buffer, offset, length, position, callback);\n }\n });\n}\n\nclass Stats {\n constructor(initial) {\n this.mode = (initial && initial.mode);\n this.uid = (initial && initial.uid);\n this.gid = (initial && initial.gid);\n this.size = (initial && initial.size);\n this.atime = (initial && initial.atime);\n this.mtime = (initial && initial.mtime);\n this.extended = (initial && initial.extended);\n }\n isDirectory() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFDIR);\n }\n isFile() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFREG);\n }\n isBlockDevice() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFBLK);\n }\n isCharacterDevice() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFCHR);\n }\n isSymbolicLink() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFLNK);\n }\n isFIFO() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFIFO);\n }\n isSocket() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFSOCK);\n }\n}\n\nfunction attrsToBytes(attrs) {\n let flags = 0;\n let nb = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n if (typeof attrs.size === 'number') {\n flags |= ATTR.SIZE;\n const val = attrs.size;\n // Big Endian\n ATTRS_BUF[nb++] = val / 72057594037927940; // 2**56\n ATTRS_BUF[nb++] = val / 281474976710656; // 2**48\n ATTRS_BUF[nb++] = val / 1099511627776; // 2**40\n ATTRS_BUF[nb++] = val / 4294967296; // 2**32\n ATTRS_BUF[nb++] = val / 16777216; // 2**24\n ATTRS_BUF[nb++] = val / 65536; // 2**16\n ATTRS_BUF[nb++] = val / 256; // 2**8\n ATTRS_BUF[nb++] = val;\n }\n if (typeof attrs.uid === 'number' && typeof attrs.gid === 'number') {\n flags |= ATTR.UIDGID;\n const uid = attrs.uid;\n const gid = attrs.gid;\n // Big Endian\n ATTRS_BUF[nb++] = uid >>> 24;\n ATTRS_BUF[nb++] = uid >>> 16;\n ATTRS_BUF[nb++] = uid >>> 8;\n ATTRS_BUF[nb++] = uid;\n ATTRS_BUF[nb++] = gid >>> 24;\n ATTRS_BUF[nb++] = gid >>> 16;\n ATTRS_BUF[nb++] = gid >>> 8;\n ATTRS_BUF[nb++] = gid;\n }\n if (typeof attrs.mode === 'number' || typeof attrs.mode === 'string') {\n const mode = modeNum(attrs.mode);\n flags |= ATTR.PERMISSIONS;\n // Big Endian\n ATTRS_BUF[nb++] = mode >>> 24;\n ATTRS_BUF[nb++] = mode >>> 16;\n ATTRS_BUF[nb++] = mode >>> 8;\n ATTRS_BUF[nb++] = mode;\n }\n if ((typeof attrs.atime === 'number' || isDate(attrs.atime))\n && (typeof attrs.mtime === 'number' || isDate(attrs.mtime))) {\n const atime = toUnixTimestamp(attrs.atime);\n const mtime = toUnixTimestamp(attrs.mtime);\n\n flags |= ATTR.ACMODTIME;\n // Big Endian\n ATTRS_BUF[nb++] = atime >>> 24;\n ATTRS_BUF[nb++] = atime >>> 16;\n ATTRS_BUF[nb++] = atime >>> 8;\n ATTRS_BUF[nb++] = atime;\n ATTRS_BUF[nb++] = mtime >>> 24;\n ATTRS_BUF[nb++] = mtime >>> 16;\n ATTRS_BUF[nb++] = mtime >>> 8;\n ATTRS_BUF[nb++] = mtime;\n }\n // TODO: extended attributes\n }\n\n return { flags, nb };\n}\n\nfunction toUnixTimestamp(time) {\n // eslint-disable-next-line no-self-compare\n if (typeof time === 'number' && time === time) // Valid, non-NaN number\n return time;\n if (isDate(time))\n return parseInt(time.getTime() / 1000, 10);\n throw new Error(`Cannot parse time: ${time}`);\n}\n\nfunction modeNum(mode) {\n // eslint-disable-next-line no-self-compare\n if (typeof mode === 'number' && mode === mode) // Valid, non-NaN number\n return mode;\n if (typeof mode === 'string')\n return modeNum(parseInt(mode, 8));\n throw new Error(`Cannot parse mode: ${mode}`);\n}\n\nconst stringFlagMap = {\n 'r': OPEN_MODE.READ,\n 'r+': OPEN_MODE.READ | OPEN_MODE.WRITE,\n 'w': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n 'wx': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'xw': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'w+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n 'wx+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL,\n 'xw+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL,\n 'a': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n 'ax': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'xa': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'a+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n 'ax+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL,\n 'xa+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL\n};\n\nfunction stringToFlags(str) {\n const flags = stringFlagMap[str];\n return (flags !== undefined ? flags : null);\n}\n\nconst flagsToString = (() => {\n const stringFlagMapKeys = Object.keys(stringFlagMap);\n return (flags) => {\n for (let i = 0; i < stringFlagMapKeys.length; ++i) {\n const key = stringFlagMapKeys[i];\n if (stringFlagMap[key] === flags)\n return key;\n }\n return null;\n };\n})();\n\nfunction readAttrs(biOpt) {\n /*\n uint32 flags\n uint64 size present only if flag SSH_FILEXFER_ATTR_SIZE\n uint32 uid present only if flag SSH_FILEXFER_ATTR_UIDGID\n uint32 gid present only if flag SSH_FILEXFER_ATTR_UIDGID\n uint32 permissions present only if flag SSH_FILEXFER_ATTR_PERMISSIONS\n uint32 atime present only if flag SSH_FILEXFER_ACMODTIME\n uint32 mtime present only if flag SSH_FILEXFER_ACMODTIME\n uint32 extended_count present only if flag SSH_FILEXFER_ATTR_EXTENDED\n string extended_type\n string extended_data\n ... more extended data (extended_type - extended_data pairs),\n so that number of pairs equals extended_count\n */\n const flags = bufferParser.readUInt32BE();\n if (flags === undefined)\n return;\n\n const attrs = new Stats();\n if (flags & ATTR.SIZE) {\n const size = bufferParser.readUInt64BE(biOpt);\n if (size === undefined)\n return;\n attrs.size = size;\n }\n\n if (flags & ATTR.UIDGID) {\n const uid = bufferParser.readUInt32BE();\n const gid = bufferParser.readUInt32BE();\n if (gid === undefined)\n return;\n attrs.uid = uid;\n attrs.gid = gid;\n }\n\n if (flags & ATTR.PERMISSIONS) {\n const mode = bufferParser.readUInt32BE();\n if (mode === undefined)\n return;\n attrs.mode = mode;\n }\n\n if (flags & ATTR.ACMODTIME) {\n const atime = bufferParser.readUInt32BE();\n const mtime = bufferParser.readUInt32BE();\n if (mtime === undefined)\n return;\n attrs.atime = atime;\n attrs.mtime = mtime;\n }\n\n if (flags & ATTR.EXTENDED) {\n const count = bufferParser.readUInt32BE();\n if (count === undefined)\n return;\n const extended = {};\n for (let i = 0; i < count; ++i) {\n const type = bufferParser.readString(true);\n const data = bufferParser.readString();\n if (data === undefined)\n return;\n extended[type] = data;\n }\n attrs.extended = extended;\n }\n\n return attrs;\n}\n\nfunction sendOrBuffer(sftp, payload) {\n const ret = tryWritePayload(sftp, payload);\n if (ret !== undefined) {\n sftp._buffer.push(ret);\n return false;\n }\n return true;\n}\n\nfunction tryWritePayload(sftp, payload) {\n const outgoing = sftp.outgoing;\n if (outgoing.state !== 'open')\n return;\n\n if (outgoing.window === 0) {\n sftp._waitWindow = true;\n sftp._chunkcb = drainBuffer;\n return payload;\n }\n\n let ret;\n const len = payload.length;\n let p = 0;\n\n while (len - p > 0 && outgoing.window > 0) {\n const actualLen = Math.min(len - p, outgoing.window, outgoing.packetSize);\n outgoing.window -= actualLen;\n if (outgoing.window === 0) {\n sftp._waitWindow = true;\n sftp._chunkcb = drainBuffer;\n }\n\n if (p === 0 && actualLen === len) {\n sftp._protocol.channelData(sftp.outgoing.id, payload);\n } else {\n sftp._protocol.channelData(sftp.outgoing.id,\n bufferSlice(payload, p, p + actualLen));\n }\n\n p += actualLen;\n }\n\n if (len - p > 0) {\n if (p > 0)\n ret = bufferSlice(payload, p, len);\n else\n ret = payload; // XXX: should never get here?\n }\n\n return ret;\n}\n\nfunction drainBuffer() {\n this._chunkcb = undefined;\n const buffer = this._buffer;\n let i = 0;\n while (i < buffer.length) {\n const payload = buffer[i];\n const ret = tryWritePayload(this, payload);\n if (ret !== undefined) {\n if (ret !== payload)\n buffer[i] = ret;\n if (i > 0)\n this._buffer = buffer.slice(i);\n return;\n }\n ++i;\n }\n if (i > 0)\n this._buffer = [];\n}\n\nfunction doFatalSFTPError(sftp, msg, noDebug) {\n const err = new Error(msg);\n err.level = 'sftp-protocol';\n if (!noDebug && sftp._debug)\n sftp._debug(`SFTP: Inbound: ${msg}`);\n sftp.emit('error', err);\n sftp.destroy();\n cleanupRequests(sftp);\n return false;\n}\n\nfunction cleanupRequests(sftp) {\n const keys = Object.keys(sftp._requests);\n if (keys.length === 0)\n return;\n\n const reqs = sftp._requests;\n sftp._requests = {};\n const err = new Error('No response from server');\n for (let i = 0; i < keys.length; ++i) {\n const req = reqs[keys[i]];\n if (typeof req.cb === 'function')\n req.cb(err);\n }\n}\n\nfunction requestLimits(sftp, cb) {\n /*\n uint32 id\n string \"limits@openssh.com\"\n */\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 18);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = sftp._writeReqid = (sftp._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 18, p);\n buf.utf8Write('limits@openssh.com', p += 4, 18);\n\n sftp._requests[reqid] = { extended: 'limits@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(sftp, buf);\n if (sftp._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n sftp._debug(`SFTP: Outbound: ${which} limits@openssh.com`);\n }\n}\n\nconst CLIENT_HANDLERS = {\n [RESPONSE.VERSION]: (sftp, payload) => {\n if (sftp._version !== -1)\n return doFatalSFTPError(sftp, 'Duplicate VERSION packet');\n\n const extensions = {};\n\n /*\n uint32 version\n \n */\n bufferParser.init(payload, 1);\n let version = bufferParser.readUInt32BE();\n while (bufferParser.avail()) {\n const extName = bufferParser.readString(true);\n const extData = bufferParser.readString(true);\n if (extData === undefined) {\n version = undefined;\n break;\n }\n extensions[extName] = extData;\n }\n bufferParser.clear();\n\n if (version === undefined)\n return doFatalSFTPError(sftp, 'Malformed VERSION packet');\n\n if (sftp._debug) {\n const names = Object.keys(extensions);\n if (names.length) {\n sftp._debug(\n `SFTP: Inbound: Received VERSION (v${version}, exts:${names})`\n );\n } else {\n sftp._debug(`SFTP: Inbound: Received VERSION (v${version})`);\n }\n }\n\n sftp._version = version;\n sftp._extensions = extensions;\n\n if (extensions['limits@openssh.com'] === '1') {\n return requestLimits(sftp, (err, limits) => {\n if (!err) {\n if (limits.maxPktLen > 0)\n sftp._maxOutPktLen = limits.maxPktLen;\n if (limits.maxReadLen > 0)\n sftp._maxReadLen = limits.maxReadLen;\n if (limits.maxWriteLen > 0)\n sftp._maxWriteLen = limits.maxWriteLen;\n sftp.maxOpenHandles = (\n limits.maxOpenHandles > 0 ? limits.maxOpenHandles : Infinity\n );\n }\n sftp.emit('ready');\n });\n }\n\n sftp.emit('ready');\n },\n [RESPONSE.STATUS]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n uint32 error/status code\n string error message (ISO-10646 UTF-8)\n string language tag\n */\n const errorCode = bufferParser.readUInt32BE();\n const errorMsg = bufferParser.readString(true);\n bufferParser.clear();\n\n // Note: we avoid checking that the error message and language tag are in\n // the packet because there are some broken implementations that incorrectly\n // omit them. The language tag in general was never really used amongst ssh\n // implementations, so in the case of a missing error message we just\n // default to something sensible.\n\n if (sftp._debug) {\n const jsonMsg = JSON.stringify(errorMsg);\n sftp._debug(\n `SFTP: Inbound: Received STATUS (id:${reqID}, ${errorCode}, ${jsonMsg})`\n );\n }\n const req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n if (req && typeof req.cb === 'function') {\n if (errorCode === STATUS_CODE.OK) {\n req.cb();\n return;\n }\n const err = new Error(errorMsg\n || STATUS_CODE_STR[errorCode]\n || 'Unknown status');\n err.code = errorCode;\n req.cb(err);\n }\n },\n [RESPONSE.HANDLE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined) {\n if (reqID !== undefined)\n delete sftp._requests[reqID];\n return doFatalSFTPError(sftp, 'Malformed HANDLE packet');\n }\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received HANDLE (id:${reqID})`);\n\n const req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n if (req && typeof req.cb === 'function')\n req.cb(undefined, handle);\n },\n [RESPONSE.DATA]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n let req;\n if (reqID !== undefined) {\n req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n }\n /*\n string data\n */\n if (req && typeof req.cb === 'function') {\n if (req.buffer) {\n // We have already pre-allocated space to store the data\n\n const nb = bufferParser.readString(req.buffer);\n bufferParser.clear();\n\n if (nb !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n );\n req.cb(undefined, req.buffer, nb);\n return;\n }\n } else {\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received DATA (id:${reqID}, ${data.length})`\n );\n req.cb(undefined, data);\n return;\n }\n }\n } else {\n const nb = bufferParser.skipString();\n bufferParser.clear();\n if (nb !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n );\n return;\n }\n }\n\n return doFatalSFTPError(sftp, 'Malformed DATA packet');\n },\n [RESPONSE.NAME]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n let req;\n if (reqID !== undefined) {\n req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n }\n /*\n uint32 count\n repeats count times:\n string filename\n string longname\n ATTRS attrs\n */\n const count = bufferParser.readUInt32BE();\n if (count !== undefined) {\n let names = [];\n for (let i = 0; i < count; ++i) {\n // We are going to assume UTF-8 for filenames despite the SFTPv3\n // spec not specifying an encoding because the specs for newer\n // versions of the protocol all explicitly specify UTF-8 for\n // filenames\n const filename = bufferParser.readString(true);\n\n // `longname` only exists in SFTPv3 and since it typically will\n // contain the filename, we assume it is also UTF-8\n const longname = bufferParser.readString(true);\n\n const attrs = readAttrs(sftp._biOpt);\n if (attrs === undefined) {\n names = undefined;\n break;\n }\n names.push({ filename, longname, attrs });\n }\n if (names !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received NAME (id:${reqID}, ${names.length})`\n );\n bufferParser.clear();\n if (req && typeof req.cb === 'function')\n req.cb(undefined, names);\n return;\n }\n }\n\n bufferParser.clear();\n return doFatalSFTPError(sftp, 'Malformed NAME packet');\n },\n [RESPONSE.ATTRS]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n let req;\n if (reqID !== undefined) {\n req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n }\n /*\n ATTRS attrs\n */\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n if (attrs !== undefined) {\n sftp._debug && sftp._debug(`SFTP: Inbound: Received ATTRS (id:${reqID})`);\n if (req && typeof req.cb === 'function')\n req.cb(undefined, attrs);\n return;\n }\n\n return doFatalSFTPError(sftp, 'Malformed ATTRS packet');\n },\n [RESPONSE.EXTENDED]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n if (reqID !== undefined) {\n const req = sftp._requests[reqID];\n if (req) {\n delete sftp._requests[reqID];\n switch (req.extended) {\n case 'statvfs@openssh.com':\n case 'fstatvfs@openssh.com': {\n /*\n uint64 f_bsize // file system block size\n uint64 f_frsize // fundamental fs block size\n uint64 f_blocks // number of blocks (unit f_frsize)\n uint64 f_bfree // free blocks in file system\n uint64 f_bavail // free blocks for non-root\n uint64 f_files // total file inodes\n uint64 f_ffree // free file inodes\n uint64 f_favail // free file inodes for to non-root\n uint64 f_fsid // file system id\n uint64 f_flag // bit mask of f_flag values\n uint64 f_namemax // maximum filename length\n */\n const biOpt = sftp._biOpt;\n const stats = {\n f_bsize: bufferParser.readUInt64BE(biOpt),\n f_frsize: bufferParser.readUInt64BE(biOpt),\n f_blocks: bufferParser.readUInt64BE(biOpt),\n f_bfree: bufferParser.readUInt64BE(biOpt),\n f_bavail: bufferParser.readUInt64BE(biOpt),\n f_files: bufferParser.readUInt64BE(biOpt),\n f_ffree: bufferParser.readUInt64BE(biOpt),\n f_favail: bufferParser.readUInt64BE(biOpt),\n f_sid: bufferParser.readUInt64BE(biOpt),\n f_flag: bufferParser.readUInt64BE(biOpt),\n f_namemax: bufferParser.readUInt64BE(biOpt),\n };\n if (stats.f_namemax === undefined)\n break;\n if (sftp._debug) {\n sftp._debug(\n 'SFTP: Inbound: Received EXTENDED_REPLY '\n + `(id:${reqID}, ${req.extended})`\n );\n }\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb(undefined, stats);\n return;\n }\n case 'limits@openssh.com': {\n /*\n uint64 max-packet-length\n uint64 max-read-length\n uint64 max-write-length\n uint64 max-open-handles\n */\n const limits = {\n maxPktLen: bufferParser.readUInt64BE(),\n maxReadLen: bufferParser.readUInt64BE(),\n maxWriteLen: bufferParser.readUInt64BE(),\n maxOpenHandles: bufferParser.readUInt64BE(),\n };\n if (limits.maxOpenHandles === undefined)\n break;\n if (sftp._debug) {\n sftp._debug(\n 'SFTP: Inbound: Received EXTENDED_REPLY '\n + `(id:${reqID}, ${req.extended})`\n );\n }\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb(undefined, limits);\n return;\n }\n default:\n // Unknown extended request\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n );\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb();\n return;\n }\n } else {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n );\n bufferParser.clear();\n return;\n }\n }\n\n bufferParser.clear();\n return doFatalSFTPError(sftp, 'Malformed EXTENDED_REPLY packet');\n },\n};\nconst SERVER_HANDLERS = {\n [REQUEST.INIT]: (sftp, payload) => {\n if (sftp._version !== -1)\n return doFatalSFTPError(sftp, 'Duplicate INIT packet');\n\n const extensions = {};\n\n /*\n uint32 version\n \n */\n bufferParser.init(payload, 1);\n let version = bufferParser.readUInt32BE();\n while (bufferParser.avail()) {\n const extName = bufferParser.readString(true);\n const extData = bufferParser.readString(true);\n if (extData === undefined) {\n version = undefined;\n break;\n }\n extensions[extName] = extData;\n }\n bufferParser.clear();\n\n if (version === undefined)\n return doFatalSFTPError(sftp, 'Malformed INIT packet');\n\n if (sftp._debug) {\n const names = Object.keys(extensions);\n if (names.length) {\n sftp._debug(\n `SFTP: Inbound: Received INIT (v${version}, exts:${names})`\n );\n } else {\n sftp._debug(`SFTP: Inbound: Received INIT (v${version})`);\n }\n }\n\n sendOrBuffer(sftp, SERVER_VERSION_BUFFER);\n\n sftp._version = version;\n sftp._extensions = extensions;\n sftp.emit('ready');\n },\n [REQUEST.OPEN]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string filename\n uint32 pflags\n ATTRS attrs\n */\n const filename = bufferParser.readString(true);\n const pflags = bufferParser.readUInt32BE();\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined)\n return doFatalSFTPError(sftp, 'Malformed OPEN packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received OPEN (id:${reqID})`);\n\n if (!sftp.emit('OPEN', reqID, filename, pflags, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.CLOSE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed CLOSE packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received CLOSE (id:${reqID})`);\n\n if (!sftp.emit('CLOSE', reqID, handle)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.READ]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n uint64 offset\n uint32 len\n */\n const handle = bufferParser.readString();\n const offset = bufferParser.readUInt64BE(sftp._biOpt);\n const len = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (len === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed READ packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received READ (id:${reqID})`);\n\n if (!sftp.emit('READ', reqID, handle, offset, len)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.WRITE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n uint64 offset\n string data\n */\n const handle = bufferParser.readString();\n const offset = bufferParser.readUInt64BE(sftp._biOpt);\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed WRITE packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received WRITE (id:${reqID})`);\n\n if (!sftp.emit('WRITE', reqID, handle, offset, data)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.LSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed LSTAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received LSTAT (id:${reqID})`);\n\n if (!sftp.emit('LSTAT', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.FSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed FSTAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received FSTAT (id:${reqID})`);\n\n if (!sftp.emit('FSTAT', reqID, handle)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.SETSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n ATTRS attrs\n */\n const path = bufferParser.readString(true);\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined)\n return doFatalSFTPError(sftp, 'Malformed SETSTAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received SETSTAT (id:${reqID})`);\n\n if (!sftp.emit('SETSTAT', reqID, path, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.FSETSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n ATTRS attrs\n */\n const handle = bufferParser.readString();\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed FSETSTAT packet');\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received FSETSTAT (id:${reqID})`\n );\n\n if (!sftp.emit('FSETSTAT', reqID, handle, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.OPENDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed OPENDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received OPENDIR (id:${reqID})`);\n\n if (!sftp.emit('OPENDIR', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.READDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed READDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received READDIR (id:${reqID})`);\n\n if (!sftp.emit('READDIR', reqID, handle)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.REMOVE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed REMOVE packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received REMOVE (id:${reqID})`);\n\n if (!sftp.emit('REMOVE', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.MKDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n ATTRS attrs\n */\n const path = bufferParser.readString(true);\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined)\n return doFatalSFTPError(sftp, 'Malformed MKDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received MKDIR (id:${reqID})`);\n\n if (!sftp.emit('MKDIR', reqID, path, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.RMDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed RMDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received RMDIR (id:${reqID})`);\n\n if (!sftp.emit('RMDIR', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.REALPATH]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed REALPATH packet');\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received REALPATH (id:${reqID})`\n );\n\n if (!sftp.emit('REALPATH', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.STAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed STAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received STAT (id:${reqID})`);\n\n if (!sftp.emit('STAT', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.RENAME]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string oldpath\n string newpath\n */\n const oldPath = bufferParser.readString(true);\n const newPath = bufferParser.readString(true);\n bufferParser.clear();\n\n if (newPath === undefined)\n return doFatalSFTPError(sftp, 'Malformed RENAME packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received RENAME (id:${reqID})`);\n\n if (!sftp.emit('RENAME', reqID, oldPath, newPath)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.READLINK]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed READLINK packet');\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received READLINK (id:${reqID})`\n );\n\n if (!sftp.emit('READLINK', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.SYMLINK]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string linkpath\n string targetpath\n */\n const linkPath = bufferParser.readString(true);\n const targetPath = bufferParser.readString(true);\n bufferParser.clear();\n\n if (targetPath === undefined)\n return doFatalSFTPError(sftp, 'Malformed SYMLINK packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received SYMLINK (id:${reqID})`);\n\n let handled;\n if (sftp._isOpenSSH) {\n // OpenSSH has linkpath and targetpath positions switched\n handled = sftp.emit('SYMLINK', reqID, targetPath, linkPath);\n } else {\n handled = sftp.emit('SYMLINK', reqID, linkPath, targetPath);\n }\n if (!handled) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.EXTENDED]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string extended-request\n ... any request-specific data ...\n */\n const extName = bufferParser.readString(true);\n if (extName === undefined) {\n bufferParser.clear();\n return doFatalSFTPError(sftp, 'Malformed EXTENDED packet');\n }\n\n let extData;\n if (bufferParser.avail())\n extData = bufferParser.readRaw();\n bufferParser.clear();\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received EXTENDED (id:${reqID})`\n );\n\n if (!sftp.emit('EXTENDED', reqID, extName, extData)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n};\n\n// =============================================================================\n// ReadStream/WriteStream-related ==============================================\n// =============================================================================\nconst {\n ERR_INVALID_ARG_TYPE,\n ERR_OUT_OF_RANGE,\n validateNumber\n} = require('./node-fs-compat');\n\nconst kMinPoolSpace = 128;\n\nlet pool;\n// It can happen that we expect to read a large chunk of data, and reserve\n// a large chunk of the pool accordingly, but the read() call only filled\n// a portion of it. If a concurrently executing read() then uses the same pool,\n// the \"reserved\" portion cannot be used, so we allow it to be re-used as a\n// new pool later.\nconst poolFragments = [];\n\nfunction allocNewPool(poolSize) {\n if (poolFragments.length > 0)\n pool = poolFragments.pop();\n else\n pool = Buffer.allocUnsafe(poolSize);\n pool.used = 0;\n}\n\n// Check the `this.start` and `this.end` of stream.\nfunction checkPosition(pos, name) {\n if (!Number.isSafeInteger(pos)) {\n validateNumber(pos, name);\n if (!Number.isInteger(pos))\n throw new ERR_OUT_OF_RANGE(name, 'an integer', pos);\n throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n }\n if (pos < 0)\n throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n}\n\nfunction roundUpToMultipleOf8(n) {\n return (n + 7) & ~7; // Align to 8 byte boundary.\n}\n\nfunction ReadStream(sftp, path, options) {\n if (options === undefined)\n options = {};\n else if (typeof options === 'string')\n options = { encoding: options };\n else if (options === null || typeof options !== 'object')\n throw new TypeError('\"options\" argument must be a string or an object');\n else\n options = Object.create(options);\n\n // A little bit bigger buffer and water marks by default\n if (options.highWaterMark === undefined)\n options.highWaterMark = 64 * 1024;\n\n // For backwards compat do not emit close on destroy.\n options.emitClose = false;\n options.autoDestroy = false; // Node 14 major change.\n\n ReadableStream.call(this, options);\n\n this.path = path;\n this.flags = options.flags === undefined ? 'r' : options.flags;\n this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n this.start = options.start;\n this.end = options.end;\n this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n this.pos = 0;\n this.bytesRead = 0;\n this.isClosed = false;\n\n this.handle = options.handle === undefined ? null : options.handle;\n this.sftp = sftp;\n this._opening = false;\n\n if (this.start !== undefined) {\n checkPosition(this.start, 'start');\n\n this.pos = this.start;\n }\n\n if (this.end === undefined) {\n this.end = Infinity;\n } else if (this.end !== Infinity) {\n checkPosition(this.end, 'end');\n\n if (this.start !== undefined && this.start > this.end) {\n throw new ERR_OUT_OF_RANGE(\n 'start',\n `<= \"end\" (here: ${this.end})`,\n this.start\n );\n }\n }\n\n this.on('end', function() {\n if (this.autoClose)\n this.destroy();\n });\n\n if (!Buffer.isBuffer(this.handle))\n this.open();\n}\ninherits(ReadStream, ReadableStream);\n\nReadStream.prototype.open = function() {\n if (this._opening)\n return;\n\n this._opening = true;\n\n this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n this._opening = false;\n\n if (er) {\n this.emit('error', er);\n if (this.autoClose)\n this.destroy();\n return;\n }\n\n this.handle = handle;\n this.emit('open', handle);\n this.emit('ready');\n // Start the flow of data.\n this.read();\n });\n};\n\nReadStream.prototype._read = function(n) {\n if (!Buffer.isBuffer(this.handle))\n return this.once('open', () => this._read(n));\n\n // XXX: safe to remove this?\n if (this.destroyed)\n return;\n\n if (!pool || pool.length - pool.used < kMinPoolSpace) {\n // Discard the old pool.\n allocNewPool(this.readableHighWaterMark\n || this._readableState.highWaterMark);\n }\n\n // Grab another reference to the pool in the case that while we're\n // in the thread pool another read() finishes up the pool, and\n // allocates a new one.\n const thisPool = pool;\n let toRead = Math.min(pool.length - pool.used, n);\n const start = pool.used;\n\n if (this.end !== undefined)\n toRead = Math.min(this.end - this.pos + 1, toRead);\n\n // Already read everything we were supposed to read!\n // treat as EOF.\n if (toRead <= 0)\n return this.push(null);\n\n // the actual read.\n this.sftp.read(this.handle,\n pool,\n pool.used,\n toRead,\n this.pos,\n (er, bytesRead) => {\n if (er) {\n this.emit('error', er);\n if (this.autoClose)\n this.destroy();\n return;\n }\n let b = null;\n\n // Now that we know how much data we have actually read, re-wind the\n // 'used' field if we can, and otherwise allow the remainder of our\n // reservation to be used as a new pool later.\n if (start + toRead === thisPool.used && thisPool === pool) {\n thisPool.used = roundUpToMultipleOf8(thisPool.used + bytesRead - toRead);\n } else {\n // Round down to the next lowest multiple of 8 to ensure the new pool\n // fragment start and end positions are aligned to an 8 byte boundary.\n const alignedEnd = (start + toRead) & ~7;\n const alignedStart = roundUpToMultipleOf8(start + bytesRead);\n if (alignedEnd - alignedStart >= kMinPoolSpace)\n poolFragments.push(thisPool.slice(alignedStart, alignedEnd));\n }\n\n if (bytesRead > 0) {\n this.bytesRead += bytesRead;\n b = thisPool.slice(start, start + bytesRead);\n }\n\n // Move the pool positions, and internal position for reading.\n this.pos += bytesRead;\n\n this.push(b);\n });\n\n pool.used = roundUpToMultipleOf8(pool.used + toRead);\n};\n\nReadStream.prototype._destroy = function(err, cb) {\n if (this._opening && !Buffer.isBuffer(this.handle)) {\n this.once('open', closeStream.bind(null, this, cb, err));\n return;\n }\n\n closeStream(this, cb, err);\n this.handle = null;\n this._opening = false;\n};\n\nfunction closeStream(stream, cb, err) {\n if (!stream.handle)\n return onclose();\n\n stream.sftp.close(stream.handle, onclose);\n\n function onclose(er) {\n er = er || err;\n cb(er);\n stream.isClosed = true;\n if (!er)\n stream.emit('close');\n }\n}\n\nReadStream.prototype.close = function(cb) {\n this.destroy(null, cb);\n};\n\nObject.defineProperty(ReadStream.prototype, 'pending', {\n get() {\n return this.handle === null;\n },\n configurable: true\n});\n\n// TODO: add `concurrency` setting to allow more than one in-flight WRITE\n// request to server to improve throughput\nfunction WriteStream(sftp, path, options) {\n if (options === undefined)\n options = {};\n else if (typeof options === 'string')\n options = { encoding: options };\n else if (options === null || typeof options !== 'object')\n throw new TypeError('\"options\" argument must be a string or an object');\n else\n options = Object.create(options);\n\n // For backwards compat do not emit close on destroy.\n options.emitClose = false;\n options.autoDestroy = false; // Node 14 major change.\n\n WritableStream.call(this, options);\n\n this.path = path;\n this.flags = options.flags === undefined ? 'w' : options.flags;\n this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n this.start = options.start;\n this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n this.pos = 0;\n this.bytesWritten = 0;\n this.isClosed = false;\n\n this.handle = options.handle === undefined ? null : options.handle;\n this.sftp = sftp;\n this._opening = false;\n\n if (this.start !== undefined) {\n checkPosition(this.start, 'start');\n\n this.pos = this.start;\n }\n\n if (options.encoding)\n this.setDefaultEncoding(options.encoding);\n\n // Node v6.x only\n this.on('finish', function() {\n if (this._writableState.finalCalled)\n return;\n if (this.autoClose)\n this.destroy();\n });\n\n if (!Buffer.isBuffer(this.handle))\n this.open();\n}\ninherits(WriteStream, WritableStream);\n\nWriteStream.prototype._final = function(cb) {\n if (this.autoClose)\n this.destroy();\n cb();\n};\n\nWriteStream.prototype.open = function() {\n if (this._opening)\n return;\n\n this._opening = true;\n\n this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n this._opening = false;\n\n if (er) {\n this.emit('error', er);\n if (this.autoClose)\n this.destroy();\n return;\n }\n\n this.handle = handle;\n\n const tryAgain = (err) => {\n if (err) {\n // Try chmod() for sftp servers that may not support fchmod() for\n // whatever reason\n this.sftp.chmod(this.path, this.mode, (err_) => tryAgain());\n return;\n }\n\n // SFTPv3 requires absolute offsets, no matter the open flag used\n if (this.flags[0] === 'a') {\n const tryStat = (err, st) => {\n if (err) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n this.sftp.stat(this.path, (err_, st_) => {\n if (err_) {\n this.destroy();\n this.emit('error', err);\n return;\n }\n tryStat(null, st_);\n });\n return;\n }\n\n this.pos = st.size;\n this.emit('open', handle);\n this.emit('ready');\n };\n\n this.sftp.fstat(handle, tryStat);\n return;\n }\n\n this.emit('open', handle);\n this.emit('ready');\n };\n\n this.sftp.fchmod(handle, this.mode, tryAgain);\n });\n};\n\nWriteStream.prototype._write = function(data, encoding, cb) {\n if (!Buffer.isBuffer(data)) {\n const err = new ERR_INVALID_ARG_TYPE('data', 'Buffer', data);\n return this.emit('error', err);\n }\n\n if (!Buffer.isBuffer(this.handle)) {\n return this.once('open', function() {\n this._write(data, encoding, cb);\n });\n }\n\n this.sftp.write(this.handle,\n data,\n 0,\n data.length,\n this.pos,\n (er, bytes) => {\n if (er) {\n if (this.autoClose)\n this.destroy();\n return cb(er);\n }\n this.bytesWritten += bytes;\n cb();\n });\n\n this.pos += data.length;\n};\n\nWriteStream.prototype._writev = function(data, cb) {\n if (!Buffer.isBuffer(this.handle)) {\n return this.once('open', function() {\n this._writev(data, cb);\n });\n }\n\n const sftp = this.sftp;\n const handle = this.handle;\n let writesLeft = data.length;\n\n const onwrite = (er, bytes) => {\n if (er) {\n this.destroy();\n return cb(er);\n }\n this.bytesWritten += bytes;\n if (--writesLeft === 0)\n cb();\n };\n\n // TODO: try to combine chunks to reduce number of requests to the server?\n for (let i = 0; i < data.length; ++i) {\n const chunk = data[i].chunk;\n\n sftp.write(handle, chunk, 0, chunk.length, this.pos, onwrite);\n this.pos += chunk.length;\n }\n};\n\nif (typeof WritableStream.prototype.destroy !== 'function')\n WriteStream.prototype.destroy = ReadStream.prototype.destroy;\n\nWriteStream.prototype._destroy = ReadStream.prototype._destroy;\nWriteStream.prototype.close = function(cb) {\n if (cb) {\n if (this.isClosed) {\n process.nextTick(cb);\n return;\n }\n this.on('close', cb);\n }\n\n // If we are not autoClosing, we should call\n // destroy on 'finish'.\n if (!this.autoClose)\n this.on('finish', this.destroy.bind(this));\n\n this.end();\n};\n\n// There is no shutdown() for files.\nWriteStream.prototype.destroySoon = WriteStream.prototype.end;\n\nObject.defineProperty(WriteStream.prototype, 'pending', {\n get() {\n return this.handle === null;\n },\n configurable: true\n});\n// =============================================================================\n\nmodule.exports = {\n flagsToString,\n OPEN_MODE,\n SFTP,\n Stats,\n STATUS_CODE,\n stringToFlags,\n};\n","'use strict';\n\nconst crypto = require('crypto');\n\nlet cpuInfo;\ntry {\n cpuInfo = require('cpu-features')();\n} catch {}\n\nconst { bindingAvailable, CIPHER_INFO, MAC_INFO } = require('./crypto.js');\n\nconst eddsaSupported = (() => {\n if (typeof crypto.sign === 'function'\n && typeof crypto.verify === 'function') {\n const key =\n '-----BEGIN PRIVATE KEY-----\\r\\nMC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD'\n + '/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\\r\\n-----END PRIVATE KEY-----';\n const data = Buffer.from('a');\n let sig;\n let verified;\n try {\n sig = crypto.sign(null, data, key);\n verified = crypto.verify(null, data, key, sig);\n } catch {}\n return (Buffer.isBuffer(sig) && sig.length === 64 && verified === true);\n }\n\n return false;\n})();\n\nconst curve25519Supported = (typeof crypto.diffieHellman === 'function'\n && typeof crypto.generateKeyPairSync === 'function'\n && typeof crypto.createPublicKey === 'function');\n\nconst DEFAULT_KEX = [\n // https://tools.ietf.org/html/rfc5656#section-10.1\n 'ecdh-sha2-nistp256',\n 'ecdh-sha2-nistp384',\n 'ecdh-sha2-nistp521',\n\n // https://tools.ietf.org/html/rfc4419#section-4\n 'diffie-hellman-group-exchange-sha256',\n\n // https://tools.ietf.org/html/rfc8268\n 'diffie-hellman-group14-sha256',\n 'diffie-hellman-group15-sha512',\n 'diffie-hellman-group16-sha512',\n 'diffie-hellman-group17-sha512',\n 'diffie-hellman-group18-sha512',\n];\nif (curve25519Supported) {\n DEFAULT_KEX.unshift('curve25519-sha256');\n DEFAULT_KEX.unshift('curve25519-sha256@libssh.org');\n}\nconst SUPPORTED_KEX = DEFAULT_KEX.concat([\n // https://tools.ietf.org/html/rfc4419#section-4\n 'diffie-hellman-group-exchange-sha1',\n\n 'diffie-hellman-group14-sha1', // REQUIRED\n 'diffie-hellman-group1-sha1', // REQUIRED\n]);\n\n\nconst DEFAULT_SERVER_HOST_KEY = [\n 'ecdsa-sha2-nistp256',\n 'ecdsa-sha2-nistp384',\n 'ecdsa-sha2-nistp521',\n 'rsa-sha2-512', // RFC 8332\n 'rsa-sha2-256', // RFC 8332\n 'ssh-rsa',\n];\nif (eddsaSupported)\n DEFAULT_SERVER_HOST_KEY.unshift('ssh-ed25519');\nconst SUPPORTED_SERVER_HOST_KEY = DEFAULT_SERVER_HOST_KEY.concat([\n 'ssh-dss',\n]);\n\n\nconst canUseCipher = (() => {\n const ciphers = crypto.getCiphers();\n return (name) => ciphers.includes(CIPHER_INFO[name].sslName);\n})();\nlet DEFAULT_CIPHER = [\n // http://tools.ietf.org/html/rfc5647\n 'aes128-gcm@openssh.com',\n 'aes256-gcm@openssh.com',\n\n // http://tools.ietf.org/html/rfc4344#section-4\n 'aes128-ctr',\n 'aes192-ctr',\n 'aes256-ctr',\n];\nif (cpuInfo && cpuInfo.flags && !cpuInfo.flags.aes) {\n // We know for sure the CPU does not support AES acceleration\n if (bindingAvailable)\n DEFAULT_CIPHER.unshift('chacha20-poly1305@openssh.com');\n else\n DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n} else if (bindingAvailable && cpuInfo && cpuInfo.arch === 'x86') {\n // Places chacha20-poly1305 immediately after GCM ciphers since GCM ciphers\n // seem to outperform it on x86, but it seems to be faster than CTR ciphers\n DEFAULT_CIPHER.splice(4, 0, 'chacha20-poly1305@openssh.com');\n} else {\n DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n}\nDEFAULT_CIPHER = DEFAULT_CIPHER.filter(canUseCipher);\nconst SUPPORTED_CIPHER = DEFAULT_CIPHER.concat([\n 'aes256-cbc',\n 'aes192-cbc',\n 'aes128-cbc',\n 'blowfish-cbc',\n '3des-cbc',\n 'aes128-gcm',\n 'aes256-gcm',\n\n // http://tools.ietf.org/html/rfc4345#section-4:\n 'arcfour256',\n 'arcfour128',\n\n 'cast128-cbc',\n 'arcfour',\n].filter(canUseCipher));\n\n\nconst canUseMAC = (() => {\n const hashes = crypto.getHashes();\n return (name) => hashes.includes(MAC_INFO[name].sslName);\n})();\nconst DEFAULT_MAC = [\n 'hmac-sha2-256-etm@openssh.com',\n 'hmac-sha2-512-etm@openssh.com',\n 'hmac-sha1-etm@openssh.com',\n 'hmac-sha2-256',\n 'hmac-sha2-512',\n 'hmac-sha1',\n].filter(canUseMAC);\nconst SUPPORTED_MAC = DEFAULT_MAC.concat([\n 'hmac-md5',\n 'hmac-sha2-256-96', // first 96 bits of HMAC-SHA256\n 'hmac-sha2-512-96', // first 96 bits of HMAC-SHA512\n 'hmac-ripemd160',\n 'hmac-sha1-96', // first 96 bits of HMAC-SHA1\n 'hmac-md5-96', // first 96 bits of HMAC-MD5\n].filter(canUseMAC));\n\nconst DEFAULT_COMPRESSION = [\n 'none',\n 'zlib@openssh.com', // ZLIB (LZ77) compression, except\n // compression/decompression does not start until after\n // successful user authentication\n 'zlib', // ZLIB (LZ77) compression\n];\nconst SUPPORTED_COMPRESSION = DEFAULT_COMPRESSION.concat([\n]);\n\n\nconst COMPAT = {\n BAD_DHGEX: 1 << 0,\n OLD_EXIT: 1 << 1,\n DYN_RPORT_BUG: 1 << 2,\n BUG_DHGEX_LARGE: 1 << 3,\n};\n\nmodule.exports = {\n MESSAGE: {\n // Transport layer protocol -- generic (1-19)\n DISCONNECT: 1,\n IGNORE: 2,\n UNIMPLEMENTED: 3,\n DEBUG: 4,\n SERVICE_REQUEST: 5,\n SERVICE_ACCEPT: 6,\n\n // Transport layer protocol -- algorithm negotiation (20-29)\n KEXINIT: 20,\n NEWKEYS: 21,\n\n // Transport layer protocol -- key exchange method-specific (30-49)\n KEXDH_INIT: 30,\n KEXDH_REPLY: 31,\n\n KEXDH_GEX_GROUP: 31,\n KEXDH_GEX_INIT: 32,\n KEXDH_GEX_REPLY: 33,\n KEXDH_GEX_REQUEST: 34,\n\n KEXECDH_INIT: 30,\n KEXECDH_REPLY: 31,\n\n // User auth protocol -- generic (50-59)\n USERAUTH_REQUEST: 50,\n USERAUTH_FAILURE: 51,\n USERAUTH_SUCCESS: 52,\n USERAUTH_BANNER: 53,\n\n // User auth protocol -- user auth method-specific (60-79)\n USERAUTH_PASSWD_CHANGEREQ: 60,\n\n USERAUTH_PK_OK: 60,\n\n USERAUTH_INFO_REQUEST: 60,\n USERAUTH_INFO_RESPONSE: 61,\n\n // Connection protocol -- generic (80-89)\n GLOBAL_REQUEST: 80,\n REQUEST_SUCCESS: 81,\n REQUEST_FAILURE: 82,\n\n // Connection protocol -- channel-related (90-127)\n CHANNEL_OPEN: 90,\n CHANNEL_OPEN_CONFIRMATION: 91,\n CHANNEL_OPEN_FAILURE: 92,\n CHANNEL_WINDOW_ADJUST: 93,\n CHANNEL_DATA: 94,\n CHANNEL_EXTENDED_DATA: 95,\n CHANNEL_EOF: 96,\n CHANNEL_CLOSE: 97,\n CHANNEL_REQUEST: 98,\n CHANNEL_SUCCESS: 99,\n CHANNEL_FAILURE: 100\n\n // Reserved for client protocols (128-191)\n\n // Local extensions (192-155)\n },\n DISCONNECT_REASON: {\n HOST_NOT_ALLOWED_TO_CONNECT: 1,\n PROTOCOL_ERROR: 2,\n KEY_EXCHANGE_FAILED: 3,\n RESERVED: 4,\n MAC_ERROR: 5,\n COMPRESSION_ERROR: 6,\n SERVICE_NOT_AVAILABLE: 7,\n PROTOCOL_VERSION_NOT_SUPPORTED: 8,\n HOST_KEY_NOT_VERIFIABLE: 9,\n CONNECTION_LOST: 10,\n BY_APPLICATION: 11,\n TOO_MANY_CONNECTIONS: 12,\n AUTH_CANCELED_BY_USER: 13,\n NO_MORE_AUTH_METHODS_AVAILABLE: 14,\n ILLEGAL_USER_NAME: 15,\n },\n DISCONNECT_REASON_STR: undefined,\n CHANNEL_OPEN_FAILURE: {\n ADMINISTRATIVELY_PROHIBITED: 1,\n CONNECT_FAILED: 2,\n UNKNOWN_CHANNEL_TYPE: 3,\n RESOURCE_SHORTAGE: 4\n },\n TERMINAL_MODE: {\n TTY_OP_END: 0, // Indicates end of options.\n VINTR: 1, // Interrupt character; 255 if none. Similarly for the\n // other characters. Not all of these characters are\n // supported on all systems.\n VQUIT: 2, // The quit character (sends SIGQUIT signal on POSIX\n // systems).\n VERASE: 3, // Erase the character to left of the cursor.\n VKILL: 4, // Kill the current input line.\n VEOF: 5, // End-of-file character (sends EOF from the\n // terminal).\n VEOL: 6, // End-of-line character in addition to carriage\n // return and/or linefeed.\n VEOL2: 7, // Additional end-of-line character.\n VSTART: 8, // Continues paused output (normally control-Q).\n VSTOP: 9, // Pauses output (normally control-S).\n VSUSP: 10, // Suspends the current program.\n VDSUSP: 11, // Another suspend character.\n VREPRINT: 12, // Reprints the current input line.\n VWERASE: 13, // Erases a word left of cursor.\n VLNEXT: 14, // Enter the next character typed literally, even if\n // it is a special character\n VFLUSH: 15, // Character to flush output.\n VSWTCH: 16, // Switch to a different shell layer.\n VSTATUS: 17, // Prints system status line (load, command, pid,\n // etc).\n VDISCARD: 18, // Toggles the flushing of terminal output.\n IGNPAR: 30, // The ignore parity flag. The parameter SHOULD be 0\n // if this flag is FALSE, and 1 if it is TRUE.\n PARMRK: 31, // Mark parity and framing errors.\n INPCK: 32, // Enable checking of parity errors.\n ISTRIP: 33, // Strip 8th bit off characters.\n INLCR: 34, // Map NL into CR on input.\n IGNCR: 35, // Ignore CR on input.\n ICRNL: 36, // Map CR to NL on input.\n IUCLC: 37, // Translate uppercase characters to lowercase.\n IXON: 38, // Enable output flow control.\n IXANY: 39, // Any char will restart after stop.\n IXOFF: 40, // Enable input flow control.\n IMAXBEL: 41, // Ring bell on input queue full.\n ISIG: 50, // Enable signals INTR, QUIT, [D]SUSP.\n ICANON: 51, // Canonicalize input lines.\n XCASE: 52, // Enable input and output of uppercase characters by\n // preceding their lowercase equivalents with \"\\\".\n ECHO: 53, // Enable echoing.\n ECHOE: 54, // Visually erase chars.\n ECHOK: 55, // Kill character discards current line.\n ECHONL: 56, // Echo NL even if ECHO is off.\n NOFLSH: 57, // Don't flush after interrupt.\n TOSTOP: 58, // Stop background jobs from output.\n IEXTEN: 59, // Enable extensions.\n ECHOCTL: 60, // Echo control characters as ^(Char).\n ECHOKE: 61, // Visual erase for line kill.\n PENDIN: 62, // Retype pending input.\n OPOST: 70, // Enable output processing.\n OLCUC: 71, // Convert lowercase to uppercase.\n ONLCR: 72, // Map NL to CR-NL.\n OCRNL: 73, // Translate carriage return to newline (output).\n ONOCR: 74, // Translate newline to carriage return-newline\n // (output).\n ONLRET: 75, // Newline performs a carriage return (output).\n CS7: 90, // 7 bit mode.\n CS8: 91, // 8 bit mode.\n PARENB: 92, // Parity enable.\n PARODD: 93, // Odd parity, else even.\n TTY_OP_ISPEED: 128, // Specifies the input baud rate in bits per second.\n TTY_OP_OSPEED: 129, // Specifies the output baud rate in bits per second.\n },\n CHANNEL_EXTENDED_DATATYPE: {\n STDERR: 1,\n },\n\n SIGNALS: [\n 'ABRT', 'ALRM', 'FPE', 'HUP', 'ILL', 'INT', 'QUIT', 'SEGV', 'TERM', 'USR1',\n 'USR2', 'KILL', 'PIPE'\n ].reduce((cur, val) => ({ ...cur, [val]: 1 }), {}),\n\n COMPAT,\n COMPAT_CHECKS: [\n [ 'Cisco-1.25', COMPAT.BAD_DHGEX ],\n [ /^Cisco-1\\./, COMPAT.BUG_DHGEX_LARGE ],\n [ /^[0-9.]+$/, COMPAT.OLD_EXIT ], // old SSH.com implementations\n [ /^OpenSSH_5\\.\\d+/, COMPAT.DYN_RPORT_BUG ],\n ],\n\n // KEX proposal-related\n DEFAULT_KEX,\n SUPPORTED_KEX,\n DEFAULT_SERVER_HOST_KEY,\n SUPPORTED_SERVER_HOST_KEY,\n DEFAULT_CIPHER,\n SUPPORTED_CIPHER,\n DEFAULT_MAC,\n SUPPORTED_MAC,\n DEFAULT_COMPRESSION,\n SUPPORTED_COMPRESSION,\n\n curve25519Supported,\n eddsaSupported,\n};\n\nmodule.exports.DISCONNECT_REASON_BY_VALUE =\n Array.from(Object.entries(module.exports.DISCONNECT_REASON))\n .reduce((obj, [key, value]) => ({ ...obj, [value]: key }), {});\n","// TODO:\n// * make max packet size configurable\n// * if decompression is enabled, use `._packet` in decipher instances as\n// input to (sync) zlib inflater with appropriate offset and length to\n// avoid an additional copy of payload data before inflation\n// * factor decompression status into packet length checks\n'use strict';\n\nconst {\n createCipheriv, createDecipheriv, createHmac, randomFillSync, timingSafeEqual\n} = require('crypto');\n\nconst { readUInt32BE, writeUInt32BE } = require('./utils.js');\n\nconst FastBuffer = Buffer[Symbol.species];\nconst MAX_SEQNO = 2 ** 32 - 1;\nconst EMPTY_BUFFER = Buffer.alloc(0);\nconst BUF_INT = Buffer.alloc(4);\nconst DISCARD_CACHE = new Map();\nconst MAX_PACKET_SIZE = 35000;\n\nlet binding;\nlet AESGCMCipher;\nlet ChaChaPolyCipher;\nlet GenericCipher;\nlet AESGCMDecipher;\nlet ChaChaPolyDecipher;\nlet GenericDecipher;\ntry {\n binding = require('./crypto/build/Release/sshcrypto.node');\n ({ AESGCMCipher, ChaChaPolyCipher, GenericCipher,\n AESGCMDecipher, ChaChaPolyDecipher, GenericDecipher } = binding);\n} catch {}\n\nconst CIPHER_STREAM = 1 << 0;\nconst CIPHER_INFO = (() => {\n function info(sslName, blockLen, keyLen, ivLen, authLen, discardLen, flags) {\n return {\n sslName,\n blockLen,\n keyLen,\n ivLen: (ivLen !== 0 || (flags & CIPHER_STREAM)\n ? ivLen\n : blockLen),\n authLen,\n discardLen,\n stream: !!(flags & CIPHER_STREAM),\n };\n }\n\n return {\n 'chacha20-poly1305@openssh.com':\n info('chacha20', 8, 64, 0, 16, 0, CIPHER_STREAM),\n\n 'aes128-gcm': info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n 'aes256-gcm': info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n 'aes128-gcm@openssh.com':\n info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n 'aes256-gcm@openssh.com':\n info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n\n 'aes128-cbc': info('aes-128-cbc', 16, 16, 0, 0, 0, 0),\n 'aes192-cbc': info('aes-192-cbc', 16, 24, 0, 0, 0, 0),\n 'aes256-cbc': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n 'rijndael-cbc@lysator.liu.se': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n '3des-cbc': info('des-ede3-cbc', 8, 24, 0, 0, 0, 0),\n 'blowfish-cbc': info('bf-cbc', 8, 16, 0, 0, 0, 0),\n 'idea-cbc': info('idea-cbc', 8, 16, 0, 0, 0, 0),\n 'cast128-cbc': info('cast-cbc', 8, 16, 0, 0, 0, 0),\n\n 'aes128-ctr': info('aes-128-ctr', 16, 16, 16, 0, 0, CIPHER_STREAM),\n 'aes192-ctr': info('aes-192-ctr', 16, 24, 16, 0, 0, CIPHER_STREAM),\n 'aes256-ctr': info('aes-256-ctr', 16, 32, 16, 0, 0, CIPHER_STREAM),\n '3des-ctr': info('des-ede3', 8, 24, 8, 0, 0, CIPHER_STREAM),\n 'blowfish-ctr': info('bf-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n 'cast128-ctr': info('cast5-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n\n /* The \"arcfour128\" algorithm is the RC4 cipher, as described in\n [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream\n generated by the cipher MUST be discarded, and the first byte of the\n first encrypted packet MUST be encrypted using the 1537th byte of\n keystream.\n\n -- http://tools.ietf.org/html/rfc4345#section-4 */\n 'arcfour': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n 'arcfour128': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n 'arcfour256': info('rc4', 8, 32, 0, 0, 1536, CIPHER_STREAM),\n 'arcfour512': info('rc4', 8, 64, 0, 0, 1536, CIPHER_STREAM),\n };\n})();\n\nconst MAC_INFO = (() => {\n function info(sslName, len, actualLen, isETM) {\n return {\n sslName,\n len,\n actualLen,\n isETM,\n };\n }\n\n return {\n 'hmac-md5': info('md5', 16, 16, false),\n 'hmac-md5-96': info('md5', 16, 12, false),\n 'hmac-ripemd160': info('ripemd160', 20, 20, false),\n 'hmac-sha1': info('sha1', 20, 20, false),\n 'hmac-sha1-etm@openssh.com': info('sha1', 20, 20, true),\n 'hmac-sha1-96': info('sha1', 20, 12, false),\n 'hmac-sha2-256': info('sha256', 32, 32, false),\n 'hmac-sha2-256-etm@openssh.com': info('sha256', 32, 32, true),\n 'hmac-sha2-256-96': info('sha256', 32, 12, false),\n 'hmac-sha2-512': info('sha512', 64, 64, false),\n 'hmac-sha2-512-etm@openssh.com': info('sha512', 64, 64, true),\n 'hmac-sha2-512-96': info('sha512', 64, 12, false),\n };\n})();\n\n\n// Should only_be used during the initial handshake\nclass NullCipher {\n constructor(seqno, onWrite) {\n this.outSeqno = seqno;\n this._onWrite = onWrite;\n this._dead = false;\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 8 - (pktLen & (8 - 1));\n if (padLen < 4)\n padLen += 8;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nconst POLY1305_ZEROS = Buffer.alloc(32);\nconst POLY1305_OUT_COMPUTE = Buffer.alloc(16);\nlet POLY1305_WASM_MODULE;\nlet POLY1305_RESULT_MALLOC;\nlet poly1305_auth;\nclass ChaChaPolyCipherNative {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encKeyMain = enc.cipherKey.slice(0, 32);\n this._encKeyPktLen = enc.cipherKey.slice(32);\n this._dead = false;\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 8 - ((pktLen - 4) & (8 - 1));\n if (padLen < 4)\n padLen += 8;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Generate Poly1305 key\n POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n writeUInt32BE(POLY1305_OUT_COMPUTE, this.outSeqno, 12);\n const polyKey =\n createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n .update(POLY1305_ZEROS);\n\n // Encrypt packet length\n const pktLenEnc =\n createCipheriv('chacha20', this._encKeyPktLen, POLY1305_OUT_COMPUTE)\n .update(packet.slice(0, 4));\n this._onWrite(pktLenEnc);\n\n // Encrypt rest of packet\n POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n const payloadEnc =\n createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n .update(packet.slice(4));\n this._onWrite(payloadEnc);\n\n // Calculate Poly1305 MAC\n poly1305_auth(POLY1305_RESULT_MALLOC,\n pktLenEnc,\n pktLenEnc.length,\n payloadEnc,\n payloadEnc.length,\n polyKey);\n const mac = Buffer.allocUnsafe(16);\n mac.set(\n new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n POLY1305_RESULT_MALLOC,\n 16),\n 0\n );\n this._onWrite(mac);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\nclass ChaChaPolyCipherBinding {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._instance = new ChaChaPolyCipher(enc.cipherKey);\n this._dead = false;\n }\n free() {\n this._dead = true;\n this._instance.free();\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 8 - ((pktLen - 4) & (8 - 1));\n if (padLen < 4)\n padLen += 8;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen + 16/* MAC */);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Encrypts in-place\n this._instance.encrypt(packet, this.outSeqno);\n\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nclass AESGCMCipherNative {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encSSLName = enc.cipherInfo.sslName;\n this._encKey = enc.cipherKey;\n this._encIV = enc.cipherIV;\n this._dead = false;\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 16 - ((pktLen - 4) & (16 - 1));\n if (padLen < 4)\n padLen += 16;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n const cipher = createCipheriv(this._encSSLName, this._encKey, this._encIV);\n cipher.setAutoPadding(false);\n\n const lenData = packet.slice(0, 4);\n cipher.setAAD(lenData);\n this._onWrite(lenData);\n\n // Encrypt pad length, payload, and padding\n const encrypted = cipher.update(packet.slice(4));\n this._onWrite(encrypted);\n const final = cipher.final();\n // XXX: final.length === 0 always?\n if (final.length)\n this._onWrite(final);\n\n // Generate MAC\n const tag = cipher.getAuthTag();\n this._onWrite(tag);\n\n // Increment counter in IV by 1 for next packet\n ivIncrement(this._encIV);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\nclass AESGCMCipherBinding {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._instance = new AESGCMCipher(enc.cipherInfo.sslName,\n enc.cipherKey,\n enc.cipherIV);\n this._dead = false;\n }\n free() {\n this._dead = true;\n this._instance.free();\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 16 - ((pktLen - 4) & (16 - 1));\n if (padLen < 4)\n padLen += 16;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen + 16/* authTag */);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Encrypts in-place\n this._instance.encrypt(packet);\n\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nclass GenericCipherNative {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encBlockLen = enc.cipherInfo.blockLen;\n this._cipherInstance = createCipheriv(enc.cipherInfo.sslName,\n enc.cipherKey,\n enc.cipherIV);\n this._macSSLName = enc.macInfo.sslName;\n this._macKey = enc.macKey;\n this._macActualLen = enc.macInfo.actualLen;\n this._macETM = enc.macInfo.isETM;\n this._aadLen = (this._macETM ? 4 : 0);\n this._dead = false;\n\n const discardLen = enc.cipherInfo.discardLen;\n if (discardLen) {\n let discard = DISCARD_CACHE.get(discardLen);\n if (discard === undefined) {\n discard = Buffer.alloc(discardLen);\n DISCARD_CACHE.set(discardLen, discard);\n }\n this._cipherInstance.update(discard);\n }\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n const blockLen = this._encBlockLen;\n\n let pktLen = 4 + 1 + payloadLen;\n let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n if (padLen < 4)\n padLen += blockLen;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n let mac;\n if (this._macETM) {\n // Encrypt pad length, payload, and padding\n const lenBytes = new Uint8Array(packet.buffer, packet.byteOffset, 4);\n const encrypted = this._cipherInstance.update(\n new Uint8Array(packet.buffer,\n packet.byteOffset + 4,\n packet.length - 4)\n );\n\n this._onWrite(lenBytes);\n this._onWrite(encrypted);\n\n // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n mac = createHmac(this._macSSLName, this._macKey);\n writeUInt32BE(BUF_INT, this.outSeqno, 0);\n mac.update(BUF_INT);\n mac.update(lenBytes);\n mac.update(encrypted);\n } else {\n // Encrypt length field, pad length, payload, and padding\n const encrypted = this._cipherInstance.update(packet);\n this._onWrite(encrypted);\n\n // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n mac = createHmac(this._macSSLName, this._macKey);\n writeUInt32BE(BUF_INT, this.outSeqno, 0);\n mac.update(BUF_INT);\n mac.update(packet);\n }\n\n let digest = mac.digest();\n if (digest.length > this._macActualLen)\n digest = digest.slice(0, this._macActualLen);\n this._onWrite(digest);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\nclass GenericCipherBinding {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encBlockLen = enc.cipherInfo.blockLen;\n this._macLen = enc.macInfo.len;\n this._macActualLen = enc.macInfo.actualLen;\n this._aadLen = (enc.macInfo.isETM ? 4 : 0);\n this._instance = new GenericCipher(enc.cipherInfo.sslName,\n enc.cipherKey,\n enc.cipherIV,\n enc.macInfo.sslName,\n enc.macKey,\n enc.macInfo.isETM);\n this._dead = false;\n }\n free() {\n this._dead = true;\n this._instance.free();\n }\n allocPacket(payloadLen) {\n const blockLen = this._encBlockLen;\n\n let pktLen = 4 + 1 + payloadLen;\n let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n if (padLen < 4)\n padLen += blockLen;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen + this._macLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Encrypts in-place\n this._instance.encrypt(packet, this.outSeqno);\n\n if (this._macActualLen < this._macLen) {\n packet = new FastBuffer(packet.buffer,\n packet.byteOffset,\n (packet.length\n - (this._macLen - this._macActualLen)));\n }\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nclass NullDecipher {\n constructor(seqno, onPayload) {\n this.inSeqno = seqno;\n this._onPayload = onPayload;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n while (p < dataLen) {\n // Read packet length\n if (this._lenBytes < 4) {\n let nb = Math.min(4 - this._lenBytes, dataLen - p);\n\n this._lenBytes += nb;\n while (nb--)\n this._len = (this._len << 8) + data[p++];\n\n if (this._lenBytes < 4)\n return;\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 8\n || (4 + this._len & 7) !== 0) {\n throw new Error('Bad packet length');\n }\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._packetPos < this._len) {\n const nb = Math.min(this._len - this._packetPos, dataLen - p);\n let chunk;\n if (p !== 0 || nb !== dataLen)\n chunk = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n chunk = data;\n if (nb === this._len) {\n this._packet = chunk;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(chunk, this._packetPos);\n }\n p += nb;\n this._packetPos += nb;\n if (this._packetPos < this._len)\n return;\n }\n\n const payload = (!this._packet\n ? EMPTY_BUFFER\n : new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length\n - this._packet[0] - 1));\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass ChaChaPolyDecipherNative {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._decKeyMain = dec.decipherKey.slice(0, 32);\n this._decKeyPktLen = dec.decipherKey.slice(32);\n this._len = 0;\n this._lenBuf = Buffer.alloc(4);\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(16);\n this._calcMac = Buffer.allocUnsafe(16);\n this._macPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length\n if (this._lenPos < 4) {\n let nb = Math.min(4 - this._lenPos, dataLen - p);\n while (nb--)\n this._lenBuf[this._lenPos++] = data[p++];\n if (this._lenPos < 4)\n return;\n\n POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n\n const decLenBytes =\n createDecipheriv('chacha20', this._decKeyPktLen, POLY1305_OUT_COMPUTE)\n .update(this._lenBuf);\n this._len = readUInt32BE(decLenBytes, 0);\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 8\n || (this._len & 7) !== 0) {\n throw new Error('Bad packet length');\n }\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n if (p >= dataLen)\n return;\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read Poly1305 MAC\n {\n const nb = Math.min(16 - this._macPos, dataLen - p);\n // TODO: avoid copying if entire MAC is in current chunk\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < 16)\n return;\n }\n\n // Generate Poly1305 key\n POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n const polyKey =\n createCipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n .update(POLY1305_ZEROS);\n\n // Calculate and compare Poly1305 MACs\n poly1305_auth(POLY1305_RESULT_MALLOC,\n this._lenBuf,\n 4,\n this._packet,\n this._packet.length,\n polyKey);\n\n this._calcMac.set(\n new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n POLY1305_RESULT_MALLOC,\n 16),\n 0\n );\n if (!timingSafeEqual(this._calcMac, this._mac))\n throw new Error('Invalid MAC');\n\n // Decrypt packet\n POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n const packet =\n createDecipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n .update(this._packet);\n\n const payload = new FastBuffer(packet.buffer,\n packet.byteOffset + 1,\n packet.length - packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._macPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass ChaChaPolyDecipherBinding {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._instance = new ChaChaPolyDecipher(dec.decipherKey);\n this._len = 0;\n this._lenBuf = Buffer.alloc(4);\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(16);\n this._macPos = 0;\n }\n free() {\n this._instance.free();\n }\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length\n if (this._lenPos < 4) {\n let nb = Math.min(4 - this._lenPos, dataLen - p);\n while (nb--)\n this._lenBuf[this._lenPos++] = data[p++];\n if (this._lenPos < 4)\n return;\n\n this._len = this._instance.decryptLen(this._lenBuf, this.inSeqno);\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 8\n || (this._len & 7) !== 0) {\n throw new Error('Bad packet length');\n }\n\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read Poly1305 MAC\n {\n const nb = Math.min(16 - this._macPos, dataLen - p);\n // TODO: avoid copying if entire MAC is in current chunk\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < 16)\n return;\n }\n\n this._instance.decrypt(this._packet, this._mac, this.inSeqno);\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._macPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass AESGCMDecipherNative {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._decipherInstance = null;\n this._decipherSSLName = dec.decipherInfo.sslName;\n this._decipherKey = dec.decipherKey;\n this._decipherIV = dec.decipherIV;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._tag = Buffer.allocUnsafe(16);\n this._tagPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length (unencrypted, but AAD)\n if (this._lenBytes < 4) {\n let nb = Math.min(4 - this._lenBytes, dataLen - p);\n this._lenBytes += nb;\n while (nb--)\n this._len = (this._len << 8) + data[p++];\n if (this._lenBytes < 4)\n return;\n\n if ((this._len + 20) > MAX_PACKET_SIZE\n || this._len < 16\n || (this._len & 15) !== 0) {\n throw new Error('Bad packet length');\n }\n\n this._decipherInstance = createDecipheriv(\n this._decipherSSLName,\n this._decipherKey,\n this._decipherIV\n );\n this._decipherInstance.setAutoPadding(false);\n this._decipherInstance.setAAD(intToBytes(this._len));\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n if (p >= dataLen)\n return;\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let decrypted;\n if (p !== 0 || nb !== dataLen) {\n decrypted = this._decipherInstance.update(\n new Uint8Array(data.buffer, data.byteOffset + p, nb)\n );\n } else {\n decrypted = this._decipherInstance.update(data);\n }\n if (decrypted.length) {\n if (nb === this._len) {\n this._packet = decrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(decrypted, this._packetPos);\n }\n this._packetPos += decrypted.length;\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read authentication tag\n {\n const nb = Math.min(16 - this._tagPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._tag.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._tagPos\n );\n } else {\n this._tag.set(data, this._tagPos);\n }\n p += nb;\n this._tagPos += nb;\n if (this._tagPos < 16)\n return;\n }\n\n {\n // Verify authentication tag\n this._decipherInstance.setAuthTag(this._tag);\n\n const decrypted = this._decipherInstance.final();\n\n // XXX: this should never output any data since stream ciphers always\n // return data from .update() and block ciphers must end on a multiple\n // of the block length, which would have caused an exception to be\n // thrown if the total input was not...\n if (decrypted.length) {\n if (this._packet)\n this._packet.set(decrypted, this._packetPos);\n else\n this._packet = decrypted;\n }\n }\n\n const payload = (!this._packet\n ? EMPTY_BUFFER\n : new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length\n - this._packet[0] - 1));\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n ivIncrement(this._decipherIV);\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._tagPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass AESGCMDecipherBinding {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._instance = new AESGCMDecipher(dec.decipherInfo.sslName,\n dec.decipherKey,\n dec.decipherIV);\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._pktLen = 0;\n this._tag = Buffer.allocUnsafe(16);\n this._tagPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length (unencrypted, but AAD)\n if (this._lenBytes < 4) {\n let nb = Math.min(4 - this._lenBytes, dataLen - p);\n this._lenBytes += nb;\n while (nb--)\n this._len = (this._len << 8) + data[p++];\n if (this._lenBytes < 4)\n return;\n\n if ((this._len + 20) > MAX_PACKET_SIZE\n || this._len < 16\n || (this._len & 15) !== 0) {\n throw new Error(`Bad packet length: ${this._len}`);\n }\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n if (p >= dataLen)\n return;\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read authentication tag\n {\n const nb = Math.min(16 - this._tagPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._tag.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._tagPos\n );\n } else {\n this._tag.set(data, this._tagPos);\n }\n p += nb;\n this._tagPos += nb;\n if (this._tagPos < 16)\n return;\n }\n\n this._instance.decrypt(this._packet, this._len, this._tag);\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._pktLen = 0;\n this._tagPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\n// TODO: test incremental .update()s vs. copying to _packet and doing a single\n// .update() after entire packet read -- a single .update() would allow\n// verifying MAC before decrypting for ETM MACs\nclass GenericDecipherNative {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._decipherInstance = createDecipheriv(dec.decipherInfo.sslName,\n dec.decipherKey,\n dec.decipherIV);\n this._decipherInstance.setAutoPadding(false);\n this._block = Buffer.allocUnsafe(\n dec.macInfo.isETM ? 4 : dec.decipherInfo.blockLen\n );\n this._blockSize = dec.decipherInfo.blockLen;\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n this._macPos = 0;\n this._macSSLName = dec.macInfo.sslName;\n this._macKey = dec.macKey;\n this._macActualLen = dec.macInfo.actualLen;\n this._macETM = dec.macInfo.isETM;\n this._macInstance = null;\n\n const discardLen = dec.decipherInfo.discardLen;\n if (discardLen) {\n let discard = DISCARD_CACHE.get(discardLen);\n if (discard === undefined) {\n discard = Buffer.alloc(discardLen);\n DISCARD_CACHE.set(discardLen, discard);\n }\n this._decipherInstance.update(discard);\n }\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read first encrypted block\n if (this._blockPos < this._block.length) {\n const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n if (p !== 0 || nb !== dataLen || nb < data.length) {\n this._block.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._blockPos\n );\n } else {\n this._block.set(data, this._blockPos);\n }\n\n p += nb;\n this._blockPos += nb;\n if (this._blockPos < this._block.length)\n return;\n\n let decrypted;\n let need;\n if (this._macETM) {\n this._len = need = readUInt32BE(this._block, 0);\n } else {\n // Decrypt first block to get packet length\n decrypted = this._decipherInstance.update(this._block);\n this._len = readUInt32BE(decrypted, 0);\n need = 4 + this._len - this._blockSize;\n }\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 5\n || (need & (this._blockSize - 1)) !== 0) {\n throw new Error('Bad packet length');\n }\n\n // Create MAC up front to calculate in parallel with decryption\n this._macInstance = createHmac(this._macSSLName, this._macKey);\n\n writeUInt32BE(BUF_INT, this.inSeqno, 0);\n this._macInstance.update(BUF_INT);\n if (this._macETM) {\n this._macInstance.update(this._block);\n } else {\n this._macInstance.update(new Uint8Array(decrypted.buffer,\n decrypted.byteOffset,\n 4));\n this._pktLen = decrypted.length - 4;\n this._packetPos = this._pktLen;\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(\n new Uint8Array(decrypted.buffer,\n decrypted.byteOffset + 4,\n this._packetPos),\n 0\n );\n }\n\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (this._macETM)\n this._macInstance.update(encrypted);\n const decrypted = this._decipherInstance.update(encrypted);\n if (decrypted.length) {\n if (nb === this._len) {\n this._packet = decrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(decrypted, this._packetPos);\n }\n this._packetPos += decrypted.length;\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read MAC\n {\n const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < this._macActualLen)\n return;\n }\n\n // Verify MAC\n if (!this._macETM)\n this._macInstance.update(this._packet);\n let calculated = this._macInstance.digest();\n if (this._macActualLen < calculated.length) {\n calculated = new Uint8Array(calculated.buffer,\n calculated.byteOffset,\n this._macActualLen);\n }\n if (!timingSafeEquals(calculated, this._mac))\n throw new Error('Invalid MAC');\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._macPos = 0;\n this._macInstance = null;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass GenericDecipherBinding {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._instance = new GenericDecipher(dec.decipherInfo.sslName,\n dec.decipherKey,\n dec.decipherIV,\n dec.macInfo.sslName,\n dec.macKey,\n dec.macInfo.isETM,\n dec.macInfo.actualLen);\n this._block = Buffer.allocUnsafe(\n dec.macInfo.isETM || dec.decipherInfo.stream\n ? 4\n : dec.decipherInfo.blockLen\n );\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n this._macPos = 0;\n this._macActualLen = dec.macInfo.actualLen;\n this._macETM = dec.macInfo.isETM;\n }\n free() {\n this._instance.free();\n }\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read first encrypted block\n if (this._blockPos < this._block.length) {\n const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n if (p !== 0 || nb !== dataLen || nb < data.length) {\n this._block.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._blockPos\n );\n } else {\n this._block.set(data, this._blockPos);\n }\n\n p += nb;\n this._blockPos += nb;\n if (this._blockPos < this._block.length)\n return;\n\n let need;\n if (this._macETM) {\n this._len = need = readUInt32BE(this._block, 0);\n } else {\n // Decrypt first block to get packet length\n this._instance.decryptBlock(this._block);\n this._len = readUInt32BE(this._block, 0);\n need = 4 + this._len - this._block.length;\n }\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 5\n || (need & (this._block.length - 1)) !== 0) {\n throw new Error('Bad packet length');\n }\n\n if (!this._macETM) {\n this._pktLen = (this._block.length - 4);\n if (this._pktLen) {\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(\n new Uint8Array(this._block.buffer,\n this._block.byteOffset + 4,\n this._pktLen),\n 0\n );\n }\n }\n\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read MAC\n {\n const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < this._macActualLen)\n return;\n }\n\n // Decrypt and verify MAC\n this._instance.decrypt(this._packet,\n this.inSeqno,\n this._block,\n this._mac);\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._pktLen = 0;\n this._macPos = 0;\n this._macInstance = null;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\n// Increments unsigned, big endian counter (last 8 bytes) of AES-GCM IV\nfunction ivIncrement(iv) {\n // eslint-disable-next-line no-unused-expressions\n ++iv[11] >>> 8\n && ++iv[10] >>> 8\n && ++iv[9] >>> 8\n && ++iv[8] >>> 8\n && ++iv[7] >>> 8\n && ++iv[6] >>> 8\n && ++iv[5] >>> 8\n && ++iv[4] >>> 8;\n}\n\nconst intToBytes = (() => {\n const ret = Buffer.alloc(4);\n return (n) => {\n ret[0] = (n >>> 24);\n ret[1] = (n >>> 16);\n ret[2] = (n >>> 8);\n ret[3] = n;\n return ret;\n };\n})();\n\nfunction timingSafeEquals(a, b) {\n if (a.length !== b.length) {\n timingSafeEqual(a, a);\n return false;\n }\n return timingSafeEqual(a, b);\n}\n\nfunction createCipher(config) {\n if (typeof config !== 'object' || config === null)\n throw new Error('Invalid config');\n\n if (typeof config.outbound !== 'object' || config.outbound === null)\n throw new Error('Invalid outbound');\n\n const outbound = config.outbound;\n\n if (typeof outbound.onWrite !== 'function')\n throw new Error('Invalid outbound.onWrite');\n\n if (typeof outbound.cipherInfo !== 'object' || outbound.cipherInfo === null)\n throw new Error('Invalid outbound.cipherInfo');\n\n if (!Buffer.isBuffer(outbound.cipherKey)\n || outbound.cipherKey.length !== outbound.cipherInfo.keyLen) {\n throw new Error('Invalid outbound.cipherKey');\n }\n\n if (outbound.cipherInfo.ivLen\n && (!Buffer.isBuffer(outbound.cipherIV)\n || outbound.cipherIV.length !== outbound.cipherInfo.ivLen)) {\n throw new Error('Invalid outbound.cipherIV');\n }\n\n if (typeof outbound.seqno !== 'number'\n || outbound.seqno < 0\n || outbound.seqno > MAX_SEQNO) {\n throw new Error('Invalid outbound.seqno');\n }\n\n const forceNative = !!outbound.forceNative;\n\n switch (outbound.cipherInfo.sslName) {\n case 'aes-128-gcm':\n case 'aes-256-gcm':\n return (AESGCMCipher && !forceNative\n ? new AESGCMCipherBinding(config)\n : new AESGCMCipherNative(config));\n case 'chacha20':\n return (ChaChaPolyCipher && !forceNative\n ? new ChaChaPolyCipherBinding(config)\n : new ChaChaPolyCipherNative(config));\n default: {\n if (typeof outbound.macInfo !== 'object' || outbound.macInfo === null)\n throw new Error('Invalid outbound.macInfo');\n if (!Buffer.isBuffer(outbound.macKey)\n || outbound.macKey.length !== outbound.macInfo.len) {\n throw new Error('Invalid outbound.macKey');\n }\n return (GenericCipher && !forceNative\n ? new GenericCipherBinding(config)\n : new GenericCipherNative(config));\n }\n }\n}\n\nfunction createDecipher(config) {\n if (typeof config !== 'object' || config === null)\n throw new Error('Invalid config');\n\n if (typeof config.inbound !== 'object' || config.inbound === null)\n throw new Error('Invalid inbound');\n\n const inbound = config.inbound;\n\n if (typeof inbound.onPayload !== 'function')\n throw new Error('Invalid inbound.onPayload');\n\n if (typeof inbound.decipherInfo !== 'object'\n || inbound.decipherInfo === null) {\n throw new Error('Invalid inbound.decipherInfo');\n }\n\n if (!Buffer.isBuffer(inbound.decipherKey)\n || inbound.decipherKey.length !== inbound.decipherInfo.keyLen) {\n throw new Error('Invalid inbound.decipherKey');\n }\n\n if (inbound.decipherInfo.ivLen\n && (!Buffer.isBuffer(inbound.decipherIV)\n || inbound.decipherIV.length !== inbound.decipherInfo.ivLen)) {\n throw new Error('Invalid inbound.decipherIV');\n }\n\n if (typeof inbound.seqno !== 'number'\n || inbound.seqno < 0\n || inbound.seqno > MAX_SEQNO) {\n throw new Error('Invalid inbound.seqno');\n }\n\n const forceNative = !!inbound.forceNative;\n\n switch (inbound.decipherInfo.sslName) {\n case 'aes-128-gcm':\n case 'aes-256-gcm':\n return (AESGCMDecipher && !forceNative\n ? new AESGCMDecipherBinding(config)\n : new AESGCMDecipherNative(config));\n case 'chacha20':\n return (ChaChaPolyDecipher && !forceNative\n ? new ChaChaPolyDecipherBinding(config)\n : new ChaChaPolyDecipherNative(config));\n default: {\n if (typeof inbound.macInfo !== 'object' || inbound.macInfo === null)\n throw new Error('Invalid inbound.macInfo');\n if (!Buffer.isBuffer(inbound.macKey)\n || inbound.macKey.length !== inbound.macInfo.len) {\n throw new Error('Invalid inbound.macKey');\n }\n return (GenericDecipher && !forceNative\n ? new GenericDecipherBinding(config)\n : new GenericDecipherNative(config));\n }\n }\n}\n\nmodule.exports = {\n CIPHER_INFO,\n MAC_INFO,\n bindingAvailable: !!binding,\n init: (() => {\n // eslint-disable-next-line no-async-promise-executor\n return new Promise(async (resolve, reject) => {\n try {\n POLY1305_WASM_MODULE = await require('./crypto/poly1305.js')();\n POLY1305_RESULT_MALLOC = POLY1305_WASM_MODULE._malloc(16);\n poly1305_auth = POLY1305_WASM_MODULE.cwrap(\n 'poly1305_auth',\n null,\n ['number', 'array', 'number', 'array', 'number', 'array']\n );\n } catch (ex) {\n return reject(ex);\n }\n resolve();\n });\n })(),\n\n NullCipher,\n createCipher,\n NullDecipher,\n createDecipher,\n};\n","\nvar createPoly1305 = (function() {\n var _scriptDir = typeof document !== 'undefined' && document.currentScript ? document.currentScript.src : undefined;\n if (typeof __filename !== 'undefined') _scriptDir = _scriptDir || __filename;\n return (\nfunction(createPoly1305) {\n createPoly1305 = createPoly1305 || {};\n\n\nvar b;b||(b=typeof createPoly1305 !== 'undefined' ? createPoly1305 : {});var q,r;b.ready=new Promise(function(a,c){q=a;r=c});var u={},w;for(w in b)b.hasOwnProperty(w)&&(u[w]=b[w]);var x=\"object\"===typeof window,y=\"function\"===typeof importScripts,z=\"object\"===typeof process&&\"object\"===typeof process.versions&&\"string\"===typeof process.versions.node,B=\"\",C,D,E,F,G;\nif(z)B=y?require(\"path\").dirname(B)+\"/\":__dirname+\"/\",C=function(a,c){var d=H(a);if(d)return c?d:d.toString();F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);return F.readFileSync(a,c?null:\"utf8\")},E=function(a){a=C(a,!0);a.buffer||(a=new Uint8Array(a));assert(a.buffer);return a},D=function(a,c,d){var e=H(a);e&&c(e);F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);F.readFile(a,function(f,l){f?d(f):c(l.buffer)})},1=m){var oa=g.charCodeAt(++v);m=65536+((m&1023)<<10)|oa&1023}if(127>=m){if(k>=n)break;h[k++]=m}else{if(2047>=m){if(k+1>=n)break;h[k++]=192|m>>6}else{if(65535>=m){if(k+2>=n)break;h[k++]=224|m>>12}else{if(k+3>=n)break;h[k++]=240|m>>18;h[k++]=128|m>>12&63}h[k++]=128|m>>6&63}h[k++]=128|m&63}}h[k]=\n0}}return p},array:function(g){var p=O(g.length);Q.set(g,p);return p}},l=N(a),A=[];a=0;if(e)for(var t=0;t=n);)++k;if(16h?n+=String.fromCharCode(h):(h-=65536,n+=String.fromCharCode(55296|h>>10,56320|h&1023))}}else n+=String.fromCharCode(h)}g=n}}else g=\"\";else g=\"boolean\"===c?!!g:g;return g}(d);0!==a&&fa(a);return d}var ea=\"undefined\"!==typeof TextDecoder?new TextDecoder(\"utf8\"):void 0,ha,Q,P;\nfunction ia(){var a=L.buffer;ha=a;b.HEAP8=Q=new Int8Array(a);b.HEAP16=new Int16Array(a);b.HEAP32=new Int32Array(a);b.HEAPU8=P=new Uint8Array(a);b.HEAPU16=new Uint16Array(a);b.HEAPU32=new Uint32Array(a);b.HEAPF32=new Float32Array(a);b.HEAPF64=new Float64Array(a)}var R,ja=[],ka=[],la=[];function ma(){var a=b.preRun.shift();ja.unshift(a)}var S=0,T=null,U=null;b.preloadedImages={};b.preloadedAudios={};\nfunction K(a){if(b.onAbort)b.onAbort(a);I(a);M=!0;a=new WebAssembly.RuntimeError(\"abort(\"+a+\"). Build with -s ASSERTIONS=1 for more info.\");r(a);throw a;}var V=\"data:application/octet-stream;base64,\",W;W=\"data:application/octet-stream;base64,AGFzbQEAAAABIAZgAX8Bf2ADf39/AGABfwBgAABgAAF/YAZ/f39/f38AAgcBAWEBYQAAAwsKAAEDAQAAAgQFAgQFAXABAQEFBwEBgAKAgAIGCQF/AUGAjMACCwclCQFiAgABYwADAWQACQFlAAgBZgAHAWcABgFoAAUBaQAKAWoBAAqGTQpPAQJ/QYAIKAIAIgEgAEEDakF8cSICaiEAAkAgAkEAIAAgAU0bDQAgAD8AQRB0SwRAIAAQAEUNAQtBgAggADYCACABDwtBhAhBMDYCAEF/C4wFAg5+Cn8gACgCJCEUIAAoAiAhFSAAKAIcIREgACgCGCESIAAoAhQhEyACQRBPBEAgAC0ATEVBGHQhFyAAKAIEIhZBBWytIQ8gACgCCCIYQQVsrSENIAAoAgwiGUEFbK0hCyAAKAIQIhpBBWytIQkgADUCACEIIBqtIRAgGa0hDiAYrSEMIBatIQoDQCASIAEtAAMiEiABLQAEQQh0ciABLQAFQRB0ciABLQAGIhZBGHRyQQJ2Qf///x9xaq0iAyAOfiABLwAAIAEtAAJBEHRyIBNqIBJBGHRBgICAGHFqrSIEIBB+fCARIAEtAAdBCHQgFnIgAS0ACEEQdHIgAS0ACSIRQRh0ckEEdkH///8fcWqtIgUgDH58IAEtAApBCHQgEXIgAS0AC0EQdHIgAS0ADEEYdHJBBnYgFWqtIgYgCn58IBQgF2ogAS8ADSABLQAPQRB0cmqtIgcgCH58IAMgDH4gBCAOfnwgBSAKfnwgBiAIfnwgByAJfnwgAyAKfiAEIAx+fCAFIAh+fCAGIAl+fCAHIAt+fCADIAh+IAQgCn58IAUgCX58IAYgC358IAcgDX58IAMgCX4gBCAIfnwgBSALfnwgBiANfnwgByAPfnwiA0IaiEL/////D4N8IgRCGohC/////w+DfCIFQhqIQv////8Pg3wiBkIaiEL/////D4N8IgdCGoinQQVsIAOnQf///x9xaiITQRp2IASnQf///x9xaiESIAWnQf///x9xIREgBqdB////H3EhFSAHp0H///8fcSEUIBNB////H3EhEyABQRBqIQEgAkEQayICQQ9LDQALCyAAIBQ2AiQgACAVNgIgIAAgETYCHCAAIBI2AhggACATNgIUCwMAAQu2BAEGfwJAIAAoAjgiBARAIABBPGohBQJAIAJBECAEayIDIAIgA0kbIgZFDQAgBkEDcSEHAkAgBkEBa0EDSQRAQQAhAwwBCyAGQXxxIQhBACEDA0AgBSADIARqaiABIANqLQAAOgAAIAUgA0EBciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0ECciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0EDciIEIAAoAjhqaiABIARqLQAAOgAAIANBBGohAyAAKAI4IQQgCEEEayIIDQALCyAHRQ0AA0AgBSADIARqaiABIANqLQAAOgAAIANBAWohAyAAKAI4IQQgB0EBayIHDQALCyAAIAQgBmoiAzYCOCADQRBJDQEgACAFQRAQAiAAQQA2AjggAiAGayECIAEgBmohAQsgAkEQTwRAIAAgASACQXBxIgMQAiACQQ9xIQIgASADaiEBCyACRQ0AIAJBA3EhBCAAQTxqIQVBACEDIAJBAWtBA08EQCACQXxxIQcDQCAFIAAoAjggA2pqIAEgA2otAAA6AAAgBSADQQFyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQJyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQNyIgYgACgCOGpqIAEgBmotAAA6AAAgA0EEaiEDIAdBBGsiBw0ACwsgBARAA0AgBSAAKAI4IANqaiABIANqLQAAOgAAIANBAWohAyAEQQFrIgQNAAsLIAAgACgCOCACajYCOAsLoS0BDH8jAEEQayIMJAACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAEH0AU0EQEGICCgCACIFQRAgAEELakF4cSAAQQtJGyIIQQN2IgJ2IgFBA3EEQCABQX9zQQFxIAJqIgNBA3QiAUG4CGooAgAiBEEIaiEAAkAgBCgCCCICIAFBsAhqIgFGBEBBiAggBUF+IAN3cTYCAAwBCyACIAE2AgwgASACNgIICyAEIANBA3QiAUEDcjYCBCABIARqIgEgASgCBEEBcjYCBAwNCyAIQZAIKAIAIgpNDQEgAQRAAkBBAiACdCIAQQAgAGtyIAEgAnRxIgBBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2aiIDQQN0IgBBuAhqKAIAIgQoAggiASAAQbAIaiIARgRAQYgIIAVBfiADd3EiBTYCAAwBCyABIAA2AgwgACABNgIICyAEQQhqIQAgBCAIQQNyNgIEIAQgCGoiAiADQQN0IgEgCGsiA0EBcjYCBCABIARqIAM2AgAgCgRAIApBA3YiAUEDdEGwCGohB0GcCCgCACEEAn8gBUEBIAF0IgFxRQRAQYgIIAEgBXI2AgAgBwwBCyAHKAIICyEBIAcgBDYCCCABIAQ2AgwgBCAHNgIMIAQgATYCCAtBnAggAjYCAEGQCCADNgIADA0LQYwIKAIAIgZFDQEgBkEAIAZrcUEBayIAIABBDHZBEHEiAnYiAUEFdkEIcSIAIAJyIAEgAHYiAUECdkEEcSIAciABIAB2IgFBAXZBAnEiAHIgASAAdiIBQQF2QQFxIgByIAEgAHZqQQJ0QbgKaigCACIBKAIEQXhxIAhrIQMgASECA0ACQCACKAIQIgBFBEAgAigCFCIARQ0BCyAAKAIEQXhxIAhrIgIgAyACIANJIgIbIQMgACABIAIbIQEgACECDAELCyABIAhqIgkgAU0NAiABKAIYIQsgASABKAIMIgRHBEAgASgCCCIAQZgIKAIASRogACAENgIMIAQgADYCCAwMCyABQRRqIgIoAgAiAEUEQCABKAIQIgBFDQQgAUEQaiECCwNAIAIhByAAIgRBFGoiAigCACIADQAgBEEQaiECIAQoAhAiAA0ACyAHQQA2AgAMCwtBfyEIIABBv39LDQAgAEELaiIAQXhxIQhBjAgoAgAiCUUNAEEAIAhrIQMCQAJAAkACf0EAIAhBgAJJDQAaQR8gCEH///8HSw0AGiAAQQh2IgAgAEGA/j9qQRB2QQhxIgJ0IgAgAEGA4B9qQRB2QQRxIgF0IgAgAEGAgA9qQRB2QQJxIgB0QQ92IAEgAnIgAHJrIgBBAXQgCCAAQRVqdkEBcXJBHGoLIgVBAnRBuApqKAIAIgJFBEBBACEADAELQQAhACAIQQBBGSAFQQF2ayAFQR9GG3QhAQNAAkAgAigCBEF4cSAIayIHIANPDQAgAiEEIAciAw0AQQAhAyACIQAMAwsgACACKAIUIgcgByACIAFBHXZBBHFqKAIQIgJGGyAAIAcbIQAgAUEBdCEBIAINAAsLIAAgBHJFBEBBACEEQQIgBXQiAEEAIABrciAJcSIARQ0DIABBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2akECdEG4CmooAgAhAAsgAEUNAQsDQCAAKAIEQXhxIAhrIgEgA0khAiABIAMgAhshAyAAIAQgAhshBCAAKAIQIgEEfyABBSAAKAIUCyIADQALCyAERQ0AIANBkAgoAgAgCGtPDQAgBCAIaiIGIARNDQEgBCgCGCEFIAQgBCgCDCIBRwRAIAQoAggiAEGYCCgCAEkaIAAgATYCDCABIAA2AggMCgsgBEEUaiICKAIAIgBFBEAgBCgCECIARQ0EIARBEGohAgsDQCACIQcgACIBQRRqIgIoAgAiAA0AIAFBEGohAiABKAIQIgANAAsgB0EANgIADAkLIAhBkAgoAgAiAk0EQEGcCCgCACEDAkAgAiAIayIBQRBPBEBBkAggATYCAEGcCCADIAhqIgA2AgAgACABQQFyNgIEIAIgA2ogATYCACADIAhBA3I2AgQMAQtBnAhBADYCAEGQCEEANgIAIAMgAkEDcjYCBCACIANqIgAgACgCBEEBcjYCBAsgA0EIaiEADAsLIAhBlAgoAgAiBkkEQEGUCCAGIAhrIgE2AgBBoAhBoAgoAgAiAiAIaiIANgIAIAAgAUEBcjYCBCACIAhBA3I2AgQgAkEIaiEADAsLQQAhACAIQS9qIgkCf0HgCygCAARAQegLKAIADAELQewLQn83AgBB5AtCgKCAgICABDcCAEHgCyAMQQxqQXBxQdiq1aoFczYCAEH0C0EANgIAQcQLQQA2AgBBgCALIgFqIgVBACABayIHcSICIAhNDQpBwAsoAgAiBARAQbgLKAIAIgMgAmoiASADTQ0LIAEgBEsNCwtBxAstAABBBHENBQJAAkBBoAgoAgAiAwRAQcgLIQADQCADIAAoAgAiAU8EQCABIAAoAgRqIANLDQMLIAAoAggiAA0ACwtBABABIgFBf0YNBiACIQVB5AsoAgAiA0EBayIAIAFxBEAgAiABayAAIAFqQQAgA2txaiEFCyAFIAhNDQYgBUH+////B0sNBkHACygCACIEBEBBuAsoAgAiAyAFaiIAIANNDQcgACAESw0HCyAFEAEiACABRw0BDAgLIAUgBmsgB3EiBUH+////B0sNBSAFEAEiASAAKAIAIAAoAgRqRg0EIAEhAAsCQCAAQX9GDQAgCEEwaiAFTQ0AQegLKAIAIgEgCSAFa2pBACABa3EiAUH+////B0sEQCAAIQEMCAsgARABQX9HBEAgASAFaiEFIAAhAQwIC0EAIAVrEAEaDAULIAAiAUF/Rw0GDAQLAAtBACEEDAcLQQAhAQwFCyABQX9HDQILQcQLQcQLKAIAQQRyNgIACyACQf7///8HSw0BIAIQASEBQQAQASEAIAFBf0YNASAAQX9GDQEgACABTQ0BIAAgAWsiBSAIQShqTQ0BC0G4C0G4CygCACAFaiIANgIAQbwLKAIAIABJBEBBvAsgADYCAAsCQAJAAkBBoAgoAgAiBwRAQcgLIQADQCABIAAoAgAiAyAAKAIEIgJqRg0CIAAoAggiAA0ACwwCC0GYCCgCACIAQQAgACABTRtFBEBBmAggATYCAAtBACEAQcwLIAU2AgBByAsgATYCAEGoCEF/NgIAQawIQeALKAIANgIAQdQLQQA2AgADQCAAQQN0IgNBuAhqIANBsAhqIgI2AgAgA0G8CGogAjYCACAAQQFqIgBBIEcNAAtBlAggBUEoayIDQXggAWtBB3FBACABQQhqQQdxGyIAayICNgIAQaAIIAAgAWoiADYCACAAIAJBAXI2AgQgASADakEoNgIEQaQIQfALKAIANgIADAILIAAtAAxBCHENACADIAdLDQAgASAHTQ0AIAAgAiAFajYCBEGgCCAHQXggB2tBB3FBACAHQQhqQQdxGyIAaiICNgIAQZQIQZQIKAIAIAVqIgEgAGsiADYCACACIABBAXI2AgQgASAHakEoNgIEQaQIQfALKAIANgIADAELQZgIKAIAIAFLBEBBmAggATYCAAsgASAFaiECQcgLIQACQAJAAkACQAJAAkADQCACIAAoAgBHBEAgACgCCCIADQEMAgsLIAAtAAxBCHFFDQELQcgLIQADQCAHIAAoAgAiAk8EQCACIAAoAgRqIgQgB0sNAwsgACgCCCEADAALAAsgACABNgIAIAAgACgCBCAFajYCBCABQXggAWtBB3FBACABQQhqQQdxG2oiCSAIQQNyNgIEIAJBeCACa0EHcUEAIAJBCGpBB3EbaiIFIAggCWoiBmshAiAFIAdGBEBBoAggBjYCAEGUCEGUCCgCACACaiIANgIAIAYgAEEBcjYCBAwDCyAFQZwIKAIARgRAQZwIIAY2AgBBkAhBkAgoAgAgAmoiADYCACAGIABBAXI2AgQgACAGaiAANgIADAMLIAUoAgQiAEEDcUEBRgRAIABBeHEhBwJAIABB/wFNBEAgBSgCCCIDIABBA3YiAEEDdEGwCGpGGiADIAUoAgwiAUYEQEGICEGICCgCAEF+IAB3cTYCAAwCCyADIAE2AgwgASADNgIIDAELIAUoAhghCAJAIAUgBSgCDCIBRwRAIAUoAggiACABNgIMIAEgADYCCAwBCwJAIAVBFGoiACgCACIDDQAgBUEQaiIAKAIAIgMNAEEAIQEMAQsDQCAAIQQgAyIBQRRqIgAoAgAiAw0AIAFBEGohACABKAIQIgMNAAsgBEEANgIACyAIRQ0AAkAgBSAFKAIcIgNBAnRBuApqIgAoAgBGBEAgACABNgIAIAENAUGMCEGMCCgCAEF+IAN3cTYCAAwCCyAIQRBBFCAIKAIQIAVGG2ogATYCACABRQ0BCyABIAg2AhggBSgCECIABEAgASAANgIQIAAgATYCGAsgBSgCFCIARQ0AIAEgADYCFCAAIAE2AhgLIAUgB2ohBSACIAdqIQILIAUgBSgCBEF+cTYCBCAGIAJBAXI2AgQgAiAGaiACNgIAIAJB/wFNBEAgAkEDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwDC0EfIQAgAkH///8HTQRAIAJBCHYiACAAQYD+P2pBEHZBCHEiA3QiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASADciAAcmsiAEEBdCACIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQQCQEGMCCgCACIDQQEgAHQiAXFFBEBBjAggASADcjYCACAEIAY2AgAgBiAENgIYDAELIAJBAEEZIABBAXZrIABBH0YbdCEAIAQoAgAhAQNAIAEiAygCBEF4cSACRg0DIABBHXYhASAAQQF0IQAgAyABQQRxaiIEKAIQIgENAAsgBCAGNgIQIAYgAzYCGAsgBiAGNgIMIAYgBjYCCAwCC0GUCCAFQShrIgNBeCABa0EHcUEAIAFBCGpBB3EbIgBrIgI2AgBBoAggACABaiIANgIAIAAgAkEBcjYCBCABIANqQSg2AgRBpAhB8AsoAgA2AgAgByAEQScgBGtBB3FBACAEQSdrQQdxG2pBL2siACAAIAdBEGpJGyICQRs2AgQgAkHQCykCADcCECACQcgLKQIANwIIQdALIAJBCGo2AgBBzAsgBTYCAEHICyABNgIAQdQLQQA2AgAgAkEYaiEAA0AgAEEHNgIEIABBCGohASAAQQRqIQAgASAESQ0ACyACIAdGDQMgAiACKAIEQX5xNgIEIAcgAiAHayIEQQFyNgIEIAIgBDYCACAEQf8BTQRAIARBA3YiAEEDdEGwCGohAgJ/QYgIKAIAIgFBASAAdCIAcUUEQEGICCAAIAFyNgIAIAIMAQsgAigCCAshACACIAc2AgggACAHNgIMIAcgAjYCDCAHIAA2AggMBAtBHyEAIAdCADcCECAEQf///wdNBEAgBEEIdiIAIABBgP4/akEQdkEIcSICdCIAIABBgOAfakEQdkEEcSIBdCIAIABBgIAPakEQdkECcSIAdEEPdiABIAJyIAByayIAQQF0IAQgAEEVanZBAXFyQRxqIQALIAcgADYCHCAAQQJ0QbgKaiEDAkBBjAgoAgAiAkEBIAB0IgFxRQRAQYwIIAEgAnI2AgAgAyAHNgIAIAcgAzYCGAwBCyAEQQBBGSAAQQF2ayAAQR9GG3QhACADKAIAIQEDQCABIgIoAgRBeHEgBEYNBCAAQR12IQEgAEEBdCEAIAIgAUEEcWoiAygCECIBDQALIAMgBzYCECAHIAI2AhgLIAcgBzYCDCAHIAc2AggMAwsgAygCCCIAIAY2AgwgAyAGNgIIIAZBADYCGCAGIAM2AgwgBiAANgIICyAJQQhqIQAMBQsgAigCCCIAIAc2AgwgAiAHNgIIIAdBADYCGCAHIAI2AgwgByAANgIIC0GUCCgCACIAIAhNDQBBlAggACAIayIBNgIAQaAIQaAIKAIAIgIgCGoiADYCACAAIAFBAXI2AgQgAiAIQQNyNgIEIAJBCGohAAwDC0GECEEwNgIAQQAhAAwCCwJAIAVFDQACQCAEKAIcIgJBAnRBuApqIgAoAgAgBEYEQCAAIAE2AgAgAQ0BQYwIIAlBfiACd3EiCTYCAAwCCyAFQRBBFCAFKAIQIARGG2ogATYCACABRQ0BCyABIAU2AhggBCgCECIABEAgASAANgIQIAAgATYCGAsgBCgCFCIARQ0AIAEgADYCFCAAIAE2AhgLAkAgA0EPTQRAIAQgAyAIaiIAQQNyNgIEIAAgBGoiACAAKAIEQQFyNgIEDAELIAQgCEEDcjYCBCAGIANBAXI2AgQgAyAGaiADNgIAIANB/wFNBEAgA0EDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwBC0EfIQAgA0H///8HTQRAIANBCHYiACAAQYD+P2pBEHZBCHEiAnQiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASACciAAcmsiAEEBdCADIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQICQAJAIAlBASAAdCIBcUUEQEGMCCABIAlyNgIAIAIgBjYCACAGIAI2AhgMAQsgA0EAQRkgAEEBdmsgAEEfRht0IQAgAigCACEIA0AgCCIBKAIEQXhxIANGDQIgAEEddiECIABBAXQhACABIAJBBHFqIgIoAhAiCA0ACyACIAY2AhAgBiABNgIYCyAGIAY2AgwgBiAGNgIIDAELIAEoAggiACAGNgIMIAEgBjYCCCAGQQA2AhggBiABNgIMIAYgADYCCAsgBEEIaiEADAELAkAgC0UNAAJAIAEoAhwiAkECdEG4CmoiACgCACABRgRAIAAgBDYCACAEDQFBjAggBkF+IAJ3cTYCAAwCCyALQRBBFCALKAIQIAFGG2ogBDYCACAERQ0BCyAEIAs2AhggASgCECIABEAgBCAANgIQIAAgBDYCGAsgASgCFCIARQ0AIAQgADYCFCAAIAQ2AhgLAkAgA0EPTQRAIAEgAyAIaiIAQQNyNgIEIAAgAWoiACAAKAIEQQFyNgIEDAELIAEgCEEDcjYCBCAJIANBAXI2AgQgAyAJaiADNgIAIAoEQCAKQQN2IgBBA3RBsAhqIQRBnAgoAgAhAgJ/QQEgAHQiACAFcUUEQEGICCAAIAVyNgIAIAQMAQsgBCgCCAshACAEIAI2AgggACACNgIMIAIgBDYCDCACIAA2AggLQZwIIAk2AgBBkAggAzYCAAsgAUEIaiEACyAMQRBqJAAgAAsQACMAIABrQXBxIgAkACAACwYAIAAkAAsEACMAC4AJAgh/BH4jAEGQAWsiBiQAIAYgBS0AA0EYdEGAgIAYcSAFLwAAIAUtAAJBEHRycjYCACAGIAUoAANBAnZBg/7/H3E2AgQgBiAFKAAGQQR2Qf+B/x9xNgIIIAYgBSgACUEGdkH//8AfcTYCDCAFLwANIQggBS0ADyEJIAZCADcCFCAGQgA3AhwgBkEANgIkIAYgCCAJQRB0QYCAPHFyNgIQIAYgBSgAEDYCKCAGIAUoABQ2AiwgBiAFKAAYNgIwIAUoABwhBSAGQQA6AEwgBkEANgI4IAYgBTYCNCAGIAEgAhAEIAQEQCAGIAMgBBAECyAGKAI4IgEEQCAGQTxqIgIgAWpBAToAACABQQFqQQ9NBEAgASAGakE9aiEEAkBBDyABayIDRQ0AIAMgBGoiAUEBa0EAOgAAIARBADoAACADQQNJDQAgAUECa0EAOgAAIARBADoAASABQQNrQQA6AAAgBEEAOgACIANBB0kNACABQQRrQQA6AAAgBEEAOgADIANBCUkNACAEQQAgBGtBA3EiAWoiBEEANgIAIAQgAyABa0F8cSIBaiIDQQRrQQA2AgAgAUEJSQ0AIARBADYCCCAEQQA2AgQgA0EIa0EANgIAIANBDGtBADYCACABQRlJDQAgBEEANgIYIARBADYCFCAEQQA2AhAgBEEANgIMIANBEGtBADYCACADQRRrQQA2AgAgA0EYa0EANgIAIANBHGtBADYCACABIARBBHFBGHIiAWsiA0EgSQ0AIAEgBGohAQNAIAFCADcDGCABQgA3AxAgAUIANwMIIAFCADcDACABQSBqIQEgA0EgayIDQR9LDQALCwsgBkEBOgBMIAYgAkEQEAILIAY1AjQhECAGNQIwIREgBjUCLCEOIAAgBjUCKCAGKAIkIAYoAiAgBigCHCAGKAIYIgNBGnZqIgJBGnZqIgFBGnZqIgtBgICAYHIgAUH///8fcSINIAJB////H3EiCCAGKAIUIAtBGnZBBWxqIgFB////H3EiCUEFaiIFQRp2IANB////H3EgAUEadmoiA2oiAUEadmoiAkEadmoiBEEadmoiDEEfdSIHIANxIAEgDEEfdkEBayIDQf///x9xIgpxciIBQRp0IAUgCnEgByAJcXJyrXwiDzwAACAAIA9CGIg8AAMgACAPQhCIPAACIAAgD0IIiDwAASAAIA4gByAIcSACIApxciICQRR0IAFBBnZyrXwgD0IgiHwiDjwABCAAIA5CGIg8AAcgACAOQhCIPAAGIAAgDkIIiDwABSAAIBEgByANcSAEIApxciIBQQ50IAJBDHZyrXwgDkIgiHwiDjwACCAAIA5CGIg8AAsgACAOQhCIPAAKIAAgDkIIiDwACSAAIBAgAyAMcSAHIAtxckEIdCABQRJ2cq18IA5CIIh8Ig48AAwgACAOQhiIPAAPIAAgDkIQiDwADiAAIA5CCIg8AA0gBkIANwIwIAZCADcCKCAGQgA3AiAgBkIANwIYIAZCADcCECAGQgA3AgggBkIANwIAIAZBkAFqJAALpwwBB38CQCAARQ0AIABBCGsiAyAAQQRrKAIAIgFBeHEiAGohBQJAIAFBAXENACABQQNxRQ0BIAMgAygCACIBayIDQZgIKAIASQ0BIAAgAWohACADQZwIKAIARwRAIAFB/wFNBEAgAygCCCICIAFBA3YiBEEDdEGwCGpGGiACIAMoAgwiAUYEQEGICEGICCgCAEF+IAR3cTYCAAwDCyACIAE2AgwgASACNgIIDAILIAMoAhghBgJAIAMgAygCDCIBRwRAIAMoAggiAiABNgIMIAEgAjYCCAwBCwJAIANBFGoiAigCACIEDQAgA0EQaiICKAIAIgQNAEEAIQEMAQsDQCACIQcgBCIBQRRqIgIoAgAiBA0AIAFBEGohAiABKAIQIgQNAAsgB0EANgIACyAGRQ0BAkAgAyADKAIcIgJBAnRBuApqIgQoAgBGBEAgBCABNgIAIAENAUGMCEGMCCgCAEF+IAJ3cTYCAAwDCyAGQRBBFCAGKAIQIANGG2ogATYCACABRQ0CCyABIAY2AhggAygCECICBEAgASACNgIQIAIgATYCGAsgAygCFCICRQ0BIAEgAjYCFCACIAE2AhgMAQsgBSgCBCIBQQNxQQNHDQBBkAggADYCACAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAA8LIAMgBU8NACAFKAIEIgFBAXFFDQACQCABQQJxRQRAIAVBoAgoAgBGBEBBoAggAzYCAEGUCEGUCCgCACAAaiIANgIAIAMgAEEBcjYCBCADQZwIKAIARw0DQZAIQQA2AgBBnAhBADYCAA8LIAVBnAgoAgBGBEBBnAggAzYCAEGQCEGQCCgCACAAaiIANgIAIAMgAEEBcjYCBCAAIANqIAA2AgAPCyABQXhxIABqIQACQCABQf8BTQRAIAUoAggiAiABQQN2IgRBA3RBsAhqRhogAiAFKAIMIgFGBEBBiAhBiAgoAgBBfiAEd3E2AgAMAgsgAiABNgIMIAEgAjYCCAwBCyAFKAIYIQYCQCAFIAUoAgwiAUcEQCAFKAIIIgJBmAgoAgBJGiACIAE2AgwgASACNgIIDAELAkAgBUEUaiICKAIAIgQNACAFQRBqIgIoAgAiBA0AQQAhAQwBCwNAIAIhByAEIgFBFGoiAigCACIEDQAgAUEQaiECIAEoAhAiBA0ACyAHQQA2AgALIAZFDQACQCAFIAUoAhwiAkECdEG4CmoiBCgCAEYEQCAEIAE2AgAgAQ0BQYwIQYwIKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiABNgIAIAFFDQELIAEgBjYCGCAFKAIQIgIEQCABIAI2AhAgAiABNgIYCyAFKAIUIgJFDQAgASACNgIUIAIgATYCGAsgAyAAQQFyNgIEIAAgA2ogADYCACADQZwIKAIARw0BQZAIIAA2AgAPCyAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAAsgAEH/AU0EQCAAQQN2IgFBA3RBsAhqIQACf0GICCgCACICQQEgAXQiAXFFBEBBiAggASACcjYCACAADAELIAAoAggLIQIgACADNgIIIAIgAzYCDCADIAA2AgwgAyACNgIIDwtBHyECIANCADcCECAAQf///wdNBEAgAEEIdiIBIAFBgP4/akEQdkEIcSIBdCICIAJBgOAfakEQdkEEcSICdCIEIARBgIAPakEQdkECcSIEdEEPdiABIAJyIARyayIBQQF0IAAgAUEVanZBAXFyQRxqIQILIAMgAjYCHCACQQJ0QbgKaiEBAkACQAJAQYwIKAIAIgRBASACdCIHcUUEQEGMCCAEIAdyNgIAIAEgAzYCACADIAE2AhgMAQsgAEEAQRkgAkEBdmsgAkEfRht0IQIgASgCACEBA0AgASIEKAIEQXhxIABGDQIgAkEddiEBIAJBAXQhAiAEIAFBBHFqIgdBEGooAgAiAQ0ACyAHIAM2AhAgAyAENgIYCyADIAM2AgwgAyADNgIIDAELIAQoAggiACADNgIMIAQgAzYCCCADQQA2AhggAyAENgIMIAMgADYCCAtBqAhBqAgoAgBBAWsiAEF/IAAbNgIACwsLCQEAQYEICwIGUA==\";if(!W.startsWith(V)){var na=W;W=b.locateFile?b.locateFile(na,B):B+na}function pa(){var a=W;try{if(a==W&&J)return new Uint8Array(J);var c=H(a);if(c)return c;if(E)return E(a);throw\"both async and sync fetching of the wasm failed\";}catch(d){K(d)}}\nfunction qa(){if(!J&&(x||y)){if(\"function\"===typeof fetch&&!W.startsWith(\"file://\"))return fetch(W,{credentials:\"same-origin\"}).then(function(a){if(!a.ok)throw\"failed to load wasm binary file at '\"+W+\"'\";return a.arrayBuffer()}).catch(function(){return pa()});if(D)return new Promise(function(a,c){D(W,function(d){a(new Uint8Array(d))},c)})}return Promise.resolve().then(function(){return pa()})}\nfunction X(a){for(;0>4;f=(f&15)<<4|l>>2;var t=(l&3)<<6|A;c+=String.fromCharCode(e);64!==l&&(c+=String.fromCharCode(f));64!==A&&(c+=String.fromCharCode(t))}while(d>>=0;if(2147483648=d;d*=2){var e=c*(1+.2/d);e=Math.min(e,a+100663296);e=Math.max(a,e);0>>16);ia();var f=1;break a}catch(l){}f=void 0}if(f)return!0}return!1}};\n(function(){function a(f){b.asm=f.exports;L=b.asm.b;ia();R=b.asm.j;ka.unshift(b.asm.c);S--;b.monitorRunDependencies&&b.monitorRunDependencies(S);0==S&&(null!==T&&(clearInterval(T),T=null),U&&(f=U,U=null,f()))}function c(f){a(f.instance)}function d(f){return qa().then(function(l){return WebAssembly.instantiate(l,e)}).then(f,function(l){I(\"failed to asynchronously prepare wasm: \"+l);K(l)})}var e={a:sa};S++;b.monitorRunDependencies&&b.monitorRunDependencies(S);if(b.instantiateWasm)try{return b.instantiateWasm(e,\na)}catch(f){return I(\"Module.instantiateWasm callback failed with error: \"+f),!1}(function(){return J||\"function\"!==typeof WebAssembly.instantiateStreaming||W.startsWith(V)||W.startsWith(\"file://\")||\"function\"!==typeof fetch?d(c):fetch(W,{credentials:\"same-origin\"}).then(function(f){return WebAssembly.instantiateStreaming(f,e).then(c,function(l){I(\"wasm streaming compile failed: \"+l);I(\"falling back to ArrayBuffer instantiation\");return d(c)})})})().catch(r);return{}})();\nb.___wasm_call_ctors=function(){return(b.___wasm_call_ctors=b.asm.c).apply(null,arguments)};b._poly1305_auth=function(){return(b._poly1305_auth=b.asm.d).apply(null,arguments)};var da=b.stackSave=function(){return(da=b.stackSave=b.asm.e).apply(null,arguments)},fa=b.stackRestore=function(){return(fa=b.stackRestore=b.asm.f).apply(null,arguments)},O=b.stackAlloc=function(){return(O=b.stackAlloc=b.asm.g).apply(null,arguments)};b._malloc=function(){return(b._malloc=b.asm.h).apply(null,arguments)};\nb._free=function(){return(b._free=b.asm.i).apply(null,arguments)};b.cwrap=function(a,c,d,e){d=d||[];var f=d.every(function(l){return\"number\"===l});return\"string\"!==c&&f&&!e?N(a):function(){return ca(a,c,d,arguments)}};var Y;U=function ta(){Y||Z();Y||(U=ta)};\nfunction Z(){function a(){if(!Y&&(Y=!0,b.calledRun=!0,!M)){X(ka);q(b);if(b.onRuntimeInitialized)b.onRuntimeInitialized();if(b.postRun)for(\"function\"==typeof b.postRun&&(b.postRun=[b.postRun]);b.postRun.length;){var c=b.postRun.shift();la.unshift(c)}X(la)}}if(!(0 {\n // eslint-disable-next-line prefer-const\n for (let [type, handler] of Object.entries(handlers)) {\n type = +type;\n if (isFinite(type) && type >= 0 && type < MESSAGE_HANDLERS.length)\n MESSAGE_HANDLERS[type] = handler;\n }\n});\n\nmodule.exports = MESSAGE_HANDLERS;\n","'use strict';\n\nconst {\n bufferSlice,\n bufferParser,\n doFatalError,\n sigSSHToASN1,\n writeUInt32BE,\n} = require('./utils.js');\n\nconst {\n CHANNEL_OPEN_FAILURE,\n COMPAT,\n MESSAGE,\n TERMINAL_MODE,\n} = require('./constants.js');\n\nconst {\n parseKey,\n} = require('./keyParser.js');\n\nconst TERMINAL_MODE_BY_VALUE =\n Array.from(Object.entries(TERMINAL_MODE))\n .reduce((obj, [key, value]) => ({ ...obj, [key]: value }), {});\n\nmodule.exports = {\n // Transport layer protocol ==================================================\n [MESSAGE.DISCONNECT]: (self, payload) => {\n /*\n byte SSH_MSG_DISCONNECT\n uint32 reason code\n string description in ISO-10646 UTF-8 encoding\n string language tag\n */\n bufferParser.init(payload, 1);\n const reason = bufferParser.readUInt32BE();\n const desc = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed DISCONNECT packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: Received DISCONNECT (${reason}, \"${desc}\")`\n );\n\n const handler = self._handlers.DISCONNECT;\n handler && handler(self, reason, desc);\n },\n [MESSAGE.IGNORE]: (self, payload) => {\n /*\n byte SSH_MSG_IGNORE\n string data\n */\n self._debug && self._debug('Inbound: Received IGNORE');\n },\n [MESSAGE.UNIMPLEMENTED]: (self, payload) => {\n /*\n byte SSH_MSG_UNIMPLEMENTED\n uint32 packet sequence number of rejected message\n */\n bufferParser.init(payload, 1);\n const seqno = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (seqno === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed UNIMPLEMENTED packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: Received UNIMPLEMENTED (seqno ${seqno})`);\n },\n [MESSAGE.DEBUG]: (self, payload) => {\n /*\n byte SSH_MSG_DEBUG\n boolean always_display\n string message in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const display = bufferParser.readBool();\n const msg = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed DEBUG packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received DEBUG');\n\n const handler = self._handlers.DEBUG;\n handler && handler(self, display, msg);\n },\n [MESSAGE.SERVICE_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_SERVICE_REQUEST\n string service name\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n bufferParser.clear();\n\n if (name === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed SERVICE_REQUEST packet'\n );\n }\n\n self._debug && self._debug(`Inbound: Received SERVICE_REQUEST (${name})`);\n\n const handler = self._handlers.SERVICE_REQUEST;\n handler && handler(self, name);\n },\n [MESSAGE.SERVICE_ACCEPT]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_SERVICE_ACCEPT\n string service name\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n bufferParser.clear();\n\n if (name === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed SERVICE_ACCEPT packet'\n );\n }\n\n self._debug && self._debug(`Inbound: Received SERVICE_ACCEPT (${name})`);\n\n const handler = self._handlers.SERVICE_ACCEPT;\n handler && handler(self, name);\n },\n\n // User auth protocol -- generic =============================================\n [MESSAGE.USERAUTH_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_USERAUTH_REQUEST\n string user name in ISO-10646 UTF-8 encoding [RFC3629]\n string service name in US-ASCII\n string method name in US-ASCII\n .... method specific fields\n */\n bufferParser.init(payload, 1);\n const user = bufferParser.readString(true);\n const service = bufferParser.readString(true);\n const method = bufferParser.readString(true);\n let methodData;\n let methodDesc;\n switch (method) {\n case 'none':\n methodData = null;\n break;\n case 'password': {\n /*\n boolean \n string plaintext password in ISO-10646 UTF-8 encoding [RFC3629]\n [string new password]\n */\n const isChange = bufferParser.readBool();\n if (isChange !== undefined) {\n methodData = bufferParser.readString(true);\n if (methodData !== undefined && isChange) {\n const newPassword = bufferParser.readString(true);\n if (newPassword !== undefined)\n methodData = { oldPassword: methodData, newPassword };\n else\n methodData = undefined;\n }\n }\n break;\n }\n case 'publickey': {\n /*\n boolean \n string public key algorithm name\n string public key blob\n [string signature]\n */\n const hasSig = bufferParser.readBool();\n if (hasSig !== undefined) {\n const keyAlgo = bufferParser.readString(true);\n const key = bufferParser.readString();\n if (hasSig) {\n const blobEnd = bufferParser.pos();\n let signature = bufferParser.readString();\n if (signature !== undefined) {\n if (signature.length > (4 + keyAlgo.length + 4)\n && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n // Skip algoLen + algo + sigLen\n signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n }\n\n signature = sigSSHToASN1(signature, keyAlgo);\n if (signature) {\n const sessionID = self._kex.sessionID;\n const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n writeUInt32BE(blob, sessionID.length, 0);\n blob.set(sessionID, 4);\n blob.set(\n new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n 4 + sessionID.length\n );\n methodData = {\n keyAlgo,\n key,\n signature,\n blob,\n };\n }\n }\n } else {\n methodData = { keyAlgo, key };\n methodDesc = 'publickey -- check';\n }\n }\n break;\n }\n case 'hostbased': {\n /*\n string public key algorithm for host key\n string public host key and certificates for client host\n string client host name expressed as the FQDN in US-ASCII\n string user name on the client host in ISO-10646 UTF-8 encoding\n [RFC3629]\n string signature\n */\n const keyAlgo = bufferParser.readString(true);\n const key = bufferParser.readString();\n const localHostname = bufferParser.readString(true);\n const localUsername = bufferParser.readString(true);\n\n const blobEnd = bufferParser.pos();\n let signature = bufferParser.readString();\n if (signature !== undefined) {\n if (signature.length > (4 + keyAlgo.length + 4)\n && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n // Skip algoLen + algo + sigLen\n signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n }\n\n signature = sigSSHToASN1(signature, keyAlgo);\n if (signature !== undefined) {\n const sessionID = self._kex.sessionID;\n const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n writeUInt32BE(blob, sessionID.length, 0);\n blob.set(sessionID, 4);\n blob.set(\n new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n 4 + sessionID.length\n );\n methodData = {\n keyAlgo,\n key,\n signature,\n blob,\n localHostname,\n localUsername,\n };\n }\n }\n break;\n }\n case 'keyboard-interactive':\n /*\n string language tag (as defined in [RFC-3066])\n string submethods (ISO-10646 UTF-8)\n */\n // Skip/ignore language field -- it's deprecated in RFC 4256\n bufferParser.skipString();\n\n methodData = bufferParser.readList();\n break;\n default:\n if (method !== undefined)\n methodData = bufferParser.readRaw();\n }\n bufferParser.clear();\n\n if (methodData === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_REQUEST packet'\n );\n }\n\n if (methodDesc === undefined)\n methodDesc = method;\n\n self._authsQueue.push(method);\n\n self._debug\n && self._debug(`Inbound: Received USERAUTH_REQUEST (${methodDesc})`);\n\n const handler = self._handlers.USERAUTH_REQUEST;\n handler && handler(self, user, service, method, methodData);\n },\n [MESSAGE.USERAUTH_FAILURE]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_FAILURE\n name-list authentications that can continue\n boolean partial success\n */\n bufferParser.init(payload, 1);\n const authMethods = bufferParser.readList();\n const partialSuccess = bufferParser.readBool();\n bufferParser.clear();\n\n if (partialSuccess === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_FAILURE packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: Received USERAUTH_FAILURE (${authMethods})`);\n\n self._authsQueue.shift();\n const handler = self._handlers.USERAUTH_FAILURE;\n handler && handler(self, authMethods, partialSuccess);\n },\n [MESSAGE.USERAUTH_SUCCESS]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_SUCCESS\n */\n self._debug && self._debug('Inbound: Received USERAUTH_SUCCESS');\n\n self._authsQueue.shift();\n const handler = self._handlers.USERAUTH_SUCCESS;\n handler && handler(self);\n },\n [MESSAGE.USERAUTH_BANNER]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_BANNER\n string message in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const msg = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_BANNER packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_BANNER');\n\n const handler = self._handlers.USERAUTH_BANNER;\n handler && handler(self, msg);\n },\n\n // User auth protocol -- method-specific =====================================\n 60: (self, payload) => {\n if (!self._authsQueue.length) {\n self._debug\n && self._debug('Inbound: Received payload type 60 without auth');\n return;\n }\n\n switch (self._authsQueue[0]) {\n case 'password': {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_PASSWD_CHANGEREQ\n string prompt in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const prompt = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_PASSWD_CHANGEREQ packet'\n );\n }\n\n self._debug\n && self._debug('Inbound: Received USERAUTH_PASSWD_CHANGEREQ');\n\n const handler = self._handlers.USERAUTH_PASSWD_CHANGEREQ;\n handler && handler(self, prompt);\n break;\n }\n case 'publickey': {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_PK_OK\n string public key algorithm name from the request\n string public key blob from the request\n */\n bufferParser.init(payload, 1);\n const keyAlgo = bufferParser.readString(true);\n const key = bufferParser.readString();\n bufferParser.clear();\n\n if (key === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_PK_OK packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_PK_OK');\n\n self._authsQueue.shift();\n const handler = self._handlers.USERAUTH_PK_OK;\n handler && handler(self, keyAlgo, key);\n break;\n }\n case 'keyboard-interactive': {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_INFO_REQUEST\n string name (ISO-10646 UTF-8)\n string instruction (ISO-10646 UTF-8)\n string language tag (as defined in [RFC-3066])\n int num-prompts\n string prompt[1] (ISO-10646 UTF-8)\n boolean echo[1]\n ...\n string prompt[num-prompts] (ISO-10646 UTF-8)\n boolean echo[num-prompts]\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n const instructions = bufferParser.readString(true);\n bufferParser.readString(); // skip lang\n const numPrompts = bufferParser.readUInt32BE();\n let prompts;\n if (numPrompts !== undefined) {\n prompts = new Array(numPrompts);\n let i;\n for (i = 0; i < numPrompts; ++i) {\n const prompt = bufferParser.readString(true);\n const echo = bufferParser.readBool();\n if (echo === undefined)\n break;\n prompts[i] = { prompt, echo };\n }\n if (i !== numPrompts)\n prompts = undefined;\n }\n bufferParser.clear();\n\n if (prompts === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_INFO_REQUEST packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_INFO_REQUEST');\n\n const handler = self._handlers.USERAUTH_INFO_REQUEST;\n handler && handler(self, name, instructions, prompts);\n break;\n }\n default:\n self._debug\n && self._debug('Inbound: Received unexpected payload type 60');\n }\n },\n 61: (self, payload) => {\n if (!self._authsQueue.length) {\n self._debug\n && self._debug('Inbound: Received payload type 61 without auth');\n return;\n }\n /*\n byte SSH_MSG_USERAUTH_INFO_RESPONSE\n int num-responses\n string response[1] (ISO-10646 UTF-8)\n ...\n string response[num-responses] (ISO-10646 UTF-8)\n */\n if (self._authsQueue[0] !== 'keyboard-interactive') {\n return doFatalError(\n self,\n 'Inbound: Received unexpected payload type 61'\n );\n }\n bufferParser.init(payload, 1);\n const numResponses = bufferParser.readUInt32BE();\n let responses;\n if (numResponses !== undefined) {\n responses = new Array(numResponses);\n let i;\n for (i = 0; i < numResponses; ++i) {\n const response = bufferParser.readString(true);\n if (response === undefined)\n break;\n responses[i] = response;\n }\n if (i !== numResponses)\n responses = undefined;\n }\n bufferParser.clear();\n\n if (responses === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_INFO_RESPONSE packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_INFO_RESPONSE');\n\n const handler = self._handlers.USERAUTH_INFO_RESPONSE;\n handler && handler(self, responses);\n },\n\n // Connection protocol -- generic ============================================\n [MESSAGE.GLOBAL_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_GLOBAL_REQUEST\n string request name in US-ASCII only\n boolean want reply\n .... request-specific data follows\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n const wantReply = bufferParser.readBool();\n let data;\n if (wantReply !== undefined) {\n switch (name) {\n case 'tcpip-forward':\n case 'cancel-tcpip-forward': {\n /*\n string address to bind (e.g., \"0.0.0.0\")\n uint32 port number to bind\n */\n const bindAddr = bufferParser.readString(true);\n const bindPort = bufferParser.readUInt32BE();\n if (bindPort !== undefined)\n data = { bindAddr, bindPort };\n break;\n }\n case 'streamlocal-forward@openssh.com':\n case 'cancel-streamlocal-forward@openssh.com': {\n /*\n string socket path\n */\n const socketPath = bufferParser.readString(true);\n if (socketPath !== undefined)\n data = { socketPath };\n break;\n }\n case 'no-more-sessions@openssh.com':\n data = null;\n break;\n case 'hostkeys-00@openssh.com': {\n data = [];\n while (bufferParser.avail() > 0) {\n const keyRaw = bufferParser.readString();\n if (keyRaw === undefined) {\n data = undefined;\n break;\n }\n const key = parseKey(keyRaw);\n if (!(key instanceof Error))\n data.push(key);\n }\n break;\n }\n default:\n data = bufferParser.readRaw();\n }\n }\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed GLOBAL_REQUEST packet'\n );\n }\n\n self._debug && self._debug(`Inbound: GLOBAL_REQUEST (${name})`);\n\n const handler = self._handlers.GLOBAL_REQUEST;\n if (handler)\n handler(self, name, wantReply, data);\n else\n self.requestFailure(); // Auto reject\n },\n [MESSAGE.REQUEST_SUCCESS]: (self, payload) => {\n /*\n byte SSH_MSG_REQUEST_SUCCESS\n .... response specific data\n */\n const data = (payload.length > 1 ? bufferSlice(payload, 1) : null);\n\n self._debug && self._debug('Inbound: REQUEST_SUCCESS');\n\n const handler = self._handlers.REQUEST_SUCCESS;\n handler && handler(self, data);\n },\n [MESSAGE.REQUEST_FAILURE]: (self, payload) => {\n /*\n byte SSH_MSG_REQUEST_FAILURE\n */\n self._debug && self._debug('Inbound: Received REQUEST_FAILURE');\n\n const handler = self._handlers.REQUEST_FAILURE;\n handler && handler(self);\n },\n\n // Connection protocol -- channel-related ====================================\n [MESSAGE.CHANNEL_OPEN]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_OPEN\n string channel type in US-ASCII only\n uint32 sender channel\n uint32 initial window size\n uint32 maximum packet size\n .... channel type specific data follows\n */\n bufferParser.init(payload, 1);\n const type = bufferParser.readString(true);\n const sender = bufferParser.readUInt32BE();\n const window = bufferParser.readUInt32BE();\n const packetSize = bufferParser.readUInt32BE();\n let channelInfo;\n\n switch (type) {\n case 'forwarded-tcpip': // S->C\n case 'direct-tcpip': { // C->S\n /*\n string address that was connected / host to connect\n uint32 port that was connected / port to connect\n string originator IP address\n uint32 originator port\n */\n const destIP = bufferParser.readString(true);\n const destPort = bufferParser.readUInt32BE();\n const srcIP = bufferParser.readString(true);\n const srcPort = bufferParser.readUInt32BE();\n if (srcPort !== undefined) {\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: { destIP, destPort, srcIP, srcPort }\n };\n }\n break;\n }\n case 'forwarded-streamlocal@openssh.com': // S->C\n case 'direct-streamlocal@openssh.com': { // C->S\n /*\n string socket path\n string reserved for future use\n\n (direct-streamlocal@openssh.com additionally has:)\n uint32 reserved\n */\n const socketPath = bufferParser.readString(true);\n if (socketPath !== undefined) {\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: { socketPath }\n };\n }\n break;\n }\n case 'x11': { // S->C\n /*\n string originator address (e.g., \"192.168.7.38\")\n uint32 originator port\n */\n const srcIP = bufferParser.readString(true);\n const srcPort = bufferParser.readUInt32BE();\n if (srcPort !== undefined) {\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: { srcIP, srcPort }\n };\n }\n break;\n }\n default:\n // Includes:\n // 'session' (C->S)\n // 'auth-agent@openssh.com' (S->C)\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: {}\n };\n }\n bufferParser.clear();\n\n if (channelInfo === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_OPEN packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_OPEN (s:${sender}, ${type})`);\n\n const handler = self._handlers.CHANNEL_OPEN;\n if (handler) {\n handler(self, channelInfo);\n } else {\n self.channelOpenFail(\n channelInfo.sender,\n CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED,\n '',\n ''\n );\n }\n },\n [MESSAGE.CHANNEL_OPEN_CONFIRMATION]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_OPEN_CONFIRMATION\n uint32 recipient channel\n uint32 sender channel\n uint32 initial window size\n uint32 maximum packet size\n .... channel type specific data follows\n */\n // \"The 'recipient channel' is the channel number given in the\n // original open request, and 'sender channel' is the channel number\n // allocated by the other side.\"\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const sender = bufferParser.readUInt32BE();\n const window = bufferParser.readUInt32BE();\n const packetSize = bufferParser.readUInt32BE();\n const data = (bufferParser.avail() ? bufferParser.readRaw() : undefined);\n bufferParser.clear();\n\n if (packetSize === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_OPEN_CONFIRMATION packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: CHANNEL_OPEN_CONFIRMATION (r:${recipient}, s:${sender})`\n );\n\n const handler = self._handlers.CHANNEL_OPEN_CONFIRMATION;\n if (handler)\n handler(self, { recipient, sender, window, packetSize, data });\n },\n [MESSAGE.CHANNEL_OPEN_FAILURE]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_OPEN_FAILURE\n uint32 recipient channel\n uint32 reason code\n string description in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const reason = bufferParser.readUInt32BE();\n const description = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_OPEN_FAILURE packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: CHANNEL_OPEN_FAILURE (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_OPEN_FAILURE;\n handler && handler(self, recipient, reason, description);\n },\n [MESSAGE.CHANNEL_WINDOW_ADJUST]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_WINDOW_ADJUST\n uint32 recipient channel\n uint32 bytes to add\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const bytesToAdd = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (bytesToAdd === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_WINDOW_ADJUST packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: CHANNEL_WINDOW_ADJUST (r:${recipient}, ${bytesToAdd})`\n );\n\n const handler = self._handlers.CHANNEL_WINDOW_ADJUST;\n handler && handler(self, recipient, bytesToAdd);\n },\n [MESSAGE.CHANNEL_DATA]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_DATA\n uint32 recipient channel\n string data\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_DATA packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: CHANNEL_DATA (r:${recipient}, ${data.length})`);\n\n const handler = self._handlers.CHANNEL_DATA;\n handler && handler(self, recipient, data);\n },\n [MESSAGE.CHANNEL_EXTENDED_DATA]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_EXTENDED_DATA\n uint32 recipient channel\n uint32 data_type_code\n string data\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const type = bufferParser.readUInt32BE();\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_EXTENDED_DATA packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: CHANNEL_EXTENDED_DATA (r:${recipient}, ${data.length})`\n );\n\n const handler = self._handlers.CHANNEL_EXTENDED_DATA;\n handler && handler(self, recipient, data, type);\n },\n [MESSAGE.CHANNEL_EOF]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_EOF\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_EOF packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_EOF (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_EOF;\n handler && handler(self, recipient);\n },\n [MESSAGE.CHANNEL_CLOSE]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_CLOSE\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_CLOSE packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_CLOSE (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_CLOSE;\n handler && handler(self, recipient);\n },\n [MESSAGE.CHANNEL_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_REQUEST\n uint32 recipient channel\n string request type in US-ASCII characters only\n boolean want reply\n .... type-specific data follows\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const type = bufferParser.readString(true);\n const wantReply = bufferParser.readBool();\n let data;\n if (wantReply !== undefined) {\n switch (type) {\n case 'exit-status': // S->C\n /*\n uint32 exit_status\n */\n data = bufferParser.readUInt32BE();\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'exit-signal': { // S->C\n /*\n string signal name (without the \"SIG\" prefix)\n boolean core dumped\n string error message in ISO-10646 UTF-8 encoding\n string language tag\n */\n let signal;\n let coreDumped;\n if (self._compatFlags & COMPAT.OLD_EXIT) {\n /*\n Instead of `signal name` and `core dumped`, we have just:\n uint32 signal number\n */\n const num = bufferParser.readUInt32BE();\n switch (num) {\n case 1:\n signal = 'HUP';\n break;\n case 2:\n signal = 'INT';\n break;\n case 3:\n signal = 'QUIT';\n break;\n case 6:\n signal = 'ABRT';\n break;\n case 9:\n signal = 'KILL';\n break;\n case 14:\n signal = 'ALRM';\n break;\n case 15:\n signal = 'TERM';\n break;\n default:\n if (num !== undefined) {\n // Unknown or OS-specific\n signal = `UNKNOWN (${num})`;\n }\n }\n coreDumped = false;\n } else {\n signal = bufferParser.readString(true);\n coreDumped = bufferParser.readBool();\n if (coreDumped === undefined)\n signal = undefined;\n }\n const errorMessage = bufferParser.readString(true);\n if (bufferParser.skipString() !== undefined)\n data = { signal, coreDumped, errorMessage };\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${signal})`\n );\n break;\n }\n case 'pty-req': { // C->S\n /*\n string TERM environment variable value (e.g., vt100)\n uint32 terminal width, characters (e.g., 80)\n uint32 terminal height, rows (e.g., 24)\n uint32 terminal width, pixels (e.g., 640)\n uint32 terminal height, pixels (e.g., 480)\n string encoded terminal modes\n */\n const term = bufferParser.readString(true);\n const cols = bufferParser.readUInt32BE();\n const rows = bufferParser.readUInt32BE();\n const width = bufferParser.readUInt32BE();\n const height = bufferParser.readUInt32BE();\n const modesBinary = bufferParser.readString();\n if (modesBinary !== undefined) {\n bufferParser.init(modesBinary, 1);\n let modes = {};\n while (bufferParser.avail()) {\n const opcode = bufferParser.readByte();\n if (opcode === TERMINAL_MODE.TTY_OP_END)\n break;\n const name = TERMINAL_MODE_BY_VALUE[opcode];\n const value = bufferParser.readUInt32BE();\n if (opcode === undefined\n || name === undefined\n || value === undefined) {\n modes = undefined;\n break;\n }\n modes[name] = value;\n }\n if (modes !== undefined)\n data = { term, cols, rows, width, height, modes };\n }\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n }\n case 'window-change': { // C->S\n /*\n uint32 terminal width, columns\n uint32 terminal height, rows\n uint32 terminal width, pixels\n uint32 terminal height, pixels\n */\n const cols = bufferParser.readUInt32BE();\n const rows = bufferParser.readUInt32BE();\n const width = bufferParser.readUInt32BE();\n const height = bufferParser.readUInt32BE();\n if (height !== undefined)\n data = { cols, rows, width, height };\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n }\n case 'x11-req': { // C->S\n /*\n boolean single connection\n string x11 authentication protocol\n string x11 authentication cookie\n uint32 x11 screen number\n */\n const single = bufferParser.readBool();\n const protocol = bufferParser.readString(true);\n const cookie = bufferParser.readString();\n const screen = bufferParser.readUInt32BE();\n if (screen !== undefined)\n data = { single, protocol, cookie, screen };\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n }\n case 'env': { // C->S\n /*\n string variable name\n string variable value\n */\n const name = bufferParser.readString(true);\n const value = bufferParser.readString(true);\n if (value !== undefined)\n data = { name, value };\n if (self._debug) {\n self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: `\n + `${name}=${value})`\n );\n }\n break;\n }\n case 'shell': // C->S\n data = null; // No extra data\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n case 'exec': // C->S\n /*\n string command\n */\n data = bufferParser.readString(true);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'subsystem': // C->S\n /*\n string subsystem name\n */\n data = bufferParser.readString(true);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'signal': // C->S\n /*\n string signal name (without the \"SIG\" prefix)\n */\n data = bufferParser.readString(true);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'xon-xoff': // C->S\n /*\n boolean client can do\n */\n data = bufferParser.readBool();\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'auth-agent-req@openssh.com': // C-S\n data = null; // No extra data\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n default:\n data = (bufferParser.avail() ? bufferParser.readRaw() : null);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n }\n }\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_REQUEST packet'\n );\n }\n\n const handler = self._handlers.CHANNEL_REQUEST;\n handler && handler(self, recipient, type, wantReply, data);\n },\n [MESSAGE.CHANNEL_SUCCESS]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_SUCCESS\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_SUCCESS packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_SUCCESS (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_SUCCESS;\n handler && handler(self, recipient);\n },\n [MESSAGE.CHANNEL_FAILURE]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_FAILURE\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_FAILURE packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_FAILURE (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_FAILURE;\n handler && handler(self, recipient);\n },\n};\n","'use strict';\n\nconst {\n createDiffieHellman,\n createDiffieHellmanGroup,\n createECDH,\n createHash,\n createPublicKey,\n diffieHellman,\n generateKeyPairSync,\n randomFillSync,\n} = require('crypto');\n\nconst { Ber } = require('asn1');\n\nconst {\n COMPAT,\n curve25519Supported,\n DEFAULT_KEX,\n DEFAULT_SERVER_HOST_KEY,\n DEFAULT_CIPHER,\n DEFAULT_MAC,\n DEFAULT_COMPRESSION,\n DISCONNECT_REASON,\n MESSAGE,\n} = require('./constants.js');\nconst {\n CIPHER_INFO,\n createCipher,\n createDecipher,\n MAC_INFO,\n} = require('./crypto.js');\nconst { parseDERKey } = require('./keyParser.js');\nconst {\n bufferFill,\n bufferParser,\n convertSignature,\n doFatalError,\n FastBuffer,\n sigSSHToASN1,\n writeUInt32BE,\n} = require('./utils.js');\nconst {\n PacketReader,\n PacketWriter,\n ZlibPacketReader,\n ZlibPacketWriter,\n} = require('./zlib.js');\n\nlet MESSAGE_HANDLERS;\n\nconst GEX_MIN_BITS = 2048; // RFC 8270\nconst GEX_MAX_BITS = 8192; // RFC 8270\n\nconst EMPTY_BUFFER = Buffer.alloc(0);\n\n// Client/Server\nfunction kexinit(self) {\n /*\n byte SSH_MSG_KEXINIT\n byte[16] cookie (random bytes)\n name-list kex_algorithms\n name-list server_host_key_algorithms\n name-list encryption_algorithms_client_to_server\n name-list encryption_algorithms_server_to_client\n name-list mac_algorithms_client_to_server\n name-list mac_algorithms_server_to_client\n name-list compression_algorithms_client_to_server\n name-list compression_algorithms_server_to_client\n name-list languages_client_to_server\n name-list languages_server_to_client\n boolean first_kex_packet_follows\n uint32 0 (reserved for future extension)\n */\n\n let payload;\n if (self._compatFlags & COMPAT.BAD_DHGEX) {\n const entry = self._offer.lists.kex;\n let kex = entry.array;\n let found = false;\n for (let i = 0; i < kex.length; ++i) {\n if (kex[i].includes('group-exchange')) {\n if (!found) {\n found = true;\n // Copy array lazily\n kex = kex.slice();\n }\n kex.splice(i--, 1);\n }\n }\n if (found) {\n let len = 1 + 16 + self._offer.totalSize + 1 + 4;\n const newKexBuf = Buffer.from(kex.join(','));\n len -= (entry.buffer.length - newKexBuf.length);\n\n const all = self._offer.lists.all;\n const rest = new Uint8Array(\n all.buffer,\n all.byteOffset + 4 + entry.buffer.length,\n all.length - (4 + entry.buffer.length)\n );\n\n payload = Buffer.allocUnsafe(len);\n writeUInt32BE(payload, newKexBuf.length, 17);\n payload.set(newKexBuf, 17 + 4);\n payload.set(rest, 17 + 4 + newKexBuf.length);\n }\n }\n\n if (payload === undefined) {\n payload = Buffer.allocUnsafe(1 + 16 + self._offer.totalSize + 1 + 4);\n self._offer.copyAllTo(payload, 17);\n }\n\n self._debug && self._debug('Outbound: Sending KEXINIT');\n\n payload[0] = MESSAGE.KEXINIT;\n randomFillSync(payload, 1, 16);\n\n // Zero-fill first_kex_packet_follows and reserved bytes\n bufferFill(payload, 0, payload.length - 5);\n\n self._kexinit = payload;\n\n // Needed to correct the starting position in allocated \"packets\" when packets\n // will be buffered due to active key exchange\n self._packetRW.write.allocStart = 0;\n\n // TODO: only create single buffer and set _kexinit as slice of packet instead\n {\n const p = self._packetRW.write.allocStartKEX;\n const packet = self._packetRW.write.alloc(payload.length, true);\n packet.set(payload, p);\n self._cipher.encrypt(self._packetRW.write.finalize(packet, true));\n }\n}\n\nfunction handleKexInit(self, payload) {\n /*\n byte SSH_MSG_KEXINIT\n byte[16] cookie (random bytes)\n name-list kex_algorithms\n name-list server_host_key_algorithms\n name-list encryption_algorithms_client_to_server\n name-list encryption_algorithms_server_to_client\n name-list mac_algorithms_client_to_server\n name-list mac_algorithms_server_to_client\n name-list compression_algorithms_client_to_server\n name-list compression_algorithms_server_to_client\n name-list languages_client_to_server\n name-list languages_server_to_client\n boolean first_kex_packet_follows\n uint32 0 (reserved for future extension)\n */\n const init = {\n kex: undefined,\n serverHostKey: undefined,\n cs: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n sc: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n };\n\n bufferParser.init(payload, 17);\n\n if ((init.kex = bufferParser.readList()) === undefined\n || (init.serverHostKey = bufferParser.readList()) === undefined\n || (init.cs.cipher = bufferParser.readList()) === undefined\n || (init.sc.cipher = bufferParser.readList()) === undefined\n || (init.cs.mac = bufferParser.readList()) === undefined\n || (init.sc.mac = bufferParser.readList()) === undefined\n || (init.cs.compress = bufferParser.readList()) === undefined\n || (init.sc.compress = bufferParser.readList()) === undefined\n || (init.cs.lang = bufferParser.readList()) === undefined\n || (init.sc.lang = bufferParser.readList()) === undefined) {\n bufferParser.clear();\n return doFatalError(\n self,\n 'Received malformed KEXINIT',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n const pos = bufferParser.pos();\n const firstFollows = (pos < payload.length && payload[pos] === 1);\n bufferParser.clear();\n\n const local = self._offer;\n const remote = init;\n\n let localKex = local.lists.kex.array;\n if (self._compatFlags & COMPAT.BAD_DHGEX) {\n let found = false;\n for (let i = 0; i < localKex.length; ++i) {\n if (localKex[i].indexOf('group-exchange') !== -1) {\n if (!found) {\n found = true;\n // Copy array lazily\n localKex = localKex.slice();\n }\n localKex.splice(i--, 1);\n }\n }\n }\n\n let clientList;\n let serverList;\n let i;\n const debug = self._debug;\n\n debug && debug('Inbound: Handshake in progress');\n\n // Key exchange method =======================================================\n debug && debug(`Handshake: (local) KEX method: ${localKex}`);\n debug && debug(`Handshake: (remote) KEX method: ${remote.kex}`);\n if (self._server) {\n serverList = localKex;\n clientList = remote.kex;\n } else {\n serverList = remote.kex;\n clientList = localKex;\n }\n // Check for agreeable key exchange algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching key exchange algorithm');\n return doFatalError(\n self,\n 'Handshake failed: no matching key exchange algorithm',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.kex = clientList[i];\n debug && debug(`Handshake: KEX algorithm: ${clientList[i]}`);\n if (firstFollows && (!remote.kex.length || clientList[i] !== remote.kex[0])) {\n // Ignore next inbound packet, it was a wrong first guess at KEX algorithm\n self._skipNextInboundPacket = true;\n }\n\n\n // Server host key format ====================================================\n const localSrvHostKey = local.lists.serverHostKey.array;\n debug && debug(`Handshake: (local) Host key format: ${localSrvHostKey}`);\n debug && debug(\n `Handshake: (remote) Host key format: ${remote.serverHostKey}`\n );\n if (self._server) {\n serverList = localSrvHostKey;\n clientList = remote.serverHostKey;\n } else {\n serverList = remote.serverHostKey;\n clientList = localSrvHostKey;\n }\n // Check for agreeable server host key format\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching host key format');\n return doFatalError(\n self,\n 'Handshake failed: no matching host key format',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.serverHostKey = clientList[i];\n debug && debug(`Handshake: Host key format: ${clientList[i]}`);\n\n\n // Client->Server cipher =====================================================\n const localCSCipher = local.lists.cs.cipher.array;\n debug && debug(`Handshake: (local) C->S cipher: ${localCSCipher}`);\n debug && debug(`Handshake: (remote) C->S cipher: ${remote.cs.cipher}`);\n if (self._server) {\n serverList = localCSCipher;\n clientList = remote.cs.cipher;\n } else {\n serverList = remote.cs.cipher;\n clientList = localCSCipher;\n }\n // Check for agreeable client->server cipher\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching C->S cipher');\n return doFatalError(\n self,\n 'Handshake failed: no matching C->S cipher',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.cs.cipher = clientList[i];\n debug && debug(`Handshake: C->S Cipher: ${clientList[i]}`);\n\n\n // Server->Client cipher =====================================================\n const localSCCipher = local.lists.sc.cipher.array;\n debug && debug(`Handshake: (local) S->C cipher: ${localSCCipher}`);\n debug && debug(`Handshake: (remote) S->C cipher: ${remote.sc.cipher}`);\n if (self._server) {\n serverList = localSCCipher;\n clientList = remote.sc.cipher;\n } else {\n serverList = remote.sc.cipher;\n clientList = localSCCipher;\n }\n // Check for agreeable server->client cipher\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching S->C cipher');\n return doFatalError(\n self,\n 'Handshake failed: no matching S->C cipher',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.sc.cipher = clientList[i];\n debug && debug(`Handshake: S->C cipher: ${clientList[i]}`);\n\n\n // Client->Server MAC ========================================================\n const localCSMAC = local.lists.cs.mac.array;\n debug && debug(`Handshake: (local) C->S MAC: ${localCSMAC}`);\n debug && debug(`Handshake: (remote) C->S MAC: ${remote.cs.mac}`);\n if (CIPHER_INFO[init.cs.cipher].authLen > 0) {\n init.cs.mac = '';\n debug && debug('Handshake: C->S MAC: ');\n } else {\n if (self._server) {\n serverList = localCSMAC;\n clientList = remote.cs.mac;\n } else {\n serverList = remote.cs.mac;\n clientList = localCSMAC;\n }\n // Check for agreeable client->server hmac algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching C->S MAC');\n return doFatalError(\n self,\n 'Handshake failed: no matching C->S MAC',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.cs.mac = clientList[i];\n debug && debug(`Handshake: C->S MAC: ${clientList[i]}`);\n }\n\n\n // Server->Client MAC ========================================================\n const localSCMAC = local.lists.sc.mac.array;\n debug && debug(`Handshake: (local) S->C MAC: ${localSCMAC}`);\n debug && debug(`Handshake: (remote) S->C MAC: ${remote.sc.mac}`);\n if (CIPHER_INFO[init.sc.cipher].authLen > 0) {\n init.sc.mac = '';\n debug && debug('Handshake: S->C MAC: ');\n } else {\n if (self._server) {\n serverList = localSCMAC;\n clientList = remote.sc.mac;\n } else {\n serverList = remote.sc.mac;\n clientList = localSCMAC;\n }\n // Check for agreeable server->client hmac algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching S->C MAC');\n return doFatalError(\n self,\n 'Handshake failed: no matching S->C MAC',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.sc.mac = clientList[i];\n debug && debug(`Handshake: S->C MAC: ${clientList[i]}`);\n }\n\n\n // Client->Server compression ================================================\n const localCSCompress = local.lists.cs.compress.array;\n debug && debug(`Handshake: (local) C->S compression: ${localCSCompress}`);\n debug && debug(`Handshake: (remote) C->S compression: ${remote.cs.compress}`);\n if (self._server) {\n serverList = localCSCompress;\n clientList = remote.cs.compress;\n } else {\n serverList = remote.cs.compress;\n clientList = localCSCompress;\n }\n // Check for agreeable client->server compression algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching C->S compression');\n return doFatalError(\n self,\n 'Handshake failed: no matching C->S compression',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.cs.compress = clientList[i];\n debug && debug(`Handshake: C->S compression: ${clientList[i]}`);\n\n\n // Server->Client compression ================================================\n const localSCCompress = local.lists.sc.compress.array;\n debug && debug(`Handshake: (local) S->C compression: ${localSCCompress}`);\n debug && debug(`Handshake: (remote) S->C compression: ${remote.sc.compress}`);\n if (self._server) {\n serverList = localSCCompress;\n clientList = remote.sc.compress;\n } else {\n serverList = remote.sc.compress;\n clientList = localSCCompress;\n }\n // Check for agreeable server->client compression algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching S->C compression');\n return doFatalError(\n self,\n 'Handshake failed: no matching S->C compression',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.sc.compress = clientList[i];\n debug && debug(`Handshake: S->C compression: ${clientList[i]}`);\n\n init.cs.lang = '';\n init.sc.lang = '';\n\n // XXX: hack -- find a better way to do this\n if (self._kex) {\n if (!self._kexinit) {\n // We received a rekey request, but we haven't sent a KEXINIT in response\n // yet\n kexinit(self);\n }\n self._decipher._onPayload = onKEXPayload.bind(self, { firstPacket: false });\n }\n\n self._kex = createKeyExchange(init, self, payload);\n self._kex.start();\n}\n\nconst createKeyExchange = (() => {\n function convertToMpint(buf) {\n let idx = 0;\n let length = buf.length;\n while (buf[idx] === 0x00) {\n ++idx;\n --length;\n }\n let newBuf;\n if (buf[idx] & 0x80) {\n newBuf = Buffer.allocUnsafe(1 + length);\n newBuf[0] = 0;\n buf.copy(newBuf, 1, idx);\n buf = newBuf;\n } else if (length !== buf.length) {\n newBuf = Buffer.allocUnsafe(length);\n buf.copy(newBuf, 0, idx);\n buf = newBuf;\n }\n return buf;\n }\n\n class KeyExchange {\n constructor(negotiated, protocol, remoteKexinit) {\n this._protocol = protocol;\n\n this.sessionID = (protocol._kex ? protocol._kex.sessionID : undefined);\n this.negotiated = negotiated;\n this._step = 1;\n this._public = null;\n this._dh = null;\n this._sentNEWKEYS = false;\n this._receivedNEWKEYS = false;\n this._finished = false;\n this._hostVerified = false;\n\n // Data needed for initializing cipher/decipher/etc.\n this._kexinit = protocol._kexinit;\n this._remoteKexinit = remoteKexinit;\n this._identRaw = protocol._identRaw;\n this._remoteIdentRaw = protocol._remoteIdentRaw;\n this._hostKey = undefined;\n this._dhData = undefined;\n this._sig = undefined;\n }\n finish() {\n if (this._finished)\n return false;\n this._finished = true;\n\n const isServer = this._protocol._server;\n const negotiated = this.negotiated;\n\n const pubKey = this.convertPublicKey(this._dhData);\n let secret = this.computeSecret(this._dhData);\n if (secret instanceof Error) {\n secret.message =\n `Error while computing DH secret (${this.type}): ${secret.message}`;\n secret.level = 'handshake';\n return doFatalError(\n this._protocol,\n secret,\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n const hash = createHash(this.hashName);\n // V_C\n hashString(hash, (isServer ? this._remoteIdentRaw : this._identRaw));\n // \"V_S\"\n hashString(hash, (isServer ? this._identRaw : this._remoteIdentRaw));\n // \"I_C\"\n hashString(hash, (isServer ? this._remoteKexinit : this._kexinit));\n // \"I_S\"\n hashString(hash, (isServer ? this._kexinit : this._remoteKexinit));\n // \"K_S\"\n const serverPublicHostKey = (isServer\n ? this._hostKey.getPublicSSH()\n : this._hostKey);\n hashString(hash, serverPublicHostKey);\n\n if (this.type === 'groupex') {\n // Group exchange-specific\n const params = this.getDHParams();\n const num = Buffer.allocUnsafe(4);\n // min (uint32)\n writeUInt32BE(num, this._minBits, 0);\n hash.update(num);\n // preferred (uint32)\n writeUInt32BE(num, this._prefBits, 0);\n hash.update(num);\n // max (uint32)\n writeUInt32BE(num, this._maxBits, 0);\n hash.update(num);\n // prime\n hashString(hash, params.prime);\n // generator\n hashString(hash, params.generator);\n }\n\n // method-specific data sent by client\n hashString(hash, (isServer ? pubKey : this.getPublicKey()));\n // method-specific data sent by server\n const serverPublicKey = (isServer ? this.getPublicKey() : pubKey);\n hashString(hash, serverPublicKey);\n // shared secret (\"K\")\n hashString(hash, secret);\n\n // \"H\"\n const exchangeHash = hash.digest();\n\n if (!isServer) {\n bufferParser.init(this._sig, 0);\n const sigType = bufferParser.readString(true);\n\n if (!sigType) {\n return doFatalError(\n this._protocol,\n 'Malformed packet while reading signature',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n if (sigType !== negotiated.serverHostKey) {\n return doFatalError(\n this._protocol,\n `Wrong signature type: ${sigType}, `\n + `expected: ${negotiated.serverHostKey}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n // \"s\"\n let sigValue = bufferParser.readString();\n\n bufferParser.clear();\n\n if (sigValue === undefined) {\n return doFatalError(\n this._protocol,\n 'Malformed packet while reading signature',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n if (!(sigValue = sigSSHToASN1(sigValue, sigType))) {\n return doFatalError(\n this._protocol,\n 'Malformed signature',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n let parsedHostKey;\n {\n bufferParser.init(this._hostKey, 0);\n const name = bufferParser.readString(true);\n const hostKey = this._hostKey.slice(bufferParser.pos());\n bufferParser.clear();\n parsedHostKey = parseDERKey(hostKey, name);\n if (parsedHostKey instanceof Error) {\n parsedHostKey.level = 'handshake';\n return doFatalError(\n this._protocol,\n parsedHostKey,\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n\n let hashAlgo;\n // Check if we need to override the default hash algorithm\n switch (this.negotiated.serverHostKey) {\n case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n }\n\n this._protocol._debug\n && this._protocol._debug('Verifying signature ...');\n\n const verified = parsedHostKey.verify(exchangeHash, sigValue, hashAlgo);\n if (verified !== true) {\n if (verified instanceof Error) {\n this._protocol._debug && this._protocol._debug(\n `Signature verification failed: ${verified.stack}`\n );\n } else {\n this._protocol._debug && this._protocol._debug(\n 'Signature verification failed'\n );\n }\n return doFatalError(\n this._protocol,\n 'Handshake failed: signature verification failed',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug('Verified signature');\n } else {\n // Server\n\n let hashAlgo;\n // Check if we need to override the default hash algorithm\n switch (this.negotiated.serverHostKey) {\n case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n }\n\n this._protocol._debug && this._protocol._debug(\n 'Generating signature ...'\n );\n\n let signature = this._hostKey.sign(exchangeHash, hashAlgo);\n if (signature instanceof Error) {\n return doFatalError(\n this._protocol,\n 'Handshake failed: signature generation failed for '\n + `${this._hostKey.type} host key: ${signature.message}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n signature = convertSignature(signature, this._hostKey.type);\n if (signature === false) {\n return doFatalError(\n this._protocol,\n 'Handshake failed: signature conversion failed for '\n + `${this._hostKey.type} host key`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n // Send KEX reply\n /*\n byte SSH_MSG_KEXDH_REPLY\n / SSH_MSG_KEX_DH_GEX_REPLY\n / SSH_MSG_KEX_ECDH_REPLY\n string server public host key and certificates (K_S)\n string \n string signature of H\n */\n const sigType = this.negotiated.serverHostKey;\n const sigTypeLen = Buffer.byteLength(sigType);\n const sigLen = 4 + sigTypeLen + 4 + signature.length;\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet = this._protocol._packetRW.write.alloc(\n 1\n + 4 + serverPublicHostKey.length\n + 4 + serverPublicKey.length\n + 4 + sigLen,\n true\n );\n\n packet[p] = MESSAGE.KEXDH_REPLY;\n\n writeUInt32BE(packet, serverPublicHostKey.length, ++p);\n packet.set(serverPublicHostKey, p += 4);\n\n writeUInt32BE(packet,\n serverPublicKey.length,\n p += serverPublicHostKey.length);\n packet.set(serverPublicKey, p += 4);\n\n writeUInt32BE(packet, sigLen, p += serverPublicKey.length);\n\n writeUInt32BE(packet, sigTypeLen, p += 4);\n packet.utf8Write(sigType, p += 4, sigTypeLen);\n\n writeUInt32BE(packet, signature.length, p += sigTypeLen);\n packet.set(signature, p += 4);\n\n if (this._protocol._debug) {\n let type;\n switch (this.type) {\n case 'group':\n type = 'KEXDH_REPLY';\n break;\n case 'groupex':\n type = 'KEXDH_GEX_REPLY';\n break;\n default:\n type = 'KEXECDH_REPLY';\n }\n this._protocol._debug(`Outbound: Sending ${type}`);\n }\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n trySendNEWKEYS(this);\n\n const completeHandshake = () => {\n if (!this.sessionID)\n this.sessionID = exchangeHash;\n\n {\n const newSecret = Buffer.allocUnsafe(4 + secret.length);\n writeUInt32BE(newSecret, secret.length, 0);\n newSecret.set(secret, 4);\n secret = newSecret;\n }\n\n // Initialize new ciphers, deciphers, etc.\n\n const csCipherInfo = CIPHER_INFO[negotiated.cs.cipher];\n const scCipherInfo = CIPHER_INFO[negotiated.sc.cipher];\n\n const csIV = generateKEXVal(csCipherInfo.ivLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'A');\n const scIV = generateKEXVal(scCipherInfo.ivLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'B');\n const csKey = generateKEXVal(csCipherInfo.keyLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'C');\n const scKey = generateKEXVal(scCipherInfo.keyLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'D');\n let csMacInfo;\n let csMacKey;\n if (!csCipherInfo.authLen) {\n csMacInfo = MAC_INFO[negotiated.cs.mac];\n csMacKey = generateKEXVal(csMacInfo.len,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'E');\n }\n let scMacInfo;\n let scMacKey;\n if (!scCipherInfo.authLen) {\n scMacInfo = MAC_INFO[negotiated.sc.mac];\n scMacKey = generateKEXVal(scMacInfo.len,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'F');\n }\n\n const config = {\n inbound: {\n onPayload: this._protocol._onPayload,\n seqno: this._protocol._decipher.inSeqno,\n decipherInfo: (!isServer ? scCipherInfo : csCipherInfo),\n decipherIV: (!isServer ? scIV : csIV),\n decipherKey: (!isServer ? scKey : csKey),\n macInfo: (!isServer ? scMacInfo : csMacInfo),\n macKey: (!isServer ? scMacKey : csMacKey),\n },\n outbound: {\n onWrite: this._protocol._onWrite,\n seqno: this._protocol._cipher.outSeqno,\n cipherInfo: (isServer ? scCipherInfo : csCipherInfo),\n cipherIV: (isServer ? scIV : csIV),\n cipherKey: (isServer ? scKey : csKey),\n macInfo: (isServer ? scMacInfo : csMacInfo),\n macKey: (isServer ? scMacKey : csMacKey),\n },\n };\n this._protocol._cipher && this._protocol._cipher.free();\n this._protocol._decipher && this._protocol._decipher.free();\n this._protocol._cipher = createCipher(config);\n this._protocol._decipher = createDecipher(config);\n\n const rw = {\n read: undefined,\n write: undefined,\n };\n switch (negotiated.cs.compress) {\n case 'zlib': // starts immediately\n if (isServer)\n rw.read = new ZlibPacketReader();\n else\n rw.write = new ZlibPacketWriter(this._protocol);\n break;\n case 'zlib@openssh.com':\n // Starts after successful user authentication\n\n if (this._protocol._authenticated) {\n // If a rekey happens and this compression method is selected and\n // we already authenticated successfully, we need to start\n // immediately instead\n if (isServer)\n rw.read = new ZlibPacketReader();\n else\n rw.write = new ZlibPacketWriter(this._protocol);\n break;\n }\n // FALLTHROUGH\n default:\n // none -- never any compression/decompression\n\n if (isServer)\n rw.read = new PacketReader();\n else\n rw.write = new PacketWriter(this._protocol);\n }\n switch (negotiated.sc.compress) {\n case 'zlib': // starts immediately\n if (isServer)\n rw.write = new ZlibPacketWriter(this._protocol);\n else\n rw.read = new ZlibPacketReader();\n break;\n case 'zlib@openssh.com':\n // Starts after successful user authentication\n\n if (this._protocol._authenticated) {\n // If a rekey happens and this compression method is selected and\n // we already authenticated successfully, we need to start\n // immediately instead\n if (isServer)\n rw.write = new ZlibPacketWriter(this._protocol);\n else\n rw.read = new ZlibPacketReader();\n break;\n }\n // FALLTHROUGH\n default:\n // none -- never any compression/decompression\n\n if (isServer)\n rw.write = new PacketWriter(this._protocol);\n else\n rw.read = new PacketReader();\n }\n this._protocol._packetRW.read.cleanup();\n this._protocol._packetRW.write.cleanup();\n this._protocol._packetRW = rw;\n\n // Cleanup/reset various state\n this._public = null;\n this._dh = null;\n this._kexinit = this._protocol._kexinit = undefined;\n this._remoteKexinit = undefined;\n this._identRaw = undefined;\n this._remoteIdentRaw = undefined;\n this._hostKey = undefined;\n this._dhData = undefined;\n this._sig = undefined;\n\n this._protocol._onHandshakeComplete(negotiated);\n\n return false;\n };\n if (!isServer)\n return completeHandshake();\n this.finish = completeHandshake;\n }\n\n start() {\n if (!this._protocol._server) {\n if (this._protocol._debug) {\n let type;\n switch (this.type) {\n case 'group':\n type = 'KEXDH_INIT';\n break;\n default:\n type = 'KEXECDH_INIT';\n }\n this._protocol._debug(`Outbound: Sending ${type}`);\n }\n\n const pubKey = this.getPublicKey();\n\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet = this._protocol._packetRW.write.alloc(\n 1 + 4 + pubKey.length,\n true\n );\n packet[p] = MESSAGE.KEXDH_INIT;\n writeUInt32BE(packet, pubKey.length, ++p);\n packet.set(pubKey, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n }\n getPublicKey() {\n this.generateKeys();\n\n const key = this._public;\n\n if (key)\n return this.convertPublicKey(key);\n }\n convertPublicKey(key) {\n let newKey;\n let idx = 0;\n let len = key.length;\n while (key[idx] === 0x00) {\n ++idx;\n --len;\n }\n\n if (key[idx] & 0x80) {\n newKey = Buffer.allocUnsafe(1 + len);\n newKey[0] = 0;\n key.copy(newKey, 1, idx);\n return newKey;\n }\n\n if (len !== key.length) {\n newKey = Buffer.allocUnsafe(len);\n key.copy(newKey, 0, idx);\n key = newKey;\n }\n return key;\n }\n computeSecret(otherPublicKey) {\n this.generateKeys();\n\n try {\n return convertToMpint(this._dh.computeSecret(otherPublicKey));\n } catch (ex) {\n return ex;\n }\n }\n parse(payload) {\n const type = payload[0];\n switch (this._step) {\n case 1:\n if (this._protocol._server) {\n // Server\n if (type !== MESSAGE.KEXDH_INIT) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_INIT}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH Init'\n );\n /*\n byte SSH_MSG_KEXDH_INIT\n / SSH_MSG_KEX_ECDH_INIT\n string \n */\n bufferParser.init(payload, 1);\n const dhData = bufferParser.readString();\n bufferParser.clear();\n if (dhData === undefined) {\n return doFatalError(\n this._protocol,\n 'Received malformed KEX*_INIT',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n // Client public key\n this._dhData = dhData;\n\n let hostKey =\n this._protocol._hostKeys[this.negotiated.serverHostKey];\n if (Array.isArray(hostKey))\n hostKey = hostKey[0];\n this._hostKey = hostKey;\n\n this.finish();\n } else {\n // Client\n if (type !== MESSAGE.KEXDH_REPLY) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_REPLY}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH Reply'\n );\n /*\n byte SSH_MSG_KEXDH_REPLY\n / SSH_MSG_KEX_DH_GEX_REPLY\n / SSH_MSG_KEX_ECDH_REPLY\n string server public host key and certificates (K_S)\n string \n string signature of H\n */\n bufferParser.init(payload, 1);\n let hostPubKey;\n let dhData;\n let sig;\n if ((hostPubKey = bufferParser.readString()) === undefined\n || (dhData = bufferParser.readString()) === undefined\n || (sig = bufferParser.readString()) === undefined) {\n bufferParser.clear();\n return doFatalError(\n this._protocol,\n 'Received malformed KEX*_REPLY',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n bufferParser.clear();\n\n // Check that the host public key type matches what was negotiated\n // during KEXINIT swap\n bufferParser.init(hostPubKey, 0);\n const hostPubKeyType = bufferParser.readString(true);\n bufferParser.clear();\n if (hostPubKeyType === undefined) {\n return doFatalError(\n this._protocol,\n 'Received malformed host public key',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n if (hostPubKeyType !== this.negotiated.serverHostKey) {\n // Check if we need to make an exception\n switch (this.negotiated.serverHostKey) {\n case 'rsa-sha2-256':\n case 'rsa-sha2-512':\n if (hostPubKeyType === 'ssh-rsa')\n break;\n // FALLTHROUGH\n default:\n return doFatalError(\n this._protocol,\n 'Host key does not match negotiated type',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n\n this._hostKey = hostPubKey;\n this._dhData = dhData;\n this._sig = sig;\n\n let checked = false;\n let ret;\n if (this._protocol._hostVerifier === undefined) {\n ret = true;\n this._protocol._debug && this._protocol._debug(\n 'Host accepted by default (no verification)'\n );\n } else {\n ret = this._protocol._hostVerifier(hostPubKey, (permitted) => {\n if (checked)\n return;\n checked = true;\n if (permitted === false) {\n this._protocol._debug && this._protocol._debug(\n 'Host denied (verification failed)'\n );\n return doFatalError(\n this._protocol,\n 'Host denied (verification failed)',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Host accepted (verified)'\n );\n this._hostVerified = true;\n if (this._receivedNEWKEYS)\n this.finish();\n else\n trySendNEWKEYS(this);\n });\n }\n if (ret === undefined) {\n // Async host verification\n ++this._step;\n return;\n }\n checked = true;\n if (ret === false) {\n this._protocol._debug && this._protocol._debug(\n 'Host denied (verification failed)'\n );\n return doFatalError(\n this._protocol,\n 'Host denied (verification failed)',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Host accepted (verified)'\n );\n this._hostVerified = true;\n trySendNEWKEYS(this);\n }\n ++this._step;\n break;\n case 2:\n if (type !== MESSAGE.NEWKEYS) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.NEWKEYS}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Inbound: NEWKEYS'\n );\n this._receivedNEWKEYS = true;\n ++this._step;\n if (this._protocol._server || this._hostVerified)\n return this.finish();\n\n // Signal to current decipher that we need to change to a new decipher\n // for the next packet\n return false;\n default:\n return doFatalError(\n this._protocol,\n `Received unexpected packet ${type} after NEWKEYS`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n }\n\n class Curve25519Exchange extends KeyExchange {\n constructor(hashName, ...args) {\n super(...args);\n\n this.type = '25519';\n this.hashName = hashName;\n this._keys = null;\n }\n generateKeys() {\n if (!this._keys)\n this._keys = generateKeyPairSync('x25519');\n }\n getPublicKey() {\n this.generateKeys();\n\n const key = this._keys.publicKey.export({ type: 'spki', format: 'der' });\n return key.slice(-32); // HACK: avoids parsing DER/BER header\n }\n convertPublicKey(key) {\n let newKey;\n let idx = 0;\n let len = key.length;\n while (key[idx] === 0x00) {\n ++idx;\n --len;\n }\n\n if (key.length === 32)\n return key;\n\n if (len !== key.length) {\n newKey = Buffer.allocUnsafe(len);\n key.copy(newKey, 0, idx);\n key = newKey;\n }\n return key;\n }\n computeSecret(otherPublicKey) {\n this.generateKeys();\n\n try {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.3.101.110'); // id-X25519\n asnWriter.endSequence();\n\n // PublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(otherPublicKey.length);\n otherPublicKey.copy(asnWriter._buf,\n asnWriter._offset,\n 0,\n otherPublicKey.length);\n asnWriter._offset += otherPublicKey.length;\n asnWriter.endSequence();\n asnWriter.endSequence();\n\n return convertToMpint(diffieHellman({\n privateKey: this._keys.privateKey,\n publicKey: createPublicKey({\n key: asnWriter.buffer,\n type: 'spki',\n format: 'der',\n }),\n }));\n } catch (ex) {\n return ex;\n }\n }\n }\n\n class ECDHExchange extends KeyExchange {\n constructor(curveName, hashName, ...args) {\n super(...args);\n\n this.type = 'ecdh';\n this.curveName = curveName;\n this.hashName = hashName;\n }\n generateKeys() {\n if (!this._dh) {\n this._dh = createECDH(this.curveName);\n this._public = this._dh.generateKeys();\n }\n }\n }\n\n class DHGroupExchange extends KeyExchange {\n constructor(hashName, ...args) {\n super(...args);\n\n this.type = 'groupex';\n this.hashName = hashName;\n this._prime = null;\n this._generator = null;\n this._minBits = GEX_MIN_BITS;\n this._prefBits = dhEstimate(this.negotiated);\n if (this._protocol._compatFlags & COMPAT.BUG_DHGEX_LARGE)\n this._prefBits = Math.min(this._prefBits, 4096);\n this._maxBits = GEX_MAX_BITS;\n }\n start() {\n if (this._protocol._server)\n return;\n this._protocol._debug && this._protocol._debug(\n 'Outbound: Sending KEXDH_GEX_REQUEST'\n );\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet = this._protocol._packetRW.write.alloc(\n 1 + 4 + 4 + 4,\n true\n );\n packet[p] = MESSAGE.KEXDH_GEX_REQUEST;\n writeUInt32BE(packet, this._minBits, ++p);\n writeUInt32BE(packet, this._prefBits, p += 4);\n writeUInt32BE(packet, this._maxBits, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n generateKeys() {\n if (!this._dh && this._prime && this._generator) {\n this._dh = createDiffieHellman(this._prime, this._generator);\n this._public = this._dh.generateKeys();\n }\n }\n setDHParams(prime, generator) {\n if (!Buffer.isBuffer(prime))\n throw new Error('Invalid prime value');\n if (!Buffer.isBuffer(generator))\n throw new Error('Invalid generator value');\n this._prime = prime;\n this._generator = generator;\n }\n getDHParams() {\n if (this._dh) {\n return {\n prime: convertToMpint(this._dh.getPrime()),\n generator: convertToMpint(this._dh.getGenerator()),\n };\n }\n }\n parse(payload) {\n const type = payload[0];\n switch (this._step) {\n case 1:\n if (this._protocol._server) {\n if (type !== MESSAGE.KEXDH_GEX_REQUEST) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of `\n + MESSAGE.KEXDH_GEX_REQUEST,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n // TODO: allow user implementation to provide safe prime and\n // generator on demand to support group exchange on server side\n return doFatalError(\n this._protocol,\n 'Group exchange not implemented for server',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n if (type !== MESSAGE.KEXDH_GEX_GROUP) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_GROUP}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n this._protocol._debug && this._protocol._debug(\n 'Received DH GEX Group'\n );\n\n /*\n byte SSH_MSG_KEX_DH_GEX_GROUP\n mpint p, safe prime\n mpint g, generator for subgroup in GF(p)\n */\n bufferParser.init(payload, 1);\n let prime;\n let gen;\n if ((prime = bufferParser.readString()) === undefined\n || (gen = bufferParser.readString()) === undefined) {\n bufferParser.clear();\n return doFatalError(\n this._protocol,\n 'Received malformed KEXDH_GEX_GROUP',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n bufferParser.clear();\n\n // TODO: validate prime\n this.setDHParams(prime, gen);\n this.generateKeys();\n const pubkey = this.getPublicKey();\n\n this._protocol._debug && this._protocol._debug(\n 'Outbound: Sending KEXDH_GEX_INIT'\n );\n\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet =\n this._protocol._packetRW.write.alloc(1 + 4 + pubkey.length, true);\n packet[p] = MESSAGE.KEXDH_GEX_INIT;\n writeUInt32BE(packet, pubkey.length, ++p);\n packet.set(pubkey, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n\n ++this._step;\n break;\n case 2:\n if (this._protocol._server) {\n if (type !== MESSAGE.KEXDH_GEX_INIT) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_INIT}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH GEX Init'\n );\n return doFatalError(\n this._protocol,\n 'Group exchange not implemented for server',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n } else if (type !== MESSAGE.KEXDH_GEX_REPLY) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_REPLY}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH GEX Reply'\n );\n this._step = 1;\n payload[0] = MESSAGE.KEXDH_REPLY;\n this.parse = KeyExchange.prototype.parse;\n this.parse(payload);\n }\n }\n }\n\n class DHExchange extends KeyExchange {\n constructor(groupName, hashName, ...args) {\n super(...args);\n\n this.type = 'group';\n this.groupName = groupName;\n this.hashName = hashName;\n }\n start() {\n if (!this._protocol._server) {\n this._protocol._debug && this._protocol._debug(\n 'Outbound: Sending KEXDH_INIT'\n );\n const pubKey = this.getPublicKey();\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet =\n this._protocol._packetRW.write.alloc(1 + 4 + pubKey.length, true);\n packet[p] = MESSAGE.KEXDH_INIT;\n writeUInt32BE(packet, pubKey.length, ++p);\n packet.set(pubKey, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n }\n generateKeys() {\n if (!this._dh) {\n this._dh = createDiffieHellmanGroup(this.groupName);\n this._public = this._dh.generateKeys();\n }\n }\n getDHParams() {\n if (this._dh) {\n return {\n prime: convertToMpint(this._dh.getPrime()),\n generator: convertToMpint(this._dh.getGenerator()),\n };\n }\n }\n }\n\n return (negotiated, ...args) => {\n if (typeof negotiated !== 'object' || negotiated === null)\n throw new Error('Invalid negotiated argument');\n const kexType = negotiated.kex;\n if (typeof kexType === 'string') {\n args = [negotiated, ...args];\n switch (kexType) {\n case 'curve25519-sha256':\n case 'curve25519-sha256@libssh.org':\n if (!curve25519Supported)\n break;\n return new Curve25519Exchange('sha256', ...args);\n\n case 'ecdh-sha2-nistp256':\n return new ECDHExchange('prime256v1', 'sha256', ...args);\n case 'ecdh-sha2-nistp384':\n return new ECDHExchange('secp384r1', 'sha384', ...args);\n case 'ecdh-sha2-nistp521':\n return new ECDHExchange('secp521r1', 'sha512', ...args);\n\n case 'diffie-hellman-group1-sha1':\n return new DHExchange('modp2', 'sha1', ...args);\n case 'diffie-hellman-group14-sha1':\n return new DHExchange('modp14', 'sha1', ...args);\n case 'diffie-hellman-group14-sha256':\n return new DHExchange('modp14', 'sha256', ...args);\n case 'diffie-hellman-group15-sha512':\n return new DHExchange('modp15', 'sha512', ...args);\n case 'diffie-hellman-group16-sha512':\n return new DHExchange('modp16', 'sha512', ...args);\n case 'diffie-hellman-group17-sha512':\n return new DHExchange('modp17', 'sha512', ...args);\n case 'diffie-hellman-group18-sha512':\n return new DHExchange('modp18', 'sha512', ...args);\n\n case 'diffie-hellman-group-exchange-sha1':\n return new DHGroupExchange('sha1', ...args);\n case 'diffie-hellman-group-exchange-sha256':\n return new DHGroupExchange('sha256', ...args);\n }\n throw new Error(`Unsupported key exchange algorithm: ${kexType}`);\n }\n throw new Error(`Invalid key exchange type: ${kexType}`);\n };\n})();\n\nconst KexInit = (() => {\n const KEX_PROPERTY_NAMES = [\n 'kex',\n 'serverHostKey',\n ['cs', 'cipher' ],\n ['sc', 'cipher' ],\n ['cs', 'mac' ],\n ['sc', 'mac' ],\n ['cs', 'compress' ],\n ['sc', 'compress' ],\n ['cs', 'lang' ],\n ['sc', 'lang' ],\n ];\n return class KexInit {\n constructor(obj) {\n if (typeof obj !== 'object' || obj === null)\n throw new TypeError('Argument must be an object');\n\n const lists = {\n kex: undefined,\n serverHostKey: undefined,\n cs: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n sc: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n\n all: undefined,\n };\n let totalSize = 0;\n for (const prop of KEX_PROPERTY_NAMES) {\n let base;\n let val;\n let desc;\n let key;\n if (typeof prop === 'string') {\n base = lists;\n val = obj[prop];\n desc = key = prop;\n } else {\n const parent = prop[0];\n base = lists[parent];\n key = prop[1];\n val = obj[parent][key];\n desc = `${parent}.${key}`;\n }\n const entry = { array: undefined, buffer: undefined };\n if (Buffer.isBuffer(val)) {\n entry.array = ('' + val).split(',');\n entry.buffer = val;\n totalSize += 4 + val.length;\n } else {\n if (typeof val === 'string')\n val = val.split(',');\n if (Array.isArray(val)) {\n entry.array = val;\n entry.buffer = Buffer.from(val.join(','));\n } else {\n throw new TypeError(`Invalid \\`${desc}\\` type: ${typeof val}`);\n }\n totalSize += 4 + entry.buffer.length;\n }\n base[key] = entry;\n }\n\n const all = Buffer.allocUnsafe(totalSize);\n lists.all = all;\n\n let allPos = 0;\n for (const prop of KEX_PROPERTY_NAMES) {\n let data;\n if (typeof prop === 'string')\n data = lists[prop].buffer;\n else\n data = lists[prop[0]][prop[1]].buffer;\n allPos = writeUInt32BE(all, data.length, allPos);\n all.set(data, allPos);\n allPos += data.length;\n }\n\n this.totalSize = totalSize;\n this.lists = lists;\n }\n copyAllTo(buf, offset) {\n const src = this.lists.all;\n if (typeof offset !== 'number')\n throw new TypeError(`Invalid offset value: ${typeof offset}`);\n if (buf.length - offset < src.length)\n throw new Error('Insufficient space to copy list');\n buf.set(src, offset);\n return src.length;\n }\n };\n})();\n\nconst hashString = (() => {\n const LEN = Buffer.allocUnsafe(4);\n return (hash, buf) => {\n writeUInt32BE(LEN, buf.length, 0);\n hash.update(LEN);\n hash.update(buf);\n };\n})();\n\nfunction generateKEXVal(len, hashName, secret, exchangeHash, sessionID, char) {\n let ret;\n if (len) {\n let digest = createHash(hashName)\n .update(secret)\n .update(exchangeHash)\n .update(char)\n .update(sessionID)\n .digest();\n while (digest.length < len) {\n const chunk = createHash(hashName)\n .update(secret)\n .update(exchangeHash)\n .update(digest)\n .digest();\n const extended = Buffer.allocUnsafe(digest.length + chunk.length);\n extended.set(digest, 0);\n extended.set(chunk, digest.length);\n digest = extended;\n }\n if (digest.length === len)\n ret = digest;\n else\n ret = new FastBuffer(digest.buffer, digest.byteOffset, len);\n } else {\n ret = EMPTY_BUFFER;\n }\n return ret;\n}\n\nfunction onKEXPayload(state, payload) {\n // XXX: move this to the Decipher implementations?\n if (payload.length === 0) {\n this._debug && this._debug('Inbound: Skipping empty packet payload');\n return;\n }\n\n if (this._skipNextInboundPacket) {\n this._skipNextInboundPacket = false;\n return;\n }\n\n payload = this._packetRW.read.read(payload);\n\n const type = payload[0];\n switch (type) {\n case MESSAGE.DISCONNECT:\n case MESSAGE.IGNORE:\n case MESSAGE.UNIMPLEMENTED:\n case MESSAGE.DEBUG:\n if (!MESSAGE_HANDLERS)\n MESSAGE_HANDLERS = require('./handlers.js');\n return MESSAGE_HANDLERS[type](this, payload);\n case MESSAGE.KEXINIT:\n if (!state.firstPacket) {\n return doFatalError(\n this,\n 'Received extra KEXINIT during handshake',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n state.firstPacket = false;\n return handleKexInit(this, payload);\n default:\n if (type < 20 || type > 49) {\n return doFatalError(\n this,\n `Received unexpected packet type ${type}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n\n return this._kex.parse(payload);\n}\n\nfunction dhEstimate(neg) {\n const csCipher = CIPHER_INFO[neg.cs.cipher];\n const scCipher = CIPHER_INFO[neg.sc.cipher];\n // XXX: if OpenSSH's `umac-*` MACs are ever supported, their key lengths will\n // also need to be considered when calculating `bits`\n const bits = Math.max(\n 0,\n (csCipher.sslName === 'des-ede3-cbc' ? 14 : csCipher.keyLen),\n csCipher.blockLen,\n csCipher.ivLen,\n (scCipher.sslName === 'des-ede3-cbc' ? 14 : scCipher.keyLen),\n scCipher.blockLen,\n scCipher.ivLen\n ) * 8;\n if (bits <= 112)\n return 2048;\n if (bits <= 128)\n return 3072;\n if (bits <= 192)\n return 7680;\n return 8192;\n}\n\nfunction trySendNEWKEYS(kex) {\n if (!kex._sentNEWKEYS) {\n kex._protocol._debug && kex._protocol._debug(\n 'Outbound: Sending NEWKEYS'\n );\n const p = kex._protocol._packetRW.write.allocStartKEX;\n const packet = kex._protocol._packetRW.write.alloc(1, true);\n packet[p] = MESSAGE.NEWKEYS;\n kex._protocol._cipher.encrypt(\n kex._protocol._packetRW.write.finalize(packet, true)\n );\n kex._sentNEWKEYS = true;\n }\n}\n\nmodule.exports = {\n KexInit,\n kexinit,\n onKEXPayload,\n DEFAULT_KEXINIT: new KexInit({\n kex: DEFAULT_KEX,\n serverHostKey: DEFAULT_SERVER_HOST_KEY,\n cs: {\n cipher: DEFAULT_CIPHER,\n mac: DEFAULT_MAC,\n compress: DEFAULT_COMPRESSION,\n lang: [],\n },\n sc: {\n cipher: DEFAULT_CIPHER,\n mac: DEFAULT_MAC,\n compress: DEFAULT_COMPRESSION,\n lang: [],\n },\n }),\n HANDLERS: {\n [MESSAGE.KEXINIT]: handleKexInit,\n },\n};\n","// TODO:\n// * utilize `crypto.create(Private|Public)Key()` and `keyObject.export()`\n// * handle multi-line header values (OpenSSH)?\n// * more thorough validation?\n'use strict';\n\nconst {\n createDecipheriv,\n createECDH,\n createHash,\n createHmac,\n createSign,\n createVerify,\n getCiphers,\n sign: sign_,\n verify: verify_,\n} = require('crypto');\nconst supportedOpenSSLCiphers = getCiphers();\n\nconst { Ber } = require('asn1');\nconst bcrypt_pbkdf = require('bcrypt-pbkdf').pbkdf;\n\nconst { CIPHER_INFO } = require('./crypto.js');\nconst { eddsaSupported, SUPPORTED_CIPHER } = require('./constants.js');\nconst {\n bufferSlice,\n makeBufferParser,\n readString,\n readUInt32BE,\n writeUInt32BE,\n} = require('./utils.js');\n\nconst SYM_HASH_ALGO = Symbol('Hash Algorithm');\nconst SYM_PRIV_PEM = Symbol('Private key PEM');\nconst SYM_PUB_PEM = Symbol('Public key PEM');\nconst SYM_PUB_SSH = Symbol('Public key SSH');\nconst SYM_DECRYPTED = Symbol('Decrypted Key');\n\n// Create OpenSSL cipher name -> SSH cipher name conversion table\nconst CIPHER_INFO_OPENSSL = Object.create(null);\n{\n const keys = Object.keys(CIPHER_INFO);\n for (let i = 0; i < keys.length; ++i) {\n const cipherName = CIPHER_INFO[keys[i]].sslName;\n if (!cipherName || CIPHER_INFO_OPENSSL[cipherName])\n continue;\n CIPHER_INFO_OPENSSL[cipherName] = CIPHER_INFO[keys[i]];\n }\n}\n\nconst binaryKeyParser = makeBufferParser();\n\nfunction makePEM(type, data) {\n data = data.base64Slice(0, data.length);\n let formatted = data.replace(/.{64}/g, '$&\\n');\n if (data.length & 63)\n formatted += '\\n';\n return `-----BEGIN ${type} KEY-----\\n${formatted}-----END ${type} KEY-----`;\n}\n\nfunction combineBuffers(buf1, buf2) {\n const result = Buffer.allocUnsafe(buf1.length + buf2.length);\n result.set(buf1, 0);\n result.set(buf2, buf1.length);\n return result;\n}\n\nfunction skipFields(buf, nfields) {\n const bufLen = buf.length;\n let pos = (buf._pos || 0);\n for (let i = 0; i < nfields; ++i) {\n const left = (bufLen - pos);\n if (pos >= bufLen || left < 4)\n return false;\n const len = readUInt32BE(buf, pos);\n if (left < 4 + len)\n return false;\n pos += 4 + len;\n }\n buf._pos = pos;\n return true;\n}\n\nfunction genOpenSSLRSAPub(n, e) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.2.840.113549.1.1.1'); // rsaEncryption\n // algorithm parameters (RSA has none)\n asnWriter.writeNull();\n asnWriter.endSequence();\n\n // subjectPublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n asnWriter.startSequence();\n asnWriter.writeBuffer(n, Ber.Integer);\n asnWriter.writeBuffer(e, Ber.Integer);\n asnWriter.endSequence();\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHRSAPub(n, e) {\n const publicKey = Buffer.allocUnsafe(4 + 7 + 4 + e.length + 4 + n.length);\n\n writeUInt32BE(publicKey, 7, 0);\n publicKey.utf8Write('ssh-rsa', 4, 7);\n\n let i = 4 + 7;\n writeUInt32BE(publicKey, e.length, i);\n publicKey.set(e, i += 4);\n\n writeUInt32BE(publicKey, n.length, i += e.length);\n publicKey.set(n, i + 4);\n\n return publicKey;\n}\n\nconst genOpenSSLRSAPriv = (() => {\n function genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n asnWriter.writeInt(0x00, Ber.Integer);\n asnWriter.writeBuffer(n, Ber.Integer);\n asnWriter.writeBuffer(e, Ber.Integer);\n asnWriter.writeBuffer(d, Ber.Integer);\n asnWriter.writeBuffer(p, Ber.Integer);\n asnWriter.writeBuffer(q, Ber.Integer);\n asnWriter.writeBuffer(dmp1, Ber.Integer);\n asnWriter.writeBuffer(dmq1, Ber.Integer);\n asnWriter.writeBuffer(iqmp, Ber.Integer);\n asnWriter.endSequence();\n return asnWriter.buffer;\n }\n\n function bigIntFromBuffer(buf) {\n return BigInt(`0x${buf.hexSlice(0, buf.length)}`);\n }\n\n function bigIntToBuffer(bn) {\n let hex = bn.toString(16);\n if ((hex.length & 1) !== 0) {\n hex = `0${hex}`;\n } else {\n const sigbit = hex.charCodeAt(0);\n // BER/DER integers require leading zero byte to denote a positive value\n // when first byte >= 0x80\n if (sigbit === 56/* '8' */\n || sigbit === 57/* '9' */\n || (sigbit >= 97/* 'a' */ && sigbit <= 102/* 'f' */)) {\n hex = `00${hex}`;\n }\n }\n return Buffer.from(hex, 'hex');\n }\n\n return function genOpenSSLRSAPriv(n, e, d, iqmp, p, q) {\n const bn_d = bigIntFromBuffer(d);\n const dmp1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(p) - 1n));\n const dmq1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(q) - 1n));\n return makePEM('RSA PRIVATE',\n genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp));\n };\n})();\n\nfunction genOpenSSLDSAPub(p, q, g, y) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.2.840.10040.4.1'); // id-dsa\n // algorithm parameters\n asnWriter.startSequence();\n asnWriter.writeBuffer(p, Ber.Integer);\n asnWriter.writeBuffer(q, Ber.Integer);\n asnWriter.writeBuffer(g, Ber.Integer);\n asnWriter.endSequence();\n asnWriter.endSequence();\n\n // subjectPublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n asnWriter.writeBuffer(y, Ber.Integer);\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHDSAPub(p, q, g, y) {\n const publicKey = Buffer.allocUnsafe(\n 4 + 7 + 4 + p.length + 4 + q.length + 4 + g.length + 4 + y.length\n );\n\n writeUInt32BE(publicKey, 7, 0);\n publicKey.utf8Write('ssh-dss', 4, 7);\n\n let i = 4 + 7;\n writeUInt32BE(publicKey, p.length, i);\n publicKey.set(p, i += 4);\n\n writeUInt32BE(publicKey, q.length, i += p.length);\n publicKey.set(q, i += 4);\n\n writeUInt32BE(publicKey, g.length, i += q.length);\n publicKey.set(g, i += 4);\n\n writeUInt32BE(publicKey, y.length, i += g.length);\n publicKey.set(y, i + 4);\n\n return publicKey;\n}\n\nfunction genOpenSSLDSAPriv(p, q, g, y, x) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n asnWriter.writeInt(0x00, Ber.Integer);\n asnWriter.writeBuffer(p, Ber.Integer);\n asnWriter.writeBuffer(q, Ber.Integer);\n asnWriter.writeBuffer(g, Ber.Integer);\n asnWriter.writeBuffer(y, Ber.Integer);\n asnWriter.writeBuffer(x, Ber.Integer);\n asnWriter.endSequence();\n return makePEM('DSA PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLEdPub(pub) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n asnWriter.endSequence();\n\n // PublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(pub.length);\n asnWriter._buf.set(pub, asnWriter._offset);\n asnWriter._offset += pub.length;\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHEdPub(pub) {\n const publicKey = Buffer.allocUnsafe(4 + 11 + 4 + pub.length);\n\n writeUInt32BE(publicKey, 11, 0);\n publicKey.utf8Write('ssh-ed25519', 4, 11);\n\n writeUInt32BE(publicKey, pub.length, 15);\n publicKey.set(pub, 19);\n\n return publicKey;\n}\n\nfunction genOpenSSLEdPriv(priv) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // version\n asnWriter.writeInt(0x00, Ber.Integer);\n\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n asnWriter.endSequence();\n\n // PrivateKey\n asnWriter.startSequence(Ber.OctetString);\n asnWriter.writeBuffer(priv, Ber.OctetString);\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPub(oid, Q) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.2.840.10045.2.1'); // id-ecPublicKey\n // algorithm parameters (namedCurve)\n asnWriter.writeOID(oid);\n asnWriter.endSequence();\n\n // subjectPublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(Q.length);\n asnWriter._buf.set(Q, asnWriter._offset);\n asnWriter._offset += Q.length;\n // end hack\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHECDSAPub(oid, Q) {\n let curveName;\n switch (oid) {\n case '1.2.840.10045.3.1.7':\n // prime256v1/secp256r1\n curveName = 'nistp256';\n break;\n case '1.3.132.0.34':\n // secp384r1\n curveName = 'nistp384';\n break;\n case '1.3.132.0.35':\n // secp521r1\n curveName = 'nistp521';\n break;\n default:\n return;\n }\n\n const publicKey = Buffer.allocUnsafe(4 + 19 + 4 + 8 + 4 + Q.length);\n\n writeUInt32BE(publicKey, 19, 0);\n publicKey.utf8Write(`ecdsa-sha2-${curveName}`, 4, 19);\n\n writeUInt32BE(publicKey, 8, 23);\n publicKey.utf8Write(curveName, 27, 8);\n\n writeUInt32BE(publicKey, Q.length, 35);\n publicKey.set(Q, 39);\n\n return publicKey;\n}\n\nfunction genOpenSSLECDSAPriv(oid, pub, priv) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // version\n asnWriter.writeInt(0x01, Ber.Integer);\n // privateKey\n asnWriter.writeBuffer(priv, Ber.OctetString);\n // parameters (optional)\n asnWriter.startSequence(0xA0);\n asnWriter.writeOID(oid);\n asnWriter.endSequence();\n // publicKey (optional)\n asnWriter.startSequence(0xA1);\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(pub.length);\n asnWriter._buf.set(pub, asnWriter._offset);\n asnWriter._offset += pub.length;\n // end hack\n asnWriter.endSequence();\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('EC PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPubFromPriv(curveName, priv) {\n const tempECDH = createECDH(curveName);\n tempECDH.setPrivateKey(priv);\n return tempECDH.getPublicKey();\n}\n\nconst BaseKey = {\n sign: (() => {\n if (typeof sign_ === 'function') {\n return function sign(data, algo) {\n const pem = this[SYM_PRIV_PEM];\n if (pem === null)\n return new Error('No private key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n try {\n return sign_(algo, data, pem);\n } catch (ex) {\n return ex;\n }\n };\n }\n return function sign(data, algo) {\n const pem = this[SYM_PRIV_PEM];\n if (pem === null)\n return new Error('No private key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n const signature = createSign(algo);\n signature.update(data);\n try {\n return signature.sign(pem);\n } catch (ex) {\n return ex;\n }\n };\n })(),\n verify: (() => {\n if (typeof verify_ === 'function') {\n return function verify(data, signature, algo) {\n const pem = this[SYM_PUB_PEM];\n if (pem === null)\n return new Error('No public key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n try {\n return verify_(algo, data, pem, signature);\n } catch (ex) {\n return ex;\n }\n };\n }\n return function verify(data, signature, algo) {\n const pem = this[SYM_PUB_PEM];\n if (pem === null)\n return new Error('No public key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n const verifier = createVerify(algo);\n verifier.update(data);\n try {\n return verifier.verify(pem, signature);\n } catch (ex) {\n return ex;\n }\n };\n })(),\n isPrivateKey: function isPrivateKey() {\n return (this[SYM_PRIV_PEM] !== null);\n },\n getPrivatePEM: function getPrivatePEM() {\n return this[SYM_PRIV_PEM];\n },\n getPublicPEM: function getPublicPEM() {\n return this[SYM_PUB_PEM];\n },\n getPublicSSH: function getPublicSSH() {\n return this[SYM_PUB_SSH];\n },\n equals: function equals(key) {\n const parsed = parseKey(key);\n if (parsed instanceof Error)\n return false;\n return (\n this.type === parsed.type\n && this[SYM_PRIV_PEM] === parsed[SYM_PRIV_PEM]\n && this[SYM_PUB_PEM] === parsed[SYM_PUB_PEM]\n && this[SYM_PUB_SSH] === parsed[SYM_PUB_SSH]\n );\n },\n};\n\n\nfunction OpenSSH_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n decrypted) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = privPEM;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Private.prototype = BaseKey;\n{\n const regexp = /^-----BEGIN OPENSSH PRIVATE KEY-----(?:\\r\\n|\\n)([\\s\\S]+)(?:\\r\\n|\\n)-----END OPENSSH PRIVATE KEY-----$/;\n OpenSSH_Private.parse = (str, passphrase) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n let ret;\n const data = Buffer.from(m[1], 'base64');\n if (data.length < 31) // magic (+ magic null term.) + minimum field lengths\n return new Error('Malformed OpenSSH private key');\n const magic = data.utf8Slice(0, 15);\n if (magic !== 'openssh-key-v1\\0')\n return new Error(`Unsupported OpenSSH key magic: ${magic}`);\n\n const cipherName = readString(data, 15, true);\n if (cipherName === undefined)\n return new Error('Malformed OpenSSH private key');\n if (cipherName !== 'none' && SUPPORTED_CIPHER.indexOf(cipherName) === -1)\n return new Error(`Unsupported cipher for OpenSSH key: ${cipherName}`);\n\n const kdfName = readString(data, data._pos, true);\n if (kdfName === undefined)\n return new Error('Malformed OpenSSH private key');\n if (kdfName !== 'none') {\n if (cipherName === 'none')\n return new Error('Malformed OpenSSH private key');\n if (kdfName !== 'bcrypt')\n return new Error(`Unsupported kdf name for OpenSSH key: ${kdfName}`);\n if (!passphrase) {\n return new Error(\n 'Encrypted private OpenSSH key detected, but no passphrase given'\n );\n }\n } else if (cipherName !== 'none') {\n return new Error('Malformed OpenSSH private key');\n }\n\n let encInfo;\n let cipherKey;\n let cipherIV;\n if (cipherName !== 'none')\n encInfo = CIPHER_INFO[cipherName];\n const kdfOptions = readString(data, data._pos);\n if (kdfOptions === undefined)\n return new Error('Malformed OpenSSH private key');\n if (kdfOptions.length) {\n switch (kdfName) {\n case 'none':\n return new Error('Malformed OpenSSH private key');\n case 'bcrypt':\n /*\n string salt\n uint32 rounds\n */\n const salt = readString(kdfOptions, 0);\n if (salt === undefined || kdfOptions._pos + 4 > kdfOptions.length)\n return new Error('Malformed OpenSSH private key');\n const rounds = readUInt32BE(kdfOptions, kdfOptions._pos);\n const gen = Buffer.allocUnsafe(encInfo.keyLen + encInfo.ivLen);\n const r = bcrypt_pbkdf(passphrase,\n passphrase.length,\n salt,\n salt.length,\n gen,\n gen.length,\n rounds);\n if (r !== 0)\n return new Error('Failed to generate information to decrypt key');\n cipherKey = bufferSlice(gen, 0, encInfo.keyLen);\n cipherIV = bufferSlice(gen, encInfo.keyLen, gen.length);\n break;\n }\n } else if (kdfName !== 'none') {\n return new Error('Malformed OpenSSH private key');\n }\n\n if (data._pos + 3 >= data.length)\n return new Error('Malformed OpenSSH private key');\n const keyCount = readUInt32BE(data, data._pos);\n data._pos += 4;\n\n if (keyCount > 0) {\n // TODO: place sensible limit on max `keyCount`\n\n // Read public keys first\n for (let i = 0; i < keyCount; ++i) {\n const pubData = readString(data, data._pos);\n if (pubData === undefined)\n return new Error('Malformed OpenSSH private key');\n const type = readString(pubData, 0, true);\n if (type === undefined)\n return new Error('Malformed OpenSSH private key');\n }\n\n let privBlob = readString(data, data._pos);\n if (privBlob === undefined)\n return new Error('Malformed OpenSSH private key');\n\n if (cipherKey !== undefined) {\n // Encrypted private key(s)\n if (privBlob.length < encInfo.blockLen\n || (privBlob.length % encInfo.blockLen) !== 0) {\n return new Error('Malformed OpenSSH private key');\n }\n try {\n const options = { authTagLength: encInfo.authLen };\n const decipher = createDecipheriv(encInfo.sslName,\n cipherKey,\n cipherIV,\n options);\n if (encInfo.authLen > 0) {\n if (data.length - data._pos < encInfo.authLen)\n return new Error('Malformed OpenSSH private key');\n decipher.setAuthTag(\n bufferSlice(data, data._pos, data._pos += encInfo.authLen)\n );\n }\n privBlob = combineBuffers(decipher.update(privBlob),\n decipher.final());\n } catch (ex) {\n return ex;\n }\n }\n // Nothing should we follow the private key(s), except a possible\n // authentication tag for relevant ciphers\n if (data._pos !== data.length)\n return new Error('Malformed OpenSSH private key');\n\n ret = parseOpenSSHPrivKeys(privBlob, keyCount, cipherKey !== undefined);\n } else {\n ret = [];\n }\n if (ret instanceof Error)\n return ret;\n // This will need to change if/when OpenSSH ever starts storing multiple\n // keys in their key files\n return ret[0];\n };\n\n function parseOpenSSHPrivKeys(data, nkeys, decrypted) {\n const keys = [];\n /*\n uint32 checkint\n uint32 checkint\n string privatekey1\n string comment1\n string privatekey2\n string comment2\n ...\n string privatekeyN\n string commentN\n char 1\n char 2\n char 3\n ...\n char padlen % 255\n */\n if (data.length < 8)\n return new Error('Malformed OpenSSH private key');\n const check1 = readUInt32BE(data, 0);\n const check2 = readUInt32BE(data, 4);\n if (check1 !== check2) {\n if (decrypted) {\n return new Error(\n 'OpenSSH key integrity check failed -- bad passphrase?'\n );\n }\n return new Error('OpenSSH key integrity check failed');\n }\n data._pos = 8;\n let i;\n let oid;\n for (i = 0; i < nkeys; ++i) {\n let algo;\n let privPEM;\n let pubPEM;\n let pubSSH;\n // The OpenSSH documentation for the key format actually lies, the\n // entirety of the private key content is not contained with a string\n // field, it's actually the literal contents of the private key, so to be\n // able to find the end of the key data you need to know the layout/format\n // of each key type ...\n const type = readString(data, data._pos, true);\n if (type === undefined)\n return new Error('Malformed OpenSSH private key');\n\n switch (type) {\n case 'ssh-rsa': {\n /*\n string n -- public\n string e -- public\n string d -- private\n string iqmp -- private\n string p -- private\n string q -- private\n */\n const n = readString(data, data._pos);\n if (n === undefined)\n return new Error('Malformed OpenSSH private key');\n const e = readString(data, data._pos);\n if (e === undefined)\n return new Error('Malformed OpenSSH private key');\n const d = readString(data, data._pos);\n if (d === undefined)\n return new Error('Malformed OpenSSH private key');\n const iqmp = readString(data, data._pos);\n if (iqmp === undefined)\n return new Error('Malformed OpenSSH private key');\n const p = readString(data, data._pos);\n if (p === undefined)\n return new Error('Malformed OpenSSH private key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n algo = 'sha1';\n break;\n }\n case 'ssh-dss': {\n /*\n string p -- public\n string q -- public\n string g -- public\n string y -- public\n string x -- private\n */\n const p = readString(data, data._pos);\n if (p === undefined)\n return new Error('Malformed OpenSSH private key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed OpenSSH private key');\n const g = readString(data, data._pos);\n if (g === undefined)\n return new Error('Malformed OpenSSH private key');\n const y = readString(data, data._pos);\n if (y === undefined)\n return new Error('Malformed OpenSSH private key');\n const x = readString(data, data._pos);\n if (x === undefined)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n algo = 'sha1';\n break;\n }\n case 'ssh-ed25519': {\n if (!eddsaSupported)\n return new Error(`Unsupported OpenSSH private key type: ${type}`);\n /*\n * string public key\n * string private key + public key\n */\n const edpub = readString(data, data._pos);\n if (edpub === undefined || edpub.length !== 32)\n return new Error('Malformed OpenSSH private key');\n const edpriv = readString(data, data._pos);\n if (edpriv === undefined || edpriv.length !== 64)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLEdPub(edpub);\n pubSSH = genOpenSSHEdPub(edpub);\n privPEM = genOpenSSLEdPriv(bufferSlice(edpriv, 0, 32));\n algo = null;\n break;\n }\n case 'ecdsa-sha2-nistp256':\n algo = 'sha256';\n oid = '1.2.840.10045.3.1.7';\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp384':\n if (algo === undefined) {\n algo = 'sha384';\n oid = '1.3.132.0.34';\n }\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp521': {\n if (algo === undefined) {\n algo = 'sha512';\n oid = '1.3.132.0.35';\n }\n /*\n string curve name\n string Q -- public\n string d -- private\n */\n // TODO: validate curve name against type\n if (!skipFields(data, 1)) // Skip curve name\n return new Error('Malformed OpenSSH private key');\n const ecpub = readString(data, data._pos);\n if (ecpub === undefined)\n return new Error('Malformed OpenSSH private key');\n const ecpriv = readString(data, data._pos);\n if (ecpriv === undefined)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n privPEM = genOpenSSLECDSAPriv(oid, ecpub, ecpriv);\n break;\n }\n default:\n return new Error(`Unsupported OpenSSH private key type: ${type}`);\n }\n\n const privComment = readString(data, data._pos, true);\n if (privComment === undefined)\n return new Error('Malformed OpenSSH private key');\n\n keys.push(\n new OpenSSH_Private(type, privComment, privPEM, pubPEM, pubSSH, algo,\n decrypted)\n );\n }\n let cnt = 0;\n for (i = data._pos; i < data.length; ++i) {\n if (data[i] !== (++cnt % 255))\n return new Error('Malformed OpenSSH private key');\n }\n\n return keys;\n }\n}\n\n\nfunction OpenSSH_Old_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n decrypted) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = privPEM;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Old_Private.prototype = BaseKey;\n{\n const regexp = /^-----BEGIN (RSA|DSA|EC) PRIVATE KEY-----(?:\\r\\n|\\n)((?:[^:]+:\\s*[\\S].*(?:\\r\\n|\\n))*)([\\s\\S]+)(?:\\r\\n|\\n)-----END (RSA|DSA|EC) PRIVATE KEY-----$/;\n OpenSSH_Old_Private.parse = (str, passphrase) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n let privBlob = Buffer.from(m[3], 'base64');\n let headers = m[2];\n let decrypted = false;\n if (headers !== undefined) {\n // encrypted key\n headers = headers.split(/\\r\\n|\\n/g);\n for (let i = 0; i < headers.length; ++i) {\n const header = headers[i];\n let sepIdx = header.indexOf(':');\n if (header.slice(0, sepIdx) === 'DEK-Info') {\n const val = header.slice(sepIdx + 2);\n sepIdx = val.indexOf(',');\n if (sepIdx === -1)\n continue;\n const cipherName = val.slice(0, sepIdx).toLowerCase();\n if (supportedOpenSSLCiphers.indexOf(cipherName) === -1) {\n return new Error(\n `Cipher (${cipherName}) not supported `\n + 'for encrypted OpenSSH private key'\n );\n }\n const encInfo = CIPHER_INFO_OPENSSL[cipherName];\n if (!encInfo) {\n return new Error(\n `Cipher (${cipherName}) not supported `\n + 'for encrypted OpenSSH private key'\n );\n }\n const cipherIV = Buffer.from(val.slice(sepIdx + 1), 'hex');\n if (cipherIV.length !== encInfo.ivLen)\n return new Error('Malformed encrypted OpenSSH private key');\n if (!passphrase) {\n return new Error(\n 'Encrypted OpenSSH private key detected, but no passphrase given'\n );\n }\n const ivSlice = bufferSlice(cipherIV, 0, 8);\n let cipherKey = createHash('md5')\n .update(passphrase)\n .update(ivSlice)\n .digest();\n while (cipherKey.length < encInfo.keyLen) {\n cipherKey = combineBuffers(\n cipherKey,\n createHash('md5')\n .update(cipherKey)\n .update(passphrase)\n .update(ivSlice)\n .digest()\n );\n }\n if (cipherKey.length > encInfo.keyLen)\n cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n try {\n const decipher = createDecipheriv(cipherName, cipherKey, cipherIV);\n decipher.setAutoPadding(false);\n privBlob = combineBuffers(decipher.update(privBlob),\n decipher.final());\n decrypted = true;\n } catch (ex) {\n return ex;\n }\n }\n }\n }\n\n let type;\n let privPEM;\n let pubPEM;\n let pubSSH;\n let algo;\n let reader;\n let errMsg = 'Malformed OpenSSH private key';\n if (decrypted)\n errMsg += '. Bad passphrase?';\n switch (m[1]) {\n case 'RSA':\n type = 'ssh-rsa';\n privPEM = makePEM('RSA PRIVATE', privBlob);\n try {\n reader = new Ber.Reader(privBlob);\n reader.readSequence();\n reader.readInt(); // skip version\n const n = reader.readString(Ber.Integer, true);\n if (n === null)\n return new Error(errMsg);\n const e = reader.readString(Ber.Integer, true);\n if (e === null)\n return new Error(errMsg);\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n } catch {\n return new Error(errMsg);\n }\n algo = 'sha1';\n break;\n case 'DSA':\n type = 'ssh-dss';\n privPEM = makePEM('DSA PRIVATE', privBlob);\n try {\n reader = new Ber.Reader(privBlob);\n reader.readSequence();\n reader.readInt(); // skip version\n const p = reader.readString(Ber.Integer, true);\n if (p === null)\n return new Error(errMsg);\n const q = reader.readString(Ber.Integer, true);\n if (q === null)\n return new Error(errMsg);\n const g = reader.readString(Ber.Integer, true);\n if (g === null)\n return new Error(errMsg);\n const y = reader.readString(Ber.Integer, true);\n if (y === null)\n return new Error(errMsg);\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n } catch {\n return new Error(errMsg);\n }\n algo = 'sha1';\n break;\n case 'EC':\n let ecSSLName;\n let ecPriv;\n let ecOID;\n try {\n reader = new Ber.Reader(privBlob);\n reader.readSequence();\n reader.readInt(); // skip version\n ecPriv = reader.readString(Ber.OctetString, true);\n reader.readByte(); // Skip \"complex\" context type byte\n const offset = reader.readLength(); // Skip context length\n if (offset !== null) {\n reader._offset = offset;\n ecOID = reader.readOID();\n if (ecOID === null)\n return new Error(errMsg);\n switch (ecOID) {\n case '1.2.840.10045.3.1.7':\n // prime256v1/secp256r1\n ecSSLName = 'prime256v1';\n type = 'ecdsa-sha2-nistp256';\n algo = 'sha256';\n break;\n case '1.3.132.0.34':\n // secp384r1\n ecSSLName = 'secp384r1';\n type = 'ecdsa-sha2-nistp384';\n algo = 'sha384';\n break;\n case '1.3.132.0.35':\n // secp521r1\n ecSSLName = 'secp521r1';\n type = 'ecdsa-sha2-nistp521';\n algo = 'sha512';\n break;\n default:\n return new Error(`Unsupported private key EC OID: ${ecOID}`);\n }\n } else {\n return new Error(errMsg);\n }\n } catch {\n return new Error(errMsg);\n }\n privPEM = makePEM('EC PRIVATE', privBlob);\n const pubBlob = genOpenSSLECDSAPubFromPriv(ecSSLName, ecPriv);\n pubPEM = genOpenSSLECDSAPub(ecOID, pubBlob);\n pubSSH = genOpenSSHECDSAPub(ecOID, pubBlob);\n break;\n }\n\n return new OpenSSH_Old_Private(type, '', privPEM, pubPEM, pubSSH, algo,\n decrypted);\n };\n}\n\n\nfunction PPK_Private(type, comment, privPEM, pubPEM, pubSSH, algo, decrypted) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = privPEM;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = decrypted;\n}\nPPK_Private.prototype = BaseKey;\n{\n const EMPTY_PASSPHRASE = Buffer.alloc(0);\n const PPK_IV = Buffer.from([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);\n const PPK_PP1 = Buffer.from([0, 0, 0, 0]);\n const PPK_PP2 = Buffer.from([0, 0, 0, 1]);\n const regexp = /^PuTTY-User-Key-File-2: (ssh-(?:rsa|dss))\\r?\\nEncryption: (aes256-cbc|none)\\r?\\nComment: ([^\\r\\n]*)\\r?\\nPublic-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-MAC: ([^\\r\\n]+)/;\n PPK_Private.parse = (str, passphrase) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n // m[1] = key type\n // m[2] = encryption type\n // m[3] = comment\n // m[4] = base64-encoded public key data:\n // for \"ssh-rsa\":\n // string \"ssh-rsa\"\n // mpint e (public exponent)\n // mpint n (modulus)\n // for \"ssh-dss\":\n // string \"ssh-dss\"\n // mpint p (modulus)\n // mpint q (prime)\n // mpint g (base number)\n // mpint y (public key parameter: g^x mod p)\n // m[5] = base64-encoded private key data:\n // for \"ssh-rsa\":\n // mpint d (private exponent)\n // mpint p (prime 1)\n // mpint q (prime 2)\n // mpint iqmp ([inverse of q] mod p)\n // for \"ssh-dss\":\n // mpint x (private key parameter)\n // m[6] = SHA1 HMAC over:\n // string name of algorithm (\"ssh-dss\", \"ssh-rsa\")\n // string encryption type\n // string comment\n // string public key data\n // string private-plaintext (including the final padding)\n const cipherName = m[2];\n const encrypted = (cipherName !== 'none');\n if (encrypted && !passphrase) {\n return new Error(\n 'Encrypted PPK private key detected, but no passphrase given'\n );\n }\n\n let privBlob = Buffer.from(m[5], 'base64');\n\n if (encrypted) {\n const encInfo = CIPHER_INFO[cipherName];\n let cipherKey = combineBuffers(\n createHash('sha1').update(PPK_PP1).update(passphrase).digest(),\n createHash('sha1').update(PPK_PP2).update(passphrase).digest()\n );\n if (cipherKey.length > encInfo.keyLen)\n cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n try {\n const decipher = createDecipheriv(encInfo.sslName,\n cipherKey,\n PPK_IV);\n decipher.setAutoPadding(false);\n privBlob = combineBuffers(decipher.update(privBlob),\n decipher.final());\n } catch (ex) {\n return ex;\n }\n }\n\n const type = m[1];\n const comment = m[3];\n const pubBlob = Buffer.from(m[4], 'base64');\n\n const mac = m[6];\n const typeLen = type.length;\n const cipherNameLen = cipherName.length;\n const commentLen = Buffer.byteLength(comment);\n const pubLen = pubBlob.length;\n const privLen = privBlob.length;\n const macData = Buffer.allocUnsafe(4 + typeLen\n + 4 + cipherNameLen\n + 4 + commentLen\n + 4 + pubLen\n + 4 + privLen);\n let p = 0;\n\n writeUInt32BE(macData, typeLen, p);\n macData.utf8Write(type, p += 4, typeLen);\n writeUInt32BE(macData, cipherNameLen, p += typeLen);\n macData.utf8Write(cipherName, p += 4, cipherNameLen);\n writeUInt32BE(macData, commentLen, p += cipherNameLen);\n macData.utf8Write(comment, p += 4, commentLen);\n writeUInt32BE(macData, pubLen, p += commentLen);\n macData.set(pubBlob, p += 4);\n writeUInt32BE(macData, privLen, p += pubLen);\n macData.set(privBlob, p + 4);\n\n if (!passphrase)\n passphrase = EMPTY_PASSPHRASE;\n\n const calcMAC = createHmac(\n 'sha1',\n createHash('sha1')\n .update('putty-private-key-file-mac-key')\n .update(passphrase)\n .digest()\n ).update(macData).digest('hex');\n\n if (calcMAC !== mac) {\n if (encrypted) {\n return new Error(\n 'PPK private key integrity check failed -- bad passphrase?'\n );\n }\n return new Error('PPK private key integrity check failed');\n }\n\n let pubPEM;\n let pubSSH;\n let privPEM;\n pubBlob._pos = 0;\n skipFields(pubBlob, 1); // skip (duplicate) key type\n switch (type) {\n case 'ssh-rsa': {\n const e = readString(pubBlob, pubBlob._pos);\n if (e === undefined)\n return new Error('Malformed PPK public key');\n const n = readString(pubBlob, pubBlob._pos);\n if (n === undefined)\n return new Error('Malformed PPK public key');\n const d = readString(privBlob, 0);\n if (d === undefined)\n return new Error('Malformed PPK private key');\n const p = readString(privBlob, privBlob._pos);\n if (p === undefined)\n return new Error('Malformed PPK private key');\n const q = readString(privBlob, privBlob._pos);\n if (q === undefined)\n return new Error('Malformed PPK private key');\n const iqmp = readString(privBlob, privBlob._pos);\n if (iqmp === undefined)\n return new Error('Malformed PPK private key');\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n break;\n }\n case 'ssh-dss': {\n const p = readString(pubBlob, pubBlob._pos);\n if (p === undefined)\n return new Error('Malformed PPK public key');\n const q = readString(pubBlob, pubBlob._pos);\n if (q === undefined)\n return new Error('Malformed PPK public key');\n const g = readString(pubBlob, pubBlob._pos);\n if (g === undefined)\n return new Error('Malformed PPK public key');\n const y = readString(pubBlob, pubBlob._pos);\n if (y === undefined)\n return new Error('Malformed PPK public key');\n const x = readString(privBlob, 0);\n if (x === undefined)\n return new Error('Malformed PPK private key');\n\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n break;\n }\n }\n\n return new PPK_Private(type, comment, privPEM, pubPEM, pubSSH, 'sha1',\n encrypted);\n };\n}\n\n\nfunction OpenSSH_Public(type, comment, pubPEM, pubSSH, algo) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = null;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = false;\n}\nOpenSSH_Public.prototype = BaseKey;\n{\n let regexp;\n if (eddsaSupported)\n regexp = /^(((?:ssh-(?:rsa|dss|ed25519))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n else\n regexp = /^(((?:ssh-(?:rsa|dss))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n OpenSSH_Public.parse = (str) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n // m[1] = full type\n // m[2] = base type\n // m[3] = base64-encoded public key\n // m[4] = comment\n\n const fullType = m[1];\n const baseType = m[2];\n const data = Buffer.from(m[3], 'base64');\n const comment = (m[4] || '');\n\n const type = readString(data, data._pos, true);\n if (type === undefined || type.indexOf(baseType) !== 0)\n return new Error('Malformed OpenSSH public key');\n\n return parseDER(data, baseType, comment, fullType);\n };\n}\n\n\nfunction RFC4716_Public(type, comment, pubPEM, pubSSH, algo) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = null;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = false;\n}\nRFC4716_Public.prototype = BaseKey;\n{\n const regexp = /^---- BEGIN SSH2 PUBLIC KEY ----(?:\\r?\\n)((?:.{0,72}\\r?\\n)+)---- END SSH2 PUBLIC KEY ----$/;\n const RE_DATA = /^[A-Z0-9a-z/+=\\r\\n]+$/;\n const RE_HEADER = /^([\\x21-\\x39\\x3B-\\x7E]{1,64}): ((?:[^\\\\]*\\\\\\r?\\n)*[^\\r\\n]+)\\r?\\n/gm;\n const RE_HEADER_ENDS = /\\\\\\r?\\n/g;\n RFC4716_Public.parse = (str) => {\n let m = regexp.exec(str);\n if (m === null)\n return null;\n\n const body = m[1];\n let dataStart = 0;\n let comment = '';\n\n while (m = RE_HEADER.exec(body)) {\n const headerName = m[1];\n const headerValue = m[2].replace(RE_HEADER_ENDS, '');\n if (headerValue.length > 1024) {\n RE_HEADER.lastIndex = 0;\n return new Error('Malformed RFC4716 public key');\n }\n\n dataStart = RE_HEADER.lastIndex;\n\n if (headerName.toLowerCase() === 'comment') {\n comment = headerValue;\n if (comment.length > 1\n && comment.charCodeAt(0) === 34/* '\"' */\n && comment.charCodeAt(comment.length - 1) === 34/* '\"' */) {\n comment = comment.slice(1, -1);\n }\n }\n }\n\n let data = body.slice(dataStart);\n if (!RE_DATA.test(data))\n return new Error('Malformed RFC4716 public key');\n\n data = Buffer.from(data, 'base64');\n\n const type = readString(data, 0, true);\n if (type === undefined)\n return new Error('Malformed RFC4716 public key');\n\n let pubPEM = null;\n let pubSSH = null;\n switch (type) {\n case 'ssh-rsa': {\n const e = readString(data, data._pos);\n if (e === undefined)\n return new Error('Malformed RFC4716 public key');\n const n = readString(data, data._pos);\n if (n === undefined)\n return new Error('Malformed RFC4716 public key');\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n break;\n }\n case 'ssh-dss': {\n const p = readString(data, data._pos);\n if (p === undefined)\n return new Error('Malformed RFC4716 public key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed RFC4716 public key');\n const g = readString(data, data._pos);\n if (g === undefined)\n return new Error('Malformed RFC4716 public key');\n const y = readString(data, data._pos);\n if (y === undefined)\n return new Error('Malformed RFC4716 public key');\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n break;\n }\n default:\n return new Error('Malformed RFC4716 public key');\n }\n\n return new RFC4716_Public(type, comment, pubPEM, pubSSH, 'sha1');\n };\n}\n\n\nfunction parseDER(data, baseType, comment, fullType) {\n if (!isSupportedKeyType(baseType))\n return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n\n let algo;\n let oid;\n let pubPEM = null;\n let pubSSH = null;\n\n switch (baseType) {\n case 'ssh-rsa': {\n const e = readString(data, data._pos || 0);\n if (e === undefined)\n return new Error('Malformed OpenSSH public key');\n const n = readString(data, data._pos);\n if (n === undefined)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n algo = 'sha1';\n break;\n }\n case 'ssh-dss': {\n const p = readString(data, data._pos || 0);\n if (p === undefined)\n return new Error('Malformed OpenSSH public key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed OpenSSH public key');\n const g = readString(data, data._pos);\n if (g === undefined)\n return new Error('Malformed OpenSSH public key');\n const y = readString(data, data._pos);\n if (y === undefined)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n algo = 'sha1';\n break;\n }\n case 'ssh-ed25519': {\n const edpub = readString(data, data._pos || 0);\n if (edpub === undefined || edpub.length !== 32)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLEdPub(edpub);\n pubSSH = genOpenSSHEdPub(edpub);\n algo = null;\n break;\n }\n case 'ecdsa-sha2-nistp256':\n algo = 'sha256';\n oid = '1.2.840.10045.3.1.7';\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp384':\n if (algo === undefined) {\n algo = 'sha384';\n oid = '1.3.132.0.34';\n }\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp521': {\n if (algo === undefined) {\n algo = 'sha512';\n oid = '1.3.132.0.35';\n }\n // TODO: validate curve name against type\n if (!skipFields(data, 1)) // Skip curve name\n return new Error('Malformed OpenSSH public key');\n const ecpub = readString(data, data._pos || 0);\n if (ecpub === undefined)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n break;\n }\n default:\n return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n }\n\n return new OpenSSH_Public(fullType, comment, pubPEM, pubSSH, algo);\n}\n\nfunction isSupportedKeyType(type) {\n switch (type) {\n case 'ssh-rsa':\n case 'ssh-dss':\n case 'ecdsa-sha2-nistp256':\n case 'ecdsa-sha2-nistp384':\n case 'ecdsa-sha2-nistp521':\n return true;\n case 'ssh-ed25519':\n if (eddsaSupported)\n return true;\n // FALLTHROUGH\n default:\n return false;\n }\n}\n\nfunction isParsedKey(val) {\n if (!val)\n return false;\n return (typeof val[SYM_DECRYPTED] === 'boolean');\n}\n\nfunction parseKey(data, passphrase) {\n if (isParsedKey(data))\n return data;\n\n let origBuffer;\n if (Buffer.isBuffer(data)) {\n origBuffer = data;\n data = data.utf8Slice(0, data.length).trim();\n } else if (typeof data === 'string') {\n data = data.trim();\n } else {\n return new Error('Key data must be a Buffer or string');\n }\n\n // eslint-disable-next-line eqeqeq\n if (passphrase != undefined) {\n if (typeof passphrase === 'string')\n passphrase = Buffer.from(passphrase);\n else if (!Buffer.isBuffer(passphrase))\n return new Error('Passphrase must be a string or Buffer when supplied');\n }\n\n let ret;\n\n // First try as printable string format (e.g. PEM)\n\n // Private keys\n if ((ret = OpenSSH_Private.parse(data, passphrase)) !== null)\n return ret;\n if ((ret = OpenSSH_Old_Private.parse(data, passphrase)) !== null)\n return ret;\n if ((ret = PPK_Private.parse(data, passphrase)) !== null)\n return ret;\n\n // Public keys\n if ((ret = OpenSSH_Public.parse(data)) !== null)\n return ret;\n if ((ret = RFC4716_Public.parse(data)) !== null)\n return ret;\n\n // Finally try as a binary format if we were originally passed binary data\n if (origBuffer) {\n binaryKeyParser.init(origBuffer, 0);\n const type = binaryKeyParser.readString(true);\n if (type !== undefined) {\n data = binaryKeyParser.readRaw();\n if (data !== undefined) {\n ret = parseDER(data, type, '', type);\n // Ignore potentially useless errors in case the data was not actually\n // in the binary format\n if (ret instanceof Error)\n ret = null;\n }\n }\n binaryKeyParser.clear();\n }\n\n if (ret)\n return ret;\n\n return new Error('Unsupported key format');\n}\n\nmodule.exports = {\n isParsedKey,\n isSupportedKeyType,\n parseDERKey: (data, type) => parseDER(data, type, '', type),\n parseKey,\n};\n","'use strict';\n\nconst assert = require('assert');\nconst { inspect } = require('util');\n\n// Only use this for integers! Decimal numbers do not work with this function.\nfunction addNumericalSeparator(val) {\n let res = '';\n let i = val.length;\n const start = val[0] === '-' ? 1 : 0;\n for (; i >= start + 4; i -= 3)\n res = `_${val.slice(i - 3, i)}${res}`;\n return `${val.slice(0, i)}${res}`;\n}\n\nfunction oneOf(expected, thing) {\n assert(typeof thing === 'string', '`thing` has to be of type string');\n if (Array.isArray(expected)) {\n const len = expected.length;\n assert(len > 0, 'At least one expected value needs to be specified');\n expected = expected.map((i) => String(i));\n if (len > 2) {\n return `one of ${thing} ${expected.slice(0, len - 1).join(', ')}, or `\n + expected[len - 1];\n } else if (len === 2) {\n return `one of ${thing} ${expected[0]} or ${expected[1]}`;\n }\n return `of ${thing} ${expected[0]}`;\n }\n return `of ${thing} ${String(expected)}`;\n}\n\n\nexports.ERR_INTERNAL_ASSERTION = class ERR_INTERNAL_ASSERTION extends Error {\n constructor(message) {\n super();\n Error.captureStackTrace(this, ERR_INTERNAL_ASSERTION);\n\n const suffix = 'This is caused by either a bug in ssh2 '\n + 'or incorrect usage of ssh2 internals.\\n'\n + 'Please open an issue with this stack trace at '\n + 'https://github.com/mscdex/ssh2/issues\\n';\n\n this.message = (message === undefined ? suffix : `${message}\\n${suffix}`);\n }\n};\n\nconst MAX_32BIT_INT = 2 ** 32;\nconst MAX_32BIT_BIGINT = (() => {\n try {\n return new Function('return 2n ** 32n')();\n } catch {}\n})();\nexports.ERR_OUT_OF_RANGE = class ERR_OUT_OF_RANGE extends RangeError {\n constructor(str, range, input, replaceDefaultBoolean) {\n super();\n Error.captureStackTrace(this, ERR_OUT_OF_RANGE);\n\n assert(range, 'Missing \"range\" argument');\n let msg = (replaceDefaultBoolean\n ? str\n : `The value of \"${str}\" is out of range.`);\n let received;\n if (Number.isInteger(input) && Math.abs(input) > MAX_32BIT_INT) {\n received = addNumericalSeparator(String(input));\n } else if (typeof input === 'bigint') {\n received = String(input);\n if (input > MAX_32BIT_BIGINT || input < -MAX_32BIT_BIGINT)\n received = addNumericalSeparator(received);\n received += 'n';\n } else {\n received = inspect(input);\n }\n msg += ` It must be ${range}. Received ${received}`;\n\n this.message = msg;\n }\n};\n\nclass ERR_INVALID_ARG_TYPE extends TypeError {\n constructor(name, expected, actual) {\n super();\n Error.captureStackTrace(this, ERR_INVALID_ARG_TYPE);\n\n assert(typeof name === 'string', `'name' must be a string`);\n\n // determiner: 'must be' or 'must not be'\n let determiner;\n if (typeof expected === 'string' && expected.startsWith('not ')) {\n determiner = 'must not be';\n expected = expected.replace(/^not /, '');\n } else {\n determiner = 'must be';\n }\n\n let msg;\n if (name.endsWith(' argument')) {\n // For cases like 'first argument'\n msg = `The ${name} ${determiner} ${oneOf(expected, 'type')}`;\n } else {\n const type = (name.includes('.') ? 'property' : 'argument');\n msg = `The \"${name}\" ${type} ${determiner} ${oneOf(expected, 'type')}`;\n }\n\n msg += `. Received type ${typeof actual}`;\n\n this.message = msg;\n }\n}\nexports.ERR_INVALID_ARG_TYPE = ERR_INVALID_ARG_TYPE;\n\nexports.validateNumber = function validateNumber(value, name) {\n if (typeof value !== 'number')\n throw new ERR_INVALID_ARG_TYPE(name, 'number', value);\n};\n","'use strict';\n\nconst Ber = require('asn1').Ber;\n\nlet DISCONNECT_REASON;\n\nconst FastBuffer = Buffer[Symbol.species];\nconst TypedArrayFill = Object.getPrototypeOf(Uint8Array.prototype).fill;\n\nfunction readUInt32BE(buf, offset) {\n return (buf[offset++] * 16777216)\n + (buf[offset++] * 65536)\n + (buf[offset++] * 256)\n + buf[offset];\n}\n\nfunction bufferCopy(src, dest, srcStart, srcEnd, destStart) {\n if (!destStart)\n destStart = 0;\n if (srcEnd > src.length)\n srcEnd = src.length;\n let nb = srcEnd - srcStart;\n const destLeft = (dest.length - destStart);\n if (nb > destLeft)\n nb = destLeft;\n dest.set(new Uint8Array(src.buffer, src.byteOffset + srcStart, nb),\n destStart);\n return nb;\n}\n\nfunction bufferSlice(buf, start, end) {\n if (end === undefined)\n end = buf.length;\n return new FastBuffer(buf.buffer, buf.byteOffset + start, end - start);\n}\n\nfunction makeBufferParser() {\n let pos = 0;\n let buffer;\n\n const self = {\n init: (buf, start) => {\n buffer = buf;\n pos = (typeof start === 'number' ? start : 0);\n },\n pos: () => pos,\n length: () => (buffer ? buffer.length : 0),\n avail: () => (buffer && pos < buffer.length ? buffer.length - pos : 0),\n clear: () => {\n buffer = undefined;\n },\n readUInt32BE: () => {\n if (!buffer || pos + 3 >= buffer.length)\n return;\n return (buffer[pos++] * 16777216)\n + (buffer[pos++] * 65536)\n + (buffer[pos++] * 256)\n + buffer[pos++];\n },\n readUInt64BE: (behavior) => {\n if (!buffer || pos + 7 >= buffer.length)\n return;\n switch (behavior) {\n case 'always':\n return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n case 'maybe':\n if (buffer[pos] > 0x1F)\n return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n // FALLTHROUGH\n default:\n return (buffer[pos++] * 72057594037927940)\n + (buffer[pos++] * 281474976710656)\n + (buffer[pos++] * 1099511627776)\n + (buffer[pos++] * 4294967296)\n + (buffer[pos++] * 16777216)\n + (buffer[pos++] * 65536)\n + (buffer[pos++] * 256)\n + buffer[pos++];\n }\n },\n skip: (n) => {\n if (buffer && n > 0)\n pos += n;\n },\n skipString: () => {\n const len = self.readUInt32BE();\n if (len === undefined)\n return;\n pos += len;\n return (pos <= buffer.length ? len : undefined);\n },\n readByte: () => {\n if (buffer && pos < buffer.length)\n return buffer[pos++];\n },\n readBool: () => {\n if (buffer && pos < buffer.length)\n return !!buffer[pos++];\n },\n readList: () => {\n const list = self.readString(true);\n if (list === undefined)\n return;\n return (list ? list.split(',') : []);\n },\n readString: (dest, maxLen) => {\n if (typeof dest === 'number') {\n maxLen = dest;\n dest = undefined;\n }\n\n const len = self.readUInt32BE();\n if (len === undefined)\n return;\n\n if ((buffer.length - pos) < len\n || (typeof maxLen === 'number' && len > maxLen)) {\n return;\n }\n\n if (dest) {\n if (Buffer.isBuffer(dest))\n return bufferCopy(buffer, dest, pos, pos += len);\n return buffer.utf8Slice(pos, pos += len);\n }\n return bufferSlice(buffer, pos, pos += len);\n },\n readRaw: (len) => {\n if (!buffer)\n return;\n if (typeof len !== 'number')\n return bufferSlice(buffer, pos, pos += (buffer.length - pos));\n if ((buffer.length - pos) >= len)\n return bufferSlice(buffer, pos, pos += len);\n },\n };\n\n return self;\n}\n\nfunction makeError(msg, level, fatal) {\n const err = new Error(msg);\n if (typeof level === 'boolean') {\n fatal = level;\n err.level = 'protocol';\n } else {\n err.level = level || 'protocol';\n }\n err.fatal = !!fatal;\n return err;\n}\n\nfunction writeUInt32BE(buf, value, offset) {\n buf[offset++] = (value >>> 24);\n buf[offset++] = (value >>> 16);\n buf[offset++] = (value >>> 8);\n buf[offset++] = value;\n return offset;\n}\n\nconst utilBufferParser = makeBufferParser();\n\nmodule.exports = {\n bufferCopy,\n bufferSlice,\n FastBuffer,\n bufferFill: (buf, value, start, end) => {\n return TypedArrayFill.call(buf, value, start, end);\n },\n makeError,\n doFatalError: (protocol, msg, level, reason) => {\n let err;\n if (DISCONNECT_REASON === undefined)\n ({ DISCONNECT_REASON } = require('./constants.js'));\n if (msg instanceof Error) {\n // doFatalError(protocol, err[, reason])\n err = msg;\n if (typeof level !== 'number')\n reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n else\n reason = level;\n } else {\n // doFatalError(protocol, msg[, level[, reason]])\n err = makeError(msg, level, true);\n }\n if (typeof reason !== 'number')\n reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n protocol.disconnect(reason);\n protocol._destruct();\n protocol._onError(err);\n return Infinity;\n },\n readUInt32BE,\n writeUInt32BE,\n writeUInt32LE: (buf, value, offset) => {\n buf[offset++] = value;\n buf[offset++] = (value >>> 8);\n buf[offset++] = (value >>> 16);\n buf[offset++] = (value >>> 24);\n return offset;\n },\n makeBufferParser,\n bufferParser: makeBufferParser(),\n readString: (buffer, start, dest, maxLen) => {\n if (typeof dest === 'number') {\n maxLen = dest;\n dest = undefined;\n }\n\n if (start === undefined)\n start = 0;\n\n const left = (buffer.length - start);\n if (start < 0 || start >= buffer.length || left < 4)\n return;\n\n const len = readUInt32BE(buffer, start);\n if (left < (4 + len) || (typeof maxLen === 'number' && len > maxLen))\n return;\n\n start += 4;\n const end = start + len;\n buffer._pos = end;\n\n if (dest) {\n if (Buffer.isBuffer(dest))\n return bufferCopy(buffer, dest, start, end);\n return buffer.utf8Slice(start, end);\n }\n return bufferSlice(buffer, start, end);\n },\n sigSSHToASN1: (sig, type) => {\n switch (type) {\n case 'ssh-dss': {\n if (sig.length > 40)\n return sig;\n // Change bare signature r and s values to ASN.1 BER values for OpenSSL\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n let r = sig.slice(0, 20);\n let s = sig.slice(20);\n if (r[0] & 0x80) {\n const rNew = Buffer.allocUnsafe(21);\n rNew[0] = 0x00;\n r.copy(rNew, 1);\n r = rNew;\n } else if (r[0] === 0x00 && !(r[1] & 0x80)) {\n r = r.slice(1);\n }\n if (s[0] & 0x80) {\n const sNew = Buffer.allocUnsafe(21);\n sNew[0] = 0x00;\n s.copy(sNew, 1);\n s = sNew;\n } else if (s[0] === 0x00 && !(s[1] & 0x80)) {\n s = s.slice(1);\n }\n asnWriter.writeBuffer(r, Ber.Integer);\n asnWriter.writeBuffer(s, Ber.Integer);\n asnWriter.endSequence();\n return asnWriter.buffer;\n }\n case 'ecdsa-sha2-nistp256':\n case 'ecdsa-sha2-nistp384':\n case 'ecdsa-sha2-nistp521': {\n utilBufferParser.init(sig, 0);\n const r = utilBufferParser.readString();\n const s = utilBufferParser.readString();\n utilBufferParser.clear();\n if (r === undefined || s === undefined)\n return;\n\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n asnWriter.writeBuffer(r, Ber.Integer);\n asnWriter.writeBuffer(s, Ber.Integer);\n asnWriter.endSequence();\n return asnWriter.buffer;\n }\n default:\n return sig;\n }\n },\n convertSignature: (signature, keyType) => {\n switch (keyType) {\n case 'ssh-dss': {\n if (signature.length <= 40)\n return signature;\n // This is a quick and dirty way to get from BER encoded r and s that\n // OpenSSL gives us, to just the bare values back to back (40 bytes\n // total) like OpenSSH (and possibly others) are expecting\n const asnReader = new Ber.Reader(signature);\n asnReader.readSequence();\n let r = asnReader.readString(Ber.Integer, true);\n let s = asnReader.readString(Ber.Integer, true);\n let rOffset = 0;\n let sOffset = 0;\n if (r.length < 20) {\n const rNew = Buffer.allocUnsafe(20);\n rNew.set(r, 1);\n r = rNew;\n r[0] = 0;\n }\n if (s.length < 20) {\n const sNew = Buffer.allocUnsafe(20);\n sNew.set(s, 1);\n s = sNew;\n s[0] = 0;\n }\n if (r.length > 20 && r[0] === 0)\n rOffset = 1;\n if (s.length > 20 && s[0] === 0)\n sOffset = 1;\n const newSig =\n Buffer.allocUnsafe((r.length - rOffset) + (s.length - sOffset));\n bufferCopy(r, newSig, rOffset, r.length, 0);\n bufferCopy(s, newSig, sOffset, s.length, r.length - rOffset);\n return newSig;\n }\n case 'ecdsa-sha2-nistp256':\n case 'ecdsa-sha2-nistp384':\n case 'ecdsa-sha2-nistp521': {\n if (signature[0] === 0)\n return signature;\n // Convert SSH signature parameters to ASN.1 BER values for OpenSSL\n const asnReader = new Ber.Reader(signature);\n asnReader.readSequence();\n const r = asnReader.readString(Ber.Integer, true);\n const s = asnReader.readString(Ber.Integer, true);\n if (r === null || s === null)\n return;\n const newSig = Buffer.allocUnsafe(4 + r.length + 4 + s.length);\n writeUInt32BE(newSig, r.length, 0);\n newSig.set(r, 4);\n writeUInt32BE(newSig, s.length, 4 + r.length);\n newSig.set(s, 4 + 4 + r.length);\n return newSig;\n }\n }\n\n return signature;\n },\n sendPacket: (proto, packet, bypass) => {\n if (!bypass && proto._kexinit !== undefined) {\n // We're currently in the middle of a handshake\n\n if (proto._queue === undefined)\n proto._queue = [];\n proto._queue.push(packet);\n proto._debug && proto._debug('Outbound: ... packet queued');\n return false;\n }\n proto._cipher.encrypt(packet);\n return true;\n },\n};\n","'use strict';\n\nconst { kMaxLength } = require('buffer');\nconst {\n createInflate,\n constants: {\n DEFLATE,\n INFLATE,\n Z_DEFAULT_CHUNK,\n Z_DEFAULT_COMPRESSION,\n Z_DEFAULT_MEMLEVEL,\n Z_DEFAULT_STRATEGY,\n Z_DEFAULT_WINDOWBITS,\n Z_PARTIAL_FLUSH,\n }\n} = require('zlib');\nconst ZlibHandle = createInflate()._handle.constructor;\n\nfunction processCallback() {\n throw new Error('Should not get here');\n}\n\nfunction zlibOnError(message, errno, code) {\n const self = this._owner;\n // There is no way to cleanly recover.\n // Continuing only obscures problems.\n\n const error = new Error(message);\n error.errno = errno;\n error.code = code;\n self._err = error;\n}\n\nfunction _close(engine) {\n // Caller may invoke .close after a zlib error (which will null _handle).\n if (!engine._handle)\n return;\n\n engine._handle.close();\n engine._handle = null;\n}\n\nclass Zlib {\n constructor(mode) {\n const windowBits = Z_DEFAULT_WINDOWBITS;\n const level = Z_DEFAULT_COMPRESSION;\n const memLevel = Z_DEFAULT_MEMLEVEL;\n const strategy = Z_DEFAULT_STRATEGY;\n const dictionary = undefined;\n\n this._err = undefined;\n this._writeState = new Uint32Array(2);\n this._chunkSize = Z_DEFAULT_CHUNK;\n this._maxOutputLength = kMaxLength;\n this._outBuffer = Buffer.allocUnsafe(this._chunkSize);\n this._outOffset = 0;\n\n this._handle = new ZlibHandle(mode);\n this._handle._owner = this;\n this._handle.onerror = zlibOnError;\n this._handle.init(windowBits,\n level,\n memLevel,\n strategy,\n this._writeState,\n processCallback,\n dictionary);\n }\n\n writeSync(chunk, retChunks) {\n const handle = this._handle;\n if (!handle)\n throw new Error('Invalid Zlib instance');\n\n let availInBefore = chunk.length;\n let availOutBefore = this._chunkSize - this._outOffset;\n let inOff = 0;\n let availOutAfter;\n let availInAfter;\n\n let buffers;\n let nread = 0;\n const state = this._writeState;\n let buffer = this._outBuffer;\n let offset = this._outOffset;\n const chunkSize = this._chunkSize;\n\n while (true) {\n handle.writeSync(Z_PARTIAL_FLUSH,\n chunk, // in\n inOff, // in_off\n availInBefore, // in_len\n buffer, // out\n offset, // out_off\n availOutBefore); // out_len\n if (this._err)\n throw this._err;\n\n availOutAfter = state[0];\n availInAfter = state[1];\n\n const inDelta = availInBefore - availInAfter;\n const have = availOutBefore - availOutAfter;\n\n if (have > 0) {\n const out = (offset === 0 && have === buffer.length\n ? buffer\n : buffer.slice(offset, offset + have));\n offset += have;\n if (!buffers)\n buffers = out;\n else if (buffers.push === undefined)\n buffers = [buffers, out];\n else\n buffers.push(out);\n nread += out.byteLength;\n\n if (nread > this._maxOutputLength) {\n _close(this);\n throw new Error(\n `Output length exceeded maximum of ${this._maxOutputLength}`\n );\n }\n } else if (have !== 0) {\n throw new Error('have should not go down');\n }\n\n // Exhausted the output buffer, or used all the input create a new one.\n if (availOutAfter === 0 || offset >= chunkSize) {\n availOutBefore = chunkSize;\n offset = 0;\n buffer = Buffer.allocUnsafe(chunkSize);\n }\n\n if (availOutAfter === 0) {\n // Not actually done. Need to reprocess.\n // Also, update the availInBefore to the availInAfter value,\n // so that if we have to hit it a third (fourth, etc.) time,\n // it'll have the correct byte counts.\n inOff += inDelta;\n availInBefore = availInAfter;\n } else {\n break;\n }\n }\n\n this._outBuffer = buffer;\n this._outOffset = offset;\n\n if (nread === 0)\n buffers = Buffer.alloc(0);\n\n if (retChunks) {\n buffers.totalLen = nread;\n return buffers;\n }\n\n if (buffers.push === undefined)\n return buffers;\n\n const output = Buffer.allocUnsafe(nread);\n for (let i = 0, p = 0; i < buffers.length; ++i) {\n const buf = buffers[i];\n output.set(buf, p);\n p += buf.length;\n }\n return output;\n }\n}\n\nclass ZlibPacketWriter {\n constructor(protocol) {\n this.allocStart = 0;\n this.allocStartKEX = 0;\n this._protocol = protocol;\n this._zlib = new Zlib(DEFLATE);\n }\n\n cleanup() {\n if (this._zlib)\n _close(this._zlib);\n }\n\n alloc(payloadSize, force) {\n return Buffer.allocUnsafe(payloadSize);\n }\n\n finalize(payload, force) {\n if (this._protocol._kexinit === undefined || force) {\n const output = this._zlib.writeSync(payload, true);\n const packet = this._protocol._cipher.allocPacket(output.totalLen);\n if (output.push === undefined) {\n packet.set(output, 5);\n } else {\n for (let i = 0, p = 5; i < output.length; ++i) {\n const chunk = output[i];\n packet.set(chunk, p);\n p += chunk.length;\n }\n }\n return packet;\n }\n return payload;\n }\n}\n\nclass PacketWriter {\n constructor(protocol) {\n this.allocStart = 5;\n this.allocStartKEX = 5;\n this._protocol = protocol;\n }\n\n cleanup() {}\n\n alloc(payloadSize, force) {\n if (this._protocol._kexinit === undefined || force)\n return this._protocol._cipher.allocPacket(payloadSize);\n return Buffer.allocUnsafe(payloadSize);\n }\n\n finalize(packet, force) {\n return packet;\n }\n}\n\nclass ZlibPacketReader {\n constructor() {\n this._zlib = new Zlib(INFLATE);\n }\n\n cleanup() {\n if (this._zlib)\n _close(this._zlib);\n }\n\n read(data) {\n return this._zlib.writeSync(data, false);\n }\n}\n\nclass PacketReader {\n cleanup() {}\n\n read(data) {\n return data;\n }\n}\n\nmodule.exports = {\n PacketReader,\n PacketWriter,\n ZlibPacketReader,\n ZlibPacketWriter,\n};\n","// TODO:\n// * convert listenerCount() usage to emit() return value checking?\n// * emit error when connection severed early (e.g. before handshake)\n// * add '.connected' or similar property to connection objects to allow\n// immediate connection status checking\n'use strict';\n\nconst { Server: netServer } = require('net');\nconst EventEmitter = require('events');\nconst { listenerCount } = EventEmitter;\n\nconst {\n CHANNEL_OPEN_FAILURE,\n DEFAULT_CIPHER,\n DEFAULT_COMPRESSION,\n DEFAULT_KEX,\n DEFAULT_MAC,\n DEFAULT_SERVER_HOST_KEY,\n DISCONNECT_REASON,\n DISCONNECT_REASON_BY_VALUE,\n SUPPORTED_CIPHER,\n SUPPORTED_COMPRESSION,\n SUPPORTED_KEX,\n SUPPORTED_MAC,\n SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst { KexInit } = require('./protocol/kex.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst { writeUInt32BE } = require('./protocol/utils.js');\n\nconst {\n Channel,\n MAX_WINDOW,\n PACKET_SIZE,\n windowAdjust,\n WINDOW_THRESHOLD,\n} = require('./Channel.js');\n\nconst {\n ChannelManager,\n generateAlgorithmList,\n isWritable,\n onChannelOpenFailure,\n onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst MAX_PENDING_AUTHS = 10;\n\nclass AuthContext extends EventEmitter {\n constructor(protocol, username, service, method, cb) {\n super();\n\n this.username = this.user = username;\n this.service = service;\n this.method = method;\n this._initialResponse = false;\n this._finalResponse = false;\n this._multistep = false;\n this._cbfinal = (allowed, methodsLeft, isPartial) => {\n if (!this._finalResponse) {\n this._finalResponse = true;\n cb(this, allowed, methodsLeft, isPartial);\n }\n };\n this._protocol = protocol;\n }\n\n accept() {\n this._cleanup && this._cleanup();\n this._initialResponse = true;\n this._cbfinal(true);\n }\n reject(methodsLeft, isPartial) {\n this._cleanup && this._cleanup();\n this._initialResponse = true;\n this._cbfinal(false, methodsLeft, isPartial);\n }\n}\n\n\nclass KeyboardAuthContext extends AuthContext {\n constructor(protocol, username, service, method, submethods, cb) {\n super(protocol, username, service, method, cb);\n\n this._multistep = true;\n\n this._cb = undefined;\n this._onInfoResponse = (responses) => {\n const callback = this._cb;\n if (callback) {\n this._cb = undefined;\n callback(responses);\n }\n };\n this.submethods = submethods;\n this.on('abort', () => {\n this._cb && this._cb(new Error('Authentication request aborted'));\n });\n }\n\n prompt(prompts, title, instructions, cb) {\n if (!Array.isArray(prompts))\n prompts = [ prompts ];\n\n if (typeof title === 'function') {\n cb = title;\n title = instructions = undefined;\n } else if (typeof instructions === 'function') {\n cb = instructions;\n instructions = undefined;\n } else if (typeof cb !== 'function') {\n cb = undefined;\n }\n\n for (let i = 0; i < prompts.length; ++i) {\n if (typeof prompts[i] === 'string') {\n prompts[i] = {\n prompt: prompts[i],\n echo: true\n };\n }\n }\n\n this._cb = cb;\n this._initialResponse = true;\n\n this._protocol.authInfoReq(title, instructions, prompts);\n }\n}\n\nclass PKAuthContext extends AuthContext {\n constructor(protocol, username, service, method, pkInfo, cb) {\n super(protocol, username, service, method, cb);\n\n this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n this.signature = pkInfo.signature;\n this.blob = pkInfo.blob;\n }\n\n accept() {\n if (!this.signature) {\n this._initialResponse = true;\n this._protocol.authPKOK(this.key.algo, this.key.data);\n } else {\n AuthContext.prototype.accept.call(this);\n }\n }\n}\n\nclass HostbasedAuthContext extends AuthContext {\n constructor(protocol, username, service, method, pkInfo, cb) {\n super(protocol, username, service, method, cb);\n\n this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n this.signature = pkInfo.signature;\n this.blob = pkInfo.blob;\n this.localHostname = pkInfo.localHostname;\n this.localUsername = pkInfo.localUsername;\n }\n}\n\nclass PwdAuthContext extends AuthContext {\n constructor(protocol, username, service, method, password, cb) {\n super(protocol, username, service, method, cb);\n\n this.password = password;\n this._changeCb = undefined;\n }\n\n requestChange(prompt, cb) {\n if (this._changeCb)\n throw new Error('Change request already in progress');\n if (typeof prompt !== 'string')\n throw new Error('prompt argument must be a string');\n if (typeof cb !== 'function')\n throw new Error('Callback argument must be a function');\n this._changeCb = cb;\n this._protocol.authPasswdChg(prompt);\n }\n}\n\n\nclass Session extends EventEmitter {\n constructor(client, info, localChan) {\n super();\n\n this.type = 'session';\n this.subtype = undefined;\n this.server = true;\n this._ending = false;\n this._channel = undefined;\n this._chanInfo = {\n type: 'session',\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n }\n}\n\n\nclass Server extends EventEmitter {\n constructor(cfg, listener) {\n super();\n\n if (typeof cfg !== 'object' || cfg === null)\n throw new Error('Missing configuration object');\n\n const hostKeys = Object.create(null);\n const hostKeyAlgoOrder = [];\n\n const hostKeys_ = cfg.hostKeys;\n if (!Array.isArray(hostKeys_))\n throw new Error('hostKeys must be an array');\n\n const cfgAlgos = (\n typeof cfg.algorithms === 'object' && cfg.algorithms !== null\n ? cfg.algorithms\n : {}\n );\n\n const hostKeyAlgos = generateAlgorithmList(\n cfgAlgos.serverHostKey,\n DEFAULT_SERVER_HOST_KEY,\n SUPPORTED_SERVER_HOST_KEY\n );\n for (let i = 0; i < hostKeys_.length; ++i) {\n let privateKey;\n if (Buffer.isBuffer(hostKeys_[i]) || typeof hostKeys_[i] === 'string')\n privateKey = parseKey(hostKeys_[i]);\n else\n privateKey = parseKey(hostKeys_[i].key, hostKeys_[i].passphrase);\n\n if (privateKey instanceof Error)\n throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n\n if (Array.isArray(privateKey)) {\n // OpenSSH's newer format only stores 1 key for now\n privateKey = privateKey[0];\n }\n\n if (privateKey.getPrivatePEM() === null)\n throw new Error('privateKey value contains an invalid private key');\n\n // Discard key if we already found a key of the same type\n if (hostKeyAlgoOrder.includes(privateKey.type))\n continue;\n\n if (privateKey.type === 'ssh-rsa') {\n // SSH supports multiple signature hashing algorithms for RSA, so we add\n // the algorithms in the desired order\n let sha1Pos = hostKeyAlgos.indexOf('ssh-rsa');\n const sha256Pos = hostKeyAlgos.indexOf('rsa-sha2-256');\n const sha512Pos = hostKeyAlgos.indexOf('rsa-sha2-512');\n if (sha1Pos === -1) {\n // Fall back to giving SHA1 the lowest priority\n sha1Pos = Infinity;\n }\n [sha1Pos, sha256Pos, sha512Pos].sort(compareNumbers).forEach((pos) => {\n if (pos === -1)\n return;\n\n let type;\n switch (pos) {\n case sha1Pos: type = 'ssh-rsa'; break;\n case sha256Pos: type = 'rsa-sha2-256'; break;\n case sha512Pos: type = 'rsa-sha2-512'; break;\n default: return;\n }\n\n // Store same RSA key under each hash algorithm name for convenience\n hostKeys[type] = privateKey;\n\n hostKeyAlgoOrder.push(type);\n });\n } else {\n hostKeys[privateKey.type] = privateKey;\n hostKeyAlgoOrder.push(privateKey.type);\n }\n }\n\n const algorithms = {\n kex: generateAlgorithmList(cfgAlgos.kex, DEFAULT_KEX, SUPPORTED_KEX),\n serverHostKey: hostKeyAlgoOrder,\n cs: {\n cipher: generateAlgorithmList(\n cfgAlgos.cipher,\n DEFAULT_CIPHER,\n SUPPORTED_CIPHER\n ),\n mac: generateAlgorithmList(cfgAlgos.hmac, DEFAULT_MAC, SUPPORTED_MAC),\n compress: generateAlgorithmList(\n cfgAlgos.compress,\n DEFAULT_COMPRESSION,\n SUPPORTED_COMPRESSION\n ),\n lang: [],\n },\n sc: undefined,\n };\n algorithms.sc = algorithms.cs;\n\n if (typeof listener === 'function')\n this.on('connection', listener);\n\n const origDebug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n const ident = (cfg.ident ? Buffer.from(cfg.ident) : undefined);\n const offer = new KexInit(algorithms);\n\n this._srv = new netServer((socket) => {\n if (this._connections >= this.maxConnections) {\n socket.destroy();\n return;\n }\n ++this._connections;\n socket.once('close', () => {\n --this._connections;\n });\n\n let debug;\n if (origDebug) {\n // Prepend debug output with a unique identifier in case there are\n // multiple clients connected at the same time\n const debugPrefix = `[${process.hrtime().join('.')}] `;\n debug = (msg) => {\n origDebug(`${debugPrefix}${msg}`);\n };\n }\n\n // eslint-disable-next-line no-use-before-define\n new Client(socket, hostKeys, ident, offer, debug, this, cfg);\n }).on('error', (err) => {\n this.emit('error', err);\n }).on('listening', () => {\n this.emit('listening');\n }).on('close', () => {\n this.emit('close');\n });\n this._connections = 0;\n this.maxConnections = Infinity;\n }\n\n injectSocket(socket) {\n this._srv.emit('connection', socket);\n }\n\n listen(...args) {\n this._srv.listen(...args);\n return this;\n }\n\n address() {\n return this._srv.address();\n }\n\n getConnections(cb) {\n this._srv.getConnections(cb);\n return this;\n }\n\n close(cb) {\n this._srv.close(cb);\n return this;\n }\n\n ref() {\n this._srv.ref();\n return this;\n }\n\n unref() {\n this._srv.unref();\n return this;\n }\n}\nServer.KEEPALIVE_CLIENT_INTERVAL = 15000;\nServer.KEEPALIVE_CLIENT_COUNT_MAX = 3;\n\n\nclass Client extends EventEmitter {\n constructor(socket, hostKeys, ident, offer, debug, server, srvCfg) {\n super();\n\n let exchanges = 0;\n let acceptedAuthSvc = false;\n let pendingAuths = [];\n let authCtx;\n let kaTimer;\n let onPacket;\n const unsentGlobalRequestsReplies = [];\n this._sock = socket;\n this._chanMgr = new ChannelManager(this);\n this._debug = debug;\n this.noMoreSessions = false;\n this.authenticated = false;\n\n // Silence pre-header errors\n function onClientPreHeaderError(err) {}\n this.on('error', onClientPreHeaderError);\n\n const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n debug(`Debug output from client: ${JSON.stringify(msg)}`);\n });\n\n const kaIntvl = (\n typeof srvCfg.keepaliveInterval === 'number'\n && isFinite(srvCfg.keepaliveInterval)\n && srvCfg.keepaliveInterval > 0\n ? srvCfg.keepaliveInterval\n : (\n typeof Server.KEEPALIVE_CLIENT_INTERVAL === 'number'\n && isFinite(Server.KEEPALIVE_CLIENT_INTERVAL)\n && Server.KEEPALIVE_CLIENT_INTERVAL > 0\n ? Server.KEEPALIVE_CLIENT_INTERVAL\n : -1\n )\n );\n const kaCountMax = (\n typeof srvCfg.keepaliveCountMax === 'number'\n && isFinite(srvCfg.keepaliveCountMax)\n && srvCfg.keepaliveCountMax >= 0\n ? srvCfg.keepaliveCountMax\n : (\n typeof Server.KEEPALIVE_CLIENT_COUNT_MAX === 'number'\n && isFinite(Server.KEEPALIVE_CLIENT_COUNT_MAX)\n && Server.KEEPALIVE_CLIENT_COUNT_MAX >= 0\n ? Server.KEEPALIVE_CLIENT_COUNT_MAX\n : -1\n )\n );\n let kaCurCount = 0;\n if (kaIntvl !== -1 && kaCountMax !== -1) {\n this.once('ready', () => {\n const onClose = () => {\n clearInterval(kaTimer);\n };\n this.on('close', onClose).on('end', onClose);\n kaTimer = setInterval(() => {\n if (++kaCurCount > kaCountMax) {\n clearInterval(kaTimer);\n const err = new Error('Keepalive timeout');\n err.level = 'client-timeout';\n this.emit('error', err);\n this.end();\n } else {\n // XXX: if the server ever starts sending real global requests to\n // the client, we will need to add a dummy callback here to\n // keep the correct reply order\n proto.ping();\n }\n }, kaIntvl);\n });\n // TODO: re-verify keepalive behavior with OpenSSH\n onPacket = () => {\n kaTimer && kaTimer.refresh();\n kaCurCount = 0;\n };\n }\n\n const proto = this._protocol = new Protocol({\n server: true,\n hostKeys,\n ident,\n offer,\n onPacket,\n greeting: srvCfg.greeting,\n banner: srvCfg.banner,\n onWrite: (data) => {\n if (isWritable(socket))\n socket.write(data);\n },\n onError: (err) => {\n if (!proto._destruct)\n socket.removeAllListeners('data');\n this.emit('error', err);\n try {\n socket.end();\n } catch {}\n },\n onHeader: (header) => {\n this.removeListener('error', onClientPreHeaderError);\n\n const info = {\n ip: socket.remoteAddress,\n family: socket.remoteFamily,\n port: socket.remotePort,\n header,\n };\n if (!server.emit('connection', this, info)) {\n // auto reject\n proto.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n socket.end();\n return;\n }\n\n if (header.greeting)\n this.emit('greeting', header.greeting);\n },\n onHandshakeComplete: (negotiated) => {\n if (++exchanges > 1)\n this.emit('rekey');\n this.emit('handshake', negotiated);\n },\n debug,\n messageHandlers: {\n DEBUG: DEBUG_HANDLER,\n DISCONNECT: (p, reason, desc) => {\n if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n if (!desc) {\n desc = DISCONNECT_REASON_BY_VALUE[reason];\n if (desc === undefined)\n desc = `Unexpected disconnection reason: ${reason}`;\n }\n const err = new Error(desc);\n err.code = reason;\n this.emit('error', err);\n }\n socket.end();\n },\n CHANNEL_OPEN: (p, info) => {\n // Handle incoming requests from client\n\n // Do early reject in some cases to prevent wasteful channel\n // allocation\n if ((info.type === 'session' && this.noMoreSessions)\n || !this.authenticated) {\n const reasonCode = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n return proto.channelOpenFail(info.sender, reasonCode);\n }\n\n let localChan = -1;\n let reason;\n let replied = false;\n\n let accept;\n const reject = () => {\n if (replied)\n return;\n replied = true;\n\n if (reason === undefined) {\n if (localChan === -1)\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n else\n reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n }\n\n if (localChan !== -1)\n this._chanMgr.remove(localChan);\n proto.channelOpenFail(info.sender, reason, '');\n };\n const reserveChannel = () => {\n localChan = this._chanMgr.add();\n\n if (localChan === -1) {\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n if (debug) {\n debug('Automatic rejection of incoming channel open: '\n + 'no channels available');\n }\n }\n\n return (localChan !== -1);\n };\n\n const data = info.data;\n switch (info.type) {\n case 'session':\n if (listenerCount(this, 'session') && reserveChannel()) {\n accept = () => {\n if (replied)\n return;\n replied = true;\n\n const instance = new Session(this, info, localChan);\n this._chanMgr.update(localChan, instance);\n\n proto.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n\n return instance;\n };\n\n this.emit('session', accept, reject);\n return;\n }\n break;\n case 'direct-tcpip':\n if (listenerCount(this, 'tcpip') && reserveChannel()) {\n accept = () => {\n if (replied)\n return;\n replied = true;\n\n const chanInfo = {\n type: undefined,\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n\n const stream = new Channel(this, chanInfo, { server: true });\n this._chanMgr.update(localChan, stream);\n\n proto.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n\n return stream;\n };\n\n this.emit('tcpip', accept, reject, data);\n return;\n }\n break;\n case 'direct-streamlocal@openssh.com':\n if (listenerCount(this, 'openssh.streamlocal')\n && reserveChannel()) {\n accept = () => {\n if (replied)\n return;\n replied = true;\n\n const chanInfo = {\n type: undefined,\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n\n const stream = new Channel(this, chanInfo, { server: true });\n this._chanMgr.update(localChan, stream);\n\n proto.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n\n return stream;\n };\n\n this.emit('openssh.streamlocal', accept, reject, data);\n return;\n }\n break;\n default:\n // Automatically reject any unsupported channel open requests\n reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n if (debug) {\n debug('Automatic rejection of unsupported incoming channel open'\n + ` type: ${info.type}`);\n }\n }\n\n if (reason === undefined) {\n reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n if (debug) {\n debug('Automatic rejection of unexpected incoming channel open'\n + ` for: ${info.type}`);\n }\n }\n\n reject();\n },\n CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n const channel = this._chanMgr.get(info.recipient);\n if (typeof channel !== 'function')\n return;\n\n const chanInfo = {\n type: channel.type,\n incoming: {\n id: info.recipient,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n\n const instance = new Channel(this, chanInfo, { server: true });\n this._chanMgr.update(info.recipient, instance);\n channel(undefined, instance);\n },\n CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'function')\n return;\n\n const info = { reason, description };\n onChannelOpenFailure(this, recipient, info, channel);\n },\n CHANNEL_DATA: (p, recipient, data) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n // The remote party should not be sending us data if there is no\n // window space available ...\n // TODO: raise error on data with not enough window?\n if (channel.incoming.window === 0)\n return;\n\n channel.incoming.window -= data.length;\n\n if (channel.push(data) === false) {\n channel._waitChanDrain = true;\n return;\n }\n\n if (channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(channel);\n },\n CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n // NOOP -- should not be sent by client\n },\n CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n // The other side is allowing us to send `amount` more bytes of data\n channel.outgoing.window += amount;\n\n if (channel._waitWindow) {\n channel._waitWindow = false;\n\n if (channel._chunk) {\n channel._write(channel._chunk, null, channel._chunkcb);\n } else if (channel._chunkcb) {\n channel._chunkcb();\n } else if (channel._chunkErr) {\n channel.stderr._write(channel._chunkErr,\n null,\n channel._chunkcbErr);\n } else if (channel._chunkcbErr) {\n channel._chunkcbErr();\n }\n }\n },\n CHANNEL_SUCCESS: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(false);\n },\n CHANNEL_FAILURE: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(true);\n },\n CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n const session = this._chanMgr.get(recipient);\n if (typeof session !== 'object' || session === null)\n return;\n\n let replied = false;\n let accept;\n let reject;\n\n if (session.constructor !== Session) {\n // normal Channel instance\n if (wantReply)\n proto.channelFailure(session.outgoing.id);\n return;\n }\n\n if (wantReply) {\n // \"real session\" requests will have custom accept behaviors\n if (type !== 'shell'\n && type !== 'exec'\n && type !== 'subsystem') {\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n proto.channelSuccess(session._chanInfo.outgoing.id);\n };\n }\n\n reject = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n proto.channelFailure(session._chanInfo.outgoing.id);\n };\n }\n\n if (session._ending) {\n reject && reject();\n return;\n }\n\n switch (type) {\n // \"pre-real session start\" requests\n case 'env':\n if (listenerCount(session, 'env')) {\n session.emit('env', accept, reject, {\n key: data.name,\n val: data.value\n });\n return;\n }\n break;\n case 'pty-req':\n if (listenerCount(session, 'pty')) {\n session.emit('pty', accept, reject, data);\n return;\n }\n break;\n case 'window-change':\n if (listenerCount(session, 'window-change'))\n session.emit('window-change', accept, reject, data);\n else\n reject && reject();\n break;\n case 'x11-req':\n if (listenerCount(session, 'x11')) {\n session.emit('x11', accept, reject, data);\n return;\n }\n break;\n // \"post-real session start\" requests\n case 'signal':\n if (listenerCount(session, 'signal')) {\n session.emit('signal', accept, reject, {\n name: data\n });\n return;\n }\n break;\n // XXX: is `auth-agent-req@openssh.com` really \"post-real session\n // start\"?\n case 'auth-agent-req@openssh.com':\n if (listenerCount(session, 'auth-agent')) {\n session.emit('auth-agent', accept, reject);\n return;\n }\n break;\n // \"real session start\" requests\n case 'shell':\n if (listenerCount(session, 'shell')) {\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n if (wantReply)\n proto.channelSuccess(session._chanInfo.outgoing.id);\n\n const channel = new Channel(\n this, session._chanInfo, { server: true }\n );\n\n channel.subtype = session.subtype = type;\n session._channel = channel;\n\n return channel;\n };\n\n session.emit('shell', accept, reject);\n return;\n }\n break;\n case 'exec':\n if (listenerCount(session, 'exec')) {\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n if (wantReply)\n proto.channelSuccess(session._chanInfo.outgoing.id);\n\n const channel = new Channel(\n this, session._chanInfo, { server: true }\n );\n\n channel.subtype = session.subtype = type;\n session._channel = channel;\n\n return channel;\n };\n\n session.emit('exec', accept, reject, {\n command: data\n });\n return;\n }\n break;\n case 'subsystem': {\n let useSFTP = (data === 'sftp');\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n if (wantReply)\n proto.channelSuccess(session._chanInfo.outgoing.id);\n\n let instance;\n if (useSFTP) {\n instance = new SFTP(this, session._chanInfo, {\n server: true,\n debug,\n });\n } else {\n instance = new Channel(\n this, session._chanInfo, { server: true }\n );\n instance.subtype =\n session.subtype = `${type}:${data}`;\n }\n session._channel = instance;\n\n return instance;\n };\n\n if (data === 'sftp') {\n if (listenerCount(session, 'sftp')) {\n session.emit('sftp', accept, reject);\n return;\n }\n useSFTP = false;\n }\n if (listenerCount(session, 'subsystem')) {\n session.emit('subsystem', accept, reject, {\n name: data\n });\n return;\n }\n break;\n }\n }\n debug && debug(\n `Automatic rejection of incoming channel request: ${type}`\n );\n reject && reject();\n },\n CHANNEL_EOF: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n if (!channel._ending) {\n channel._ending = true;\n channel.emit('eof');\n channel.emit('end');\n }\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n if (channel.incoming.state !== 'open')\n return;\n channel.incoming.state = 'eof';\n\n if (channel.readable)\n channel.push(null);\n },\n CHANNEL_CLOSE: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel._ending = true;\n channel.emit('close');\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n onCHANNEL_CLOSE(this, recipient, channel);\n },\n // Begin service/auth-related ==========================================\n SERVICE_REQUEST: (p, service) => {\n if (exchanges === 0\n || acceptedAuthSvc\n || this.authenticated\n || service !== 'ssh-userauth') {\n proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n socket.end();\n return;\n }\n\n acceptedAuthSvc = true;\n proto.serviceAccept(service);\n },\n USERAUTH_REQUEST: (p, username, service, method, methodData) => {\n if (exchanges === 0\n || this.authenticated\n || (authCtx\n && (authCtx.username !== username\n || authCtx.service !== service))\n // TODO: support hostbased auth\n || (method !== 'password'\n && method !== 'publickey'\n && method !== 'hostbased'\n && method !== 'keyboard-interactive'\n && method !== 'none')\n || pendingAuths.length === MAX_PENDING_AUTHS) {\n proto.disconnect(DISCONNECT_REASON.PROTOCOL_ERROR);\n socket.end();\n return;\n } else if (service !== 'ssh-connection') {\n proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n socket.end();\n return;\n }\n\n let ctx;\n switch (method) {\n case 'keyboard-interactive':\n ctx = new KeyboardAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'publickey':\n ctx = new PKAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'hostbased':\n ctx = new HostbasedAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'password':\n if (authCtx\n && authCtx instanceof PwdAuthContext\n && authCtx._changeCb) {\n const cb = authCtx._changeCb;\n authCtx._changeCb = undefined;\n cb(methodData.newPassword);\n return;\n }\n ctx = new PwdAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'none':\n ctx = new AuthContext(proto, username, service, method,\n onAuthDecide);\n break;\n }\n\n if (authCtx) {\n if (!authCtx._initialResponse) {\n return pendingAuths.push(ctx);\n } else if (authCtx._multistep && !authCtx._finalResponse) {\n // RFC 4252 says to silently abort the current auth request if a\n // new auth request comes in before the final response from an\n // auth method that requires additional request/response exchanges\n // -- this means keyboard-interactive for now ...\n authCtx._cleanup && authCtx._cleanup();\n authCtx.emit('abort');\n }\n }\n\n authCtx = ctx;\n\n if (listenerCount(this, 'authentication'))\n this.emit('authentication', authCtx);\n else\n authCtx.reject();\n },\n USERAUTH_INFO_RESPONSE: (p, responses) => {\n if (authCtx && authCtx instanceof KeyboardAuthContext)\n authCtx._onInfoResponse(responses);\n },\n // End service/auth-related ============================================\n GLOBAL_REQUEST: (p, name, wantReply, data) => {\n const reply = {\n type: null,\n buf: null\n };\n\n function setReply(type, buf) {\n reply.type = type;\n reply.buf = buf;\n sendReplies();\n }\n\n if (wantReply)\n unsentGlobalRequestsReplies.push(reply);\n\n if ((name === 'tcpip-forward'\n || name === 'cancel-tcpip-forward'\n || name === 'no-more-sessions@openssh.com'\n || name === 'streamlocal-forward@openssh.com'\n || name === 'cancel-streamlocal-forward@openssh.com')\n && listenerCount(this, 'request')\n && this.authenticated) {\n let accept;\n let reject;\n\n if (wantReply) {\n let replied = false;\n accept = (chosenPort) => {\n if (replied)\n return;\n replied = true;\n let bufPort;\n if (name === 'tcpip-forward'\n && data.bindPort === 0\n && typeof chosenPort === 'number') {\n bufPort = Buffer.allocUnsafe(4);\n writeUInt32BE(bufPort, chosenPort, 0);\n }\n setReply('SUCCESS', bufPort);\n };\n reject = () => {\n if (replied)\n return;\n replied = true;\n setReply('FAILURE');\n };\n }\n\n if (name === 'no-more-sessions@openssh.com') {\n this.noMoreSessions = true;\n accept && accept();\n return;\n }\n\n this.emit('request', accept, reject, name, data);\n } else if (wantReply) {\n setReply('FAILURE');\n }\n },\n },\n });\n\n socket.pause();\n cryptoInit.then(() => {\n proto.start();\n socket.on('data', (data) => {\n try {\n proto.parse(data, 0, data.length);\n } catch (ex) {\n this.emit('error', ex);\n try {\n if (isWritable(socket))\n socket.end();\n } catch {}\n }\n });\n socket.resume();\n }).catch((err) => {\n this.emit('error', err);\n try {\n if (isWritable(socket))\n socket.end();\n } catch {}\n });\n socket.on('error', (err) => {\n err.level = 'socket';\n this.emit('error', err);\n }).once('end', () => {\n debug && debug('Socket ended');\n proto.cleanup();\n this.emit('end');\n }).once('close', () => {\n debug && debug('Socket closed');\n proto.cleanup();\n this.emit('close');\n\n const err = new Error('No response from server');\n\n // Simulate error for pending channels and close any open channels\n this._chanMgr.cleanup(err);\n });\n\n const onAuthDecide = (ctx, allowed, methodsLeft, isPartial) => {\n if (authCtx === ctx && !this.authenticated) {\n if (allowed) {\n authCtx = undefined;\n this.authenticated = true;\n proto.authSuccess();\n pendingAuths = [];\n this.emit('ready');\n } else {\n proto.authFailure(methodsLeft, isPartial);\n if (pendingAuths.length) {\n authCtx = pendingAuths.pop();\n if (listenerCount(this, 'authentication'))\n this.emit('authentication', authCtx);\n else\n authCtx.reject();\n }\n }\n }\n };\n\n function sendReplies() {\n while (unsentGlobalRequestsReplies.length > 0\n && unsentGlobalRequestsReplies[0].type) {\n const reply = unsentGlobalRequestsReplies.shift();\n if (reply.type === 'SUCCESS')\n proto.requestSuccess(reply.buf);\n if (reply.type === 'FAILURE')\n proto.requestFailure();\n }\n }\n }\n\n end() {\n if (this._sock && isWritable(this._sock)) {\n this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n this._sock.end();\n }\n return this;\n }\n\n x11(originAddr, originPort, cb) {\n const opts = { originAddr, originPort };\n openChannel(this, 'x11', opts, cb);\n return this;\n }\n\n forwardOut(boundAddr, boundPort, remoteAddr, remotePort, cb) {\n const opts = { boundAddr, boundPort, remoteAddr, remotePort };\n openChannel(this, 'forwarded-tcpip', opts, cb);\n return this;\n }\n\n openssh_forwardOutStreamLocal(socketPath, cb) {\n const opts = { socketPath };\n openChannel(this, 'forwarded-streamlocal@openssh.com', opts, cb);\n return this;\n }\n\n rekey(cb) {\n let error;\n\n try {\n this._protocol.rekey();\n } catch (ex) {\n error = ex;\n }\n\n // TODO: re-throw error if no callback?\n\n if (typeof cb === 'function') {\n if (error)\n process.nextTick(cb, error);\n else\n this.once('rekey', cb);\n }\n }\n}\n\n\nfunction openChannel(self, type, opts, cb) {\n // Ask the client to open a channel for some purpose (e.g. a forwarded TCP\n // connection)\n const initWindow = MAX_WINDOW;\n const maxPacket = PACKET_SIZE;\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n\n const wrapper = (err, stream) => {\n cb(err, stream);\n };\n wrapper.type = type;\n\n const localChan = self._chanMgr.add(wrapper);\n\n if (localChan === -1) {\n cb(new Error('No free channels available'));\n return;\n }\n\n switch (type) {\n case 'forwarded-tcpip':\n self._protocol.forwardedTcpip(localChan, initWindow, maxPacket, opts);\n break;\n case 'x11':\n self._protocol.x11(localChan, initWindow, maxPacket, opts);\n break;\n case 'forwarded-streamlocal@openssh.com':\n self._protocol.openssh_forwardedStreamLocal(\n localChan, initWindow, maxPacket, opts\n );\n break;\n default:\n throw new Error(`Unsupported channel type: ${type}`);\n }\n}\n\nfunction compareNumbers(a, b) {\n return a - b;\n}\n\nmodule.exports = Server;\nmodule.exports.IncomingClient = Client;\n","'use strict';\n\nconst { SFTP } = require('./protocol/SFTP.js');\n\nconst MAX_CHANNEL = 2 ** 32 - 1;\n\nfunction onChannelOpenFailure(self, recipient, info, cb) {\n self._chanMgr.remove(recipient);\n if (typeof cb !== 'function')\n return;\n\n let err;\n if (info instanceof Error) {\n err = info;\n } else if (typeof info === 'object' && info !== null) {\n err = new Error(`(SSH) Channel open failure: ${info.description}`);\n err.reason = info.reason;\n } else {\n err = new Error(\n '(SSH) Channel open failure: server closed channel unexpectedly'\n );\n err.reason = '';\n }\n\n cb(err);\n}\n\nfunction onCHANNEL_CLOSE(self, recipient, channel, err, dead) {\n if (typeof channel === 'function') {\n // We got CHANNEL_CLOSE instead of CHANNEL_OPEN_FAILURE when\n // requesting to open a channel\n onChannelOpenFailure(self, recipient, err, channel);\n return;\n }\n\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.incoming && channel.incoming.state === 'closed')\n return;\n\n self._chanMgr.remove(recipient);\n\n if (channel.server && channel.constructor.name === 'Session')\n return;\n\n channel.incoming.state = 'closed';\n\n if (channel.readable)\n channel.push(null);\n if (channel.server) {\n if (channel.stderr.writable)\n channel.stderr.end();\n } else if (channel.stderr.readable) {\n channel.stderr.push(null);\n }\n\n if (channel.constructor !== SFTP\n && (channel.outgoing.state === 'open'\n || channel.outgoing.state === 'eof')\n && !dead) {\n channel.close();\n }\n if (channel.outgoing.state === 'closing')\n channel.outgoing.state = 'closed';\n\n const readState = channel._readableState;\n const writeState = channel._writableState;\n if (writeState && !writeState.ending && !writeState.finished && !dead)\n channel.end();\n\n // Take care of any outstanding channel requests\n const chanCallbacks = channel._callbacks;\n channel._callbacks = [];\n for (let i = 0; i < chanCallbacks.length; ++i)\n chanCallbacks[i](true);\n\n if (channel.server) {\n if (!channel.readable\n || channel.destroyed\n || (readState && readState.endEmitted)) {\n channel.emit('close');\n } else {\n channel.once('end', () => channel.emit('close'));\n }\n } else {\n let doClose;\n switch (channel.type) {\n case 'direct-streamlocal@openssh.com':\n case 'direct-tcpip':\n doClose = () => channel.emit('close');\n break;\n default: {\n // Align more with node child processes, where the close event gets\n // the same arguments as the exit event\n const exit = channel._exit;\n doClose = () => {\n if (exit.code === null)\n channel.emit('close', exit.code, exit.signal, exit.dump, exit.desc);\n else\n channel.emit('close', exit.code);\n };\n }\n }\n if (!channel.readable\n || channel.destroyed\n || (readState && readState.endEmitted)) {\n doClose();\n } else {\n channel.once('end', doClose);\n }\n\n const errReadState = channel.stderr._readableState;\n if (!channel.stderr.readable\n || channel.stderr.destroyed\n || (errReadState && errReadState.endEmitted)) {\n channel.stderr.emit('close');\n } else {\n channel.stderr.once('end', () => channel.stderr.emit('close'));\n }\n }\n}\n\nclass ChannelManager {\n constructor(client) {\n this._client = client;\n this._channels = {};\n this._cur = -1;\n this._count = 0;\n }\n add(val) {\n // Attempt to reserve an id\n\n let id;\n // Optimized paths\n if (this._cur < MAX_CHANNEL) {\n id = ++this._cur;\n } else if (this._count === 0) {\n // Revert and reset back to fast path once we no longer have any channels\n // open\n this._cur = 0;\n id = 0;\n } else {\n // Slower lookup path\n\n // This path is triggered we have opened at least MAX_CHANNEL channels\n // while having at least one channel open at any given time, so we have\n // to search for a free id.\n const channels = this._channels;\n for (let i = 0; i < MAX_CHANNEL; ++i) {\n if (channels[i] === undefined) {\n id = i;\n break;\n }\n }\n }\n\n if (id === undefined)\n return -1;\n\n this._channels[id] = (val || true);\n ++this._count;\n\n return id;\n }\n update(id, val) {\n if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n throw new Error(`Invalid channel id: ${id}`);\n\n if (val && this._channels[id])\n this._channels[id] = val;\n }\n get(id) {\n if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n throw new Error(`Invalid channel id: ${id}`);\n\n return this._channels[id];\n }\n remove(id) {\n if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n throw new Error(`Invalid channel id: ${id}`);\n\n if (this._channels[id]) {\n delete this._channels[id];\n if (this._count)\n --this._count;\n }\n }\n cleanup(err) {\n const channels = this._channels;\n this._channels = {};\n this._cur = -1;\n this._count = 0;\n\n const chanIDs = Object.keys(channels);\n const client = this._client;\n for (let i = 0; i < chanIDs.length; ++i) {\n const id = +chanIDs[i];\n const channel = channels[id];\n onCHANNEL_CLOSE(client, id, channel._channel || channel, err, true);\n }\n }\n}\n\nconst isRegExp = (() => {\n const toString = Object.prototype.toString;\n return (val) => toString.call(val) === '[object RegExp]';\n})();\n\nfunction generateAlgorithmList(algoList, defaultList, supportedList) {\n if (Array.isArray(algoList) && algoList.length > 0) {\n // Exact list\n for (let i = 0; i < algoList.length; ++i) {\n if (supportedList.indexOf(algoList[i]) === -1)\n throw new Error(`Unsupported algorithm: ${algoList[i]}`);\n }\n return algoList;\n }\n\n if (typeof algoList === 'object' && algoList !== null) {\n // Operations based on the default list\n const keys = Object.keys(algoList);\n let list = defaultList;\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i];\n let val = algoList[key];\n switch (key) {\n case 'append':\n if (!Array.isArray(val))\n val = [val];\n if (Array.isArray(val)) {\n for (let j = 0; j < val.length; ++j) {\n const append = val[j];\n if (typeof append === 'string') {\n if (!append || list.indexOf(append) !== -1)\n continue;\n if (supportedList.indexOf(append) === -1)\n throw new Error(`Unsupported algorithm: ${append}`);\n if (list === defaultList)\n list = list.slice();\n list.push(append);\n } else if (isRegExp(append)) {\n for (let k = 0; k < supportedList.length; ++k) {\n const algo = supportedList[k];\n if (append.test(algo)) {\n if (list.indexOf(algo) !== -1)\n continue;\n if (list === defaultList)\n list = list.slice();\n list.push(algo);\n }\n }\n }\n }\n }\n break;\n case 'prepend':\n if (!Array.isArray(val))\n val = [val];\n if (Array.isArray(val)) {\n for (let j = val.length; j >= 0; --j) {\n const prepend = val[j];\n if (typeof prepend === 'string') {\n if (!prepend || list.indexOf(prepend) !== -1)\n continue;\n if (supportedList.indexOf(prepend) === -1)\n throw new Error(`Unsupported algorithm: ${prepend}`);\n if (list === defaultList)\n list = list.slice();\n list.unshift(prepend);\n } else if (isRegExp(prepend)) {\n for (let k = supportedList.length; k >= 0; --k) {\n const algo = supportedList[k];\n if (prepend.test(algo)) {\n if (list.indexOf(algo) !== -1)\n continue;\n if (list === defaultList)\n list = list.slice();\n list.unshift(algo);\n }\n }\n }\n }\n }\n break;\n case 'remove':\n if (!Array.isArray(val))\n val = [val];\n if (Array.isArray(val)) {\n for (let j = 0; j < val.length; ++j) {\n const search = val[j];\n if (typeof search === 'string') {\n if (!search)\n continue;\n const idx = list.indexOf(search);\n if (idx === -1)\n continue;\n if (list === defaultList)\n list = list.slice();\n list.splice(idx, 1);\n } else if (isRegExp(search)) {\n for (let k = 0; k < list.length; ++k) {\n if (search.test(list[k])) {\n if (list === defaultList)\n list = list.slice();\n list.splice(k, 1);\n --k;\n }\n }\n }\n }\n }\n break;\n }\n }\n\n return list;\n }\n\n return defaultList;\n}\n\nmodule.exports = {\n ChannelManager,\n generateAlgorithmList,\n onChannelOpenFailure,\n onCHANNEL_CLOSE,\n isWritable: (stream) => {\n // XXX: hack to workaround regression in node\n // See: https://github.com/nodejs/node/issues/36029\n return (stream\n && stream.writable\n && stream._readableState\n && stream._readableState.ended === false);\n },\n};\n","module.exports = require('./lib/tunnel');\n","'use strict';\n\nvar net = require('net');\nvar tls = require('tls');\nvar http = require('http');\nvar https = require('https');\nvar events = require('events');\nvar assert = require('assert');\nvar util = require('util');\n\n\nexports.httpOverHttp = httpOverHttp;\nexports.httpsOverHttp = httpsOverHttp;\nexports.httpOverHttps = httpOverHttps;\nexports.httpsOverHttps = httpsOverHttps;\n\n\nfunction httpOverHttp(options) {\n var agent = new TunnelingAgent(options);\n agent.request = http.request;\n return agent;\n}\n\nfunction httpsOverHttp(options) {\n var agent = new TunnelingAgent(options);\n agent.request = http.request;\n agent.createSocket = createSecureSocket;\n agent.defaultPort = 443;\n return agent;\n}\n\nfunction httpOverHttps(options) {\n var agent = new TunnelingAgent(options);\n agent.request = https.request;\n return agent;\n}\n\nfunction httpsOverHttps(options) {\n var agent = new TunnelingAgent(options);\n agent.request = https.request;\n agent.createSocket = createSecureSocket;\n agent.defaultPort = 443;\n return agent;\n}\n\n\nfunction TunnelingAgent(options) {\n var self = this;\n self.options = options || {};\n self.proxyOptions = self.options.proxy || {};\n self.maxSockets = self.options.maxSockets || http.Agent.defaultMaxSockets;\n self.requests = [];\n self.sockets = [];\n\n self.on('free', function onFree(socket, host, port, localAddress) {\n var options = toOptions(host, port, localAddress);\n for (var i = 0, len = self.requests.length; i < len; ++i) {\n var pending = self.requests[i];\n if (pending.host === options.host && pending.port === options.port) {\n // Detect the request to connect same origin server,\n // reuse the connection.\n self.requests.splice(i, 1);\n pending.request.onSocket(socket);\n return;\n }\n }\n socket.destroy();\n self.removeSocket(socket);\n });\n}\nutil.inherits(TunnelingAgent, events.EventEmitter);\n\nTunnelingAgent.prototype.addRequest = function addRequest(req, host, port, localAddress) {\n var self = this;\n var options = mergeOptions({request: req}, self.options, toOptions(host, port, localAddress));\n\n if (self.sockets.length >= this.maxSockets) {\n // We are over limit so we'll add it to the queue.\n self.requests.push(options);\n return;\n }\n\n // If we are under maxSockets create a new one.\n self.createSocket(options, function(socket) {\n socket.on('free', onFree);\n socket.on('close', onCloseOrRemove);\n socket.on('agentRemove', onCloseOrRemove);\n req.onSocket(socket);\n\n function onFree() {\n self.emit('free', socket, options);\n }\n\n function onCloseOrRemove(err) {\n self.removeSocket(socket);\n socket.removeListener('free', onFree);\n socket.removeListener('close', onCloseOrRemove);\n socket.removeListener('agentRemove', onCloseOrRemove);\n }\n });\n};\n\nTunnelingAgent.prototype.createSocket = function createSocket(options, cb) {\n var self = this;\n var placeholder = {};\n self.sockets.push(placeholder);\n\n var connectOptions = mergeOptions({}, self.proxyOptions, {\n method: 'CONNECT',\n path: options.host + ':' + options.port,\n agent: false,\n headers: {\n host: options.host + ':' + options.port\n }\n });\n if (options.localAddress) {\n connectOptions.localAddress = options.localAddress;\n }\n if (connectOptions.proxyAuth) {\n connectOptions.headers = connectOptions.headers || {};\n connectOptions.headers['Proxy-Authorization'] = 'Basic ' +\n new Buffer(connectOptions.proxyAuth).toString('base64');\n }\n\n debug('making CONNECT request');\n var connectReq = self.request(connectOptions);\n connectReq.useChunkedEncodingByDefault = false; // for v0.6\n connectReq.once('response', onResponse); // for v0.6\n connectReq.once('upgrade', onUpgrade); // for v0.6\n connectReq.once('connect', onConnect); // for v0.7 or later\n connectReq.once('error', onError);\n connectReq.end();\n\n function onResponse(res) {\n // Very hacky. This is necessary to avoid http-parser leaks.\n res.upgrade = true;\n }\n\n function onUpgrade(res, socket, head) {\n // Hacky.\n process.nextTick(function() {\n onConnect(res, socket, head);\n });\n }\n\n function onConnect(res, socket, head) {\n connectReq.removeAllListeners();\n socket.removeAllListeners();\n\n if (res.statusCode !== 200) {\n debug('tunneling socket could not be established, statusCode=%d',\n res.statusCode);\n socket.destroy();\n var error = new Error('tunneling socket could not be established, ' +\n 'statusCode=' + res.statusCode);\n error.code = 'ECONNRESET';\n options.request.emit('error', error);\n self.removeSocket(placeholder);\n return;\n }\n if (head.length > 0) {\n debug('got illegal response body from proxy');\n socket.destroy();\n var error = new Error('got illegal response body from proxy');\n error.code = 'ECONNRESET';\n options.request.emit('error', error);\n self.removeSocket(placeholder);\n return;\n }\n debug('tunneling connection has established');\n self.sockets[self.sockets.indexOf(placeholder)] = socket;\n return cb(socket);\n }\n\n function onError(cause) {\n connectReq.removeAllListeners();\n\n debug('tunneling socket could not be established, cause=%s\\n',\n cause.message, cause.stack);\n var error = new Error('tunneling socket could not be established, ' +\n 'cause=' + cause.message);\n error.code = 'ECONNRESET';\n options.request.emit('error', error);\n self.removeSocket(placeholder);\n }\n};\n\nTunnelingAgent.prototype.removeSocket = function removeSocket(socket) {\n var pos = this.sockets.indexOf(socket)\n if (pos === -1) {\n return;\n }\n this.sockets.splice(pos, 1);\n\n var pending = this.requests.shift();\n if (pending) {\n // If we have pending requests and a socket gets closed a new one\n // needs to be created to take over in the pool for the one that closed.\n this.createSocket(pending, function(socket) {\n pending.request.onSocket(socket);\n });\n }\n};\n\nfunction createSecureSocket(options, cb) {\n var self = this;\n TunnelingAgent.prototype.createSocket.call(self, options, function(socket) {\n var hostHeader = options.request.getHeader('host');\n var tlsOptions = mergeOptions({}, self.options, {\n socket: socket,\n servername: hostHeader ? hostHeader.replace(/:.*$/, '') : options.host\n });\n\n // 0 is dummy port for v0.6\n var secureSocket = tls.connect(0, tlsOptions);\n self.sockets[self.sockets.indexOf(socket)] = secureSocket;\n cb(secureSocket);\n });\n}\n\n\nfunction toOptions(host, port, localAddress) {\n if (typeof host === 'string') { // since v0.10\n return {\n host: host,\n port: port,\n localAddress: localAddress\n };\n }\n return host; // for v0.11 or later\n}\n\nfunction mergeOptions(target) {\n for (var i = 1, len = arguments.length; i < len; ++i) {\n var overrides = arguments[i];\n if (typeof overrides === 'object') {\n var keys = Object.keys(overrides);\n for (var j = 0, keyLen = keys.length; j < keyLen; ++j) {\n var k = keys[j];\n if (overrides[k] !== undefined) {\n target[k] = overrides[k];\n }\n }\n }\n }\n return target;\n}\n\n\nvar debug;\nif (process.env.NODE_DEBUG && /\\btunnel\\b/.test(process.env.NODE_DEBUG)) {\n debug = function() {\n var args = Array.prototype.slice.call(arguments);\n if (typeof args[0] === 'string') {\n args[0] = 'TUNNEL: ' + args[0];\n } else {\n args.unshift('TUNNEL:');\n }\n console.error.apply(console, args);\n }\n} else {\n debug = function() {};\n}\nexports.debug = debug; // for test\n","(function(nacl) {\n'use strict';\n\n// Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.\n// Public domain.\n//\n// Implementation derived from TweetNaCl version 20140427.\n// See for details: http://tweetnacl.cr.yp.to/\n\nvar gf = function(init) {\n var i, r = new Float64Array(16);\n if (init) for (i = 0; i < init.length; i++) r[i] = init[i];\n return r;\n};\n\n// Pluggable, initialized in high-level API below.\nvar randombytes = function(/* x, n */) { throw new Error('no PRNG'); };\n\nvar _0 = new Uint8Array(16);\nvar _9 = new Uint8Array(32); _9[0] = 9;\n\nvar gf0 = gf(),\n gf1 = gf([1]),\n _121665 = gf([0xdb41, 1]),\n D = gf([0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203]),\n D2 = gf([0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406]),\n X = gf([0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169]),\n Y = gf([0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666]),\n I = gf([0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83]);\n\nfunction ts64(x, i, h, l) {\n x[i] = (h >> 24) & 0xff;\n x[i+1] = (h >> 16) & 0xff;\n x[i+2] = (h >> 8) & 0xff;\n x[i+3] = h & 0xff;\n x[i+4] = (l >> 24) & 0xff;\n x[i+5] = (l >> 16) & 0xff;\n x[i+6] = (l >> 8) & 0xff;\n x[i+7] = l & 0xff;\n}\n\nfunction vn(x, xi, y, yi, n) {\n var i,d = 0;\n for (i = 0; i < n; i++) d |= x[xi+i]^y[yi+i];\n return (1 & ((d - 1) >>> 8)) - 1;\n}\n\nfunction crypto_verify_16(x, xi, y, yi) {\n return vn(x,xi,y,yi,16);\n}\n\nfunction crypto_verify_32(x, xi, y, yi) {\n return vn(x,xi,y,yi,32);\n}\n\nfunction core_salsa20(o, p, k, c) {\n var j0 = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n j1 = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n j2 = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n j3 = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n j4 = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n j5 = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n j6 = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n j7 = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n j8 = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n j9 = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n x15 = j15, u;\n\n for (var i = 0; i < 20; i += 2) {\n u = x0 + x12 | 0;\n x4 ^= u<<7 | u>>>(32-7);\n u = x4 + x0 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x4 | 0;\n x12 ^= u<<13 | u>>>(32-13);\n u = x12 + x8 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x1 | 0;\n x9 ^= u<<7 | u>>>(32-7);\n u = x9 + x5 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x9 | 0;\n x1 ^= u<<13 | u>>>(32-13);\n u = x1 + x13 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x6 | 0;\n x14 ^= u<<7 | u>>>(32-7);\n u = x14 + x10 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x14 | 0;\n x6 ^= u<<13 | u>>>(32-13);\n u = x6 + x2 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x11 | 0;\n x3 ^= u<<7 | u>>>(32-7);\n u = x3 + x15 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x3 | 0;\n x11 ^= u<<13 | u>>>(32-13);\n u = x11 + x7 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n\n u = x0 + x3 | 0;\n x1 ^= u<<7 | u>>>(32-7);\n u = x1 + x0 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x1 | 0;\n x3 ^= u<<13 | u>>>(32-13);\n u = x3 + x2 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x4 | 0;\n x6 ^= u<<7 | u>>>(32-7);\n u = x6 + x5 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x6 | 0;\n x4 ^= u<<13 | u>>>(32-13);\n u = x4 + x7 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x9 | 0;\n x11 ^= u<<7 | u>>>(32-7);\n u = x11 + x10 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x11 | 0;\n x9 ^= u<<13 | u>>>(32-13);\n u = x9 + x8 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x14 | 0;\n x12 ^= u<<7 | u>>>(32-7);\n u = x12 + x15 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x12 | 0;\n x14 ^= u<<13 | u>>>(32-13);\n u = x14 + x13 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n }\n x0 = x0 + j0 | 0;\n x1 = x1 + j1 | 0;\n x2 = x2 + j2 | 0;\n x3 = x3 + j3 | 0;\n x4 = x4 + j4 | 0;\n x5 = x5 + j5 | 0;\n x6 = x6 + j6 | 0;\n x7 = x7 + j7 | 0;\n x8 = x8 + j8 | 0;\n x9 = x9 + j9 | 0;\n x10 = x10 + j10 | 0;\n x11 = x11 + j11 | 0;\n x12 = x12 + j12 | 0;\n x13 = x13 + j13 | 0;\n x14 = x14 + j14 | 0;\n x15 = x15 + j15 | 0;\n\n o[ 0] = x0 >>> 0 & 0xff;\n o[ 1] = x0 >>> 8 & 0xff;\n o[ 2] = x0 >>> 16 & 0xff;\n o[ 3] = x0 >>> 24 & 0xff;\n\n o[ 4] = x1 >>> 0 & 0xff;\n o[ 5] = x1 >>> 8 & 0xff;\n o[ 6] = x1 >>> 16 & 0xff;\n o[ 7] = x1 >>> 24 & 0xff;\n\n o[ 8] = x2 >>> 0 & 0xff;\n o[ 9] = x2 >>> 8 & 0xff;\n o[10] = x2 >>> 16 & 0xff;\n o[11] = x2 >>> 24 & 0xff;\n\n o[12] = x3 >>> 0 & 0xff;\n o[13] = x3 >>> 8 & 0xff;\n o[14] = x3 >>> 16 & 0xff;\n o[15] = x3 >>> 24 & 0xff;\n\n o[16] = x4 >>> 0 & 0xff;\n o[17] = x4 >>> 8 & 0xff;\n o[18] = x4 >>> 16 & 0xff;\n o[19] = x4 >>> 24 & 0xff;\n\n o[20] = x5 >>> 0 & 0xff;\n o[21] = x5 >>> 8 & 0xff;\n o[22] = x5 >>> 16 & 0xff;\n o[23] = x5 >>> 24 & 0xff;\n\n o[24] = x6 >>> 0 & 0xff;\n o[25] = x6 >>> 8 & 0xff;\n o[26] = x6 >>> 16 & 0xff;\n o[27] = x6 >>> 24 & 0xff;\n\n o[28] = x7 >>> 0 & 0xff;\n o[29] = x7 >>> 8 & 0xff;\n o[30] = x7 >>> 16 & 0xff;\n o[31] = x7 >>> 24 & 0xff;\n\n o[32] = x8 >>> 0 & 0xff;\n o[33] = x8 >>> 8 & 0xff;\n o[34] = x8 >>> 16 & 0xff;\n o[35] = x8 >>> 24 & 0xff;\n\n o[36] = x9 >>> 0 & 0xff;\n o[37] = x9 >>> 8 & 0xff;\n o[38] = x9 >>> 16 & 0xff;\n o[39] = x9 >>> 24 & 0xff;\n\n o[40] = x10 >>> 0 & 0xff;\n o[41] = x10 >>> 8 & 0xff;\n o[42] = x10 >>> 16 & 0xff;\n o[43] = x10 >>> 24 & 0xff;\n\n o[44] = x11 >>> 0 & 0xff;\n o[45] = x11 >>> 8 & 0xff;\n o[46] = x11 >>> 16 & 0xff;\n o[47] = x11 >>> 24 & 0xff;\n\n o[48] = x12 >>> 0 & 0xff;\n o[49] = x12 >>> 8 & 0xff;\n o[50] = x12 >>> 16 & 0xff;\n o[51] = x12 >>> 24 & 0xff;\n\n o[52] = x13 >>> 0 & 0xff;\n o[53] = x13 >>> 8 & 0xff;\n o[54] = x13 >>> 16 & 0xff;\n o[55] = x13 >>> 24 & 0xff;\n\n o[56] = x14 >>> 0 & 0xff;\n o[57] = x14 >>> 8 & 0xff;\n o[58] = x14 >>> 16 & 0xff;\n o[59] = x14 >>> 24 & 0xff;\n\n o[60] = x15 >>> 0 & 0xff;\n o[61] = x15 >>> 8 & 0xff;\n o[62] = x15 >>> 16 & 0xff;\n o[63] = x15 >>> 24 & 0xff;\n}\n\nfunction core_hsalsa20(o,p,k,c) {\n var j0 = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n j1 = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n j2 = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n j3 = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n j4 = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n j5 = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n j6 = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n j7 = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n j8 = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n j9 = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n x15 = j15, u;\n\n for (var i = 0; i < 20; i += 2) {\n u = x0 + x12 | 0;\n x4 ^= u<<7 | u>>>(32-7);\n u = x4 + x0 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x4 | 0;\n x12 ^= u<<13 | u>>>(32-13);\n u = x12 + x8 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x1 | 0;\n x9 ^= u<<7 | u>>>(32-7);\n u = x9 + x5 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x9 | 0;\n x1 ^= u<<13 | u>>>(32-13);\n u = x1 + x13 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x6 | 0;\n x14 ^= u<<7 | u>>>(32-7);\n u = x14 + x10 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x14 | 0;\n x6 ^= u<<13 | u>>>(32-13);\n u = x6 + x2 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x11 | 0;\n x3 ^= u<<7 | u>>>(32-7);\n u = x3 + x15 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x3 | 0;\n x11 ^= u<<13 | u>>>(32-13);\n u = x11 + x7 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n\n u = x0 + x3 | 0;\n x1 ^= u<<7 | u>>>(32-7);\n u = x1 + x0 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x1 | 0;\n x3 ^= u<<13 | u>>>(32-13);\n u = x3 + x2 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x4 | 0;\n x6 ^= u<<7 | u>>>(32-7);\n u = x6 + x5 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x6 | 0;\n x4 ^= u<<13 | u>>>(32-13);\n u = x4 + x7 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x9 | 0;\n x11 ^= u<<7 | u>>>(32-7);\n u = x11 + x10 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x11 | 0;\n x9 ^= u<<13 | u>>>(32-13);\n u = x9 + x8 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x14 | 0;\n x12 ^= u<<7 | u>>>(32-7);\n u = x12 + x15 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x12 | 0;\n x14 ^= u<<13 | u>>>(32-13);\n u = x14 + x13 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n }\n\n o[ 0] = x0 >>> 0 & 0xff;\n o[ 1] = x0 >>> 8 & 0xff;\n o[ 2] = x0 >>> 16 & 0xff;\n o[ 3] = x0 >>> 24 & 0xff;\n\n o[ 4] = x5 >>> 0 & 0xff;\n o[ 5] = x5 >>> 8 & 0xff;\n o[ 6] = x5 >>> 16 & 0xff;\n o[ 7] = x5 >>> 24 & 0xff;\n\n o[ 8] = x10 >>> 0 & 0xff;\n o[ 9] = x10 >>> 8 & 0xff;\n o[10] = x10 >>> 16 & 0xff;\n o[11] = x10 >>> 24 & 0xff;\n\n o[12] = x15 >>> 0 & 0xff;\n o[13] = x15 >>> 8 & 0xff;\n o[14] = x15 >>> 16 & 0xff;\n o[15] = x15 >>> 24 & 0xff;\n\n o[16] = x6 >>> 0 & 0xff;\n o[17] = x6 >>> 8 & 0xff;\n o[18] = x6 >>> 16 & 0xff;\n o[19] = x6 >>> 24 & 0xff;\n\n o[20] = x7 >>> 0 & 0xff;\n o[21] = x7 >>> 8 & 0xff;\n o[22] = x7 >>> 16 & 0xff;\n o[23] = x7 >>> 24 & 0xff;\n\n o[24] = x8 >>> 0 & 0xff;\n o[25] = x8 >>> 8 & 0xff;\n o[26] = x8 >>> 16 & 0xff;\n o[27] = x8 >>> 24 & 0xff;\n\n o[28] = x9 >>> 0 & 0xff;\n o[29] = x9 >>> 8 & 0xff;\n o[30] = x9 >>> 16 & 0xff;\n o[31] = x9 >>> 24 & 0xff;\n}\n\nfunction crypto_core_salsa20(out,inp,k,c) {\n core_salsa20(out,inp,k,c);\n}\n\nfunction crypto_core_hsalsa20(out,inp,k,c) {\n core_hsalsa20(out,inp,k,c);\n}\n\nvar sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]);\n // \"expand 32-byte k\"\n\nfunction crypto_stream_salsa20_xor(c,cpos,m,mpos,b,n,k) {\n var z = new Uint8Array(16), x = new Uint8Array(64);\n var u, i;\n for (i = 0; i < 16; i++) z[i] = 0;\n for (i = 0; i < 8; i++) z[i] = n[i];\n while (b >= 64) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < 64; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n u = 1;\n for (i = 8; i < 16; i++) {\n u = u + (z[i] & 0xff) | 0;\n z[i] = u & 0xff;\n u >>>= 8;\n }\n b -= 64;\n cpos += 64;\n mpos += 64;\n }\n if (b > 0) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < b; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n }\n return 0;\n}\n\nfunction crypto_stream_salsa20(c,cpos,b,n,k) {\n var z = new Uint8Array(16), x = new Uint8Array(64);\n var u, i;\n for (i = 0; i < 16; i++) z[i] = 0;\n for (i = 0; i < 8; i++) z[i] = n[i];\n while (b >= 64) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < 64; i++) c[cpos+i] = x[i];\n u = 1;\n for (i = 8; i < 16; i++) {\n u = u + (z[i] & 0xff) | 0;\n z[i] = u & 0xff;\n u >>>= 8;\n }\n b -= 64;\n cpos += 64;\n }\n if (b > 0) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < b; i++) c[cpos+i] = x[i];\n }\n return 0;\n}\n\nfunction crypto_stream(c,cpos,d,n,k) {\n var s = new Uint8Array(32);\n crypto_core_hsalsa20(s,n,k,sigma);\n var sn = new Uint8Array(8);\n for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n return crypto_stream_salsa20(c,cpos,d,sn,s);\n}\n\nfunction crypto_stream_xor(c,cpos,m,mpos,d,n,k) {\n var s = new Uint8Array(32);\n crypto_core_hsalsa20(s,n,k,sigma);\n var sn = new Uint8Array(8);\n for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n return crypto_stream_salsa20_xor(c,cpos,m,mpos,d,sn,s);\n}\n\n/*\n* Port of Andrew Moon's Poly1305-donna-16. Public domain.\n* https://github.com/floodyberry/poly1305-donna\n*/\n\nvar poly1305 = function(key) {\n this.buffer = new Uint8Array(16);\n this.r = new Uint16Array(10);\n this.h = new Uint16Array(10);\n this.pad = new Uint16Array(8);\n this.leftover = 0;\n this.fin = 0;\n\n var t0, t1, t2, t3, t4, t5, t6, t7;\n\n t0 = key[ 0] & 0xff | (key[ 1] & 0xff) << 8; this.r[0] = ( t0 ) & 0x1fff;\n t1 = key[ 2] & 0xff | (key[ 3] & 0xff) << 8; this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff;\n t2 = key[ 4] & 0xff | (key[ 5] & 0xff) << 8; this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03;\n t3 = key[ 6] & 0xff | (key[ 7] & 0xff) << 8; this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff;\n t4 = key[ 8] & 0xff | (key[ 9] & 0xff) << 8; this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff;\n this.r[5] = ((t4 >>> 1)) & 0x1ffe;\n t5 = key[10] & 0xff | (key[11] & 0xff) << 8; this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff;\n t6 = key[12] & 0xff | (key[13] & 0xff) << 8; this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81;\n t7 = key[14] & 0xff | (key[15] & 0xff) << 8; this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff;\n this.r[9] = ((t7 >>> 5)) & 0x007f;\n\n this.pad[0] = key[16] & 0xff | (key[17] & 0xff) << 8;\n this.pad[1] = key[18] & 0xff | (key[19] & 0xff) << 8;\n this.pad[2] = key[20] & 0xff | (key[21] & 0xff) << 8;\n this.pad[3] = key[22] & 0xff | (key[23] & 0xff) << 8;\n this.pad[4] = key[24] & 0xff | (key[25] & 0xff) << 8;\n this.pad[5] = key[26] & 0xff | (key[27] & 0xff) << 8;\n this.pad[6] = key[28] & 0xff | (key[29] & 0xff) << 8;\n this.pad[7] = key[30] & 0xff | (key[31] & 0xff) << 8;\n};\n\npoly1305.prototype.blocks = function(m, mpos, bytes) {\n var hibit = this.fin ? 0 : (1 << 11);\n var t0, t1, t2, t3, t4, t5, t6, t7, c;\n var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9;\n\n var h0 = this.h[0],\n h1 = this.h[1],\n h2 = this.h[2],\n h3 = this.h[3],\n h4 = this.h[4],\n h5 = this.h[5],\n h6 = this.h[6],\n h7 = this.h[7],\n h8 = this.h[8],\n h9 = this.h[9];\n\n var r0 = this.r[0],\n r1 = this.r[1],\n r2 = this.r[2],\n r3 = this.r[3],\n r4 = this.r[4],\n r5 = this.r[5],\n r6 = this.r[6],\n r7 = this.r[7],\n r8 = this.r[8],\n r9 = this.r[9];\n\n while (bytes >= 16) {\n t0 = m[mpos+ 0] & 0xff | (m[mpos+ 1] & 0xff) << 8; h0 += ( t0 ) & 0x1fff;\n t1 = m[mpos+ 2] & 0xff | (m[mpos+ 3] & 0xff) << 8; h1 += ((t0 >>> 13) | (t1 << 3)) & 0x1fff;\n t2 = m[mpos+ 4] & 0xff | (m[mpos+ 5] & 0xff) << 8; h2 += ((t1 >>> 10) | (t2 << 6)) & 0x1fff;\n t3 = m[mpos+ 6] & 0xff | (m[mpos+ 7] & 0xff) << 8; h3 += ((t2 >>> 7) | (t3 << 9)) & 0x1fff;\n t4 = m[mpos+ 8] & 0xff | (m[mpos+ 9] & 0xff) << 8; h4 += ((t3 >>> 4) | (t4 << 12)) & 0x1fff;\n h5 += ((t4 >>> 1)) & 0x1fff;\n t5 = m[mpos+10] & 0xff | (m[mpos+11] & 0xff) << 8; h6 += ((t4 >>> 14) | (t5 << 2)) & 0x1fff;\n t6 = m[mpos+12] & 0xff | (m[mpos+13] & 0xff) << 8; h7 += ((t5 >>> 11) | (t6 << 5)) & 0x1fff;\n t7 = m[mpos+14] & 0xff | (m[mpos+15] & 0xff) << 8; h8 += ((t6 >>> 8) | (t7 << 8)) & 0x1fff;\n h9 += ((t7 >>> 5)) | hibit;\n\n c = 0;\n\n d0 = c;\n d0 += h0 * r0;\n d0 += h1 * (5 * r9);\n d0 += h2 * (5 * r8);\n d0 += h3 * (5 * r7);\n d0 += h4 * (5 * r6);\n c = (d0 >>> 13); d0 &= 0x1fff;\n d0 += h5 * (5 * r5);\n d0 += h6 * (5 * r4);\n d0 += h7 * (5 * r3);\n d0 += h8 * (5 * r2);\n d0 += h9 * (5 * r1);\n c += (d0 >>> 13); d0 &= 0x1fff;\n\n d1 = c;\n d1 += h0 * r1;\n d1 += h1 * r0;\n d1 += h2 * (5 * r9);\n d1 += h3 * (5 * r8);\n d1 += h4 * (5 * r7);\n c = (d1 >>> 13); d1 &= 0x1fff;\n d1 += h5 * (5 * r6);\n d1 += h6 * (5 * r5);\n d1 += h7 * (5 * r4);\n d1 += h8 * (5 * r3);\n d1 += h9 * (5 * r2);\n c += (d1 >>> 13); d1 &= 0x1fff;\n\n d2 = c;\n d2 += h0 * r2;\n d2 += h1 * r1;\n d2 += h2 * r0;\n d2 += h3 * (5 * r9);\n d2 += h4 * (5 * r8);\n c = (d2 >>> 13); d2 &= 0x1fff;\n d2 += h5 * (5 * r7);\n d2 += h6 * (5 * r6);\n d2 += h7 * (5 * r5);\n d2 += h8 * (5 * r4);\n d2 += h9 * (5 * r3);\n c += (d2 >>> 13); d2 &= 0x1fff;\n\n d3 = c;\n d3 += h0 * r3;\n d3 += h1 * r2;\n d3 += h2 * r1;\n d3 += h3 * r0;\n d3 += h4 * (5 * r9);\n c = (d3 >>> 13); d3 &= 0x1fff;\n d3 += h5 * (5 * r8);\n d3 += h6 * (5 * r7);\n d3 += h7 * (5 * r6);\n d3 += h8 * (5 * r5);\n d3 += h9 * (5 * r4);\n c += (d3 >>> 13); d3 &= 0x1fff;\n\n d4 = c;\n d4 += h0 * r4;\n d4 += h1 * r3;\n d4 += h2 * r2;\n d4 += h3 * r1;\n d4 += h4 * r0;\n c = (d4 >>> 13); d4 &= 0x1fff;\n d4 += h5 * (5 * r9);\n d4 += h6 * (5 * r8);\n d4 += h7 * (5 * r7);\n d4 += h8 * (5 * r6);\n d4 += h9 * (5 * r5);\n c += (d4 >>> 13); d4 &= 0x1fff;\n\n d5 = c;\n d5 += h0 * r5;\n d5 += h1 * r4;\n d5 += h2 * r3;\n d5 += h3 * r2;\n d5 += h4 * r1;\n c = (d5 >>> 13); d5 &= 0x1fff;\n d5 += h5 * r0;\n d5 += h6 * (5 * r9);\n d5 += h7 * (5 * r8);\n d5 += h8 * (5 * r7);\n d5 += h9 * (5 * r6);\n c += (d5 >>> 13); d5 &= 0x1fff;\n\n d6 = c;\n d6 += h0 * r6;\n d6 += h1 * r5;\n d6 += h2 * r4;\n d6 += h3 * r3;\n d6 += h4 * r2;\n c = (d6 >>> 13); d6 &= 0x1fff;\n d6 += h5 * r1;\n d6 += h6 * r0;\n d6 += h7 * (5 * r9);\n d6 += h8 * (5 * r8);\n d6 += h9 * (5 * r7);\n c += (d6 >>> 13); d6 &= 0x1fff;\n\n d7 = c;\n d7 += h0 * r7;\n d7 += h1 * r6;\n d7 += h2 * r5;\n d7 += h3 * r4;\n d7 += h4 * r3;\n c = (d7 >>> 13); d7 &= 0x1fff;\n d7 += h5 * r2;\n d7 += h6 * r1;\n d7 += h7 * r0;\n d7 += h8 * (5 * r9);\n d7 += h9 * (5 * r8);\n c += (d7 >>> 13); d7 &= 0x1fff;\n\n d8 = c;\n d8 += h0 * r8;\n d8 += h1 * r7;\n d8 += h2 * r6;\n d8 += h3 * r5;\n d8 += h4 * r4;\n c = (d8 >>> 13); d8 &= 0x1fff;\n d8 += h5 * r3;\n d8 += h6 * r2;\n d8 += h7 * r1;\n d8 += h8 * r0;\n d8 += h9 * (5 * r9);\n c += (d8 >>> 13); d8 &= 0x1fff;\n\n d9 = c;\n d9 += h0 * r9;\n d9 += h1 * r8;\n d9 += h2 * r7;\n d9 += h3 * r6;\n d9 += h4 * r5;\n c = (d9 >>> 13); d9 &= 0x1fff;\n d9 += h5 * r4;\n d9 += h6 * r3;\n d9 += h7 * r2;\n d9 += h8 * r1;\n d9 += h9 * r0;\n c += (d9 >>> 13); d9 &= 0x1fff;\n\n c = (((c << 2) + c)) | 0;\n c = (c + d0) | 0;\n d0 = c & 0x1fff;\n c = (c >>> 13);\n d1 += c;\n\n h0 = d0;\n h1 = d1;\n h2 = d2;\n h3 = d3;\n h4 = d4;\n h5 = d5;\n h6 = d6;\n h7 = d7;\n h8 = d8;\n h9 = d9;\n\n mpos += 16;\n bytes -= 16;\n }\n this.h[0] = h0;\n this.h[1] = h1;\n this.h[2] = h2;\n this.h[3] = h3;\n this.h[4] = h4;\n this.h[5] = h5;\n this.h[6] = h6;\n this.h[7] = h7;\n this.h[8] = h8;\n this.h[9] = h9;\n};\n\npoly1305.prototype.finish = function(mac, macpos) {\n var g = new Uint16Array(10);\n var c, mask, f, i;\n\n if (this.leftover) {\n i = this.leftover;\n this.buffer[i++] = 1;\n for (; i < 16; i++) this.buffer[i] = 0;\n this.fin = 1;\n this.blocks(this.buffer, 0, 16);\n }\n\n c = this.h[1] >>> 13;\n this.h[1] &= 0x1fff;\n for (i = 2; i < 10; i++) {\n this.h[i] += c;\n c = this.h[i] >>> 13;\n this.h[i] &= 0x1fff;\n }\n this.h[0] += (c * 5);\n c = this.h[0] >>> 13;\n this.h[0] &= 0x1fff;\n this.h[1] += c;\n c = this.h[1] >>> 13;\n this.h[1] &= 0x1fff;\n this.h[2] += c;\n\n g[0] = this.h[0] + 5;\n c = g[0] >>> 13;\n g[0] &= 0x1fff;\n for (i = 1; i < 10; i++) {\n g[i] = this.h[i] + c;\n c = g[i] >>> 13;\n g[i] &= 0x1fff;\n }\n g[9] -= (1 << 13);\n\n mask = (c ^ 1) - 1;\n for (i = 0; i < 10; i++) g[i] &= mask;\n mask = ~mask;\n for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i];\n\n this.h[0] = ((this.h[0] ) | (this.h[1] << 13) ) & 0xffff;\n this.h[1] = ((this.h[1] >>> 3) | (this.h[2] << 10) ) & 0xffff;\n this.h[2] = ((this.h[2] >>> 6) | (this.h[3] << 7) ) & 0xffff;\n this.h[3] = ((this.h[3] >>> 9) | (this.h[4] << 4) ) & 0xffff;\n this.h[4] = ((this.h[4] >>> 12) | (this.h[5] << 1) | (this.h[6] << 14)) & 0xffff;\n this.h[5] = ((this.h[6] >>> 2) | (this.h[7] << 11) ) & 0xffff;\n this.h[6] = ((this.h[7] >>> 5) | (this.h[8] << 8) ) & 0xffff;\n this.h[7] = ((this.h[8] >>> 8) | (this.h[9] << 5) ) & 0xffff;\n\n f = this.h[0] + this.pad[0];\n this.h[0] = f & 0xffff;\n for (i = 1; i < 8; i++) {\n f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0;\n this.h[i] = f & 0xffff;\n }\n\n mac[macpos+ 0] = (this.h[0] >>> 0) & 0xff;\n mac[macpos+ 1] = (this.h[0] >>> 8) & 0xff;\n mac[macpos+ 2] = (this.h[1] >>> 0) & 0xff;\n mac[macpos+ 3] = (this.h[1] >>> 8) & 0xff;\n mac[macpos+ 4] = (this.h[2] >>> 0) & 0xff;\n mac[macpos+ 5] = (this.h[2] >>> 8) & 0xff;\n mac[macpos+ 6] = (this.h[3] >>> 0) & 0xff;\n mac[macpos+ 7] = (this.h[3] >>> 8) & 0xff;\n mac[macpos+ 8] = (this.h[4] >>> 0) & 0xff;\n mac[macpos+ 9] = (this.h[4] >>> 8) & 0xff;\n mac[macpos+10] = (this.h[5] >>> 0) & 0xff;\n mac[macpos+11] = (this.h[5] >>> 8) & 0xff;\n mac[macpos+12] = (this.h[6] >>> 0) & 0xff;\n mac[macpos+13] = (this.h[6] >>> 8) & 0xff;\n mac[macpos+14] = (this.h[7] >>> 0) & 0xff;\n mac[macpos+15] = (this.h[7] >>> 8) & 0xff;\n};\n\npoly1305.prototype.update = function(m, mpos, bytes) {\n var i, want;\n\n if (this.leftover) {\n want = (16 - this.leftover);\n if (want > bytes)\n want = bytes;\n for (i = 0; i < want; i++)\n this.buffer[this.leftover + i] = m[mpos+i];\n bytes -= want;\n mpos += want;\n this.leftover += want;\n if (this.leftover < 16)\n return;\n this.blocks(this.buffer, 0, 16);\n this.leftover = 0;\n }\n\n if (bytes >= 16) {\n want = bytes - (bytes % 16);\n this.blocks(m, mpos, want);\n mpos += want;\n bytes -= want;\n }\n\n if (bytes) {\n for (i = 0; i < bytes; i++)\n this.buffer[this.leftover + i] = m[mpos+i];\n this.leftover += bytes;\n }\n};\n\nfunction crypto_onetimeauth(out, outpos, m, mpos, n, k) {\n var s = new poly1305(k);\n s.update(m, mpos, n);\n s.finish(out, outpos);\n return 0;\n}\n\nfunction crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {\n var x = new Uint8Array(16);\n crypto_onetimeauth(x,0,m,mpos,n,k);\n return crypto_verify_16(h,hpos,x,0);\n}\n\nfunction crypto_secretbox(c,m,d,n,k) {\n var i;\n if (d < 32) return -1;\n crypto_stream_xor(c,0,m,0,d,n,k);\n crypto_onetimeauth(c, 16, c, 32, d - 32, c);\n for (i = 0; i < 16; i++) c[i] = 0;\n return 0;\n}\n\nfunction crypto_secretbox_open(m,c,d,n,k) {\n var i;\n var x = new Uint8Array(32);\n if (d < 32) return -1;\n crypto_stream(x,0,32,n,k);\n if (crypto_onetimeauth_verify(c, 16,c, 32,d - 32,x) !== 0) return -1;\n crypto_stream_xor(m,0,c,0,d,n,k);\n for (i = 0; i < 32; i++) m[i] = 0;\n return 0;\n}\n\nfunction set25519(r, a) {\n var i;\n for (i = 0; i < 16; i++) r[i] = a[i]|0;\n}\n\nfunction car25519(o) {\n var i, v, c = 1;\n for (i = 0; i < 16; i++) {\n v = o[i] + c + 65535;\n c = Math.floor(v / 65536);\n o[i] = v - c * 65536;\n }\n o[0] += c-1 + 37 * (c-1);\n}\n\nfunction sel25519(p, q, b) {\n var t, c = ~(b-1);\n for (var i = 0; i < 16; i++) {\n t = c & (p[i] ^ q[i]);\n p[i] ^= t;\n q[i] ^= t;\n }\n}\n\nfunction pack25519(o, n) {\n var i, j, b;\n var m = gf(), t = gf();\n for (i = 0; i < 16; i++) t[i] = n[i];\n car25519(t);\n car25519(t);\n car25519(t);\n for (j = 0; j < 2; j++) {\n m[0] = t[0] - 0xffed;\n for (i = 1; i < 15; i++) {\n m[i] = t[i] - 0xffff - ((m[i-1]>>16) & 1);\n m[i-1] &= 0xffff;\n }\n m[15] = t[15] - 0x7fff - ((m[14]>>16) & 1);\n b = (m[15]>>16) & 1;\n m[14] &= 0xffff;\n sel25519(t, m, 1-b);\n }\n for (i = 0; i < 16; i++) {\n o[2*i] = t[i] & 0xff;\n o[2*i+1] = t[i]>>8;\n }\n}\n\nfunction neq25519(a, b) {\n var c = new Uint8Array(32), d = new Uint8Array(32);\n pack25519(c, a);\n pack25519(d, b);\n return crypto_verify_32(c, 0, d, 0);\n}\n\nfunction par25519(a) {\n var d = new Uint8Array(32);\n pack25519(d, a);\n return d[0] & 1;\n}\n\nfunction unpack25519(o, n) {\n var i;\n for (i = 0; i < 16; i++) o[i] = n[2*i] + (n[2*i+1] << 8);\n o[15] &= 0x7fff;\n}\n\nfunction A(o, a, b) {\n for (var i = 0; i < 16; i++) o[i] = a[i] + b[i];\n}\n\nfunction Z(o, a, b) {\n for (var i = 0; i < 16; i++) o[i] = a[i] - b[i];\n}\n\nfunction M(o, a, b) {\n var v, c,\n t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0, t5 = 0, t6 = 0, t7 = 0,\n t8 = 0, t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,\n t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,\n t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0,\n b0 = b[0],\n b1 = b[1],\n b2 = b[2],\n b3 = b[3],\n b4 = b[4],\n b5 = b[5],\n b6 = b[6],\n b7 = b[7],\n b8 = b[8],\n b9 = b[9],\n b10 = b[10],\n b11 = b[11],\n b12 = b[12],\n b13 = b[13],\n b14 = b[14],\n b15 = b[15];\n\n v = a[0];\n t0 += v * b0;\n t1 += v * b1;\n t2 += v * b2;\n t3 += v * b3;\n t4 += v * b4;\n t5 += v * b5;\n t6 += v * b6;\n t7 += v * b7;\n t8 += v * b8;\n t9 += v * b9;\n t10 += v * b10;\n t11 += v * b11;\n t12 += v * b12;\n t13 += v * b13;\n t14 += v * b14;\n t15 += v * b15;\n v = a[1];\n t1 += v * b0;\n t2 += v * b1;\n t3 += v * b2;\n t4 += v * b3;\n t5 += v * b4;\n t6 += v * b5;\n t7 += v * b6;\n t8 += v * b7;\n t9 += v * b8;\n t10 += v * b9;\n t11 += v * b10;\n t12 += v * b11;\n t13 += v * b12;\n t14 += v * b13;\n t15 += v * b14;\n t16 += v * b15;\n v = a[2];\n t2 += v * b0;\n t3 += v * b1;\n t4 += v * b2;\n t5 += v * b3;\n t6 += v * b4;\n t7 += v * b5;\n t8 += v * b6;\n t9 += v * b7;\n t10 += v * b8;\n t11 += v * b9;\n t12 += v * b10;\n t13 += v * b11;\n t14 += v * b12;\n t15 += v * b13;\n t16 += v * b14;\n t17 += v * b15;\n v = a[3];\n t3 += v * b0;\n t4 += v * b1;\n t5 += v * b2;\n t6 += v * b3;\n t7 += v * b4;\n t8 += v * b5;\n t9 += v * b6;\n t10 += v * b7;\n t11 += v * b8;\n t12 += v * b9;\n t13 += v * b10;\n t14 += v * b11;\n t15 += v * b12;\n t16 += v * b13;\n t17 += v * b14;\n t18 += v * b15;\n v = a[4];\n t4 += v * b0;\n t5 += v * b1;\n t6 += v * b2;\n t7 += v * b3;\n t8 += v * b4;\n t9 += v * b5;\n t10 += v * b6;\n t11 += v * b7;\n t12 += v * b8;\n t13 += v * b9;\n t14 += v * b10;\n t15 += v * b11;\n t16 += v * b12;\n t17 += v * b13;\n t18 += v * b14;\n t19 += v * b15;\n v = a[5];\n t5 += v * b0;\n t6 += v * b1;\n t7 += v * b2;\n t8 += v * b3;\n t9 += v * b4;\n t10 += v * b5;\n t11 += v * b6;\n t12 += v * b7;\n t13 += v * b8;\n t14 += v * b9;\n t15 += v * b10;\n t16 += v * b11;\n t17 += v * b12;\n t18 += v * b13;\n t19 += v * b14;\n t20 += v * b15;\n v = a[6];\n t6 += v * b0;\n t7 += v * b1;\n t8 += v * b2;\n t9 += v * b3;\n t10 += v * b4;\n t11 += v * b5;\n t12 += v * b6;\n t13 += v * b7;\n t14 += v * b8;\n t15 += v * b9;\n t16 += v * b10;\n t17 += v * b11;\n t18 += v * b12;\n t19 += v * b13;\n t20 += v * b14;\n t21 += v * b15;\n v = a[7];\n t7 += v * b0;\n t8 += v * b1;\n t9 += v * b2;\n t10 += v * b3;\n t11 += v * b4;\n t12 += v * b5;\n t13 += v * b6;\n t14 += v * b7;\n t15 += v * b8;\n t16 += v * b9;\n t17 += v * b10;\n t18 += v * b11;\n t19 += v * b12;\n t20 += v * b13;\n t21 += v * b14;\n t22 += v * b15;\n v = a[8];\n t8 += v * b0;\n t9 += v * b1;\n t10 += v * b2;\n t11 += v * b3;\n t12 += v * b4;\n t13 += v * b5;\n t14 += v * b6;\n t15 += v * b7;\n t16 += v * b8;\n t17 += v * b9;\n t18 += v * b10;\n t19 += v * b11;\n t20 += v * b12;\n t21 += v * b13;\n t22 += v * b14;\n t23 += v * b15;\n v = a[9];\n t9 += v * b0;\n t10 += v * b1;\n t11 += v * b2;\n t12 += v * b3;\n t13 += v * b4;\n t14 += v * b5;\n t15 += v * b6;\n t16 += v * b7;\n t17 += v * b8;\n t18 += v * b9;\n t19 += v * b10;\n t20 += v * b11;\n t21 += v * b12;\n t22 += v * b13;\n t23 += v * b14;\n t24 += v * b15;\n v = a[10];\n t10 += v * b0;\n t11 += v * b1;\n t12 += v * b2;\n t13 += v * b3;\n t14 += v * b4;\n t15 += v * b5;\n t16 += v * b6;\n t17 += v * b7;\n t18 += v * b8;\n t19 += v * b9;\n t20 += v * b10;\n t21 += v * b11;\n t22 += v * b12;\n t23 += v * b13;\n t24 += v * b14;\n t25 += v * b15;\n v = a[11];\n t11 += v * b0;\n t12 += v * b1;\n t13 += v * b2;\n t14 += v * b3;\n t15 += v * b4;\n t16 += v * b5;\n t17 += v * b6;\n t18 += v * b7;\n t19 += v * b8;\n t20 += v * b9;\n t21 += v * b10;\n t22 += v * b11;\n t23 += v * b12;\n t24 += v * b13;\n t25 += v * b14;\n t26 += v * b15;\n v = a[12];\n t12 += v * b0;\n t13 += v * b1;\n t14 += v * b2;\n t15 += v * b3;\n t16 += v * b4;\n t17 += v * b5;\n t18 += v * b6;\n t19 += v * b7;\n t20 += v * b8;\n t21 += v * b9;\n t22 += v * b10;\n t23 += v * b11;\n t24 += v * b12;\n t25 += v * b13;\n t26 += v * b14;\n t27 += v * b15;\n v = a[13];\n t13 += v * b0;\n t14 += v * b1;\n t15 += v * b2;\n t16 += v * b3;\n t17 += v * b4;\n t18 += v * b5;\n t19 += v * b6;\n t20 += v * b7;\n t21 += v * b8;\n t22 += v * b9;\n t23 += v * b10;\n t24 += v * b11;\n t25 += v * b12;\n t26 += v * b13;\n t27 += v * b14;\n t28 += v * b15;\n v = a[14];\n t14 += v * b0;\n t15 += v * b1;\n t16 += v * b2;\n t17 += v * b3;\n t18 += v * b4;\n t19 += v * b5;\n t20 += v * b6;\n t21 += v * b7;\n t22 += v * b8;\n t23 += v * b9;\n t24 += v * b10;\n t25 += v * b11;\n t26 += v * b12;\n t27 += v * b13;\n t28 += v * b14;\n t29 += v * b15;\n v = a[15];\n t15 += v * b0;\n t16 += v * b1;\n t17 += v * b2;\n t18 += v * b3;\n t19 += v * b4;\n t20 += v * b5;\n t21 += v * b6;\n t22 += v * b7;\n t23 += v * b8;\n t24 += v * b9;\n t25 += v * b10;\n t26 += v * b11;\n t27 += v * b12;\n t28 += v * b13;\n t29 += v * b14;\n t30 += v * b15;\n\n t0 += 38 * t16;\n t1 += 38 * t17;\n t2 += 38 * t18;\n t3 += 38 * t19;\n t4 += 38 * t20;\n t5 += 38 * t21;\n t6 += 38 * t22;\n t7 += 38 * t23;\n t8 += 38 * t24;\n t9 += 38 * t25;\n t10 += 38 * t26;\n t11 += 38 * t27;\n t12 += 38 * t28;\n t13 += 38 * t29;\n t14 += 38 * t30;\n // t15 left as is\n\n // first car\n c = 1;\n v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;\n v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;\n v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;\n v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;\n v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;\n v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;\n v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;\n v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;\n v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;\n v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;\n v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n t0 += c-1 + 37 * (c-1);\n\n // second car\n c = 1;\n v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;\n v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;\n v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;\n v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;\n v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;\n v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;\n v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;\n v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;\n v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;\n v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;\n v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n t0 += c-1 + 37 * (c-1);\n\n o[ 0] = t0;\n o[ 1] = t1;\n o[ 2] = t2;\n o[ 3] = t3;\n o[ 4] = t4;\n o[ 5] = t5;\n o[ 6] = t6;\n o[ 7] = t7;\n o[ 8] = t8;\n o[ 9] = t9;\n o[10] = t10;\n o[11] = t11;\n o[12] = t12;\n o[13] = t13;\n o[14] = t14;\n o[15] = t15;\n}\n\nfunction S(o, a) {\n M(o, a, a);\n}\n\nfunction inv25519(o, i) {\n var c = gf();\n var a;\n for (a = 0; a < 16; a++) c[a] = i[a];\n for (a = 253; a >= 0; a--) {\n S(c, c);\n if(a !== 2 && a !== 4) M(c, c, i);\n }\n for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction pow2523(o, i) {\n var c = gf();\n var a;\n for (a = 0; a < 16; a++) c[a] = i[a];\n for (a = 250; a >= 0; a--) {\n S(c, c);\n if(a !== 1) M(c, c, i);\n }\n for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction crypto_scalarmult(q, n, p) {\n var z = new Uint8Array(32);\n var x = new Float64Array(80), r, i;\n var a = gf(), b = gf(), c = gf(),\n d = gf(), e = gf(), f = gf();\n for (i = 0; i < 31; i++) z[i] = n[i];\n z[31]=(n[31]&127)|64;\n z[0]&=248;\n unpack25519(x,p);\n for (i = 0; i < 16; i++) {\n b[i]=x[i];\n d[i]=a[i]=c[i]=0;\n }\n a[0]=d[0]=1;\n for (i=254; i>=0; --i) {\n r=(z[i>>>3]>>>(i&7))&1;\n sel25519(a,b,r);\n sel25519(c,d,r);\n A(e,a,c);\n Z(a,a,c);\n A(c,b,d);\n Z(b,b,d);\n S(d,e);\n S(f,a);\n M(a,c,a);\n M(c,b,e);\n A(e,a,c);\n Z(a,a,c);\n S(b,a);\n Z(c,d,f);\n M(a,c,_121665);\n A(a,a,d);\n M(c,c,a);\n M(a,d,f);\n M(d,b,x);\n S(b,e);\n sel25519(a,b,r);\n sel25519(c,d,r);\n }\n for (i = 0; i < 16; i++) {\n x[i+16]=a[i];\n x[i+32]=c[i];\n x[i+48]=b[i];\n x[i+64]=d[i];\n }\n var x32 = x.subarray(32);\n var x16 = x.subarray(16);\n inv25519(x32,x32);\n M(x16,x16,x32);\n pack25519(q,x16);\n return 0;\n}\n\nfunction crypto_scalarmult_base(q, n) {\n return crypto_scalarmult(q, n, _9);\n}\n\nfunction crypto_box_keypair(y, x) {\n randombytes(x, 32);\n return crypto_scalarmult_base(y, x);\n}\n\nfunction crypto_box_beforenm(k, y, x) {\n var s = new Uint8Array(32);\n crypto_scalarmult(s, x, y);\n return crypto_core_hsalsa20(k, _0, s, sigma);\n}\n\nvar crypto_box_afternm = crypto_secretbox;\nvar crypto_box_open_afternm = crypto_secretbox_open;\n\nfunction crypto_box(c, m, d, n, y, x) {\n var k = new Uint8Array(32);\n crypto_box_beforenm(k, y, x);\n return crypto_box_afternm(c, m, d, n, k);\n}\n\nfunction crypto_box_open(m, c, d, n, y, x) {\n var k = new Uint8Array(32);\n crypto_box_beforenm(k, y, x);\n return crypto_box_open_afternm(m, c, d, n, k);\n}\n\nvar K = [\n 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,\n 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,\n 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,\n 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,\n 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,\n 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,\n 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,\n 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,\n 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,\n 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,\n 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,\n 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,\n 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,\n 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,\n 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,\n 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,\n 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,\n 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,\n 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,\n 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,\n 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,\n 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,\n 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,\n 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,\n 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,\n 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,\n 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,\n 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,\n 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,\n 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,\n 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,\n 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,\n 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,\n 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,\n 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,\n 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,\n 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,\n 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,\n 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,\n 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817\n];\n\nfunction crypto_hashblocks_hl(hh, hl, m, n) {\n var wh = new Int32Array(16), wl = new Int32Array(16),\n bh0, bh1, bh2, bh3, bh4, bh5, bh6, bh7,\n bl0, bl1, bl2, bl3, bl4, bl5, bl6, bl7,\n th, tl, i, j, h, l, a, b, c, d;\n\n var ah0 = hh[0],\n ah1 = hh[1],\n ah2 = hh[2],\n ah3 = hh[3],\n ah4 = hh[4],\n ah5 = hh[5],\n ah6 = hh[6],\n ah7 = hh[7],\n\n al0 = hl[0],\n al1 = hl[1],\n al2 = hl[2],\n al3 = hl[3],\n al4 = hl[4],\n al5 = hl[5],\n al6 = hl[6],\n al7 = hl[7];\n\n var pos = 0;\n while (n >= 128) {\n for (i = 0; i < 16; i++) {\n j = 8 * i + pos;\n wh[i] = (m[j+0] << 24) | (m[j+1] << 16) | (m[j+2] << 8) | m[j+3];\n wl[i] = (m[j+4] << 24) | (m[j+5] << 16) | (m[j+6] << 8) | m[j+7];\n }\n for (i = 0; i < 80; i++) {\n bh0 = ah0;\n bh1 = ah1;\n bh2 = ah2;\n bh3 = ah3;\n bh4 = ah4;\n bh5 = ah5;\n bh6 = ah6;\n bh7 = ah7;\n\n bl0 = al0;\n bl1 = al1;\n bl2 = al2;\n bl3 = al3;\n bl4 = al4;\n bl5 = al5;\n bl6 = al6;\n bl7 = al7;\n\n // add\n h = ah7;\n l = al7;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n // Sigma1\n h = ((ah4 >>> 14) | (al4 << (32-14))) ^ ((ah4 >>> 18) | (al4 << (32-18))) ^ ((al4 >>> (41-32)) | (ah4 << (32-(41-32))));\n l = ((al4 >>> 14) | (ah4 << (32-14))) ^ ((al4 >>> 18) | (ah4 << (32-18))) ^ ((ah4 >>> (41-32)) | (al4 << (32-(41-32))));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // Ch\n h = (ah4 & ah5) ^ (~ah4 & ah6);\n l = (al4 & al5) ^ (~al4 & al6);\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // K\n h = K[i*2];\n l = K[i*2+1];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // w\n h = wh[i%16];\n l = wl[i%16];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n th = c & 0xffff | d << 16;\n tl = a & 0xffff | b << 16;\n\n // add\n h = th;\n l = tl;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n // Sigma0\n h = ((ah0 >>> 28) | (al0 << (32-28))) ^ ((al0 >>> (34-32)) | (ah0 << (32-(34-32)))) ^ ((al0 >>> (39-32)) | (ah0 << (32-(39-32))));\n l = ((al0 >>> 28) | (ah0 << (32-28))) ^ ((ah0 >>> (34-32)) | (al0 << (32-(34-32)))) ^ ((ah0 >>> (39-32)) | (al0 << (32-(39-32))));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // Maj\n h = (ah0 & ah1) ^ (ah0 & ah2) ^ (ah1 & ah2);\n l = (al0 & al1) ^ (al0 & al2) ^ (al1 & al2);\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n bh7 = (c & 0xffff) | (d << 16);\n bl7 = (a & 0xffff) | (b << 16);\n\n // add\n h = bh3;\n l = bl3;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = th;\n l = tl;\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n bh3 = (c & 0xffff) | (d << 16);\n bl3 = (a & 0xffff) | (b << 16);\n\n ah1 = bh0;\n ah2 = bh1;\n ah3 = bh2;\n ah4 = bh3;\n ah5 = bh4;\n ah6 = bh5;\n ah7 = bh6;\n ah0 = bh7;\n\n al1 = bl0;\n al2 = bl1;\n al3 = bl2;\n al4 = bl3;\n al5 = bl4;\n al6 = bl5;\n al7 = bl6;\n al0 = bl7;\n\n if (i%16 === 15) {\n for (j = 0; j < 16; j++) {\n // add\n h = wh[j];\n l = wl[j];\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = wh[(j+9)%16];\n l = wl[(j+9)%16];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // sigma0\n th = wh[(j+1)%16];\n tl = wl[(j+1)%16];\n h = ((th >>> 1) | (tl << (32-1))) ^ ((th >>> 8) | (tl << (32-8))) ^ (th >>> 7);\n l = ((tl >>> 1) | (th << (32-1))) ^ ((tl >>> 8) | (th << (32-8))) ^ ((tl >>> 7) | (th << (32-7)));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // sigma1\n th = wh[(j+14)%16];\n tl = wl[(j+14)%16];\n h = ((th >>> 19) | (tl << (32-19))) ^ ((tl >>> (61-32)) | (th << (32-(61-32)))) ^ (th >>> 6);\n l = ((tl >>> 19) | (th << (32-19))) ^ ((th >>> (61-32)) | (tl << (32-(61-32)))) ^ ((tl >>> 6) | (th << (32-6)));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n wh[j] = (c & 0xffff) | (d << 16);\n wl[j] = (a & 0xffff) | (b << 16);\n }\n }\n }\n\n // add\n h = ah0;\n l = al0;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[0];\n l = hl[0];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[0] = ah0 = (c & 0xffff) | (d << 16);\n hl[0] = al0 = (a & 0xffff) | (b << 16);\n\n h = ah1;\n l = al1;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[1];\n l = hl[1];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[1] = ah1 = (c & 0xffff) | (d << 16);\n hl[1] = al1 = (a & 0xffff) | (b << 16);\n\n h = ah2;\n l = al2;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[2];\n l = hl[2];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[2] = ah2 = (c & 0xffff) | (d << 16);\n hl[2] = al2 = (a & 0xffff) | (b << 16);\n\n h = ah3;\n l = al3;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[3];\n l = hl[3];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[3] = ah3 = (c & 0xffff) | (d << 16);\n hl[3] = al3 = (a & 0xffff) | (b << 16);\n\n h = ah4;\n l = al4;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[4];\n l = hl[4];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[4] = ah4 = (c & 0xffff) | (d << 16);\n hl[4] = al4 = (a & 0xffff) | (b << 16);\n\n h = ah5;\n l = al5;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[5];\n l = hl[5];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[5] = ah5 = (c & 0xffff) | (d << 16);\n hl[5] = al5 = (a & 0xffff) | (b << 16);\n\n h = ah6;\n l = al6;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[6];\n l = hl[6];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[6] = ah6 = (c & 0xffff) | (d << 16);\n hl[6] = al6 = (a & 0xffff) | (b << 16);\n\n h = ah7;\n l = al7;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[7];\n l = hl[7];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[7] = ah7 = (c & 0xffff) | (d << 16);\n hl[7] = al7 = (a & 0xffff) | (b << 16);\n\n pos += 128;\n n -= 128;\n }\n\n return n;\n}\n\nfunction crypto_hash(out, m, n) {\n var hh = new Int32Array(8),\n hl = new Int32Array(8),\n x = new Uint8Array(256),\n i, b = n;\n\n hh[0] = 0x6a09e667;\n hh[1] = 0xbb67ae85;\n hh[2] = 0x3c6ef372;\n hh[3] = 0xa54ff53a;\n hh[4] = 0x510e527f;\n hh[5] = 0x9b05688c;\n hh[6] = 0x1f83d9ab;\n hh[7] = 0x5be0cd19;\n\n hl[0] = 0xf3bcc908;\n hl[1] = 0x84caa73b;\n hl[2] = 0xfe94f82b;\n hl[3] = 0x5f1d36f1;\n hl[4] = 0xade682d1;\n hl[5] = 0x2b3e6c1f;\n hl[6] = 0xfb41bd6b;\n hl[7] = 0x137e2179;\n\n crypto_hashblocks_hl(hh, hl, m, n);\n n %= 128;\n\n for (i = 0; i < n; i++) x[i] = m[b-n+i];\n x[n] = 128;\n\n n = 256-128*(n<112?1:0);\n x[n-9] = 0;\n ts64(x, n-8, (b / 0x20000000) | 0, b << 3);\n crypto_hashblocks_hl(hh, hl, x, n);\n\n for (i = 0; i < 8; i++) ts64(out, 8*i, hh[i], hl[i]);\n\n return 0;\n}\n\nfunction add(p, q) {\n var a = gf(), b = gf(), c = gf(),\n d = gf(), e = gf(), f = gf(),\n g = gf(), h = gf(), t = gf();\n\n Z(a, p[1], p[0]);\n Z(t, q[1], q[0]);\n M(a, a, t);\n A(b, p[0], p[1]);\n A(t, q[0], q[1]);\n M(b, b, t);\n M(c, p[3], q[3]);\n M(c, c, D2);\n M(d, p[2], q[2]);\n A(d, d, d);\n Z(e, b, a);\n Z(f, d, c);\n A(g, d, c);\n A(h, b, a);\n\n M(p[0], e, f);\n M(p[1], h, g);\n M(p[2], g, f);\n M(p[3], e, h);\n}\n\nfunction cswap(p, q, b) {\n var i;\n for (i = 0; i < 4; i++) {\n sel25519(p[i], q[i], b);\n }\n}\n\nfunction pack(r, p) {\n var tx = gf(), ty = gf(), zi = gf();\n inv25519(zi, p[2]);\n M(tx, p[0], zi);\n M(ty, p[1], zi);\n pack25519(r, ty);\n r[31] ^= par25519(tx) << 7;\n}\n\nfunction scalarmult(p, q, s) {\n var b, i;\n set25519(p[0], gf0);\n set25519(p[1], gf1);\n set25519(p[2], gf1);\n set25519(p[3], gf0);\n for (i = 255; i >= 0; --i) {\n b = (s[(i/8)|0] >> (i&7)) & 1;\n cswap(p, q, b);\n add(q, p);\n add(p, p);\n cswap(p, q, b);\n }\n}\n\nfunction scalarbase(p, s) {\n var q = [gf(), gf(), gf(), gf()];\n set25519(q[0], X);\n set25519(q[1], Y);\n set25519(q[2], gf1);\n M(q[3], X, Y);\n scalarmult(p, q, s);\n}\n\nfunction crypto_sign_keypair(pk, sk, seeded) {\n var d = new Uint8Array(64);\n var p = [gf(), gf(), gf(), gf()];\n var i;\n\n if (!seeded) randombytes(sk, 32);\n crypto_hash(d, sk, 32);\n d[0] &= 248;\n d[31] &= 127;\n d[31] |= 64;\n\n scalarbase(p, d);\n pack(pk, p);\n\n for (i = 0; i < 32; i++) sk[i+32] = pk[i];\n return 0;\n}\n\nvar L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);\n\nfunction modL(r, x) {\n var carry, i, j, k;\n for (i = 63; i >= 32; --i) {\n carry = 0;\n for (j = i - 32, k = i - 12; j < k; ++j) {\n x[j] += carry - 16 * x[i] * L[j - (i - 32)];\n carry = (x[j] + 128) >> 8;\n x[j] -= carry * 256;\n }\n x[j] += carry;\n x[i] = 0;\n }\n carry = 0;\n for (j = 0; j < 32; j++) {\n x[j] += carry - (x[31] >> 4) * L[j];\n carry = x[j] >> 8;\n x[j] &= 255;\n }\n for (j = 0; j < 32; j++) x[j] -= carry * L[j];\n for (i = 0; i < 32; i++) {\n x[i+1] += x[i] >> 8;\n r[i] = x[i] & 255;\n }\n}\n\nfunction reduce(r) {\n var x = new Float64Array(64), i;\n for (i = 0; i < 64; i++) x[i] = r[i];\n for (i = 0; i < 64; i++) r[i] = 0;\n modL(r, x);\n}\n\n// Note: difference from C - smlen returned, not passed as argument.\nfunction crypto_sign(sm, m, n, sk) {\n var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);\n var i, j, x = new Float64Array(64);\n var p = [gf(), gf(), gf(), gf()];\n\n crypto_hash(d, sk, 32);\n d[0] &= 248;\n d[31] &= 127;\n d[31] |= 64;\n\n var smlen = n + 64;\n for (i = 0; i < n; i++) sm[64 + i] = m[i];\n for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];\n\n crypto_hash(r, sm.subarray(32), n+32);\n reduce(r);\n scalarbase(p, r);\n pack(sm, p);\n\n for (i = 32; i < 64; i++) sm[i] = sk[i];\n crypto_hash(h, sm, n + 64);\n reduce(h);\n\n for (i = 0; i < 64; i++) x[i] = 0;\n for (i = 0; i < 32; i++) x[i] = r[i];\n for (i = 0; i < 32; i++) {\n for (j = 0; j < 32; j++) {\n x[i+j] += h[i] * d[j];\n }\n }\n\n modL(sm.subarray(32), x);\n return smlen;\n}\n\nfunction unpackneg(r, p) {\n var t = gf(), chk = gf(), num = gf(),\n den = gf(), den2 = gf(), den4 = gf(),\n den6 = gf();\n\n set25519(r[2], gf1);\n unpack25519(r[1], p);\n S(num, r[1]);\n M(den, num, D);\n Z(num, num, r[2]);\n A(den, r[2], den);\n\n S(den2, den);\n S(den4, den2);\n M(den6, den4, den2);\n M(t, den6, num);\n M(t, t, den);\n\n pow2523(t, t);\n M(t, t, num);\n M(t, t, den);\n M(t, t, den);\n M(r[0], t, den);\n\n S(chk, r[0]);\n M(chk, chk, den);\n if (neq25519(chk, num)) M(r[0], r[0], I);\n\n S(chk, r[0]);\n M(chk, chk, den);\n if (neq25519(chk, num)) return -1;\n\n if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);\n\n M(r[3], r[0], r[1]);\n return 0;\n}\n\nfunction crypto_sign_open(m, sm, n, pk) {\n var i, mlen;\n var t = new Uint8Array(32), h = new Uint8Array(64);\n var p = [gf(), gf(), gf(), gf()],\n q = [gf(), gf(), gf(), gf()];\n\n mlen = -1;\n if (n < 64) return -1;\n\n if (unpackneg(q, pk)) return -1;\n\n for (i = 0; i < n; i++) m[i] = sm[i];\n for (i = 0; i < 32; i++) m[i+32] = pk[i];\n crypto_hash(h, m, n);\n reduce(h);\n scalarmult(p, q, h);\n\n scalarbase(q, sm.subarray(32));\n add(p, q);\n pack(t, p);\n\n n -= 64;\n if (crypto_verify_32(sm, 0, t, 0)) {\n for (i = 0; i < n; i++) m[i] = 0;\n return -1;\n }\n\n for (i = 0; i < n; i++) m[i] = sm[i + 64];\n mlen = n;\n return mlen;\n}\n\nvar crypto_secretbox_KEYBYTES = 32,\n crypto_secretbox_NONCEBYTES = 24,\n crypto_secretbox_ZEROBYTES = 32,\n crypto_secretbox_BOXZEROBYTES = 16,\n crypto_scalarmult_BYTES = 32,\n crypto_scalarmult_SCALARBYTES = 32,\n crypto_box_PUBLICKEYBYTES = 32,\n crypto_box_SECRETKEYBYTES = 32,\n crypto_box_BEFORENMBYTES = 32,\n crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES,\n crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES,\n crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES,\n crypto_sign_BYTES = 64,\n crypto_sign_PUBLICKEYBYTES = 32,\n crypto_sign_SECRETKEYBYTES = 64,\n crypto_sign_SEEDBYTES = 32,\n crypto_hash_BYTES = 64;\n\nnacl.lowlevel = {\n crypto_core_hsalsa20: crypto_core_hsalsa20,\n crypto_stream_xor: crypto_stream_xor,\n crypto_stream: crypto_stream,\n crypto_stream_salsa20_xor: crypto_stream_salsa20_xor,\n crypto_stream_salsa20: crypto_stream_salsa20,\n crypto_onetimeauth: crypto_onetimeauth,\n crypto_onetimeauth_verify: crypto_onetimeauth_verify,\n crypto_verify_16: crypto_verify_16,\n crypto_verify_32: crypto_verify_32,\n crypto_secretbox: crypto_secretbox,\n crypto_secretbox_open: crypto_secretbox_open,\n crypto_scalarmult: crypto_scalarmult,\n crypto_scalarmult_base: crypto_scalarmult_base,\n crypto_box_beforenm: crypto_box_beforenm,\n crypto_box_afternm: crypto_box_afternm,\n crypto_box: crypto_box,\n crypto_box_open: crypto_box_open,\n crypto_box_keypair: crypto_box_keypair,\n crypto_hash: crypto_hash,\n crypto_sign: crypto_sign,\n crypto_sign_keypair: crypto_sign_keypair,\n crypto_sign_open: crypto_sign_open,\n\n crypto_secretbox_KEYBYTES: crypto_secretbox_KEYBYTES,\n crypto_secretbox_NONCEBYTES: crypto_secretbox_NONCEBYTES,\n crypto_secretbox_ZEROBYTES: crypto_secretbox_ZEROBYTES,\n crypto_secretbox_BOXZEROBYTES: crypto_secretbox_BOXZEROBYTES,\n crypto_scalarmult_BYTES: crypto_scalarmult_BYTES,\n crypto_scalarmult_SCALARBYTES: crypto_scalarmult_SCALARBYTES,\n crypto_box_PUBLICKEYBYTES: crypto_box_PUBLICKEYBYTES,\n crypto_box_SECRETKEYBYTES: crypto_box_SECRETKEYBYTES,\n crypto_box_BEFORENMBYTES: crypto_box_BEFORENMBYTES,\n crypto_box_NONCEBYTES: crypto_box_NONCEBYTES,\n crypto_box_ZEROBYTES: crypto_box_ZEROBYTES,\n crypto_box_BOXZEROBYTES: crypto_box_BOXZEROBYTES,\n crypto_sign_BYTES: crypto_sign_BYTES,\n crypto_sign_PUBLICKEYBYTES: crypto_sign_PUBLICKEYBYTES,\n crypto_sign_SECRETKEYBYTES: crypto_sign_SECRETKEYBYTES,\n crypto_sign_SEEDBYTES: crypto_sign_SEEDBYTES,\n crypto_hash_BYTES: crypto_hash_BYTES\n};\n\n/* High-level API */\n\nfunction checkLengths(k, n) {\n if (k.length !== crypto_secretbox_KEYBYTES) throw new Error('bad key size');\n if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error('bad nonce size');\n}\n\nfunction checkBoxLengths(pk, sk) {\n if (pk.length !== crypto_box_PUBLICKEYBYTES) throw new Error('bad public key size');\n if (sk.length !== crypto_box_SECRETKEYBYTES) throw new Error('bad secret key size');\n}\n\nfunction checkArrayTypes() {\n var t, i;\n for (i = 0; i < arguments.length; i++) {\n if ((t = Object.prototype.toString.call(arguments[i])) !== '[object Uint8Array]')\n throw new TypeError('unexpected type ' + t + ', use Uint8Array');\n }\n}\n\nfunction cleanup(arr) {\n for (var i = 0; i < arr.length; i++) arr[i] = 0;\n}\n\n// TODO: Completely remove this in v0.15.\nif (!nacl.util) {\n nacl.util = {};\n nacl.util.decodeUTF8 = nacl.util.encodeUTF8 = nacl.util.encodeBase64 = nacl.util.decodeBase64 = function() {\n throw new Error('nacl.util moved into separate package: https://github.com/dchest/tweetnacl-util-js');\n };\n}\n\nnacl.randomBytes = function(n) {\n var b = new Uint8Array(n);\n randombytes(b, n);\n return b;\n};\n\nnacl.secretbox = function(msg, nonce, key) {\n checkArrayTypes(msg, nonce, key);\n checkLengths(key, nonce);\n var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length);\n var c = new Uint8Array(m.length);\n for (var i = 0; i < msg.length; i++) m[i+crypto_secretbox_ZEROBYTES] = msg[i];\n crypto_secretbox(c, m, m.length, nonce, key);\n return c.subarray(crypto_secretbox_BOXZEROBYTES);\n};\n\nnacl.secretbox.open = function(box, nonce, key) {\n checkArrayTypes(box, nonce, key);\n checkLengths(key, nonce);\n var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length);\n var m = new Uint8Array(c.length);\n for (var i = 0; i < box.length; i++) c[i+crypto_secretbox_BOXZEROBYTES] = box[i];\n if (c.length < 32) return false;\n if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return false;\n return m.subarray(crypto_secretbox_ZEROBYTES);\n};\n\nnacl.secretbox.keyLength = crypto_secretbox_KEYBYTES;\nnacl.secretbox.nonceLength = crypto_secretbox_NONCEBYTES;\nnacl.secretbox.overheadLength = crypto_secretbox_BOXZEROBYTES;\n\nnacl.scalarMult = function(n, p) {\n checkArrayTypes(n, p);\n if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n if (p.length !== crypto_scalarmult_BYTES) throw new Error('bad p size');\n var q = new Uint8Array(crypto_scalarmult_BYTES);\n crypto_scalarmult(q, n, p);\n return q;\n};\n\nnacl.scalarMult.base = function(n) {\n checkArrayTypes(n);\n if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n var q = new Uint8Array(crypto_scalarmult_BYTES);\n crypto_scalarmult_base(q, n);\n return q;\n};\n\nnacl.scalarMult.scalarLength = crypto_scalarmult_SCALARBYTES;\nnacl.scalarMult.groupElementLength = crypto_scalarmult_BYTES;\n\nnacl.box = function(msg, nonce, publicKey, secretKey) {\n var k = nacl.box.before(publicKey, secretKey);\n return nacl.secretbox(msg, nonce, k);\n};\n\nnacl.box.before = function(publicKey, secretKey) {\n checkArrayTypes(publicKey, secretKey);\n checkBoxLengths(publicKey, secretKey);\n var k = new Uint8Array(crypto_box_BEFORENMBYTES);\n crypto_box_beforenm(k, publicKey, secretKey);\n return k;\n};\n\nnacl.box.after = nacl.secretbox;\n\nnacl.box.open = function(msg, nonce, publicKey, secretKey) {\n var k = nacl.box.before(publicKey, secretKey);\n return nacl.secretbox.open(msg, nonce, k);\n};\n\nnacl.box.open.after = nacl.secretbox.open;\n\nnacl.box.keyPair = function() {\n var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);\n crypto_box_keypair(pk, sk);\n return {publicKey: pk, secretKey: sk};\n};\n\nnacl.box.keyPair.fromSecretKey = function(secretKey) {\n checkArrayTypes(secretKey);\n if (secretKey.length !== crypto_box_SECRETKEYBYTES)\n throw new Error('bad secret key size');\n var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n crypto_scalarmult_base(pk, secretKey);\n return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.box.publicKeyLength = crypto_box_PUBLICKEYBYTES;\nnacl.box.secretKeyLength = crypto_box_SECRETKEYBYTES;\nnacl.box.sharedKeyLength = crypto_box_BEFORENMBYTES;\nnacl.box.nonceLength = crypto_box_NONCEBYTES;\nnacl.box.overheadLength = nacl.secretbox.overheadLength;\n\nnacl.sign = function(msg, secretKey) {\n checkArrayTypes(msg, secretKey);\n if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n throw new Error('bad secret key size');\n var signedMsg = new Uint8Array(crypto_sign_BYTES+msg.length);\n crypto_sign(signedMsg, msg, msg.length, secretKey);\n return signedMsg;\n};\n\nnacl.sign.open = function(signedMsg, publicKey) {\n if (arguments.length !== 2)\n throw new Error('nacl.sign.open accepts 2 arguments; did you mean to use nacl.sign.detached.verify?');\n checkArrayTypes(signedMsg, publicKey);\n if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n throw new Error('bad public key size');\n var tmp = new Uint8Array(signedMsg.length);\n var mlen = crypto_sign_open(tmp, signedMsg, signedMsg.length, publicKey);\n if (mlen < 0) return null;\n var m = new Uint8Array(mlen);\n for (var i = 0; i < m.length; i++) m[i] = tmp[i];\n return m;\n};\n\nnacl.sign.detached = function(msg, secretKey) {\n var signedMsg = nacl.sign(msg, secretKey);\n var sig = new Uint8Array(crypto_sign_BYTES);\n for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];\n return sig;\n};\n\nnacl.sign.detached.verify = function(msg, sig, publicKey) {\n checkArrayTypes(msg, sig, publicKey);\n if (sig.length !== crypto_sign_BYTES)\n throw new Error('bad signature size');\n if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n throw new Error('bad public key size');\n var sm = new Uint8Array(crypto_sign_BYTES + msg.length);\n var m = new Uint8Array(crypto_sign_BYTES + msg.length);\n var i;\n for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];\n for (i = 0; i < msg.length; i++) sm[i+crypto_sign_BYTES] = msg[i];\n return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);\n};\n\nnacl.sign.keyPair = function() {\n var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n crypto_sign_keypair(pk, sk);\n return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.keyPair.fromSecretKey = function(secretKey) {\n checkArrayTypes(secretKey);\n if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n throw new Error('bad secret key size');\n var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32+i];\n return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.sign.keyPair.fromSeed = function(seed) {\n checkArrayTypes(seed);\n if (seed.length !== crypto_sign_SEEDBYTES)\n throw new Error('bad seed size');\n var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n for (var i = 0; i < 32; i++) sk[i] = seed[i];\n crypto_sign_keypair(pk, sk, true);\n return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.publicKeyLength = crypto_sign_PUBLICKEYBYTES;\nnacl.sign.secretKeyLength = crypto_sign_SECRETKEYBYTES;\nnacl.sign.seedLength = crypto_sign_SEEDBYTES;\nnacl.sign.signatureLength = crypto_sign_BYTES;\n\nnacl.hash = function(msg) {\n checkArrayTypes(msg);\n var h = new Uint8Array(crypto_hash_BYTES);\n crypto_hash(h, msg, msg.length);\n return h;\n};\n\nnacl.hash.hashLength = crypto_hash_BYTES;\n\nnacl.verify = function(x, y) {\n checkArrayTypes(x, y);\n // Zero length arguments are considered not equal.\n if (x.length === 0 || y.length === 0) return false;\n if (x.length !== y.length) return false;\n return (vn(x, 0, y, 0, x.length) === 0) ? true : false;\n};\n\nnacl.setPRNG = function(fn) {\n randombytes = fn;\n};\n\n(function() {\n // Initialize PRNG if environment provides CSPRNG.\n // If not, methods calling randombytes will throw.\n var crypto = typeof self !== 'undefined' ? (self.crypto || self.msCrypto) : null;\n if (crypto && crypto.getRandomValues) {\n // Browsers.\n var QUOTA = 65536;\n nacl.setPRNG(function(x, n) {\n var i, v = new Uint8Array(n);\n for (i = 0; i < n; i += QUOTA) {\n crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));\n }\n for (i = 0; i < n; i++) x[i] = v[i];\n cleanup(v);\n });\n } else if (typeof require !== 'undefined') {\n // Node.js.\n crypto = require('crypto');\n if (crypto && crypto.randomBytes) {\n nacl.setPRNG(function(x, n) {\n var i, v = crypto.randomBytes(n);\n for (i = 0; i < n; i++) x[i] = v[i];\n cleanup(v);\n });\n }\n }\n})();\n\n})(typeof module !== 'undefined' && module.exports ? module.exports : (self.nacl = self.nacl || {}));\n","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nObject.defineProperty(exports, \"v1\", {\n enumerable: true,\n get: function () {\n return _v.default;\n }\n});\nObject.defineProperty(exports, \"v3\", {\n enumerable: true,\n get: function () {\n return _v2.default;\n }\n});\nObject.defineProperty(exports, \"v4\", {\n enumerable: true,\n get: function () {\n return _v3.default;\n }\n});\nObject.defineProperty(exports, \"v5\", {\n enumerable: true,\n get: function () {\n return _v4.default;\n }\n});\nObject.defineProperty(exports, \"NIL\", {\n enumerable: true,\n get: function () {\n return _nil.default;\n }\n});\nObject.defineProperty(exports, \"version\", {\n enumerable: true,\n get: function () {\n return _version.default;\n }\n});\nObject.defineProperty(exports, \"validate\", {\n enumerable: true,\n get: function () {\n return _validate.default;\n }\n});\nObject.defineProperty(exports, \"stringify\", {\n enumerable: true,\n get: function () {\n return _stringify.default;\n }\n});\nObject.defineProperty(exports, \"parse\", {\n enumerable: true,\n get: function () {\n return _parse.default;\n }\n});\n\nvar _v = _interopRequireDefault(require(\"./v1.js\"));\n\nvar _v2 = _interopRequireDefault(require(\"./v3.js\"));\n\nvar _v3 = _interopRequireDefault(require(\"./v4.js\"));\n\nvar _v4 = _interopRequireDefault(require(\"./v5.js\"));\n\nvar _nil = _interopRequireDefault(require(\"./nil.js\"));\n\nvar _version = _interopRequireDefault(require(\"./version.js\"));\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nvar _parse = _interopRequireDefault(require(\"./parse.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction md5(bytes) {\n if (Array.isArray(bytes)) {\n bytes = Buffer.from(bytes);\n } else if (typeof bytes === 'string') {\n bytes = Buffer.from(bytes, 'utf8');\n }\n\n return _crypto.default.createHash('md5').update(bytes).digest();\n}\n\nvar _default = md5;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\nvar _default = '00000000-0000-0000-0000-000000000000';\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction parse(uuid) {\n if (!(0, _validate.default)(uuid)) {\n throw TypeError('Invalid UUID');\n }\n\n let v;\n const arr = new Uint8Array(16); // Parse ########-....-....-....-............\n\n arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24;\n arr[1] = v >>> 16 & 0xff;\n arr[2] = v >>> 8 & 0xff;\n arr[3] = v & 0xff; // Parse ........-####-....-....-............\n\n arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8;\n arr[5] = v & 0xff; // Parse ........-....-####-....-............\n\n arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8;\n arr[7] = v & 0xff; // Parse ........-....-....-####-............\n\n arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8;\n arr[9] = v & 0xff; // Parse ........-....-....-....-############\n // (Use \"/\" to avoid 32-bit truncation when bit-shifting high-order bytes)\n\n arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff;\n arr[11] = v / 0x100000000 & 0xff;\n arr[12] = v >>> 24 & 0xff;\n arr[13] = v >>> 16 & 0xff;\n arr[14] = v >>> 8 & 0xff;\n arr[15] = v & 0xff;\n return arr;\n}\n\nvar _default = parse;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\nvar _default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = rng;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate\n\nlet poolPtr = rnds8Pool.length;\n\nfunction rng() {\n if (poolPtr > rnds8Pool.length - 16) {\n _crypto.default.randomFillSync(rnds8Pool);\n\n poolPtr = 0;\n }\n\n return rnds8Pool.slice(poolPtr, poolPtr += 16);\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction sha1(bytes) {\n if (Array.isArray(bytes)) {\n bytes = Buffer.from(bytes);\n } else if (typeof bytes === 'string') {\n bytes = Buffer.from(bytes, 'utf8');\n }\n\n return _crypto.default.createHash('sha1').update(bytes).digest();\n}\n\nvar _default = sha1;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/**\n * Convert array of 16 byte values to UUID string format of the form:\n * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\n */\nconst byteToHex = [];\n\nfor (let i = 0; i < 256; ++i) {\n byteToHex.push((i + 0x100).toString(16).substr(1));\n}\n\nfunction stringify(arr, offset = 0) {\n // Note: Be careful editing this code! It's been tuned for performance\n // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434\n const uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID. If this throws, it's likely due to one\n // of the following:\n // - One or more input array values don't map to a hex octet (leading to\n // \"undefined\" in the uuid)\n // - Invalid input values for the RFC `version` or `variant` fields\n\n if (!(0, _validate.default)(uuid)) {\n throw TypeError('Stringified UUID is invalid');\n }\n\n return uuid;\n}\n\nvar _default = stringify;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _rng = _interopRequireDefault(require(\"./rng.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n// **`v1()` - Generate time-based UUID**\n//\n// Inspired by https://github.com/LiosK/UUID.js\n// and http://docs.python.org/library/uuid.html\nlet _nodeId;\n\nlet _clockseq; // Previous uuid creation time\n\n\nlet _lastMSecs = 0;\nlet _lastNSecs = 0; // See https://github.com/uuidjs/uuid for API details\n\nfunction v1(options, buf, offset) {\n let i = buf && offset || 0;\n const b = buf || new Array(16);\n options = options || {};\n let node = options.node || _nodeId;\n let clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not\n // specified. We do this lazily to minimize issues related to insufficient\n // system entropy. See #189\n\n if (node == null || clockseq == null) {\n const seedBytes = options.random || (options.rng || _rng.default)();\n\n if (node == null) {\n // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1)\n node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]];\n }\n\n if (clockseq == null) {\n // Per 4.2.2, randomize (14 bit) clockseq\n clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff;\n }\n } // UUID timestamps are 100 nano-second units since the Gregorian epoch,\n // (1582-10-15 00:00). JSNumbers aren't precise enough for this, so\n // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs'\n // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00.\n\n\n let msecs = options.msecs !== undefined ? options.msecs : Date.now(); // Per 4.2.1.2, use count of uuid's generated during the current clock\n // cycle to simulate higher resolution clock\n\n let nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs)\n\n const dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per 4.2.1.2, Bump clockseq on clock regression\n\n if (dt < 0 && options.clockseq === undefined) {\n clockseq = clockseq + 1 & 0x3fff;\n } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new\n // time interval\n\n\n if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) {\n nsecs = 0;\n } // Per 4.2.1.2 Throw error if too many uuids are requested\n\n\n if (nsecs >= 10000) {\n throw new Error(\"uuid.v1(): Can't create more than 10M uuids/sec\");\n }\n\n _lastMSecs = msecs;\n _lastNSecs = nsecs;\n _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch\n\n msecs += 12219292800000; // `time_low`\n\n const tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000;\n b[i++] = tl >>> 24 & 0xff;\n b[i++] = tl >>> 16 & 0xff;\n b[i++] = tl >>> 8 & 0xff;\n b[i++] = tl & 0xff; // `time_mid`\n\n const tmh = msecs / 0x100000000 * 10000 & 0xfffffff;\n b[i++] = tmh >>> 8 & 0xff;\n b[i++] = tmh & 0xff; // `time_high_and_version`\n\n b[i++] = tmh >>> 24 & 0xf | 0x10; // include version\n\n b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant)\n\n b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low`\n\n b[i++] = clockseq & 0xff; // `node`\n\n for (let n = 0; n < 6; ++n) {\n b[i + n] = node[n];\n }\n\n return buf || (0, _stringify.default)(b);\n}\n\nvar _default = v1;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _v = _interopRequireDefault(require(\"./v35.js\"));\n\nvar _md = _interopRequireDefault(require(\"./md5.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst v3 = (0, _v.default)('v3', 0x30, _md.default);\nvar _default = v3;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = _default;\nexports.URL = exports.DNS = void 0;\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nvar _parse = _interopRequireDefault(require(\"./parse.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction stringToBytes(str) {\n str = unescape(encodeURIComponent(str)); // UTF8 escape\n\n const bytes = [];\n\n for (let i = 0; i < str.length; ++i) {\n bytes.push(str.charCodeAt(i));\n }\n\n return bytes;\n}\n\nconst DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8';\nexports.DNS = DNS;\nconst URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8';\nexports.URL = URL;\n\nfunction _default(name, version, hashfunc) {\n function generateUUID(value, namespace, buf, offset) {\n if (typeof value === 'string') {\n value = stringToBytes(value);\n }\n\n if (typeof namespace === 'string') {\n namespace = (0, _parse.default)(namespace);\n }\n\n if (namespace.length !== 16) {\n throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)');\n } // Compute hash of namespace and value, Per 4.3\n // Future: Use spread syntax when supported on all platforms, e.g. `bytes =\n // hashfunc([...namespace, ... value])`\n\n\n let bytes = new Uint8Array(16 + value.length);\n bytes.set(namespace);\n bytes.set(value, namespace.length);\n bytes = hashfunc(bytes);\n bytes[6] = bytes[6] & 0x0f | version;\n bytes[8] = bytes[8] & 0x3f | 0x80;\n\n if (buf) {\n offset = offset || 0;\n\n for (let i = 0; i < 16; ++i) {\n buf[offset + i] = bytes[i];\n }\n\n return buf;\n }\n\n return (0, _stringify.default)(bytes);\n } // Function#name is not settable on some platforms (#270)\n\n\n try {\n generateUUID.name = name; // eslint-disable-next-line no-empty\n } catch (err) {} // For CommonJS default export support\n\n\n generateUUID.DNS = DNS;\n generateUUID.URL = URL;\n return generateUUID;\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _rng = _interopRequireDefault(require(\"./rng.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction v4(options, buf, offset) {\n options = options || {};\n\n const rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`\n\n\n rnds[6] = rnds[6] & 0x0f | 0x40;\n rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided\n\n if (buf) {\n offset = offset || 0;\n\n for (let i = 0; i < 16; ++i) {\n buf[offset + i] = rnds[i];\n }\n\n return buf;\n }\n\n return (0, _stringify.default)(rnds);\n}\n\nvar _default = v4;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _v = _interopRequireDefault(require(\"./v35.js\"));\n\nvar _sha = _interopRequireDefault(require(\"./sha1.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst v5 = (0, _v.default)('v5', 0x50, _sha.default);\nvar _default = v5;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _regex = _interopRequireDefault(require(\"./regex.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction validate(uuid) {\n return typeof uuid === 'string' && _regex.default.test(uuid);\n}\n\nvar _default = validate;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction version(uuid) {\n if (!(0, _validate.default)(uuid)) {\n throw TypeError('Invalid UUID');\n }\n\n return parseInt(uuid.substr(14, 1), 16);\n}\n\nvar _default = version;\nexports.default = _default;","module.exports = __non_webpack_require__(__webpack_require__.ab + \"build/Release/cpufeatures.node\")","module.exports = __non_webpack_require__(__webpack_require__.ab + \"lib/protocol/crypto/build/Release/sshcrypto.node\")","module.exports = require(\"assert\");","module.exports = require(\"buffer\");","module.exports = require(\"child_process\");","module.exports = require(\"crypto\");","module.exports = require(\"dns\");","module.exports = require(\"events\");","module.exports = require(\"fs\");","module.exports = require(\"http\");","module.exports = require(\"https\");","module.exports = require(\"net\");","module.exports = require(\"os\");","module.exports = require(\"path\");","module.exports = require(\"stream\");","module.exports = require(\"tls\");","module.exports = require(\"util\");","module.exports = require(\"zlib\");","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.NodeSSH = exports.SSHError = void 0;\nconst fs_1 = __importDefault(require(\"fs\"));\nconst path_1 = __importDefault(require(\"path\"));\nconst make_dir_1 = __importDefault(require(\"make-dir\"));\nconst is_stream_1 = __importDefault(require(\"is-stream\"));\nconst shell_escape_1 = __importDefault(require(\"shell-escape\"));\nconst sb_scandir_1 = __importDefault(require(\"sb-scandir\"));\nconst sb_promise_queue_1 = require(\"sb-promise-queue\");\nconst assert_1 = __importStar(require(\"assert\"));\nconst ssh2_1 = __importDefault(require(\"ssh2\"));\nconst DEFAULT_CONCURRENCY = 1;\nconst DEFAULT_VALIDATE = (path) => !path_1.default.basename(path).startsWith('.');\nconst DEFAULT_TICK = () => {\n /* No Op */\n};\nclass SSHError extends Error {\n constructor(message, code = null) {\n super(message);\n this.code = code;\n }\n}\nexports.SSHError = SSHError;\nfunction unixifyPath(path) {\n if (path.includes('\\\\')) {\n return path.split('\\\\').join('/');\n }\n return path;\n}\nasync function readFile(filePath) {\n return new Promise((resolve, reject) => {\n fs_1.default.readFile(filePath, 'utf8', (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n}\nconst SFTP_MKDIR_ERR_CODE_REGEXP = /Error: (E[\\S]+): /;\nasync function makeDirectoryWithSftp(path, sftp) {\n let stats = null;\n try {\n stats = await new Promise((resolve, reject) => {\n sftp.stat(path, (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n }\n catch (_) {\n /* No Op */\n }\n if (stats) {\n if (stats.isDirectory()) {\n // Already exists, nothing to worry about\n return;\n }\n throw new Error('mkdir() failed, target already exists and is not a directory');\n }\n try {\n await new Promise((resolve, reject) => {\n sftp.mkdir(path, (err) => {\n if (err) {\n reject(err);\n }\n else {\n resolve();\n }\n });\n });\n }\n catch (err) {\n if (err != null && typeof err.stack === 'string') {\n const matches = SFTP_MKDIR_ERR_CODE_REGEXP.exec(err.stack);\n if (matches != null) {\n throw new SSHError(err.message, matches[1]);\n }\n throw err;\n }\n }\n}\nclass NodeSSH {\n constructor() {\n this.connection = null;\n }\n getConnection() {\n const { connection } = this;\n if (connection == null) {\n throw new Error('Not connected to server');\n }\n return connection;\n }\n async connect(givenConfig) {\n assert_1.default(givenConfig != null && typeof givenConfig === 'object', 'config must be a valid object');\n const config = { ...givenConfig };\n assert_1.default(config.username != null && typeof config.username === 'string', 'config.username must be a valid string');\n if (config.host != null) {\n assert_1.default(typeof config.host === 'string', 'config.host must be a valid string');\n }\n else if (config.sock != null) {\n assert_1.default(typeof config.sock === 'object', 'config.sock must be a valid object');\n }\n else {\n throw new assert_1.AssertionError({ message: 'Either config.host or config.sock must be provided' });\n }\n if (config.privateKey != null || config.privateKeyPath != null) {\n if (config.privateKey != null) {\n assert_1.default(typeof config.privateKey === 'string', 'config.privateKey must be a valid string');\n assert_1.default(config.privateKeyPath == null, 'config.privateKeyPath must not be specified when config.privateKey is specified');\n }\n else if (config.privateKeyPath != null) {\n assert_1.default(typeof config.privateKeyPath === 'string', 'config.privateKeyPath must be a valid string');\n assert_1.default(config.privateKey == null, 'config.privateKey must not be specified when config.privateKeyPath is specified');\n }\n assert_1.default(config.passphrase == null || typeof config.passphrase === 'string', 'config.passphrase must be null or a valid string');\n if (config.privateKeyPath != null) {\n // Must be an fs path\n try {\n config.privateKey = await readFile(config.privateKeyPath);\n }\n catch (err) {\n if (err != null && err.code === 'ENOENT') {\n throw new assert_1.AssertionError({ message: 'config.privateKeyPath does not exist at given fs path' });\n }\n throw err;\n }\n }\n }\n else if (config.password != null) {\n assert_1.default(typeof config.password === 'string', 'config.password must be a valid string');\n }\n if (config.tryKeyboard != null) {\n assert_1.default(typeof config.tryKeyboard === 'boolean', 'config.tryKeyboard must be a valid boolean');\n }\n if (config.tryKeyboard) {\n const { password } = config;\n if (config.onKeyboardInteractive != null) {\n assert_1.default(typeof config.onKeyboardInteractive === 'function', 'config.onKeyboardInteractive must be a valid function');\n }\n else if (password != null) {\n config.onKeyboardInteractive = (name, instructions, instructionsLang, prompts, finish) => {\n if (prompts.length > 0 && prompts[0].prompt.toLowerCase().includes('password')) {\n finish([password]);\n }\n };\n }\n }\n const connection = new ssh2_1.default.Client();\n this.connection = connection;\n await new Promise((resolve, reject) => {\n connection.on('error', reject);\n if (config.onKeyboardInteractive) {\n connection.on('keyboard-interactive', config.onKeyboardInteractive);\n }\n connection.on('ready', () => {\n connection.removeListener('error', reject);\n resolve();\n });\n connection.on('end', () => {\n if (this.connection === connection) {\n this.connection = null;\n }\n });\n connection.on('close', () => {\n if (this.connection === connection) {\n this.connection = null;\n }\n reject(new SSHError('No response from server', 'ETIMEDOUT'));\n });\n connection.connect(config);\n });\n return this;\n }\n isConnected() {\n return this.connection != null;\n }\n async requestShell(options) {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.on('error', reject);\n const callback = (err, res) => {\n connection.removeListener('error', reject);\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n };\n if (options == null) {\n connection.shell(callback);\n }\n else {\n connection.shell(options, callback);\n }\n });\n }\n async withShell(callback, options) {\n assert_1.default(typeof callback === 'function', 'callback must be a valid function');\n const shell = await this.requestShell(options);\n try {\n await callback(shell);\n }\n finally {\n // Try to close gracefully\n if (!shell.close()) {\n // Destroy local socket if it doesn't work\n shell.destroy();\n }\n }\n }\n async requestSFTP() {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.on('error', reject);\n connection.sftp((err, res) => {\n connection.removeListener('error', reject);\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n }\n async withSFTP(callback) {\n assert_1.default(typeof callback === 'function', 'callback must be a valid function');\n const sftp = await this.requestSFTP();\n try {\n await callback(sftp);\n }\n finally {\n sftp.end();\n }\n }\n async execCommand(givenCommand, options = {}) {\n assert_1.default(typeof givenCommand === 'string', 'command must be a valid string');\n assert_1.default(options != null && typeof options === 'object', 'options must be a valid object');\n assert_1.default(options.cwd == null || typeof options.cwd === 'string', 'options.cwd must be a valid string');\n assert_1.default(options.stdin == null || typeof options.stdin === 'string' || is_stream_1.default.readable(options.stdin), 'options.stdin must be a valid string or readable stream');\n assert_1.default(options.execOptions == null || typeof options.execOptions === 'object', 'options.execOptions must be a valid object');\n assert_1.default(options.encoding == null || typeof options.encoding === 'string', 'options.encoding must be a valid string');\n assert_1.default(options.onChannel == null || typeof options.onChannel === 'function', 'options.onChannel must be a valid function');\n assert_1.default(options.onStdout == null || typeof options.onStdout === 'function', 'options.onStdout must be a valid function');\n assert_1.default(options.onStderr == null || typeof options.onStderr === 'function', 'options.onStderr must be a valid function');\n let command = givenCommand;\n if (options.cwd) {\n command = `cd ${shell_escape_1.default([options.cwd])} ; ${command}`;\n }\n const connection = this.getConnection();\n const output = { stdout: [], stderr: [] };\n return new Promise((resolve, reject) => {\n connection.on('error', reject);\n connection.exec(command, options.execOptions != null ? options.execOptions : {}, (err, channel) => {\n connection.removeListener('error', reject);\n if (err) {\n reject(err);\n return;\n }\n if (options.onChannel) {\n options.onChannel(channel);\n }\n channel.on('data', (chunk) => {\n if (options.onStdout)\n options.onStdout(chunk);\n output.stdout.push(chunk.toString(options.encoding));\n });\n channel.stderr.on('data', (chunk) => {\n if (options.onStderr)\n options.onStderr(chunk);\n output.stderr.push(chunk.toString(options.encoding));\n });\n if (options.stdin != null) {\n if (is_stream_1.default.readable(options.stdin)) {\n options.stdin.pipe(channel, {\n end: true,\n });\n }\n else {\n channel.write(options.stdin);\n channel.end();\n }\n }\n else {\n channel.end();\n }\n let code = null;\n let signal = null;\n channel.on('exit', (code_, signal_) => {\n code = code_ !== null && code_ !== void 0 ? code_ : null;\n signal = signal_ !== null && signal_ !== void 0 ? signal_ : null;\n });\n channel.on('close', () => {\n resolve({\n code: code != null ? code : null,\n signal: signal != null ? signal : null,\n stdout: output.stdout.join('').trim(),\n stderr: output.stderr.join('').trim(),\n });\n });\n });\n });\n }\n async exec(command, parameters, options = {}) {\n assert_1.default(typeof command === 'string', 'command must be a valid string');\n assert_1.default(Array.isArray(parameters), 'parameters must be a valid array');\n assert_1.default(options != null && typeof options === 'object', 'options must be a valid object');\n assert_1.default(options.stream == null || ['both', 'stdout', 'stderr'].includes(options.stream), 'options.stream must be one of both, stdout, stderr');\n for (let i = 0, { length } = parameters; i < length; i += 1) {\n assert_1.default(typeof parameters[i] === 'string', `parameters[${i}] must be a valid string`);\n }\n const completeCommand = `${command} ${shell_escape_1.default(parameters)}`;\n const response = await this.execCommand(completeCommand, options);\n if (options.stream == null || options.stream === 'stdout') {\n if (response.stderr) {\n throw new Error(response.stderr);\n }\n return response.stdout;\n }\n if (options.stream === 'stderr') {\n return response.stderr;\n }\n return response;\n }\n async mkdir(path, method = 'sftp', givenSftp = null) {\n assert_1.default(typeof path === 'string', 'path must be a valid string');\n assert_1.default(typeof method === 'string' && (method === 'sftp' || method === 'exec'), 'method must be either sftp or exec');\n assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n if (method === 'exec') {\n await this.exec('mkdir', ['-p', unixifyPath(path)]);\n return;\n }\n const sftp = givenSftp || (await this.requestSFTP());\n const makeSftpDirectory = async (retry) => makeDirectoryWithSftp(unixifyPath(path), sftp).catch(async (error) => {\n if (!retry || error == null || (error.message !== 'No such file' && error.code !== 'ENOENT')) {\n throw error;\n }\n await this.mkdir(path_1.default.dirname(path), 'sftp', sftp);\n await makeSftpDirectory(false);\n });\n try {\n await makeSftpDirectory(true);\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async getFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n assert_1.default(typeof localFile === 'string', 'localFile must be a valid string');\n assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n const sftp = givenSftp || (await this.requestSFTP());\n try {\n await new Promise((resolve, reject) => {\n sftp.fastGet(unixifyPath(remoteFile), localFile, transferOptions || {}, (err) => {\n if (err) {\n reject(err);\n }\n else {\n resolve();\n }\n });\n });\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async putFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n assert_1.default(typeof localFile === 'string', 'localFile must be a valid string');\n assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n assert_1.default(await new Promise((resolve) => {\n fs_1.default.access(localFile, fs_1.default.constants.R_OK, (err) => {\n resolve(err === null);\n });\n }), `localFile does not exist at ${localFile}`);\n const sftp = givenSftp || (await this.requestSFTP());\n const putFile = (retry) => {\n return new Promise((resolve, reject) => {\n sftp.fastPut(localFile, unixifyPath(remoteFile), transferOptions || {}, (err) => {\n if (err == null) {\n resolve();\n return;\n }\n if (err.message === 'No such file' && retry) {\n resolve(this.mkdir(path_1.default.dirname(remoteFile), 'sftp', sftp).then(() => putFile(false)));\n }\n else {\n reject(err);\n }\n });\n });\n };\n try {\n await putFile(true);\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async putFiles(files, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {} } = {}) {\n assert_1.default(Array.isArray(files), 'files must be an array');\n for (let i = 0, { length } = files; i < length; i += 1) {\n const file = files[i];\n assert_1.default(file, 'files items must be valid objects');\n assert_1.default(file.local && typeof file.local === 'string', `files[${i}].local must be a string`);\n assert_1.default(file.remote && typeof file.remote === 'string', `files[${i}].remote must be a string`);\n }\n const transferred = [];\n const sftp = givenSftp || (await this.requestSFTP());\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n try {\n await new Promise((resolve, reject) => {\n files.forEach((file) => {\n queue\n .add(async () => {\n await this.putFile(file.local, file.remote, sftp, transferOptions);\n transferred.push(file);\n })\n .catch(reject);\n });\n queue.waitTillIdle().then(resolve);\n });\n }\n catch (error) {\n if (error != null) {\n error.transferred = transferred;\n }\n throw error;\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async putDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n const localDirectoryStat = await new Promise((resolve) => {\n fs_1.default.stat(localDirectory, (err, stat) => {\n resolve(stat || null);\n });\n });\n assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n const sftp = givenSftp || (await this.requestSFTP());\n const scanned = await sb_scandir_1.default(localDirectory, {\n recursive,\n validate,\n });\n const files = scanned.files.map((item) => path_1.default.relative(localDirectory, item));\n const directories = scanned.directories.map((item) => path_1.default.relative(localDirectory, item));\n // Sort shortest to longest\n directories.sort((a, b) => a.length - b.length);\n let failed = false;\n try {\n // Do the directories first.\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n directories.forEach((directory) => {\n queue\n .add(async () => {\n await this.mkdir(path_1.default.join(remoteDirectory, directory), 'sftp', sftp);\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n // and now the files\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n files.forEach((file) => {\n queue\n .add(async () => {\n const localFile = path_1.default.join(localDirectory, file);\n const remoteFile = path_1.default.join(remoteDirectory, file);\n try {\n await this.putFile(localFile, remoteFile, sftp, transferOptions);\n tick(localFile, remoteFile, null);\n }\n catch (_) {\n failed = true;\n tick(localFile, remoteFile, _);\n }\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n return !failed;\n }\n async getDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n const localDirectoryStat = await new Promise((resolve) => {\n fs_1.default.stat(localDirectory, (err, stat) => {\n resolve(stat || null);\n });\n });\n assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n const sftp = givenSftp || (await this.requestSFTP());\n const scanned = await sb_scandir_1.default(remoteDirectory, {\n recursive,\n validate,\n concurrency,\n fileSystem: {\n basename(path) {\n return path_1.default.posix.basename(path);\n },\n join(pathA, pathB) {\n return path_1.default.posix.join(pathA, pathB);\n },\n readdir(path) {\n return new Promise((resolve, reject) => {\n sftp.readdir(path, (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n resolve(res.map((item) => item.filename));\n }\n });\n });\n },\n stat(path) {\n return new Promise((resolve, reject) => {\n sftp.stat(path, (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n resolve(res);\n }\n });\n });\n },\n },\n });\n const files = scanned.files.map((item) => path_1.default.relative(remoteDirectory, item));\n const directories = scanned.directories.map((item) => path_1.default.relative(remoteDirectory, item));\n // Sort shortest to longest\n directories.sort((a, b) => a.length - b.length);\n let failed = false;\n try {\n // Do the directories first.\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n directories.forEach((directory) => {\n queue\n .add(async () => {\n await make_dir_1.default(path_1.default.join(localDirectory, directory));\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n // and now the files\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n files.forEach((file) => {\n queue\n .add(async () => {\n const localFile = path_1.default.join(localDirectory, file);\n const remoteFile = path_1.default.join(remoteDirectory, file);\n try {\n await this.getFile(localFile, remoteFile, sftp, transferOptions);\n tick(localFile, remoteFile, null);\n }\n catch (_) {\n failed = true;\n tick(localFile, remoteFile, _);\n }\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n return !failed;\n }\n dispose() {\n if (this.connection) {\n this.connection.end();\n this.connection = null;\n }\n }\n}\nexports.NodeSSH = NodeSSH;\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nvar PromiseQueue = /** @class */ (function () {\n function PromiseQueue(_a) {\n var _b = (_a === void 0 ? {} : _a).concurrency, concurrency = _b === void 0 ? 1 : _b;\n this.options = { concurrency: concurrency };\n this.running = 0;\n this.queue = [];\n this.idleCallbacks = [];\n }\n PromiseQueue.prototype.clear = function () {\n this.queue = [];\n };\n PromiseQueue.prototype.onIdle = function (callback) {\n var _this = this;\n this.idleCallbacks.push(callback);\n return function () {\n var index = _this.idleCallbacks.indexOf(callback);\n if (index !== -1) {\n _this.idleCallbacks.splice(index, 1);\n }\n };\n };\n PromiseQueue.prototype.waitTillIdle = function () {\n var _this = this;\n return new Promise(function (resolve) {\n if (_this.running === 0) {\n resolve();\n return;\n }\n var dispose = _this.onIdle(function () {\n dispose();\n resolve();\n });\n });\n };\n PromiseQueue.prototype.add = function (callback) {\n var _this = this;\n return new Promise(function (resolve, reject) {\n var runCallback = function () {\n _this.running += 1;\n try {\n Promise.resolve(callback()).then(function (val) {\n resolve(val);\n _this.processNext();\n }, function (err) {\n reject(err);\n _this.processNext();\n });\n }\n catch (err) {\n reject(err);\n _this.processNext();\n }\n };\n if (_this.running >= _this.options.concurrency) {\n _this.queue.push(runCallback);\n }\n else {\n runCallback();\n }\n });\n };\n // Internal function, don't use\n PromiseQueue.prototype.processNext = function () {\n this.running -= 1;\n var callback = this.queue.shift();\n if (callback) {\n callback();\n }\n else if (this.running === 0) {\n this.idleCallbacks.forEach(function (item) { return item(); });\n }\n };\n return PromiseQueue;\n}());\nexports.PromiseQueue = PromiseQueue;\n","\"use strict\";\n/* @flow */\nvar __assign = (this && this.__assign) || function () {\n __assign = Object.assign || function(t) {\n for (var s, i = 1, n = arguments.length; i < n; i++) {\n s = arguments[i];\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))\n t[p] = s[p];\n }\n return t;\n };\n return __assign.apply(this, arguments);\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nvar __generator = (this && this.__generator) || function (thisArg, body) {\n var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;\n return g = { next: verb(0), \"throw\": verb(1), \"return\": verb(2) }, typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\n function verb(n) { return function (v) { return step([n, v]); }; }\n function step(op) {\n if (f) throw new TypeError(\"Generator is already executing.\");\n while (_) try {\n if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\n if (y = 0, t) op = [op[0] & 2, t.value];\n switch (op[0]) {\n case 0: case 1: t = op; break;\n case 4: _.label++; return { value: op[1], done: false };\n case 5: _.label++; y = op[1]; op = [0]; continue;\n case 7: op = _.ops.pop(); _.trys.pop(); continue;\n default:\n if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\n if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\n if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\n if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\n if (t[2]) _.ops.pop();\n _.trys.pop(); continue;\n }\n op = body.call(thisArg, _);\n } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\n if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\n }\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.defaultFilesystem = void 0;\nvar fs_1 = __importDefault(require(\"fs\"));\nvar path_1 = __importDefault(require(\"path\"));\nvar assert_1 = __importDefault(require(\"assert\"));\nvar sb_promise_queue_1 = require(\"sb-promise-queue\");\nexports.defaultFilesystem = {\n join: function (pathA, pathB) {\n return path_1.default.join(pathA, pathB);\n },\n basename: function (path) {\n return path_1.default.basename(path);\n },\n stat: function (path) {\n return new Promise(function (resolve, reject) {\n fs_1.default.stat(path, function (err, res) {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n },\n readdir: function (path) {\n return new Promise(function (resolve, reject) {\n fs_1.default.readdir(path, function (err, res) {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n },\n};\nfunction scanDirectoryInternal(_a) {\n var path = _a.path, recursive = _a.recursive, validate = _a.validate, result = _a.result, fileSystem = _a.fileSystem, queue = _a.queue, reject = _a.reject;\n return __awaiter(this, void 0, void 0, function () {\n var itemStat, contents;\n return __generator(this, function (_b) {\n switch (_b.label) {\n case 0: return [4 /*yield*/, fileSystem.stat(path)];\n case 1:\n itemStat = _b.sent();\n if (itemStat.isFile()) {\n result.files.push(path);\n }\n else if (itemStat.isDirectory()) {\n result.directories.push(path);\n }\n if (!itemStat.isDirectory() || recursive === 'none') {\n return [2 /*return*/];\n }\n return [4 /*yield*/, fileSystem.readdir(path)];\n case 2:\n contents = _b.sent();\n contents.forEach(function (item) {\n var itemPath = fileSystem.join(path, item);\n if (!validate(itemPath)) {\n return;\n }\n queue\n .add(function () {\n return scanDirectoryInternal({\n path: itemPath,\n recursive: recursive === 'shallow' ? 'none' : 'deep',\n validate: validate,\n result: result,\n fileSystem: fileSystem,\n queue: queue,\n reject: reject,\n });\n })\n .catch(reject);\n });\n return [2 /*return*/];\n }\n });\n });\n}\nfunction scanDirectory(path, _a) {\n var _b = _a === void 0 ? {} : _a, _c = _b.recursive, recursive = _c === void 0 ? true : _c, _d = _b.validate, validate = _d === void 0 ? null : _d, _e = _b.concurrency, concurrency = _e === void 0 ? Infinity : _e, _f = _b.fileSystem, fileSystem = _f === void 0 ? exports.defaultFilesystem : _f;\n return __awaiter(this, void 0, void 0, function () {\n var queue, result, mergedFileSystem;\n return __generator(this, function (_g) {\n switch (_g.label) {\n case 0:\n assert_1.default(path && typeof path === 'string', 'path must be a valid string');\n assert_1.default(typeof recursive === 'boolean', 'options.recursive must be a valid boolean');\n assert_1.default(validate === null || typeof validate === 'function', 'options.validate must be a valid function');\n assert_1.default(typeof concurrency === 'number', 'options.concurrency must be a valid number');\n assert_1.default(fileSystem !== null && typeof fileSystem === 'object', 'options.fileSystem must be a valid object');\n queue = new sb_promise_queue_1.PromiseQueue({\n concurrency: concurrency,\n });\n result = { files: [], directories: [] };\n mergedFileSystem = __assign(__assign({}, exports.defaultFilesystem), fileSystem);\n return [4 /*yield*/, new Promise(function (resolve, reject) {\n scanDirectoryInternal({\n path: path,\n recursive: recursive ? 'deep' : 'shallow',\n validate: validate != null ? validate : function (item) { return mergedFileSystem.basename(item).slice(0, 1) !== '.'; },\n result: result,\n fileSystem: mergedFileSystem,\n queue: queue,\n reject: reject,\n })\n .then(function () { return queue.waitTillIdle(); })\n .then(resolve, reject);\n })];\n case 1:\n _g.sent();\n return [2 /*return*/, result];\n }\n });\n });\n}\nexports.default = scanDirectory;\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\tvar threw = true;\n\ttry {\n\t\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\t\tthrew = false;\n\t} finally {\n\t\tif(threw) delete __webpack_module_cache__[moduleId];\n\t}\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nif (typeof __webpack_require__ !== 'undefined') __webpack_require__.ab = __dirname + \"/\";","","// startup\n// Load entry module and return exports\n// This entry module is referenced by other modules so it can't be inlined\nvar __webpack_exports__ = __webpack_require__(4822);\n",""],"names":[],"sourceRoot":""} \ No newline at end of file +{"version":3,"file":"index.js","mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACTA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/HA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1XA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1RA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACnHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChuBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC7FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/NA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;ACvTA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACrQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACnCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5TA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3iBA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1mDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtSA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuKA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkDA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/nEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACrkBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvlEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn9HA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACjkDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACpwCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn3DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC38CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9PA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn2CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn1EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACxDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1PA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACrNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3NA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3GA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChYA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/OA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACrHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACzMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACxaA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACpZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9sBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACz1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvuBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7mBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7LA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACpHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACjMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjRA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvOA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACrXA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtXA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1HA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACpBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACrRA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9MA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9WA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtaA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC11BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvJA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACXA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvLA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5TA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACzRA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7YA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/dA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACpCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3HA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvuBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7HA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACzdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3PA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9qBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/tEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5gCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACRA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/lDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtrBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjSA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvVA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACTA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtYA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClXA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACxUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACrHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1aA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACXA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC3kBA;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9tBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;;;;;;;AC5KA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AC7BA;AACA;;;;AEDA;AACA;AACA;AACA","sources":[".././lib/index.js",".././lib/keyboard.js",".././node_modules/@actions/core/lib/command.js",".././node_modules/@actions/core/lib/core.js",".././node_modules/@actions/core/lib/file-command.js",".././node_modules/@actions/core/lib/oidc-utils.js",".././node_modules/@actions/core/lib/path-utils.js",".././node_modules/@actions/core/lib/platform.js",".././node_modules/@actions/core/lib/summary.js",".././node_modules/@actions/core/lib/utils.js",".././node_modules/@actions/exec/lib/exec.js",".././node_modules/@actions/exec/lib/toolrunner.js",".././node_modules/@actions/http-client/lib/auth.js",".././node_modules/@actions/http-client/lib/index.js",".././node_modules/@actions/http-client/lib/proxy.js",".././node_modules/@actions/io/lib/io-util.js",".././node_modules/@actions/io/lib/io.js",".././node_modules/asn1/lib/ber/errors.js",".././node_modules/asn1/lib/ber/index.js",".././node_modules/asn1/lib/ber/reader.js",".././node_modules/asn1/lib/ber/types.js",".././node_modules/asn1/lib/ber/writer.js",".././node_modules/asn1/lib/index.js",".././node_modules/bcrypt-pbkdf/index.js",".././node_modules/cpu-features/lib/index.js",".././node_modules/is-stream/index.js",".././node_modules/make-dir/index.js",".././node_modules/safer-buffer/safer.js",".././node_modules/semver/semver.js",".././node_modules/shell-escape/shell-escape.js",".././node_modules/ssh2/lib/Channel.js",".././node_modules/ssh2/lib/agent.js",".././node_modules/ssh2/lib/client.js",".././node_modules/ssh2/lib/http-agents.js",".././node_modules/ssh2/lib/index.js",".././node_modules/ssh2/lib/keygen.js",".././node_modules/ssh2/lib/protocol/Protocol.js",".././node_modules/ssh2/lib/protocol/SFTP.js",".././node_modules/ssh2/lib/protocol/constants.js",".././node_modules/ssh2/lib/protocol/crypto.js",".././node_modules/ssh2/lib/protocol/crypto/poly1305.js",".././node_modules/ssh2/lib/protocol/handlers.js",".././node_modules/ssh2/lib/protocol/handlers.misc.js",".././node_modules/ssh2/lib/protocol/kex.js",".././node_modules/ssh2/lib/protocol/keyParser.js",".././node_modules/ssh2/lib/protocol/node-fs-compat.js",".././node_modules/ssh2/lib/protocol/utils.js",".././node_modules/ssh2/lib/protocol/zlib.js",".././node_modules/ssh2/lib/server.js",".././node_modules/ssh2/lib/utils.js",".././node_modules/tunnel/index.js",".././node_modules/tunnel/lib/tunnel.js",".././node_modules/tweetnacl/nacl-fast.js",".././node_modules/undici/index.js",".././node_modules/undici/lib/api/abort-signal.js",".././node_modules/undici/lib/api/api-connect.js",".././node_modules/undici/lib/api/api-pipeline.js",".././node_modules/undici/lib/api/api-request.js",".././node_modules/undici/lib/api/api-stream.js",".././node_modules/undici/lib/api/api-upgrade.js",".././node_modules/undici/lib/api/index.js",".././node_modules/undici/lib/api/readable.js",".././node_modules/undici/lib/api/util.js",".././node_modules/undici/lib/core/connect.js",".././node_modules/undici/lib/core/constants.js",".././node_modules/undici/lib/core/diagnostics.js",".././node_modules/undici/lib/core/errors.js",".././node_modules/undici/lib/core/request.js",".././node_modules/undici/lib/core/symbols.js",".././node_modules/undici/lib/core/tree.js",".././node_modules/undici/lib/core/util.js",".././node_modules/undici/lib/dispatcher/agent.js",".././node_modules/undici/lib/dispatcher/balanced-pool.js",".././node_modules/undici/lib/dispatcher/client-h1.js",".././node_modules/undici/lib/dispatcher/client-h2.js",".././node_modules/undici/lib/dispatcher/client.js",".././node_modules/undici/lib/dispatcher/dispatcher-base.js",".././node_modules/undici/lib/dispatcher/dispatcher.js",".././node_modules/undici/lib/dispatcher/env-http-proxy-agent.js",".././node_modules/undici/lib/dispatcher/fixed-queue.js",".././node_modules/undici/lib/dispatcher/pool-base.js",".././node_modules/undici/lib/dispatcher/pool-stats.js",".././node_modules/undici/lib/dispatcher/pool.js",".././node_modules/undici/lib/dispatcher/proxy-agent.js",".././node_modules/undici/lib/dispatcher/retry-agent.js",".././node_modules/undici/lib/global.js",".././node_modules/undici/lib/handler/decorator-handler.js",".././node_modules/undici/lib/handler/redirect-handler.js",".././node_modules/undici/lib/handler/retry-handler.js",".././node_modules/undici/lib/interceptor/dns.js",".././node_modules/undici/lib/interceptor/dump.js",".././node_modules/undici/lib/interceptor/redirect-interceptor.js",".././node_modules/undici/lib/interceptor/redirect.js",".././node_modules/undici/lib/interceptor/retry.js",".././node_modules/undici/lib/llhttp/constants.js",".././node_modules/undici/lib/llhttp/llhttp-wasm.js",".././node_modules/undici/lib/llhttp/llhttp_simd-wasm.js",".././node_modules/undici/lib/llhttp/utils.js",".././node_modules/undici/lib/mock/mock-agent.js",".././node_modules/undici/lib/mock/mock-client.js",".././node_modules/undici/lib/mock/mock-errors.js",".././node_modules/undici/lib/mock/mock-interceptor.js",".././node_modules/undici/lib/mock/mock-pool.js",".././node_modules/undici/lib/mock/mock-symbols.js",".././node_modules/undici/lib/mock/mock-utils.js",".././node_modules/undici/lib/mock/pending-interceptors-formatter.js",".././node_modules/undici/lib/mock/pluralizer.js",".././node_modules/undici/lib/util/timers.js",".././node_modules/undici/lib/web/cache/cache.js",".././node_modules/undici/lib/web/cache/cachestorage.js",".././node_modules/undici/lib/web/cache/symbols.js",".././node_modules/undici/lib/web/cache/util.js",".././node_modules/undici/lib/web/cookies/constants.js",".././node_modules/undici/lib/web/cookies/index.js",".././node_modules/undici/lib/web/cookies/parse.js",".././node_modules/undici/lib/web/cookies/util.js",".././node_modules/undici/lib/web/eventsource/eventsource-stream.js",".././node_modules/undici/lib/web/eventsource/eventsource.js",".././node_modules/undici/lib/web/eventsource/util.js",".././node_modules/undici/lib/web/fetch/body.js",".././node_modules/undici/lib/web/fetch/constants.js",".././node_modules/undici/lib/web/fetch/data-url.js",".././node_modules/undici/lib/web/fetch/dispatcher-weakref.js",".././node_modules/undici/lib/web/fetch/file.js",".././node_modules/undici/lib/web/fetch/formdata-parser.js",".././node_modules/undici/lib/web/fetch/formdata.js",".././node_modules/undici/lib/web/fetch/global.js",".././node_modules/undici/lib/web/fetch/headers.js",".././node_modules/undici/lib/web/fetch/index.js",".././node_modules/undici/lib/web/fetch/request.js",".././node_modules/undici/lib/web/fetch/response.js",".././node_modules/undici/lib/web/fetch/symbols.js",".././node_modules/undici/lib/web/fetch/util.js",".././node_modules/undici/lib/web/fetch/webidl.js",".././node_modules/undici/lib/web/fileapi/encoding.js",".././node_modules/undici/lib/web/fileapi/filereader.js",".././node_modules/undici/lib/web/fileapi/progressevent.js",".././node_modules/undici/lib/web/fileapi/symbols.js",".././node_modules/undici/lib/web/fileapi/util.js",".././node_modules/undici/lib/web/websocket/connection.js",".././node_modules/undici/lib/web/websocket/constants.js",".././node_modules/undici/lib/web/websocket/events.js",".././node_modules/undici/lib/web/websocket/frame.js",".././node_modules/undici/lib/web/websocket/permessage-deflate.js",".././node_modules/undici/lib/web/websocket/receiver.js",".././node_modules/undici/lib/web/websocket/sender.js",".././node_modules/undici/lib/web/websocket/symbols.js",".././node_modules/undici/lib/web/websocket/util.js",".././node_modules/undici/lib/web/websocket/websocket.js",".././node_modules/cpu-features/build/Release/cpufeatures.node",".././node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node","../external node-commonjs \"assert\"","../external node-commonjs \"buffer\"","../external node-commonjs \"child_process\"","../external node-commonjs \"crypto\"","../external node-commonjs \"dns\"","../external node-commonjs \"events\"","../external node-commonjs \"fs\"","../external node-commonjs \"http\"","../external node-commonjs \"https\"","../external node-commonjs \"net\"","../external node-commonjs \"node:assert\"","../external node-commonjs \"node:async_hooks\"","../external node-commonjs \"node:buffer\"","../external node-commonjs \"node:console\"","../external node-commonjs \"node:crypto\"","../external node-commonjs \"node:diagnostics_channel\"","../external node-commonjs \"node:dns\"","../external node-commonjs \"node:events\"","../external node-commonjs \"node:http\"","../external node-commonjs \"node:http2\"","../external node-commonjs \"node:net\"","../external node-commonjs \"node:perf_hooks\"","../external node-commonjs \"node:querystring\"","../external node-commonjs \"node:stream\"","../external node-commonjs \"node:tls\"","../external node-commonjs \"node:url\"","../external node-commonjs \"node:util\"","../external node-commonjs \"node:util/types\"","../external node-commonjs \"node:worker_threads\"","../external node-commonjs \"node:zlib\"","../external node-commonjs \"os\"","../external node-commonjs \"path\"","../external node-commonjs \"stream\"","../external node-commonjs \"string_decoder\"","../external node-commonjs \"timers\"","../external node-commonjs \"tls\"","../external node-commonjs \"util\"","../external node-commonjs \"zlib\"",".././node_modules/node-ssh/lib/cjs/index.js",".././node_modules/sb-promise-queue/lib/cjs/index.js",".././node_modules/sb-scandir/lib/cjs/index.js","../webpack/bootstrap","../webpack/runtime/compat","../webpack/before-startup","../webpack/startup","../webpack/after-startup"],"sourcesContent":["\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nconst core = __importStar(require(\"@actions/core\"));\nconst node_ssh_1 = require(\"node-ssh\");\nconst keyboard_1 = require(\"./keyboard\");\nfunction run() {\n return __awaiter(this, void 0, void 0, function* () {\n const command = core.getInput('command');\n const host = core.getInput('host') || 'localhost';\n const username = core.getInput('username');\n const port = +core.getInput('port') || 22;\n const privateKey = core.getInput('privateKey');\n const password = core.getInput('password');\n const passphrase = core.getInput('passphrase');\n const tryKeyboard = !!core.getInput('tryKeyboard');\n try {\n const ssh = yield connect(host, username, port, privateKey, password, passphrase, tryKeyboard);\n yield executeCommand(ssh, command);\n ssh.dispose();\n }\n catch (err) {\n core.setFailed(err);\n }\n });\n}\nfunction connect() {\n return __awaiter(this, arguments, void 0, function* (host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) {\n const ssh = new node_ssh_1.NodeSSH();\n console.log(`Establishing a SSH connection to ${host}.`);\n try {\n const config = {\n host: host,\n port: port,\n username: username,\n password: password,\n passphrase: passphrase,\n tryKeyboard: tryKeyboard,\n onKeyboardInteractive: tryKeyboard ? (0, keyboard_1.keyboardFunction)(password) : null\n };\n if (privateKey) {\n console.log('using provided private key');\n config.privateKey = privateKey;\n }\n yield ssh.connect(config);\n console.log(`🤝 Connected to ${host}.`);\n }\n catch (err) {\n console.error(`⚠️ The GitHub Action couldn't connect to ${host}.`, err);\n core.setFailed(err.message);\n }\n return ssh;\n });\n}\nfunction executeCommand(ssh, command) {\n return __awaiter(this, void 0, void 0, function* () {\n var _a;\n console.log(`Executing command: ${command}`);\n try {\n const { code } = yield ssh.exec(command, [], {\n stream: 'both',\n onStdout(chunk) {\n console.log(chunk.toString('utf8'));\n },\n onStderr(chunk) {\n console.log(chunk.toString('utf8'));\n }\n });\n if (code > 0) {\n throw Error(`Command exited with code ${code}`);\n }\n console.log('✅ SSH Action finished.');\n if (ssh.isConnected()) {\n ssh.dispose();\n }\n }\n catch (err) {\n console.error(`⚠️ An error happened executing command ${command}.`, (_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err);\n core.setFailed(err.message);\n process.abort();\n }\n });\n}\nprocess.on('uncaughtException', (err) => {\n if (err['code'] !== 'ECONNRESET')\n throw err;\n});\nrun();\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.keyboardFunction = void 0;\nconst keyboardFunction = password => (name, instructions, instructionsLang, prompts, finish) => {\n if (prompts.length > 0 &&\n prompts[0].prompt.toLowerCase().includes(\"password\")) {\n finish([password]);\n }\n};\nexports.keyboardFunction = keyboardFunction;\n","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.issueCommand = issueCommand;\nexports.issue = issue;\nconst os = __importStar(require(\"os\"));\nconst utils_1 = require(\"./utils\");\n/**\n * Issues a command to the GitHub Actions runner\n *\n * @param command - The command name to issue\n * @param properties - Additional properties for the command (key-value pairs)\n * @param message - The message to include with the command\n * @remarks\n * This function outputs a specially formatted string to stdout that the Actions\n * runner interprets as a command. These commands can control workflow behavior,\n * set outputs, create annotations, mask values, and more.\n *\n * Command Format:\n * ::name key=value,key=value::message\n *\n * @example\n * ```typescript\n * // Issue a warning annotation\n * issueCommand('warning', {}, 'This is a warning message');\n * // Output: ::warning::This is a warning message\n *\n * // Set an environment variable\n * issueCommand('set-env', { name: 'MY_VAR' }, 'some value');\n * // Output: ::set-env name=MY_VAR::some value\n *\n * // Add a secret mask\n * issueCommand('add-mask', {}, 'secretValue123');\n * // Output: ::add-mask::secretValue123\n * ```\n *\n * @internal\n * This is an internal utility function that powers the public API functions\n * such as setSecret, warning, error, and exportVariable.\n */\nfunction issueCommand(command, properties, message) {\n const cmd = new Command(command, properties, message);\n process.stdout.write(cmd.toString() + os.EOL);\n}\nfunction issue(name, message = '') {\n issueCommand(name, {}, message);\n}\nconst CMD_STRING = '::';\nclass Command {\n constructor(command, properties, message) {\n if (!command) {\n command = 'missing.command';\n }\n this.command = command;\n this.properties = properties;\n this.message = message;\n }\n toString() {\n let cmdStr = CMD_STRING + this.command;\n if (this.properties && Object.keys(this.properties).length > 0) {\n cmdStr += ' ';\n let first = true;\n for (const key in this.properties) {\n if (this.properties.hasOwnProperty(key)) {\n const val = this.properties[key];\n if (val) {\n if (first) {\n first = false;\n }\n else {\n cmdStr += ',';\n }\n cmdStr += `${key}=${escapeProperty(val)}`;\n }\n }\n }\n }\n cmdStr += `${CMD_STRING}${escapeData(this.message)}`;\n return cmdStr;\n }\n}\nfunction escapeData(s) {\n return (0, utils_1.toCommandValue)(s)\n .replace(/%/g, '%25')\n .replace(/\\r/g, '%0D')\n .replace(/\\n/g, '%0A');\n}\nfunction escapeProperty(s) {\n return (0, utils_1.toCommandValue)(s)\n .replace(/%/g, '%25')\n .replace(/\\r/g, '%0D')\n .replace(/\\n/g, '%0A')\n .replace(/:/g, '%3A')\n .replace(/,/g, '%2C');\n}\n//# sourceMappingURL=command.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.platform = exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = exports.markdownSummary = exports.summary = exports.ExitCode = void 0;\nexports.exportVariable = exportVariable;\nexports.setSecret = setSecret;\nexports.addPath = addPath;\nexports.getInput = getInput;\nexports.getMultilineInput = getMultilineInput;\nexports.getBooleanInput = getBooleanInput;\nexports.setOutput = setOutput;\nexports.setCommandEcho = setCommandEcho;\nexports.setFailed = setFailed;\nexports.isDebug = isDebug;\nexports.debug = debug;\nexports.error = error;\nexports.warning = warning;\nexports.notice = notice;\nexports.info = info;\nexports.startGroup = startGroup;\nexports.endGroup = endGroup;\nexports.group = group;\nexports.saveState = saveState;\nexports.getState = getState;\nexports.getIDToken = getIDToken;\nconst command_1 = require(\"./command\");\nconst file_command_1 = require(\"./file-command\");\nconst utils_1 = require(\"./utils\");\nconst os = __importStar(require(\"os\"));\nconst path = __importStar(require(\"path\"));\nconst oidc_utils_1 = require(\"./oidc-utils\");\n/**\n * The code to exit an action\n */\nvar ExitCode;\n(function (ExitCode) {\n /**\n * A code indicating that the action was successful\n */\n ExitCode[ExitCode[\"Success\"] = 0] = \"Success\";\n /**\n * A code indicating that the action was a failure\n */\n ExitCode[ExitCode[\"Failure\"] = 1] = \"Failure\";\n})(ExitCode || (exports.ExitCode = ExitCode = {}));\n//-----------------------------------------------------------------------\n// Variables\n//-----------------------------------------------------------------------\n/**\n * Sets env variable for this action and future actions in the job\n * @param name the name of the variable to set\n * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction exportVariable(name, val) {\n const convertedVal = (0, utils_1.toCommandValue)(val);\n process.env[name] = convertedVal;\n const filePath = process.env['GITHUB_ENV'] || '';\n if (filePath) {\n return (0, file_command_1.issueFileCommand)('ENV', (0, file_command_1.prepareKeyValueMessage)(name, val));\n }\n (0, command_1.issueCommand)('set-env', { name }, convertedVal);\n}\n/**\n * Registers a secret which will get masked from logs\n *\n * @param secret - Value of the secret to be masked\n * @remarks\n * This function instructs the Actions runner to mask the specified value in any\n * logs produced during the workflow run. Once registered, the secret value will\n * be replaced with asterisks (***) whenever it appears in console output, logs,\n * or error messages.\n *\n * This is useful for protecting sensitive information such as:\n * - API keys\n * - Access tokens\n * - Authentication credentials\n * - URL parameters containing signatures (SAS tokens)\n *\n * Note that masking only affects future logs; any previous appearances of the\n * secret in logs before calling this function will remain unmasked.\n *\n * @example\n * ```typescript\n * // Register an API token as a secret\n * const apiToken = \"abc123xyz456\";\n * setSecret(apiToken);\n *\n * // Now any logs containing this value will show *** instead\n * console.log(`Using token: ${apiToken}`); // Outputs: \"Using token: ***\"\n * ```\n */\nfunction setSecret(secret) {\n (0, command_1.issueCommand)('add-mask', {}, secret);\n}\n/**\n * Prepends inputPath to the PATH (for this action and future actions)\n * @param inputPath\n */\nfunction addPath(inputPath) {\n const filePath = process.env['GITHUB_PATH'] || '';\n if (filePath) {\n (0, file_command_1.issueFileCommand)('PATH', inputPath);\n }\n else {\n (0, command_1.issueCommand)('add-path', {}, inputPath);\n }\n process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;\n}\n/**\n * Gets the value of an input.\n * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed.\n * Returns an empty string if the value is not defined.\n *\n * @param name name of the input to get\n * @param options optional. See InputOptions.\n * @returns string\n */\nfunction getInput(name, options) {\n const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || '';\n if (options && options.required && !val) {\n throw new Error(`Input required and not supplied: ${name}`);\n }\n if (options && options.trimWhitespace === false) {\n return val;\n }\n return val.trim();\n}\n/**\n * Gets the values of an multiline input. Each value is also trimmed.\n *\n * @param name name of the input to get\n * @param options optional. See InputOptions.\n * @returns string[]\n *\n */\nfunction getMultilineInput(name, options) {\n const inputs = getInput(name, options)\n .split('\\n')\n .filter(x => x !== '');\n if (options && options.trimWhitespace === false) {\n return inputs;\n }\n return inputs.map(input => input.trim());\n}\n/**\n * Gets the input value of the boolean type in the YAML 1.2 \"core schema\" specification.\n * Support boolean input list: `true | True | TRUE | false | False | FALSE` .\n * The return value is also in boolean type.\n * ref: https://yaml.org/spec/1.2/spec.html#id2804923\n *\n * @param name name of the input to get\n * @param options optional. See InputOptions.\n * @returns boolean\n */\nfunction getBooleanInput(name, options) {\n const trueValue = ['true', 'True', 'TRUE'];\n const falseValue = ['false', 'False', 'FALSE'];\n const val = getInput(name, options);\n if (trueValue.includes(val))\n return true;\n if (falseValue.includes(val))\n return false;\n throw new TypeError(`Input does not meet YAML 1.2 \"Core Schema\" specification: ${name}\\n` +\n `Support boolean input list: \\`true | True | TRUE | false | False | FALSE\\``);\n}\n/**\n * Sets the value of an output.\n *\n * @param name name of the output to set\n * @param value value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction setOutput(name, value) {\n const filePath = process.env['GITHUB_OUTPUT'] || '';\n if (filePath) {\n return (0, file_command_1.issueFileCommand)('OUTPUT', (0, file_command_1.prepareKeyValueMessage)(name, value));\n }\n process.stdout.write(os.EOL);\n (0, command_1.issueCommand)('set-output', { name }, (0, utils_1.toCommandValue)(value));\n}\n/**\n * Enables or disables the echoing of commands into stdout for the rest of the step.\n * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.\n *\n */\nfunction setCommandEcho(enabled) {\n (0, command_1.issue)('echo', enabled ? 'on' : 'off');\n}\n//-----------------------------------------------------------------------\n// Results\n//-----------------------------------------------------------------------\n/**\n * Sets the action status to failed.\n * When the action exits it will be with an exit code of 1\n * @param message add error issue message\n */\nfunction setFailed(message) {\n process.exitCode = ExitCode.Failure;\n error(message);\n}\n//-----------------------------------------------------------------------\n// Logging Commands\n//-----------------------------------------------------------------------\n/**\n * Gets whether Actions Step Debug is on or not\n */\nfunction isDebug() {\n return process.env['RUNNER_DEBUG'] === '1';\n}\n/**\n * Writes debug message to user log\n * @param message debug message\n */\nfunction debug(message) {\n (0, command_1.issueCommand)('debug', {}, message);\n}\n/**\n * Adds an error issue\n * @param message error issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction error(message, properties = {}) {\n (0, command_1.issueCommand)('error', (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message);\n}\n/**\n * Adds a warning issue\n * @param message warning issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction warning(message, properties = {}) {\n (0, command_1.issueCommand)('warning', (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message);\n}\n/**\n * Adds a notice issue\n * @param message notice issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction notice(message, properties = {}) {\n (0, command_1.issueCommand)('notice', (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message);\n}\n/**\n * Writes info to log with console.log.\n * @param message info message\n */\nfunction info(message) {\n process.stdout.write(message + os.EOL);\n}\n/**\n * Begin an output group.\n *\n * Output until the next `groupEnd` will be foldable in this group\n *\n * @param name The name of the output group\n */\nfunction startGroup(name) {\n (0, command_1.issue)('group', name);\n}\n/**\n * End an output group.\n */\nfunction endGroup() {\n (0, command_1.issue)('endgroup');\n}\n/**\n * Wrap an asynchronous function call in a group.\n *\n * Returns the same type as the function itself.\n *\n * @param name The name of the group\n * @param fn The function to wrap in the group\n */\nfunction group(name, fn) {\n return __awaiter(this, void 0, void 0, function* () {\n startGroup(name);\n let result;\n try {\n result = yield fn();\n }\n finally {\n endGroup();\n }\n return result;\n });\n}\n//-----------------------------------------------------------------------\n// Wrapper action state\n//-----------------------------------------------------------------------\n/**\n * Saves state for current action, the state can only be retrieved by this action's post job execution.\n *\n * @param name name of the state to store\n * @param value value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction saveState(name, value) {\n const filePath = process.env['GITHUB_STATE'] || '';\n if (filePath) {\n return (0, file_command_1.issueFileCommand)('STATE', (0, file_command_1.prepareKeyValueMessage)(name, value));\n }\n (0, command_1.issueCommand)('save-state', { name }, (0, utils_1.toCommandValue)(value));\n}\n/**\n * Gets the value of an state set by this action's main execution.\n *\n * @param name name of the state to get\n * @returns string\n */\nfunction getState(name) {\n return process.env[`STATE_${name}`] || '';\n}\nfunction getIDToken(aud) {\n return __awaiter(this, void 0, void 0, function* () {\n return yield oidc_utils_1.OidcClient.getIDToken(aud);\n });\n}\n/**\n * Summary exports\n */\nvar summary_1 = require(\"./summary\");\nObject.defineProperty(exports, \"summary\", { enumerable: true, get: function () { return summary_1.summary; } });\n/**\n * @deprecated use core.summary\n */\nvar summary_2 = require(\"./summary\");\nObject.defineProperty(exports, \"markdownSummary\", { enumerable: true, get: function () { return summary_2.markdownSummary; } });\n/**\n * Path exports\n */\nvar path_utils_1 = require(\"./path-utils\");\nObject.defineProperty(exports, \"toPosixPath\", { enumerable: true, get: function () { return path_utils_1.toPosixPath; } });\nObject.defineProperty(exports, \"toWin32Path\", { enumerable: true, get: function () { return path_utils_1.toWin32Path; } });\nObject.defineProperty(exports, \"toPlatformPath\", { enumerable: true, get: function () { return path_utils_1.toPlatformPath; } });\n/**\n * Platform utilities exports\n */\nexports.platform = __importStar(require(\"./platform\"));\n//# sourceMappingURL=core.js.map","\"use strict\";\n// For internal use, subject to change.\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.issueFileCommand = issueFileCommand;\nexports.prepareKeyValueMessage = prepareKeyValueMessage;\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nconst crypto = __importStar(require(\"crypto\"));\nconst fs = __importStar(require(\"fs\"));\nconst os = __importStar(require(\"os\"));\nconst utils_1 = require(\"./utils\");\nfunction issueFileCommand(command, message) {\n const filePath = process.env[`GITHUB_${command}`];\n if (!filePath) {\n throw new Error(`Unable to find environment variable for file command ${command}`);\n }\n if (!fs.existsSync(filePath)) {\n throw new Error(`Missing file at path: ${filePath}`);\n }\n fs.appendFileSync(filePath, `${(0, utils_1.toCommandValue)(message)}${os.EOL}`, {\n encoding: 'utf8'\n });\n}\nfunction prepareKeyValueMessage(key, value) {\n const delimiter = `ghadelimiter_${crypto.randomUUID()}`;\n const convertedValue = (0, utils_1.toCommandValue)(value);\n // These should realistically never happen, but just in case someone finds a\n // way to exploit uuid generation let's not allow keys or values that contain\n // the delimiter.\n if (key.includes(delimiter)) {\n throw new Error(`Unexpected input: name should not contain the delimiter \"${delimiter}\"`);\n }\n if (convertedValue.includes(delimiter)) {\n throw new Error(`Unexpected input: value should not contain the delimiter \"${delimiter}\"`);\n }\n return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`;\n}\n//# sourceMappingURL=file-command.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.OidcClient = void 0;\nconst http_client_1 = require(\"@actions/http-client\");\nconst auth_1 = require(\"@actions/http-client/lib/auth\");\nconst core_1 = require(\"./core\");\nclass OidcClient {\n static createHttpClient(allowRetry = true, maxRetry = 10) {\n const requestOptions = {\n allowRetries: allowRetry,\n maxRetries: maxRetry\n };\n return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions);\n }\n static getRequestToken() {\n const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'];\n if (!token) {\n throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable');\n }\n return token;\n }\n static getIDTokenUrl() {\n const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL'];\n if (!runtimeUrl) {\n throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable');\n }\n return runtimeUrl;\n }\n static getCall(id_token_url) {\n return __awaiter(this, void 0, void 0, function* () {\n var _a;\n const httpclient = OidcClient.createHttpClient();\n const res = yield httpclient\n .getJson(id_token_url)\n .catch(error => {\n throw new Error(`Failed to get ID Token. \\n \n Error Code : ${error.statusCode}\\n \n Error Message: ${error.message}`);\n });\n const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;\n if (!id_token) {\n throw new Error('Response json body do not have ID Token field');\n }\n return id_token;\n });\n }\n static getIDToken(audience) {\n return __awaiter(this, void 0, void 0, function* () {\n try {\n // New ID Token is requested from action service\n let id_token_url = OidcClient.getIDTokenUrl();\n if (audience) {\n const encodedAudience = encodeURIComponent(audience);\n id_token_url = `${id_token_url}&audience=${encodedAudience}`;\n }\n (0, core_1.debug)(`ID token url is ${id_token_url}`);\n const id_token = yield OidcClient.getCall(id_token_url);\n (0, core_1.setSecret)(id_token);\n return id_token;\n }\n catch (error) {\n throw new Error(`Error message: ${error.message}`);\n }\n });\n }\n}\nexports.OidcClient = OidcClient;\n//# sourceMappingURL=oidc-utils.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toPosixPath = toPosixPath;\nexports.toWin32Path = toWin32Path;\nexports.toPlatformPath = toPlatformPath;\nconst path = __importStar(require(\"path\"));\n/**\n * toPosixPath converts the given path to the posix form. On Windows, \\\\ will be\n * replaced with /.\n *\n * @param pth. Path to transform.\n * @return string Posix path.\n */\nfunction toPosixPath(pth) {\n return pth.replace(/[\\\\]/g, '/');\n}\n/**\n * toWin32Path converts the given path to the win32 form. On Linux, / will be\n * replaced with \\\\.\n *\n * @param pth. Path to transform.\n * @return string Win32 path.\n */\nfunction toWin32Path(pth) {\n return pth.replace(/[/]/g, '\\\\');\n}\n/**\n * toPlatformPath converts the given path to a platform-specific path. It does\n * this by replacing instances of / and \\ with the platform-specific path\n * separator.\n *\n * @param pth The path to platformize.\n * @return string The platform-specific path.\n */\nfunction toPlatformPath(pth) {\n return pth.replace(/[/\\\\]/g, path.sep);\n}\n//# sourceMappingURL=path-utils.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.isLinux = exports.isMacOS = exports.isWindows = exports.arch = exports.platform = void 0;\nexports.getDetails = getDetails;\nconst os_1 = __importDefault(require(\"os\"));\nconst exec = __importStar(require(\"@actions/exec\"));\nconst getWindowsInfo = () => __awaiter(void 0, void 0, void 0, function* () {\n const { stdout: version } = yield exec.getExecOutput('powershell -command \"(Get-CimInstance -ClassName Win32_OperatingSystem).Version\"', undefined, {\n silent: true\n });\n const { stdout: name } = yield exec.getExecOutput('powershell -command \"(Get-CimInstance -ClassName Win32_OperatingSystem).Caption\"', undefined, {\n silent: true\n });\n return {\n name: name.trim(),\n version: version.trim()\n };\n});\nconst getMacOsInfo = () => __awaiter(void 0, void 0, void 0, function* () {\n var _a, _b, _c, _d;\n const { stdout } = yield exec.getExecOutput('sw_vers', undefined, {\n silent: true\n });\n const version = (_b = (_a = stdout.match(/ProductVersion:\\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : '';\n const name = (_d = (_c = stdout.match(/ProductName:\\s*(.+)/)) === null || _c === void 0 ? void 0 : _c[1]) !== null && _d !== void 0 ? _d : '';\n return {\n name,\n version\n };\n});\nconst getLinuxInfo = () => __awaiter(void 0, void 0, void 0, function* () {\n const { stdout } = yield exec.getExecOutput('lsb_release', ['-i', '-r', '-s'], {\n silent: true\n });\n const [name, version] = stdout.trim().split('\\n');\n return {\n name,\n version\n };\n});\nexports.platform = os_1.default.platform();\nexports.arch = os_1.default.arch();\nexports.isWindows = exports.platform === 'win32';\nexports.isMacOS = exports.platform === 'darwin';\nexports.isLinux = exports.platform === 'linux';\nfunction getDetails() {\n return __awaiter(this, void 0, void 0, function* () {\n return Object.assign(Object.assign({}, (yield (exports.isWindows\n ? getWindowsInfo()\n : exports.isMacOS\n ? getMacOsInfo()\n : getLinuxInfo()))), { platform: exports.platform,\n arch: exports.arch,\n isWindows: exports.isWindows,\n isMacOS: exports.isMacOS,\n isLinux: exports.isLinux });\n });\n}\n//# sourceMappingURL=platform.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0;\nconst os_1 = require(\"os\");\nconst fs_1 = require(\"fs\");\nconst { access, appendFile, writeFile } = fs_1.promises;\nexports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY';\nexports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary';\nclass Summary {\n constructor() {\n this._buffer = '';\n }\n /**\n * Finds the summary file path from the environment, rejects if env var is not found or file does not exist\n * Also checks r/w permissions.\n *\n * @returns step summary file path\n */\n filePath() {\n return __awaiter(this, void 0, void 0, function* () {\n if (this._filePath) {\n return this._filePath;\n }\n const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR];\n if (!pathFromEnv) {\n throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`);\n }\n try {\n yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK);\n }\n catch (_a) {\n throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`);\n }\n this._filePath = pathFromEnv;\n return this._filePath;\n });\n }\n /**\n * Wraps content in an HTML tag, adding any HTML attributes\n *\n * @param {string} tag HTML tag to wrap\n * @param {string | null} content content within the tag\n * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add\n *\n * @returns {string} content wrapped in HTML element\n */\n wrap(tag, content, attrs = {}) {\n const htmlAttrs = Object.entries(attrs)\n .map(([key, value]) => ` ${key}=\"${value}\"`)\n .join('');\n if (!content) {\n return `<${tag}${htmlAttrs}>`;\n }\n return `<${tag}${htmlAttrs}>${content}`;\n }\n /**\n * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default.\n *\n * @param {SummaryWriteOptions} [options] (optional) options for write operation\n *\n * @returns {Promise} summary instance\n */\n write(options) {\n return __awaiter(this, void 0, void 0, function* () {\n const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);\n const filePath = yield this.filePath();\n const writeFunc = overwrite ? writeFile : appendFile;\n yield writeFunc(filePath, this._buffer, { encoding: 'utf8' });\n return this.emptyBuffer();\n });\n }\n /**\n * Clears the summary buffer and wipes the summary file\n *\n * @returns {Summary} summary instance\n */\n clear() {\n return __awaiter(this, void 0, void 0, function* () {\n return this.emptyBuffer().write({ overwrite: true });\n });\n }\n /**\n * Returns the current summary buffer as a string\n *\n * @returns {string} string of summary buffer\n */\n stringify() {\n return this._buffer;\n }\n /**\n * If the summary buffer is empty\n *\n * @returns {boolen} true if the buffer is empty\n */\n isEmptyBuffer() {\n return this._buffer.length === 0;\n }\n /**\n * Resets the summary buffer without writing to summary file\n *\n * @returns {Summary} summary instance\n */\n emptyBuffer() {\n this._buffer = '';\n return this;\n }\n /**\n * Adds raw text to the summary buffer\n *\n * @param {string} text content to add\n * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false)\n *\n * @returns {Summary} summary instance\n */\n addRaw(text, addEOL = false) {\n this._buffer += text;\n return addEOL ? this.addEOL() : this;\n }\n /**\n * Adds the operating system-specific end-of-line marker to the buffer\n *\n * @returns {Summary} summary instance\n */\n addEOL() {\n return this.addRaw(os_1.EOL);\n }\n /**\n * Adds an HTML codeblock to the summary buffer\n *\n * @param {string} code content to render within fenced code block\n * @param {string} lang (optional) language to syntax highlight code\n *\n * @returns {Summary} summary instance\n */\n addCodeBlock(code, lang) {\n const attrs = Object.assign({}, (lang && { lang }));\n const element = this.wrap('pre', this.wrap('code', code), attrs);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML list to the summary buffer\n *\n * @param {string[]} items list of items to render\n * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false)\n *\n * @returns {Summary} summary instance\n */\n addList(items, ordered = false) {\n const tag = ordered ? 'ol' : 'ul';\n const listItems = items.map(item => this.wrap('li', item)).join('');\n const element = this.wrap(tag, listItems);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML table to the summary buffer\n *\n * @param {SummaryTableCell[]} rows table rows\n *\n * @returns {Summary} summary instance\n */\n addTable(rows) {\n const tableBody = rows\n .map(row => {\n const cells = row\n .map(cell => {\n if (typeof cell === 'string') {\n return this.wrap('td', cell);\n }\n const { header, data, colspan, rowspan } = cell;\n const tag = header ? 'th' : 'td';\n const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan }));\n return this.wrap(tag, data, attrs);\n })\n .join('');\n return this.wrap('tr', cells);\n })\n .join('');\n const element = this.wrap('table', tableBody);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds a collapsable HTML details element to the summary buffer\n *\n * @param {string} label text for the closed state\n * @param {string} content collapsable content\n *\n * @returns {Summary} summary instance\n */\n addDetails(label, content) {\n const element = this.wrap('details', this.wrap('summary', label) + content);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML image tag to the summary buffer\n *\n * @param {string} src path to the image you to embed\n * @param {string} alt text description of the image\n * @param {SummaryImageOptions} options (optional) addition image attributes\n *\n * @returns {Summary} summary instance\n */\n addImage(src, alt, options) {\n const { width, height } = options || {};\n const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height }));\n const element = this.wrap('img', null, Object.assign({ src, alt }, attrs));\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML section heading element\n *\n * @param {string} text heading text\n * @param {number | string} [level=1] (optional) the heading level, default: 1\n *\n * @returns {Summary} summary instance\n */\n addHeading(text, level) {\n const tag = `h${level}`;\n const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag)\n ? tag\n : 'h1';\n const element = this.wrap(allowedTag, text);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML thematic break (
) to the summary buffer\n *\n * @returns {Summary} summary instance\n */\n addSeparator() {\n const element = this.wrap('hr', null);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML line break (
) to the summary buffer\n *\n * @returns {Summary} summary instance\n */\n addBreak() {\n const element = this.wrap('br', null);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML blockquote to the summary buffer\n *\n * @param {string} text quote text\n * @param {string} cite (optional) citation url\n *\n * @returns {Summary} summary instance\n */\n addQuote(text, cite) {\n const attrs = Object.assign({}, (cite && { cite }));\n const element = this.wrap('blockquote', text, attrs);\n return this.addRaw(element).addEOL();\n }\n /**\n * Adds an HTML anchor tag to the summary buffer\n *\n * @param {string} text link text/content\n * @param {string} href hyperlink\n *\n * @returns {Summary} summary instance\n */\n addLink(text, href) {\n const element = this.wrap('a', text, { href });\n return this.addRaw(element).addEOL();\n }\n}\nconst _summary = new Summary();\n/**\n * @deprecated use `core.summary`\n */\nexports.markdownSummary = _summary;\nexports.summary = _summary;\n//# sourceMappingURL=summary.js.map","\"use strict\";\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toCommandValue = toCommandValue;\nexports.toCommandProperties = toCommandProperties;\n/**\n * Sanitizes an input into a string so it can be passed into issueCommand safely\n * @param input input to sanitize into a string\n */\nfunction toCommandValue(input) {\n if (input === null || input === undefined) {\n return '';\n }\n else if (typeof input === 'string' || input instanceof String) {\n return input;\n }\n return JSON.stringify(input);\n}\n/**\n *\n * @param annotationProperties\n * @returns The command properties to send with the actual annotation command\n * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646\n */\nfunction toCommandProperties(annotationProperties) {\n if (!Object.keys(annotationProperties).length) {\n return {};\n }\n return {\n title: annotationProperties.title,\n file: annotationProperties.file,\n line: annotationProperties.startLine,\n endLine: annotationProperties.endLine,\n col: annotationProperties.startColumn,\n endColumn: annotationProperties.endColumn\n };\n}\n//# sourceMappingURL=utils.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.exec = exec;\nexports.getExecOutput = getExecOutput;\nconst string_decoder_1 = require(\"string_decoder\");\nconst tr = __importStar(require(\"./toolrunner\"));\n/**\n * Exec a command.\n * Output will be streamed to the live console.\n * Returns promise with return code\n *\n * @param commandLine command to execute (can include additional args). Must be correctly escaped.\n * @param args optional arguments for tool. Escaping is handled by the lib.\n * @param options optional exec options. See ExecOptions\n * @returns Promise exit code\n */\nfunction exec(commandLine, args, options) {\n return __awaiter(this, void 0, void 0, function* () {\n const commandArgs = tr.argStringToArray(commandLine);\n if (commandArgs.length === 0) {\n throw new Error(`Parameter 'commandLine' cannot be null or empty.`);\n }\n // Path to tool to execute should be first arg\n const toolPath = commandArgs[0];\n args = commandArgs.slice(1).concat(args || []);\n const runner = new tr.ToolRunner(toolPath, args, options);\n return runner.exec();\n });\n}\n/**\n * Exec a command and get the output.\n * Output will be streamed to the live console.\n * Returns promise with the exit code and collected stdout and stderr\n *\n * @param commandLine command to execute (can include additional args). Must be correctly escaped.\n * @param args optional arguments for tool. Escaping is handled by the lib.\n * @param options optional exec options. See ExecOptions\n * @returns Promise exit code, stdout, and stderr\n */\nfunction getExecOutput(commandLine, args, options) {\n return __awaiter(this, void 0, void 0, function* () {\n var _a, _b;\n let stdout = '';\n let stderr = '';\n //Using string decoder covers the case where a mult-byte character is split\n const stdoutDecoder = new string_decoder_1.StringDecoder('utf8');\n const stderrDecoder = new string_decoder_1.StringDecoder('utf8');\n const originalStdoutListener = (_a = options === null || options === void 0 ? void 0 : options.listeners) === null || _a === void 0 ? void 0 : _a.stdout;\n const originalStdErrListener = (_b = options === null || options === void 0 ? void 0 : options.listeners) === null || _b === void 0 ? void 0 : _b.stderr;\n const stdErrListener = (data) => {\n stderr += stderrDecoder.write(data);\n if (originalStdErrListener) {\n originalStdErrListener(data);\n }\n };\n const stdOutListener = (data) => {\n stdout += stdoutDecoder.write(data);\n if (originalStdoutListener) {\n originalStdoutListener(data);\n }\n };\n const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener });\n const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners }));\n //flush any remaining characters\n stdout += stdoutDecoder.end();\n stderr += stderrDecoder.end();\n return {\n exitCode,\n stdout,\n stderr\n };\n });\n}\n//# sourceMappingURL=exec.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.ToolRunner = void 0;\nexports.argStringToArray = argStringToArray;\nconst os = __importStar(require(\"os\"));\nconst events = __importStar(require(\"events\"));\nconst child = __importStar(require(\"child_process\"));\nconst path = __importStar(require(\"path\"));\nconst io = __importStar(require(\"@actions/io\"));\nconst ioUtil = __importStar(require(\"@actions/io/lib/io-util\"));\nconst timers_1 = require(\"timers\");\n/* eslint-disable @typescript-eslint/unbound-method */\nconst IS_WINDOWS = process.platform === 'win32';\n/*\n * Class for running command line tools. Handles quoting and arg parsing in a platform agnostic way.\n */\nclass ToolRunner extends events.EventEmitter {\n constructor(toolPath, args, options) {\n super();\n if (!toolPath) {\n throw new Error(\"Parameter 'toolPath' cannot be null or empty.\");\n }\n this.toolPath = toolPath;\n this.args = args || [];\n this.options = options || {};\n }\n _debug(message) {\n if (this.options.listeners && this.options.listeners.debug) {\n this.options.listeners.debug(message);\n }\n }\n _getCommandString(options, noPrefix) {\n const toolPath = this._getSpawnFileName();\n const args = this._getSpawnArgs(options);\n let cmd = noPrefix ? '' : '[command]'; // omit prefix when piped to a second tool\n if (IS_WINDOWS) {\n // Windows + cmd file\n if (this._isCmdFile()) {\n cmd += toolPath;\n for (const a of args) {\n cmd += ` ${a}`;\n }\n }\n // Windows + verbatim\n else if (options.windowsVerbatimArguments) {\n cmd += `\"${toolPath}\"`;\n for (const a of args) {\n cmd += ` ${a}`;\n }\n }\n // Windows (regular)\n else {\n cmd += this._windowsQuoteCmdArg(toolPath);\n for (const a of args) {\n cmd += ` ${this._windowsQuoteCmdArg(a)}`;\n }\n }\n }\n else {\n // OSX/Linux - this can likely be improved with some form of quoting.\n // creating processes on Unix is fundamentally different than Windows.\n // on Unix, execvp() takes an arg array.\n cmd += toolPath;\n for (const a of args) {\n cmd += ` ${a}`;\n }\n }\n return cmd;\n }\n _processLineBuffer(data, strBuffer, onLine) {\n try {\n let s = strBuffer + data.toString();\n let n = s.indexOf(os.EOL);\n while (n > -1) {\n const line = s.substring(0, n);\n onLine(line);\n // the rest of the string ...\n s = s.substring(n + os.EOL.length);\n n = s.indexOf(os.EOL);\n }\n return s;\n }\n catch (err) {\n // streaming lines to console is best effort. Don't fail a build.\n this._debug(`error processing line. Failed with error ${err}`);\n return '';\n }\n }\n _getSpawnFileName() {\n if (IS_WINDOWS) {\n if (this._isCmdFile()) {\n return process.env['COMSPEC'] || 'cmd.exe';\n }\n }\n return this.toolPath;\n }\n _getSpawnArgs(options) {\n if (IS_WINDOWS) {\n if (this._isCmdFile()) {\n let argline = `/D /S /C \"${this._windowsQuoteCmdArg(this.toolPath)}`;\n for (const a of this.args) {\n argline += ' ';\n argline += options.windowsVerbatimArguments\n ? a\n : this._windowsQuoteCmdArg(a);\n }\n argline += '\"';\n return [argline];\n }\n }\n return this.args;\n }\n _endsWith(str, end) {\n return str.endsWith(end);\n }\n _isCmdFile() {\n const upperToolPath = this.toolPath.toUpperCase();\n return (this._endsWith(upperToolPath, '.CMD') ||\n this._endsWith(upperToolPath, '.BAT'));\n }\n _windowsQuoteCmdArg(arg) {\n // for .exe, apply the normal quoting rules that libuv applies\n if (!this._isCmdFile()) {\n return this._uvQuoteCmdArg(arg);\n }\n // otherwise apply quoting rules specific to the cmd.exe command line parser.\n // the libuv rules are generic and are not designed specifically for cmd.exe\n // command line parser.\n //\n // for a detailed description of the cmd.exe command line parser, refer to\n // http://stackoverflow.com/questions/4094699/how-does-the-windows-command-interpreter-cmd-exe-parse-scripts/7970912#7970912\n // need quotes for empty arg\n if (!arg) {\n return '\"\"';\n }\n // determine whether the arg needs to be quoted\n const cmdSpecialChars = [\n ' ',\n '\\t',\n '&',\n '(',\n ')',\n '[',\n ']',\n '{',\n '}',\n '^',\n '=',\n ';',\n '!',\n \"'\",\n '+',\n ',',\n '`',\n '~',\n '|',\n '<',\n '>',\n '\"'\n ];\n let needsQuotes = false;\n for (const char of arg) {\n if (cmdSpecialChars.some(x => x === char)) {\n needsQuotes = true;\n break;\n }\n }\n // short-circuit if quotes not needed\n if (!needsQuotes) {\n return arg;\n }\n // the following quoting rules are very similar to the rules that by libuv applies.\n //\n // 1) wrap the string in quotes\n //\n // 2) double-up quotes - i.e. \" => \"\"\n //\n // this is different from the libuv quoting rules. libuv replaces \" with \\\", which unfortunately\n // doesn't work well with a cmd.exe command line.\n //\n // note, replacing \" with \"\" also works well if the arg is passed to a downstream .NET console app.\n // for example, the command line:\n // foo.exe \"myarg:\"\"my val\"\"\"\n // is parsed by a .NET console app into an arg array:\n // [ \"myarg:\\\"my val\\\"\" ]\n // which is the same end result when applying libuv quoting rules. although the actual\n // command line from libuv quoting rules would look like:\n // foo.exe \"myarg:\\\"my val\\\"\"\n //\n // 3) double-up slashes that precede a quote,\n // e.g. hello \\world => \"hello \\world\"\n // hello\\\"world => \"hello\\\\\"\"world\"\n // hello\\\\\"world => \"hello\\\\\\\\\"\"world\"\n // hello world\\ => \"hello world\\\\\"\n //\n // technically this is not required for a cmd.exe command line, or the batch argument parser.\n // the reasons for including this as a .cmd quoting rule are:\n //\n // a) this is optimized for the scenario where the argument is passed from the .cmd file to an\n // external program. many programs (e.g. .NET console apps) rely on the slash-doubling rule.\n //\n // b) it's what we've been doing previously (by deferring to node default behavior) and we\n // haven't heard any complaints about that aspect.\n //\n // note, a weakness of the quoting rules chosen here, is that % is not escaped. in fact, % cannot be\n // escaped when used on the command line directly - even though within a .cmd file % can be escaped\n // by using %%.\n //\n // the saving grace is, on the command line, %var% is left as-is if var is not defined. this contrasts\n // the line parsing rules within a .cmd file, where if var is not defined it is replaced with nothing.\n //\n // one option that was explored was replacing % with ^% - i.e. %var% => ^%var^%. this hack would\n // often work, since it is unlikely that var^ would exist, and the ^ character is removed when the\n // variable is used. the problem, however, is that ^ is not removed when %* is used to pass the args\n // to an external program.\n //\n // an unexplored potential solution for the % escaping problem, is to create a wrapper .cmd file.\n // % can be escaped within a .cmd file.\n let reverse = '\"';\n let quoteHit = true;\n for (let i = arg.length; i > 0; i--) {\n // walk the string in reverse\n reverse += arg[i - 1];\n if (quoteHit && arg[i - 1] === '\\\\') {\n reverse += '\\\\'; // double the slash\n }\n else if (arg[i - 1] === '\"') {\n quoteHit = true;\n reverse += '\"'; // double the quote\n }\n else {\n quoteHit = false;\n }\n }\n reverse += '\"';\n return reverse.split('').reverse().join('');\n }\n _uvQuoteCmdArg(arg) {\n // Tool runner wraps child_process.spawn() and needs to apply the same quoting as\n // Node in certain cases where the undocumented spawn option windowsVerbatimArguments\n // is used.\n //\n // Since this function is a port of quote_cmd_arg from Node 4.x (technically, lib UV,\n // see https://github.com/nodejs/node/blob/v4.x/deps/uv/src/win/process.c for details),\n // pasting copyright notice from Node within this function:\n //\n // Copyright Joyent, Inc. and other Node contributors. All rights reserved.\n //\n // Permission is hereby granted, free of charge, to any person obtaining a copy\n // of this software and associated documentation files (the \"Software\"), to\n // deal in the Software without restriction, including without limitation the\n // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or\n // sell copies of the Software, and to permit persons to whom the Software is\n // furnished to do so, subject to the following conditions:\n //\n // The above copyright notice and this permission notice shall be included in\n // all copies or substantial portions of the Software.\n //\n // THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING\n // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS\n // IN THE SOFTWARE.\n if (!arg) {\n // Need double quotation for empty argument\n return '\"\"';\n }\n if (!arg.includes(' ') && !arg.includes('\\t') && !arg.includes('\"')) {\n // No quotation needed\n return arg;\n }\n if (!arg.includes('\"') && !arg.includes('\\\\')) {\n // No embedded double quotes or backslashes, so I can just wrap\n // quote marks around the whole thing.\n return `\"${arg}\"`;\n }\n // Expected input/output:\n // input : hello\"world\n // output: \"hello\\\"world\"\n // input : hello\"\"world\n // output: \"hello\\\"\\\"world\"\n // input : hello\\world\n // output: hello\\world\n // input : hello\\\\world\n // output: hello\\\\world\n // input : hello\\\"world\n // output: \"hello\\\\\\\"world\"\n // input : hello\\\\\"world\n // output: \"hello\\\\\\\\\\\"world\"\n // input : hello world\\\n // output: \"hello world\\\\\" - note the comment in libuv actually reads \"hello world\\\"\n // but it appears the comment is wrong, it should be \"hello world\\\\\"\n let reverse = '\"';\n let quoteHit = true;\n for (let i = arg.length; i > 0; i--) {\n // walk the string in reverse\n reverse += arg[i - 1];\n if (quoteHit && arg[i - 1] === '\\\\') {\n reverse += '\\\\';\n }\n else if (arg[i - 1] === '\"') {\n quoteHit = true;\n reverse += '\\\\';\n }\n else {\n quoteHit = false;\n }\n }\n reverse += '\"';\n return reverse.split('').reverse().join('');\n }\n _cloneExecOptions(options) {\n options = options || {};\n const result = {\n cwd: options.cwd || process.cwd(),\n env: options.env || process.env,\n silent: options.silent || false,\n windowsVerbatimArguments: options.windowsVerbatimArguments || false,\n failOnStdErr: options.failOnStdErr || false,\n ignoreReturnCode: options.ignoreReturnCode || false,\n delay: options.delay || 10000\n };\n result.outStream = options.outStream || process.stdout;\n result.errStream = options.errStream || process.stderr;\n return result;\n }\n _getSpawnOptions(options, toolPath) {\n options = options || {};\n const result = {};\n result.cwd = options.cwd;\n result.env = options.env;\n result['windowsVerbatimArguments'] =\n options.windowsVerbatimArguments || this._isCmdFile();\n if (options.windowsVerbatimArguments) {\n result.argv0 = `\"${toolPath}\"`;\n }\n return result;\n }\n /**\n * Exec a tool.\n * Output will be streamed to the live console.\n * Returns promise with return code\n *\n * @param tool path to tool to exec\n * @param options optional exec options. See ExecOptions\n * @returns number\n */\n exec() {\n return __awaiter(this, void 0, void 0, function* () {\n // root the tool path if it is unrooted and contains relative pathing\n if (!ioUtil.isRooted(this.toolPath) &&\n (this.toolPath.includes('/') ||\n (IS_WINDOWS && this.toolPath.includes('\\\\')))) {\n // prefer options.cwd if it is specified, however options.cwd may also need to be rooted\n this.toolPath = path.resolve(process.cwd(), this.options.cwd || process.cwd(), this.toolPath);\n }\n // if the tool is only a file name, then resolve it from the PATH\n // otherwise verify it exists (add extension on Windows if necessary)\n this.toolPath = yield io.which(this.toolPath, true);\n return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {\n this._debug(`exec tool: ${this.toolPath}`);\n this._debug('arguments:');\n for (const arg of this.args) {\n this._debug(` ${arg}`);\n }\n const optionsNonNull = this._cloneExecOptions(this.options);\n if (!optionsNonNull.silent && optionsNonNull.outStream) {\n optionsNonNull.outStream.write(this._getCommandString(optionsNonNull) + os.EOL);\n }\n const state = new ExecState(optionsNonNull, this.toolPath);\n state.on('debug', (message) => {\n this._debug(message);\n });\n if (this.options.cwd && !(yield ioUtil.exists(this.options.cwd))) {\n return reject(new Error(`The cwd: ${this.options.cwd} does not exist!`));\n }\n const fileName = this._getSpawnFileName();\n const cp = child.spawn(fileName, this._getSpawnArgs(optionsNonNull), this._getSpawnOptions(this.options, fileName));\n let stdbuffer = '';\n if (cp.stdout) {\n cp.stdout.on('data', (data) => {\n if (this.options.listeners && this.options.listeners.stdout) {\n this.options.listeners.stdout(data);\n }\n if (!optionsNonNull.silent && optionsNonNull.outStream) {\n optionsNonNull.outStream.write(data);\n }\n stdbuffer = this._processLineBuffer(data, stdbuffer, (line) => {\n if (this.options.listeners && this.options.listeners.stdline) {\n this.options.listeners.stdline(line);\n }\n });\n });\n }\n let errbuffer = '';\n if (cp.stderr) {\n cp.stderr.on('data', (data) => {\n state.processStderr = true;\n if (this.options.listeners && this.options.listeners.stderr) {\n this.options.listeners.stderr(data);\n }\n if (!optionsNonNull.silent &&\n optionsNonNull.errStream &&\n optionsNonNull.outStream) {\n const s = optionsNonNull.failOnStdErr\n ? optionsNonNull.errStream\n : optionsNonNull.outStream;\n s.write(data);\n }\n errbuffer = this._processLineBuffer(data, errbuffer, (line) => {\n if (this.options.listeners && this.options.listeners.errline) {\n this.options.listeners.errline(line);\n }\n });\n });\n }\n cp.on('error', (err) => {\n state.processError = err.message;\n state.processExited = true;\n state.processClosed = true;\n state.CheckComplete();\n });\n cp.on('exit', (code) => {\n state.processExitCode = code;\n state.processExited = true;\n this._debug(`Exit code ${code} received from tool '${this.toolPath}'`);\n state.CheckComplete();\n });\n cp.on('close', (code) => {\n state.processExitCode = code;\n state.processExited = true;\n state.processClosed = true;\n this._debug(`STDIO streams have closed for tool '${this.toolPath}'`);\n state.CheckComplete();\n });\n state.on('done', (error, exitCode) => {\n if (stdbuffer.length > 0) {\n this.emit('stdline', stdbuffer);\n }\n if (errbuffer.length > 0) {\n this.emit('errline', errbuffer);\n }\n cp.removeAllListeners();\n if (error) {\n reject(error);\n }\n else {\n resolve(exitCode);\n }\n });\n if (this.options.input) {\n if (!cp.stdin) {\n throw new Error('child process missing stdin');\n }\n cp.stdin.end(this.options.input);\n }\n }));\n });\n }\n}\nexports.ToolRunner = ToolRunner;\n/**\n * Convert an arg string to an array of args. Handles escaping\n *\n * @param argString string of arguments\n * @returns string[] array of arguments\n */\nfunction argStringToArray(argString) {\n const args = [];\n let inQuotes = false;\n let escaped = false;\n let arg = '';\n function append(c) {\n // we only escape double quotes.\n if (escaped && c !== '\"') {\n arg += '\\\\';\n }\n arg += c;\n escaped = false;\n }\n for (let i = 0; i < argString.length; i++) {\n const c = argString.charAt(i);\n if (c === '\"') {\n if (!escaped) {\n inQuotes = !inQuotes;\n }\n else {\n append(c);\n }\n continue;\n }\n if (c === '\\\\' && escaped) {\n append(c);\n continue;\n }\n if (c === '\\\\' && inQuotes) {\n escaped = true;\n continue;\n }\n if (c === ' ' && !inQuotes) {\n if (arg.length > 0) {\n args.push(arg);\n arg = '';\n }\n continue;\n }\n append(c);\n }\n if (arg.length > 0) {\n args.push(arg.trim());\n }\n return args;\n}\nclass ExecState extends events.EventEmitter {\n constructor(options, toolPath) {\n super();\n this.processClosed = false; // tracks whether the process has exited and stdio is closed\n this.processError = '';\n this.processExitCode = 0;\n this.processExited = false; // tracks whether the process has exited\n this.processStderr = false; // tracks whether stderr was written to\n this.delay = 10000; // 10 seconds\n this.done = false;\n this.timeout = null;\n if (!toolPath) {\n throw new Error('toolPath must not be empty');\n }\n this.options = options;\n this.toolPath = toolPath;\n if (options.delay) {\n this.delay = options.delay;\n }\n }\n CheckComplete() {\n if (this.done) {\n return;\n }\n if (this.processClosed) {\n this._setResult();\n }\n else if (this.processExited) {\n this.timeout = (0, timers_1.setTimeout)(ExecState.HandleTimeout, this.delay, this);\n }\n }\n _debug(message) {\n this.emit('debug', message);\n }\n _setResult() {\n // determine whether there is an error\n let error;\n if (this.processExited) {\n if (this.processError) {\n error = new Error(`There was an error when attempting to execute the process '${this.toolPath}'. This may indicate the process failed to start. Error: ${this.processError}`);\n }\n else if (this.processExitCode !== 0 && !this.options.ignoreReturnCode) {\n error = new Error(`The process '${this.toolPath}' failed with exit code ${this.processExitCode}`);\n }\n else if (this.processStderr && this.options.failOnStdErr) {\n error = new Error(`The process '${this.toolPath}' failed because one or more lines were written to the STDERR stream`);\n }\n }\n // clear the timeout\n if (this.timeout) {\n clearTimeout(this.timeout);\n this.timeout = null;\n }\n this.done = true;\n this.emit('done', error, this.processExitCode);\n }\n static HandleTimeout(state) {\n if (state.done) {\n return;\n }\n if (!state.processClosed && state.processExited) {\n const message = `The STDIO streams did not close within ${state.delay / 1000} seconds of the exit event from process '${state.toolPath}'. This may indicate a child process inherited the STDIO streams and has not yet exited.`;\n state._debug(message);\n }\n state._setResult();\n }\n}\n//# sourceMappingURL=toolrunner.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0;\nclass BasicCredentialHandler {\n constructor(username, password) {\n this.username = username;\n this.password = password;\n }\n prepareRequest(options) {\n if (!options.headers) {\n throw Error('The request has no headers');\n }\n options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`;\n }\n // This handler cannot handle 401\n canHandleAuthentication() {\n return false;\n }\n handleAuthentication() {\n return __awaiter(this, void 0, void 0, function* () {\n throw new Error('not implemented');\n });\n }\n}\nexports.BasicCredentialHandler = BasicCredentialHandler;\nclass BearerCredentialHandler {\n constructor(token) {\n this.token = token;\n }\n // currently implements pre-authorization\n // TODO: support preAuth = false where it hooks on 401\n prepareRequest(options) {\n if (!options.headers) {\n throw Error('The request has no headers');\n }\n options.headers['Authorization'] = `Bearer ${this.token}`;\n }\n // This handler cannot handle 401\n canHandleAuthentication() {\n return false;\n }\n handleAuthentication() {\n return __awaiter(this, void 0, void 0, function* () {\n throw new Error('not implemented');\n });\n }\n}\nexports.BearerCredentialHandler = BearerCredentialHandler;\nclass PersonalAccessTokenCredentialHandler {\n constructor(token) {\n this.token = token;\n }\n // currently implements pre-authorization\n // TODO: support preAuth = false where it hooks on 401\n prepareRequest(options) {\n if (!options.headers) {\n throw Error('The request has no headers');\n }\n options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`;\n }\n // This handler cannot handle 401\n canHandleAuthentication() {\n return false;\n }\n handleAuthentication() {\n return __awaiter(this, void 0, void 0, function* () {\n throw new Error('not implemented');\n });\n }\n}\nexports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler;\n//# sourceMappingURL=auth.js.map","\"use strict\";\n/* eslint-disable @typescript-eslint/no-explicit-any */\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.HttpClient = exports.HttpClientResponse = exports.HttpClientError = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0;\nexports.getProxyUrl = getProxyUrl;\nexports.isHttps = isHttps;\nconst http = __importStar(require(\"http\"));\nconst https = __importStar(require(\"https\"));\nconst pm = __importStar(require(\"./proxy\"));\nconst tunnel = __importStar(require(\"tunnel\"));\nconst undici_1 = require(\"undici\");\nvar HttpCodes;\n(function (HttpCodes) {\n HttpCodes[HttpCodes[\"OK\"] = 200] = \"OK\";\n HttpCodes[HttpCodes[\"MultipleChoices\"] = 300] = \"MultipleChoices\";\n HttpCodes[HttpCodes[\"MovedPermanently\"] = 301] = \"MovedPermanently\";\n HttpCodes[HttpCodes[\"ResourceMoved\"] = 302] = \"ResourceMoved\";\n HttpCodes[HttpCodes[\"SeeOther\"] = 303] = \"SeeOther\";\n HttpCodes[HttpCodes[\"NotModified\"] = 304] = \"NotModified\";\n HttpCodes[HttpCodes[\"UseProxy\"] = 305] = \"UseProxy\";\n HttpCodes[HttpCodes[\"SwitchProxy\"] = 306] = \"SwitchProxy\";\n HttpCodes[HttpCodes[\"TemporaryRedirect\"] = 307] = \"TemporaryRedirect\";\n HttpCodes[HttpCodes[\"PermanentRedirect\"] = 308] = \"PermanentRedirect\";\n HttpCodes[HttpCodes[\"BadRequest\"] = 400] = \"BadRequest\";\n HttpCodes[HttpCodes[\"Unauthorized\"] = 401] = \"Unauthorized\";\n HttpCodes[HttpCodes[\"PaymentRequired\"] = 402] = \"PaymentRequired\";\n HttpCodes[HttpCodes[\"Forbidden\"] = 403] = \"Forbidden\";\n HttpCodes[HttpCodes[\"NotFound\"] = 404] = \"NotFound\";\n HttpCodes[HttpCodes[\"MethodNotAllowed\"] = 405] = \"MethodNotAllowed\";\n HttpCodes[HttpCodes[\"NotAcceptable\"] = 406] = \"NotAcceptable\";\n HttpCodes[HttpCodes[\"ProxyAuthenticationRequired\"] = 407] = \"ProxyAuthenticationRequired\";\n HttpCodes[HttpCodes[\"RequestTimeout\"] = 408] = \"RequestTimeout\";\n HttpCodes[HttpCodes[\"Conflict\"] = 409] = \"Conflict\";\n HttpCodes[HttpCodes[\"Gone\"] = 410] = \"Gone\";\n HttpCodes[HttpCodes[\"TooManyRequests\"] = 429] = \"TooManyRequests\";\n HttpCodes[HttpCodes[\"InternalServerError\"] = 500] = \"InternalServerError\";\n HttpCodes[HttpCodes[\"NotImplemented\"] = 501] = \"NotImplemented\";\n HttpCodes[HttpCodes[\"BadGateway\"] = 502] = \"BadGateway\";\n HttpCodes[HttpCodes[\"ServiceUnavailable\"] = 503] = \"ServiceUnavailable\";\n HttpCodes[HttpCodes[\"GatewayTimeout\"] = 504] = \"GatewayTimeout\";\n})(HttpCodes || (exports.HttpCodes = HttpCodes = {}));\nvar Headers;\n(function (Headers) {\n Headers[\"Accept\"] = \"accept\";\n Headers[\"ContentType\"] = \"content-type\";\n})(Headers || (exports.Headers = Headers = {}));\nvar MediaTypes;\n(function (MediaTypes) {\n MediaTypes[\"ApplicationJson\"] = \"application/json\";\n})(MediaTypes || (exports.MediaTypes = MediaTypes = {}));\n/**\n * Returns the proxy URL, depending upon the supplied url and proxy environment variables.\n * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com\n */\nfunction getProxyUrl(serverUrl) {\n const proxyUrl = pm.getProxyUrl(new URL(serverUrl));\n return proxyUrl ? proxyUrl.href : '';\n}\nconst HttpRedirectCodes = [\n HttpCodes.MovedPermanently,\n HttpCodes.ResourceMoved,\n HttpCodes.SeeOther,\n HttpCodes.TemporaryRedirect,\n HttpCodes.PermanentRedirect\n];\nconst HttpResponseRetryCodes = [\n HttpCodes.BadGateway,\n HttpCodes.ServiceUnavailable,\n HttpCodes.GatewayTimeout\n];\nconst RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD'];\nconst ExponentialBackoffCeiling = 10;\nconst ExponentialBackoffTimeSlice = 5;\nclass HttpClientError extends Error {\n constructor(message, statusCode) {\n super(message);\n this.name = 'HttpClientError';\n this.statusCode = statusCode;\n Object.setPrototypeOf(this, HttpClientError.prototype);\n }\n}\nexports.HttpClientError = HttpClientError;\nclass HttpClientResponse {\n constructor(message) {\n this.message = message;\n }\n readBody() {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () {\n let output = Buffer.alloc(0);\n this.message.on('data', (chunk) => {\n output = Buffer.concat([output, chunk]);\n });\n this.message.on('end', () => {\n resolve(output.toString());\n });\n }));\n });\n }\n readBodyBuffer() {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () {\n const chunks = [];\n this.message.on('data', (chunk) => {\n chunks.push(chunk);\n });\n this.message.on('end', () => {\n resolve(Buffer.concat(chunks));\n });\n }));\n });\n }\n}\nexports.HttpClientResponse = HttpClientResponse;\nfunction isHttps(requestUrl) {\n const parsedUrl = new URL(requestUrl);\n return parsedUrl.protocol === 'https:';\n}\nclass HttpClient {\n constructor(userAgent, handlers, requestOptions) {\n this._ignoreSslError = false;\n this._allowRedirects = true;\n this._allowRedirectDowngrade = false;\n this._maxRedirects = 50;\n this._allowRetries = false;\n this._maxRetries = 1;\n this._keepAlive = false;\n this._disposed = false;\n this.userAgent = this._getUserAgentWithOrchestrationId(userAgent);\n this.handlers = handlers || [];\n this.requestOptions = requestOptions;\n if (requestOptions) {\n if (requestOptions.ignoreSslError != null) {\n this._ignoreSslError = requestOptions.ignoreSslError;\n }\n this._socketTimeout = requestOptions.socketTimeout;\n if (requestOptions.allowRedirects != null) {\n this._allowRedirects = requestOptions.allowRedirects;\n }\n if (requestOptions.allowRedirectDowngrade != null) {\n this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade;\n }\n if (requestOptions.maxRedirects != null) {\n this._maxRedirects = Math.max(requestOptions.maxRedirects, 0);\n }\n if (requestOptions.keepAlive != null) {\n this._keepAlive = requestOptions.keepAlive;\n }\n if (requestOptions.allowRetries != null) {\n this._allowRetries = requestOptions.allowRetries;\n }\n if (requestOptions.maxRetries != null) {\n this._maxRetries = requestOptions.maxRetries;\n }\n }\n }\n options(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('OPTIONS', requestUrl, null, additionalHeaders || {});\n });\n }\n get(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('GET', requestUrl, null, additionalHeaders || {});\n });\n }\n del(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('DELETE', requestUrl, null, additionalHeaders || {});\n });\n }\n post(requestUrl, data, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('POST', requestUrl, data, additionalHeaders || {});\n });\n }\n patch(requestUrl, data, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('PATCH', requestUrl, data, additionalHeaders || {});\n });\n }\n put(requestUrl, data, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('PUT', requestUrl, data, additionalHeaders || {});\n });\n }\n head(requestUrl, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request('HEAD', requestUrl, null, additionalHeaders || {});\n });\n }\n sendStream(verb, requestUrl, stream, additionalHeaders) {\n return __awaiter(this, void 0, void 0, function* () {\n return this.request(verb, requestUrl, stream, additionalHeaders);\n });\n }\n /**\n * Gets a typed object from an endpoint\n * Be aware that not found returns a null. Other errors (4xx, 5xx) reject the promise\n */\n getJson(requestUrl_1) {\n return __awaiter(this, arguments, void 0, function* (requestUrl, additionalHeaders = {}) {\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n const res = yield this.get(requestUrl, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n postJson(requestUrl_1, obj_1) {\n return __awaiter(this, arguments, void 0, function* (requestUrl, obj, additionalHeaders = {}) {\n const data = JSON.stringify(obj, null, 2);\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n additionalHeaders[Headers.ContentType] =\n this._getExistingOrDefaultContentTypeHeader(additionalHeaders, MediaTypes.ApplicationJson);\n const res = yield this.post(requestUrl, data, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n putJson(requestUrl_1, obj_1) {\n return __awaiter(this, arguments, void 0, function* (requestUrl, obj, additionalHeaders = {}) {\n const data = JSON.stringify(obj, null, 2);\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n additionalHeaders[Headers.ContentType] =\n this._getExistingOrDefaultContentTypeHeader(additionalHeaders, MediaTypes.ApplicationJson);\n const res = yield this.put(requestUrl, data, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n patchJson(requestUrl_1, obj_1) {\n return __awaiter(this, arguments, void 0, function* (requestUrl, obj, additionalHeaders = {}) {\n const data = JSON.stringify(obj, null, 2);\n additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n additionalHeaders[Headers.ContentType] =\n this._getExistingOrDefaultContentTypeHeader(additionalHeaders, MediaTypes.ApplicationJson);\n const res = yield this.patch(requestUrl, data, additionalHeaders);\n return this._processResponse(res, this.requestOptions);\n });\n }\n /**\n * Makes a raw http request.\n * All other methods such as get, post, patch, and request ultimately call this.\n * Prefer get, del, post and patch\n */\n request(verb, requestUrl, data, headers) {\n return __awaiter(this, void 0, void 0, function* () {\n if (this._disposed) {\n throw new Error('Client has already been disposed.');\n }\n const parsedUrl = new URL(requestUrl);\n let info = this._prepareRequest(verb, parsedUrl, headers);\n // Only perform retries on reads since writes may not be idempotent.\n const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb)\n ? this._maxRetries + 1\n : 1;\n let numTries = 0;\n let response;\n do {\n response = yield this.requestRaw(info, data);\n // Check if it's an authentication challenge\n if (response &&\n response.message &&\n response.message.statusCode === HttpCodes.Unauthorized) {\n let authenticationHandler;\n for (const handler of this.handlers) {\n if (handler.canHandleAuthentication(response)) {\n authenticationHandler = handler;\n break;\n }\n }\n if (authenticationHandler) {\n return authenticationHandler.handleAuthentication(this, info, data);\n }\n else {\n // We have received an unauthorized response but have no handlers to handle it.\n // Let the response return to the caller.\n return response;\n }\n }\n let redirectsRemaining = this._maxRedirects;\n while (response.message.statusCode &&\n HttpRedirectCodes.includes(response.message.statusCode) &&\n this._allowRedirects &&\n redirectsRemaining > 0) {\n const redirectUrl = response.message.headers['location'];\n if (!redirectUrl) {\n // if there's no location to redirect to, we won't\n break;\n }\n const parsedRedirectUrl = new URL(redirectUrl);\n if (parsedUrl.protocol === 'https:' &&\n parsedUrl.protocol !== parsedRedirectUrl.protocol &&\n !this._allowRedirectDowngrade) {\n throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.');\n }\n // we need to finish reading the response before reassigning response\n // which will leak the open socket.\n yield response.readBody();\n // strip authorization header if redirected to a different hostname\n if (parsedRedirectUrl.hostname !== parsedUrl.hostname) {\n for (const header in headers) {\n // header names are case insensitive\n if (header.toLowerCase() === 'authorization') {\n delete headers[header];\n }\n }\n }\n // let's make the request with the new redirectUrl\n info = this._prepareRequest(verb, parsedRedirectUrl, headers);\n response = yield this.requestRaw(info, data);\n redirectsRemaining--;\n }\n if (!response.message.statusCode ||\n !HttpResponseRetryCodes.includes(response.message.statusCode)) {\n // If not a retry code, return immediately instead of retrying\n return response;\n }\n numTries += 1;\n if (numTries < maxTries) {\n yield response.readBody();\n yield this._performExponentialBackoff(numTries);\n }\n } while (numTries < maxTries);\n return response;\n });\n }\n /**\n * Needs to be called if keepAlive is set to true in request options.\n */\n dispose() {\n if (this._agent) {\n this._agent.destroy();\n }\n this._disposed = true;\n }\n /**\n * Raw request.\n * @param info\n * @param data\n */\n requestRaw(info, data) {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve, reject) => {\n function callbackForResult(err, res) {\n if (err) {\n reject(err);\n }\n else if (!res) {\n // If `err` is not passed, then `res` must be passed.\n reject(new Error('Unknown error'));\n }\n else {\n resolve(res);\n }\n }\n this.requestRawWithCallback(info, data, callbackForResult);\n });\n });\n }\n /**\n * Raw request with callback.\n * @param info\n * @param data\n * @param onResult\n */\n requestRawWithCallback(info, data, onResult) {\n if (typeof data === 'string') {\n if (!info.options.headers) {\n info.options.headers = {};\n }\n info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8');\n }\n let callbackCalled = false;\n function handleResult(err, res) {\n if (!callbackCalled) {\n callbackCalled = true;\n onResult(err, res);\n }\n }\n const req = info.httpModule.request(info.options, (msg) => {\n const res = new HttpClientResponse(msg);\n handleResult(undefined, res);\n });\n let socket;\n req.on('socket', sock => {\n socket = sock;\n });\n // If we ever get disconnected, we want the socket to timeout eventually\n req.setTimeout(this._socketTimeout || 3 * 60000, () => {\n if (socket) {\n socket.end();\n }\n handleResult(new Error(`Request timeout: ${info.options.path}`));\n });\n req.on('error', function (err) {\n // err has statusCode property\n // res should have headers\n handleResult(err);\n });\n if (data && typeof data === 'string') {\n req.write(data, 'utf8');\n }\n if (data && typeof data !== 'string') {\n data.on('close', function () {\n req.end();\n });\n data.pipe(req);\n }\n else {\n req.end();\n }\n }\n /**\n * Gets an http agent. This function is useful when you need an http agent that handles\n * routing through a proxy server - depending upon the url and proxy environment variables.\n * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com\n */\n getAgent(serverUrl) {\n const parsedUrl = new URL(serverUrl);\n return this._getAgent(parsedUrl);\n }\n getAgentDispatcher(serverUrl) {\n const parsedUrl = new URL(serverUrl);\n const proxyUrl = pm.getProxyUrl(parsedUrl);\n const useProxy = proxyUrl && proxyUrl.hostname;\n if (!useProxy) {\n return;\n }\n return this._getProxyAgentDispatcher(parsedUrl, proxyUrl);\n }\n _prepareRequest(method, requestUrl, headers) {\n const info = {};\n info.parsedUrl = requestUrl;\n const usingSsl = info.parsedUrl.protocol === 'https:';\n info.httpModule = usingSsl ? https : http;\n const defaultPort = usingSsl ? 443 : 80;\n info.options = {};\n info.options.host = info.parsedUrl.hostname;\n info.options.port = info.parsedUrl.port\n ? parseInt(info.parsedUrl.port)\n : defaultPort;\n info.options.path =\n (info.parsedUrl.pathname || '') + (info.parsedUrl.search || '');\n info.options.method = method;\n info.options.headers = this._mergeHeaders(headers);\n if (this.userAgent != null) {\n info.options.headers['user-agent'] = this.userAgent;\n }\n info.options.agent = this._getAgent(info.parsedUrl);\n // gives handlers an opportunity to participate\n if (this.handlers) {\n for (const handler of this.handlers) {\n handler.prepareRequest(info.options);\n }\n }\n return info;\n }\n _mergeHeaders(headers) {\n if (this.requestOptions && this.requestOptions.headers) {\n return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {}));\n }\n return lowercaseKeys(headers || {});\n }\n /**\n * Gets an existing header value or returns a default.\n * Handles converting number header values to strings since HTTP headers must be strings.\n * Note: This returns string | string[] since some headers can have multiple values.\n * For headers that must always be a single string (like Content-Type), use the\n * specialized _getExistingOrDefaultContentTypeHeader method instead.\n */\n _getExistingOrDefaultHeader(additionalHeaders, header, _default) {\n let clientHeader;\n if (this.requestOptions && this.requestOptions.headers) {\n const headerValue = lowercaseKeys(this.requestOptions.headers)[header];\n if (headerValue) {\n clientHeader =\n typeof headerValue === 'number' ? headerValue.toString() : headerValue;\n }\n }\n const additionalValue = additionalHeaders[header];\n if (additionalValue !== undefined) {\n return typeof additionalValue === 'number'\n ? additionalValue.toString()\n : additionalValue;\n }\n if (clientHeader !== undefined) {\n return clientHeader;\n }\n return _default;\n }\n /**\n * Specialized version of _getExistingOrDefaultHeader for Content-Type header.\n * Always returns a single string (not an array) since Content-Type should be a single value.\n * Converts arrays to comma-separated strings and numbers to strings to ensure type safety.\n * This was split from _getExistingOrDefaultHeader to provide stricter typing for callers\n * that assign the result to places expecting a string (e.g., additionalHeaders[Headers.ContentType]).\n */\n _getExistingOrDefaultContentTypeHeader(additionalHeaders, _default) {\n let clientHeader;\n if (this.requestOptions && this.requestOptions.headers) {\n const headerValue = lowercaseKeys(this.requestOptions.headers)[Headers.ContentType];\n if (headerValue) {\n if (typeof headerValue === 'number') {\n clientHeader = String(headerValue);\n }\n else if (Array.isArray(headerValue)) {\n clientHeader = headerValue.join(', ');\n }\n else {\n clientHeader = headerValue;\n }\n }\n }\n const additionalValue = additionalHeaders[Headers.ContentType];\n // Return the first non-undefined value, converting numbers or arrays to strings if necessary\n if (additionalValue !== undefined) {\n if (typeof additionalValue === 'number') {\n return String(additionalValue);\n }\n else if (Array.isArray(additionalValue)) {\n return additionalValue.join(', ');\n }\n else {\n return additionalValue;\n }\n }\n if (clientHeader !== undefined) {\n return clientHeader;\n }\n return _default;\n }\n _getAgent(parsedUrl) {\n let agent;\n const proxyUrl = pm.getProxyUrl(parsedUrl);\n const useProxy = proxyUrl && proxyUrl.hostname;\n if (this._keepAlive && useProxy) {\n agent = this._proxyAgent;\n }\n if (!useProxy) {\n agent = this._agent;\n }\n // if agent is already assigned use that agent.\n if (agent) {\n return agent;\n }\n const usingSsl = parsedUrl.protocol === 'https:';\n let maxSockets = 100;\n if (this.requestOptions) {\n maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets;\n }\n // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis.\n if (proxyUrl && proxyUrl.hostname) {\n const agentOptions = {\n maxSockets,\n keepAlive: this._keepAlive,\n proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && {\n proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`\n })), { host: proxyUrl.hostname, port: proxyUrl.port })\n };\n let tunnelAgent;\n const overHttps = proxyUrl.protocol === 'https:';\n if (usingSsl) {\n tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp;\n }\n else {\n tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp;\n }\n agent = tunnelAgent(agentOptions);\n this._proxyAgent = agent;\n }\n // if tunneling agent isn't assigned create a new agent\n if (!agent) {\n const options = { keepAlive: this._keepAlive, maxSockets };\n agent = usingSsl ? new https.Agent(options) : new http.Agent(options);\n this._agent = agent;\n }\n if (usingSsl && this._ignoreSslError) {\n // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process\n // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options\n // we have to cast it to any and change it directly\n agent.options = Object.assign(agent.options || {}, {\n rejectUnauthorized: false\n });\n }\n return agent;\n }\n _getProxyAgentDispatcher(parsedUrl, proxyUrl) {\n let proxyAgent;\n if (this._keepAlive) {\n proxyAgent = this._proxyAgentDispatcher;\n }\n // if agent is already assigned use that agent.\n if (proxyAgent) {\n return proxyAgent;\n }\n const usingSsl = parsedUrl.protocol === 'https:';\n proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl.href, pipelining: !this._keepAlive ? 0 : 1 }, ((proxyUrl.username || proxyUrl.password) && {\n token: `Basic ${Buffer.from(`${proxyUrl.username}:${proxyUrl.password}`).toString('base64')}`\n })));\n this._proxyAgentDispatcher = proxyAgent;\n if (usingSsl && this._ignoreSslError) {\n // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process\n // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options\n // we have to cast it to any and change it directly\n proxyAgent.options = Object.assign(proxyAgent.options.requestTls || {}, {\n rejectUnauthorized: false\n });\n }\n return proxyAgent;\n }\n _getUserAgentWithOrchestrationId(userAgent) {\n const baseUserAgent = userAgent || 'actions/http-client';\n const orchId = process.env['ACTIONS_ORCHESTRATION_ID'];\n if (orchId) {\n // Sanitize the orchestration ID to ensure it contains only valid characters\n // Valid characters: 0-9, a-z, _, -, .\n const sanitizedId = orchId.replace(/[^a-z0-9_.-]/gi, '_');\n return `${baseUserAgent} actions_orchestration_id/${sanitizedId}`;\n }\n return baseUserAgent;\n }\n _performExponentialBackoff(retryNumber) {\n return __awaiter(this, void 0, void 0, function* () {\n retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber);\n const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber);\n return new Promise(resolve => setTimeout(() => resolve(), ms));\n });\n }\n _processResponse(res, options) {\n return __awaiter(this, void 0, void 0, function* () {\n return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {\n const statusCode = res.message.statusCode || 0;\n const response = {\n statusCode,\n result: null,\n headers: {}\n };\n // not found leads to null obj returned\n if (statusCode === HttpCodes.NotFound) {\n resolve(response);\n }\n // get the result from the body\n function dateTimeDeserializer(key, value) {\n if (typeof value === 'string') {\n const a = new Date(value);\n if (!isNaN(a.valueOf())) {\n return a;\n }\n }\n return value;\n }\n let obj;\n let contents;\n try {\n contents = yield res.readBody();\n if (contents && contents.length > 0) {\n if (options && options.deserializeDates) {\n obj = JSON.parse(contents, dateTimeDeserializer);\n }\n else {\n obj = JSON.parse(contents);\n }\n response.result = obj;\n }\n response.headers = res.message.headers;\n }\n catch (err) {\n // Invalid resource (contents not json); leaving result obj null\n }\n // note that 3xx redirects are handled by the http layer.\n if (statusCode > 299) {\n let msg;\n // if exception/error in body, attempt to get better error\n if (obj && obj.message) {\n msg = obj.message;\n }\n else if (contents && contents.length > 0) {\n // it may be the case that the exception is in the body message as string\n msg = contents;\n }\n else {\n msg = `Failed request: (${statusCode})`;\n }\n const err = new HttpClientError(msg, statusCode);\n err.result = response.result;\n reject(err);\n }\n else {\n resolve(response);\n }\n }));\n });\n }\n}\nexports.HttpClient = HttpClient;\nconst lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {});\n//# sourceMappingURL=index.js.map","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getProxyUrl = getProxyUrl;\nexports.checkBypass = checkBypass;\nfunction getProxyUrl(reqUrl) {\n const usingSsl = reqUrl.protocol === 'https:';\n if (checkBypass(reqUrl)) {\n return undefined;\n }\n const proxyVar = (() => {\n if (usingSsl) {\n return process.env['https_proxy'] || process.env['HTTPS_PROXY'];\n }\n else {\n return process.env['http_proxy'] || process.env['HTTP_PROXY'];\n }\n })();\n if (proxyVar) {\n try {\n return new DecodedURL(proxyVar);\n }\n catch (_a) {\n if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://'))\n return new DecodedURL(`http://${proxyVar}`);\n }\n }\n else {\n return undefined;\n }\n}\nfunction checkBypass(reqUrl) {\n if (!reqUrl.hostname) {\n return false;\n }\n const reqHost = reqUrl.hostname;\n if (isLoopbackAddress(reqHost)) {\n return true;\n }\n const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || '';\n if (!noProxy) {\n return false;\n }\n // Determine the request port\n let reqPort;\n if (reqUrl.port) {\n reqPort = Number(reqUrl.port);\n }\n else if (reqUrl.protocol === 'http:') {\n reqPort = 80;\n }\n else if (reqUrl.protocol === 'https:') {\n reqPort = 443;\n }\n // Format the request hostname and hostname with port\n const upperReqHosts = [reqUrl.hostname.toUpperCase()];\n if (typeof reqPort === 'number') {\n upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`);\n }\n // Compare request host against noproxy\n for (const upperNoProxyItem of noProxy\n .split(',')\n .map(x => x.trim().toUpperCase())\n .filter(x => x)) {\n if (upperNoProxyItem === '*' ||\n upperReqHosts.some(x => x === upperNoProxyItem ||\n x.endsWith(`.${upperNoProxyItem}`) ||\n (upperNoProxyItem.startsWith('.') &&\n x.endsWith(`${upperNoProxyItem}`)))) {\n return true;\n }\n }\n return false;\n}\nfunction isLoopbackAddress(host) {\n const hostLower = host.toLowerCase();\n return (hostLower === 'localhost' ||\n hostLower.startsWith('127.') ||\n hostLower.startsWith('[::1]') ||\n hostLower.startsWith('[0:0:0:0:0:0:0:1]'));\n}\nclass DecodedURL extends URL {\n constructor(url, base) {\n super(url, base);\n this._decodedUsername = decodeURIComponent(super.username);\n this._decodedPassword = decodeURIComponent(super.password);\n }\n get username() {\n return this._decodedUsername;\n }\n get password() {\n return this._decodedPassword;\n }\n}\n//# sourceMappingURL=proxy.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nvar _a;\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.READONLY = exports.UV_FS_O_EXLOCK = exports.IS_WINDOWS = exports.unlink = exports.symlink = exports.stat = exports.rmdir = exports.rm = exports.rename = exports.readdir = exports.open = exports.mkdir = exports.lstat = exports.copyFile = exports.chmod = void 0;\nexports.readlink = readlink;\nexports.exists = exists;\nexports.isDirectory = isDirectory;\nexports.isRooted = isRooted;\nexports.tryGetExecutablePath = tryGetExecutablePath;\nexports.getCmdPath = getCmdPath;\nconst fs = __importStar(require(\"fs\"));\nconst path = __importStar(require(\"path\"));\n_a = fs.promises\n// export const {open} = 'fs'\n, exports.chmod = _a.chmod, exports.copyFile = _a.copyFile, exports.lstat = _a.lstat, exports.mkdir = _a.mkdir, exports.open = _a.open, exports.readdir = _a.readdir, exports.rename = _a.rename, exports.rm = _a.rm, exports.rmdir = _a.rmdir, exports.stat = _a.stat, exports.symlink = _a.symlink, exports.unlink = _a.unlink;\n// export const {open} = 'fs'\nexports.IS_WINDOWS = process.platform === 'win32';\n/**\n * Custom implementation of readlink to ensure Windows junctions\n * maintain trailing backslash for backward compatibility with Node.js < 24\n *\n * In Node.js 20, Windows junctions (directory symlinks) always returned paths\n * with trailing backslashes. Node.js 24 removed this behavior, which breaks\n * code that relied on this format for path operations.\n *\n * This implementation restores the Node 20 behavior by adding a trailing\n * backslash to all junction results on Windows.\n */\nfunction readlink(fsPath) {\n return __awaiter(this, void 0, void 0, function* () {\n const result = yield fs.promises.readlink(fsPath);\n // On Windows, restore Node 20 behavior: add trailing backslash to all results\n // since junctions on Windows are always directory links\n if (exports.IS_WINDOWS && !result.endsWith('\\\\')) {\n return `${result}\\\\`;\n }\n return result;\n });\n}\n// See https://github.com/nodejs/node/blob/d0153aee367422d0858105abec186da4dff0a0c5/deps/uv/include/uv/win.h#L691\nexports.UV_FS_O_EXLOCK = 0x10000000;\nexports.READONLY = fs.constants.O_RDONLY;\nfunction exists(fsPath) {\n return __awaiter(this, void 0, void 0, function* () {\n try {\n yield (0, exports.stat)(fsPath);\n }\n catch (err) {\n if (err.code === 'ENOENT') {\n return false;\n }\n throw err;\n }\n return true;\n });\n}\nfunction isDirectory(fsPath_1) {\n return __awaiter(this, arguments, void 0, function* (fsPath, useStat = false) {\n const stats = useStat ? yield (0, exports.stat)(fsPath) : yield (0, exports.lstat)(fsPath);\n return stats.isDirectory();\n });\n}\n/**\n * On OSX/Linux, true if path starts with '/'. On Windows, true for paths like:\n * \\, \\hello, \\\\hello\\share, C:, and C:\\hello (and corresponding alternate separator cases).\n */\nfunction isRooted(p) {\n p = normalizeSeparators(p);\n if (!p) {\n throw new Error('isRooted() parameter \"p\" cannot be empty');\n }\n if (exports.IS_WINDOWS) {\n return (p.startsWith('\\\\') || /^[A-Z]:/i.test(p) // e.g. \\ or \\hello or \\\\hello\n ); // e.g. C: or C:\\hello\n }\n return p.startsWith('/');\n}\n/**\n * Best effort attempt to determine whether a file exists and is executable.\n * @param filePath file path to check\n * @param extensions additional file extensions to try\n * @return if file exists and is executable, returns the file path. otherwise empty string.\n */\nfunction tryGetExecutablePath(filePath, extensions) {\n return __awaiter(this, void 0, void 0, function* () {\n let stats = undefined;\n try {\n // test file exists\n stats = yield (0, exports.stat)(filePath);\n }\n catch (err) {\n if (err.code !== 'ENOENT') {\n // eslint-disable-next-line no-console\n console.log(`Unexpected error attempting to determine if executable file exists '${filePath}': ${err}`);\n }\n }\n if (stats && stats.isFile()) {\n if (exports.IS_WINDOWS) {\n // on Windows, test for valid extension\n const upperExt = path.extname(filePath).toUpperCase();\n if (extensions.some(validExt => validExt.toUpperCase() === upperExt)) {\n return filePath;\n }\n }\n else {\n if (isUnixExecutable(stats)) {\n return filePath;\n }\n }\n }\n // try each extension\n const originalFilePath = filePath;\n for (const extension of extensions) {\n filePath = originalFilePath + extension;\n stats = undefined;\n try {\n stats = yield (0, exports.stat)(filePath);\n }\n catch (err) {\n if (err.code !== 'ENOENT') {\n // eslint-disable-next-line no-console\n console.log(`Unexpected error attempting to determine if executable file exists '${filePath}': ${err}`);\n }\n }\n if (stats && stats.isFile()) {\n if (exports.IS_WINDOWS) {\n // preserve the case of the actual file (since an extension was appended)\n try {\n const directory = path.dirname(filePath);\n const upperName = path.basename(filePath).toUpperCase();\n for (const actualName of yield (0, exports.readdir)(directory)) {\n if (upperName === actualName.toUpperCase()) {\n filePath = path.join(directory, actualName);\n break;\n }\n }\n }\n catch (err) {\n // eslint-disable-next-line no-console\n console.log(`Unexpected error attempting to determine the actual case of the file '${filePath}': ${err}`);\n }\n return filePath;\n }\n else {\n if (isUnixExecutable(stats)) {\n return filePath;\n }\n }\n }\n }\n return '';\n });\n}\nfunction normalizeSeparators(p) {\n p = p || '';\n if (exports.IS_WINDOWS) {\n // convert slashes on Windows\n p = p.replace(/\\//g, '\\\\');\n // remove redundant slashes\n return p.replace(/\\\\\\\\+/g, '\\\\');\n }\n // remove redundant slashes\n return p.replace(/\\/\\/+/g, '/');\n}\n// on Mac/Linux, test the execute bit\n// R W X R W X R W X\n// 256 128 64 32 16 8 4 2 1\nfunction isUnixExecutable(stats) {\n return ((stats.mode & 1) > 0 ||\n ((stats.mode & 8) > 0 &&\n process.getgid !== undefined &&\n stats.gid === process.getgid()) ||\n ((stats.mode & 64) > 0 &&\n process.getuid !== undefined &&\n stats.uid === process.getuid()));\n}\n// Get the path of cmd.exe in windows\nfunction getCmdPath() {\n var _a;\n return (_a = process.env['COMSPEC']) !== null && _a !== void 0 ? _a : `cmd.exe`;\n}\n//# sourceMappingURL=io-util.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || (function () {\n var ownKeys = function(o) {\n ownKeys = Object.getOwnPropertyNames || function (o) {\n var ar = [];\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\n return ar;\n };\n return ownKeys(o);\n };\n return function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\n __setModuleDefault(result, mod);\n return result;\n };\n})();\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.cp = cp;\nexports.mv = mv;\nexports.rmRF = rmRF;\nexports.mkdirP = mkdirP;\nexports.which = which;\nexports.findInPath = findInPath;\nconst assert_1 = require(\"assert\");\nconst path = __importStar(require(\"path\"));\nconst ioUtil = __importStar(require(\"./io-util\"));\n/**\n * Copies a file or folder.\n * Based off of shelljs - https://github.com/shelljs/shelljs/blob/9237f66c52e5daa40458f94f9565e18e8132f5a6/src/cp.js\n *\n * @param source source path\n * @param dest destination path\n * @param options optional. See CopyOptions.\n */\nfunction cp(source_1, dest_1) {\n return __awaiter(this, arguments, void 0, function* (source, dest, options = {}) {\n const { force, recursive, copySourceDirectory } = readCopyOptions(options);\n const destStat = (yield ioUtil.exists(dest)) ? yield ioUtil.stat(dest) : null;\n // Dest is an existing file, but not forcing\n if (destStat && destStat.isFile() && !force) {\n return;\n }\n // If dest is an existing directory, should copy inside.\n const newDest = destStat && destStat.isDirectory() && copySourceDirectory\n ? path.join(dest, path.basename(source))\n : dest;\n if (!(yield ioUtil.exists(source))) {\n throw new Error(`no such file or directory: ${source}`);\n }\n const sourceStat = yield ioUtil.stat(source);\n if (sourceStat.isDirectory()) {\n if (!recursive) {\n throw new Error(`Failed to copy. ${source} is a directory, but tried to copy without recursive flag.`);\n }\n else {\n yield cpDirRecursive(source, newDest, 0, force);\n }\n }\n else {\n if (path.relative(source, newDest) === '') {\n // a file cannot be copied to itself\n throw new Error(`'${newDest}' and '${source}' are the same file`);\n }\n yield copyFile(source, newDest, force);\n }\n });\n}\n/**\n * Moves a path.\n *\n * @param source source path\n * @param dest destination path\n * @param options optional. See MoveOptions.\n */\nfunction mv(source_1, dest_1) {\n return __awaiter(this, arguments, void 0, function* (source, dest, options = {}) {\n if (yield ioUtil.exists(dest)) {\n let destExists = true;\n if (yield ioUtil.isDirectory(dest)) {\n // If dest is directory copy src into dest\n dest = path.join(dest, path.basename(source));\n destExists = yield ioUtil.exists(dest);\n }\n if (destExists) {\n if (options.force == null || options.force) {\n yield rmRF(dest);\n }\n else {\n throw new Error('Destination already exists');\n }\n }\n }\n yield mkdirP(path.dirname(dest));\n yield ioUtil.rename(source, dest);\n });\n}\n/**\n * Remove a path recursively with force\n *\n * @param inputPath path to remove\n */\nfunction rmRF(inputPath) {\n return __awaiter(this, void 0, void 0, function* () {\n if (ioUtil.IS_WINDOWS) {\n // Check for invalid characters\n // https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file\n if (/[*\"<>|]/.test(inputPath)) {\n throw new Error('File path must not contain `*`, `\"`, `<`, `>` or `|` on Windows');\n }\n }\n try {\n // note if path does not exist, error is silent\n yield ioUtil.rm(inputPath, {\n force: true,\n maxRetries: 3,\n recursive: true,\n retryDelay: 300\n });\n }\n catch (err) {\n throw new Error(`File was unable to be removed ${err}`);\n }\n });\n}\n/**\n * Make a directory. Creates the full path with folders in between\n * Will throw if it fails\n *\n * @param fsPath path to create\n * @returns Promise\n */\nfunction mkdirP(fsPath) {\n return __awaiter(this, void 0, void 0, function* () {\n (0, assert_1.ok)(fsPath, 'a path argument must be provided');\n yield ioUtil.mkdir(fsPath, { recursive: true });\n });\n}\n/**\n * Returns path of a tool had the tool actually been invoked. Resolves via paths.\n * If you check and the tool does not exist, it will throw.\n *\n * @param tool name of the tool\n * @param check whether to check if tool exists\n * @returns Promise path to tool\n */\nfunction which(tool, check) {\n return __awaiter(this, void 0, void 0, function* () {\n if (!tool) {\n throw new Error(\"parameter 'tool' is required\");\n }\n // recursive when check=true\n if (check) {\n const result = yield which(tool, false);\n if (!result) {\n if (ioUtil.IS_WINDOWS) {\n throw new Error(`Unable to locate executable file: ${tool}. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also verify the file has a valid extension for an executable file.`);\n }\n else {\n throw new Error(`Unable to locate executable file: ${tool}. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also check the file mode to verify the file is executable.`);\n }\n }\n return result;\n }\n const matches = yield findInPath(tool);\n if (matches && matches.length > 0) {\n return matches[0];\n }\n return '';\n });\n}\n/**\n * Returns a list of all occurrences of the given tool on the system path.\n *\n * @returns Promise the paths of the tool\n */\nfunction findInPath(tool) {\n return __awaiter(this, void 0, void 0, function* () {\n if (!tool) {\n throw new Error(\"parameter 'tool' is required\");\n }\n // build the list of extensions to try\n const extensions = [];\n if (ioUtil.IS_WINDOWS && process.env['PATHEXT']) {\n for (const extension of process.env['PATHEXT'].split(path.delimiter)) {\n if (extension) {\n extensions.push(extension);\n }\n }\n }\n // if it's rooted, return it if exists. otherwise return empty.\n if (ioUtil.isRooted(tool)) {\n const filePath = yield ioUtil.tryGetExecutablePath(tool, extensions);\n if (filePath) {\n return [filePath];\n }\n return [];\n }\n // if any path separators, return empty\n if (tool.includes(path.sep)) {\n return [];\n }\n // build the list of directories\n //\n // Note, technically \"where\" checks the current directory on Windows. From a toolkit perspective,\n // it feels like we should not do this. Checking the current directory seems like more of a use\n // case of a shell, and the which() function exposed by the toolkit should strive for consistency\n // across platforms.\n const directories = [];\n if (process.env.PATH) {\n for (const p of process.env.PATH.split(path.delimiter)) {\n if (p) {\n directories.push(p);\n }\n }\n }\n // find all matches\n const matches = [];\n for (const directory of directories) {\n const filePath = yield ioUtil.tryGetExecutablePath(path.join(directory, tool), extensions);\n if (filePath) {\n matches.push(filePath);\n }\n }\n return matches;\n });\n}\nfunction readCopyOptions(options) {\n const force = options.force == null ? true : options.force;\n const recursive = Boolean(options.recursive);\n const copySourceDirectory = options.copySourceDirectory == null\n ? true\n : Boolean(options.copySourceDirectory);\n return { force, recursive, copySourceDirectory };\n}\nfunction cpDirRecursive(sourceDir, destDir, currentDepth, force) {\n return __awaiter(this, void 0, void 0, function* () {\n // Ensure there is not a run away recursive copy\n if (currentDepth >= 255)\n return;\n currentDepth++;\n yield mkdirP(destDir);\n const files = yield ioUtil.readdir(sourceDir);\n for (const fileName of files) {\n const srcFile = `${sourceDir}/${fileName}`;\n const destFile = `${destDir}/${fileName}`;\n const srcFileStat = yield ioUtil.lstat(srcFile);\n if (srcFileStat.isDirectory()) {\n // Recurse\n yield cpDirRecursive(srcFile, destFile, currentDepth, force);\n }\n else {\n yield copyFile(srcFile, destFile, force);\n }\n }\n // Change the mode for the newly created directory\n yield ioUtil.chmod(destDir, (yield ioUtil.stat(sourceDir)).mode);\n });\n}\n// Buffered file copy\nfunction copyFile(srcFile, destFile, force) {\n return __awaiter(this, void 0, void 0, function* () {\n if ((yield ioUtil.lstat(srcFile)).isSymbolicLink()) {\n // unlink/re-link it\n try {\n yield ioUtil.lstat(destFile);\n yield ioUtil.unlink(destFile);\n }\n catch (e) {\n // Try to override file permission\n if (e.code === 'EPERM') {\n yield ioUtil.chmod(destFile, '0666');\n yield ioUtil.unlink(destFile);\n }\n // other errors = it doesn't exist, no work to do\n }\n // Copy over symlink\n const symlinkFull = yield ioUtil.readlink(srcFile);\n yield ioUtil.symlink(symlinkFull, destFile, ioUtil.IS_WINDOWS ? 'junction' : null);\n }\n else if (!(yield ioUtil.exists(destFile)) || force) {\n yield ioUtil.copyFile(srcFile, destFile);\n }\n });\n}\n//# sourceMappingURL=io.js.map","// Copyright 2011 Mark Cavage All rights reserved.\n\n\nmodule.exports = {\n\n newInvalidAsn1Error: function (msg) {\n var e = new Error();\n e.name = 'InvalidAsn1Error';\n e.message = msg || '';\n return e;\n }\n\n};\n","// Copyright 2011 Mark Cavage All rights reserved.\n\nvar errors = require('./errors');\nvar types = require('./types');\n\nvar Reader = require('./reader');\nvar Writer = require('./writer');\n\n\n// --- Exports\n\nmodule.exports = {\n\n Reader: Reader,\n\n Writer: Writer\n\n};\n\nfor (var t in types) {\n if (types.hasOwnProperty(t))\n module.exports[t] = types[t];\n}\nfor (var e in errors) {\n if (errors.hasOwnProperty(e))\n module.exports[e] = errors[e];\n}\n","// Copyright 2011 Mark Cavage All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\n\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\n\n\n// --- API\n\nfunction Reader(data) {\n if (!data || !Buffer.isBuffer(data))\n throw new TypeError('data must be a node Buffer');\n\n this._buf = data;\n this._size = data.length;\n\n // These hold the \"current\" state\n this._len = 0;\n this._offset = 0;\n}\n\nObject.defineProperty(Reader.prototype, 'length', {\n enumerable: true,\n get: function () { return (this._len); }\n});\n\nObject.defineProperty(Reader.prototype, 'offset', {\n enumerable: true,\n get: function () { return (this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'remain', {\n get: function () { return (this._size - this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'buffer', {\n get: function () { return (this._buf.slice(this._offset)); }\n});\n\n\n/**\n * Reads a single byte and advances offset; you can pass in `true` to make this\n * a \"peek\" operation (i.e., get the byte, but don't advance the offset).\n *\n * @param {Boolean} peek true means don't move offset.\n * @return {Number} the next byte, null if not enough data.\n */\nReader.prototype.readByte = function (peek) {\n if (this._size - this._offset < 1)\n return null;\n\n var b = this._buf[this._offset] & 0xff;\n\n if (!peek)\n this._offset += 1;\n\n return b;\n};\n\n\nReader.prototype.peek = function () {\n return this.readByte(true);\n};\n\n\n/**\n * Reads a (potentially) variable length off the BER buffer. This call is\n * not really meant to be called directly, as callers have to manipulate\n * the internal buffer afterwards.\n *\n * As a result of this call, you can call `Reader.length`, until the\n * next thing called that does a readLength.\n *\n * @return {Number} the amount of offset to advance the buffer.\n * @throws {InvalidAsn1Error} on bad ASN.1\n */\nReader.prototype.readLength = function (offset) {\n if (offset === undefined)\n offset = this._offset;\n\n if (offset >= this._size)\n return null;\n\n var lenB = this._buf[offset++] & 0xff;\n if (lenB === null)\n return null;\n\n if ((lenB & 0x80) === 0x80) {\n lenB &= 0x7f;\n\n if (lenB === 0)\n throw newInvalidAsn1Error('Indefinite length not supported');\n\n if (lenB > 4)\n throw newInvalidAsn1Error('encoding too long');\n\n if (this._size - offset < lenB)\n return null;\n\n this._len = 0;\n for (var i = 0; i < lenB; i++)\n this._len = (this._len << 8) + (this._buf[offset++] & 0xff);\n\n } else {\n // Wasn't a variable length\n this._len = lenB;\n }\n\n return offset;\n};\n\n\n/**\n * Parses the next sequence in this BER buffer.\n *\n * To get the length of the sequence, call `Reader.length`.\n *\n * @return {Number} the sequence's tag.\n */\nReader.prototype.readSequence = function (tag) {\n var seq = this.peek();\n if (seq === null)\n return null;\n if (tag !== undefined && tag !== seq)\n throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n ': got 0x' + seq.toString(16));\n\n var o = this.readLength(this._offset + 1); // stored in `length`\n if (o === null)\n return null;\n\n this._offset = o;\n return seq;\n};\n\n\nReader.prototype.readInt = function () {\n return this._readTag(ASN1.Integer);\n};\n\n\nReader.prototype.readBoolean = function () {\n return (this._readTag(ASN1.Boolean) === 0 ? false : true);\n};\n\n\nReader.prototype.readEnumeration = function () {\n return this._readTag(ASN1.Enumeration);\n};\n\n\nReader.prototype.readString = function (tag, retbuf) {\n if (!tag)\n tag = ASN1.OctetString;\n\n var b = this.peek();\n if (b === null)\n return null;\n\n if (b !== tag)\n throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n ': got 0x' + b.toString(16));\n\n var o = this.readLength(this._offset + 1); // stored in `length`\n\n if (o === null)\n return null;\n\n if (this.length > this._size - o)\n return null;\n\n this._offset = o;\n\n if (this.length === 0)\n return retbuf ? Buffer.alloc(0) : '';\n\n var str = this._buf.slice(this._offset, this._offset + this.length);\n this._offset += this.length;\n\n return retbuf ? str : str.toString('utf8');\n};\n\nReader.prototype.readOID = function (tag) {\n if (!tag)\n tag = ASN1.OID;\n\n var b = this.readString(tag, true);\n if (b === null)\n return null;\n\n var values = [];\n var value = 0;\n\n for (var i = 0; i < b.length; i++) {\n var byte = b[i] & 0xff;\n\n value <<= 7;\n value += byte & 0x7f;\n if ((byte & 0x80) === 0) {\n values.push(value);\n value = 0;\n }\n }\n\n value = values.shift();\n values.unshift(value % 40);\n values.unshift((value / 40) >> 0);\n\n return values.join('.');\n};\n\n\nReader.prototype._readTag = function (tag) {\n assert.ok(tag !== undefined);\n\n var b = this.peek();\n\n if (b === null)\n return null;\n\n if (b !== tag)\n throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n ': got 0x' + b.toString(16));\n\n var o = this.readLength(this._offset + 1); // stored in `length`\n if (o === null)\n return null;\n\n if (this.length > 4)\n throw newInvalidAsn1Error('Integer too long: ' + this.length);\n\n if (this.length > this._size - o)\n return null;\n this._offset = o;\n\n var fb = this._buf[this._offset];\n var value = 0;\n\n for (var i = 0; i < this.length; i++) {\n value <<= 8;\n value |= (this._buf[this._offset++] & 0xff);\n }\n\n if ((fb & 0x80) === 0x80 && i !== 4)\n value -= (1 << (i * 8));\n\n return value >> 0;\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Reader;\n","// Copyright 2011 Mark Cavage All rights reserved.\n\n\nmodule.exports = {\n EOC: 0,\n Boolean: 1,\n Integer: 2,\n BitString: 3,\n OctetString: 4,\n Null: 5,\n OID: 6,\n ObjectDescriptor: 7,\n External: 8,\n Real: 9, // float\n Enumeration: 10,\n PDV: 11,\n Utf8String: 12,\n RelativeOID: 13,\n Sequence: 16,\n Set: 17,\n NumericString: 18,\n PrintableString: 19,\n T61String: 20,\n VideotexString: 21,\n IA5String: 22,\n UTCTime: 23,\n GeneralizedTime: 24,\n GraphicString: 25,\n VisibleString: 26,\n GeneralString: 28,\n UniversalString: 29,\n CharacterString: 30,\n BMPString: 31,\n Constructor: 32,\n Context: 128\n};\n","// Copyright 2011 Mark Cavage All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\nvar DEFAULT_OPTS = {\n size: 1024,\n growthFactor: 8\n};\n\n\n// --- Helpers\n\nfunction merge(from, to) {\n assert.ok(from);\n assert.equal(typeof (from), 'object');\n assert.ok(to);\n assert.equal(typeof (to), 'object');\n\n var keys = Object.getOwnPropertyNames(from);\n keys.forEach(function (key) {\n if (to[key])\n return;\n\n var value = Object.getOwnPropertyDescriptor(from, key);\n Object.defineProperty(to, key, value);\n });\n\n return to;\n}\n\n\n\n// --- API\n\nfunction Writer(options) {\n options = merge(DEFAULT_OPTS, options || {});\n\n this._buf = Buffer.alloc(options.size || 1024);\n this._size = this._buf.length;\n this._offset = 0;\n this._options = options;\n\n // A list of offsets in the buffer where we need to insert\n // sequence tag/len pairs.\n this._seq = [];\n}\n\nObject.defineProperty(Writer.prototype, 'buffer', {\n get: function () {\n if (this._seq.length)\n throw newInvalidAsn1Error(this._seq.length + ' unended sequence(s)');\n\n return (this._buf.slice(0, this._offset));\n }\n});\n\nWriter.prototype.writeByte = function (b) {\n if (typeof (b) !== 'number')\n throw new TypeError('argument must be a Number');\n\n this._ensure(1);\n this._buf[this._offset++] = b;\n};\n\n\nWriter.prototype.writeInt = function (i, tag) {\n if (typeof (i) !== 'number')\n throw new TypeError('argument must be a Number');\n if (typeof (tag) !== 'number')\n tag = ASN1.Integer;\n\n var sz = 4;\n\n while ((((i & 0xff800000) === 0) || ((i & 0xff800000) === 0xff800000 >> 0)) &&\n (sz > 1)) {\n sz--;\n i <<= 8;\n }\n\n if (sz > 4)\n throw newInvalidAsn1Error('BER ints cannot be > 0xffffffff');\n\n this._ensure(2 + sz);\n this._buf[this._offset++] = tag;\n this._buf[this._offset++] = sz;\n\n while (sz-- > 0) {\n this._buf[this._offset++] = ((i & 0xff000000) >>> 24);\n i <<= 8;\n }\n\n};\n\n\nWriter.prototype.writeNull = function () {\n this.writeByte(ASN1.Null);\n this.writeByte(0x00);\n};\n\n\nWriter.prototype.writeEnumeration = function (i, tag) {\n if (typeof (i) !== 'number')\n throw new TypeError('argument must be a Number');\n if (typeof (tag) !== 'number')\n tag = ASN1.Enumeration;\n\n return this.writeInt(i, tag);\n};\n\n\nWriter.prototype.writeBoolean = function (b, tag) {\n if (typeof (b) !== 'boolean')\n throw new TypeError('argument must be a Boolean');\n if (typeof (tag) !== 'number')\n tag = ASN1.Boolean;\n\n this._ensure(3);\n this._buf[this._offset++] = tag;\n this._buf[this._offset++] = 0x01;\n this._buf[this._offset++] = b ? 0xff : 0x00;\n};\n\n\nWriter.prototype.writeString = function (s, tag) {\n if (typeof (s) !== 'string')\n throw new TypeError('argument must be a string (was: ' + typeof (s) + ')');\n if (typeof (tag) !== 'number')\n tag = ASN1.OctetString;\n\n var len = Buffer.byteLength(s);\n this.writeByte(tag);\n this.writeLength(len);\n if (len) {\n this._ensure(len);\n this._buf.write(s, this._offset);\n this._offset += len;\n }\n};\n\n\nWriter.prototype.writeBuffer = function (buf, tag) {\n if (typeof (tag) !== 'number')\n throw new TypeError('tag must be a number');\n if (!Buffer.isBuffer(buf))\n throw new TypeError('argument must be a buffer');\n\n this.writeByte(tag);\n this.writeLength(buf.length);\n this._ensure(buf.length);\n buf.copy(this._buf, this._offset, 0, buf.length);\n this._offset += buf.length;\n};\n\n\nWriter.prototype.writeStringArray = function (strings) {\n if ((!strings instanceof Array))\n throw new TypeError('argument must be an Array[String]');\n\n var self = this;\n strings.forEach(function (s) {\n self.writeString(s);\n });\n};\n\n// This is really to solve DER cases, but whatever for now\nWriter.prototype.writeOID = function (s, tag) {\n if (typeof (s) !== 'string')\n throw new TypeError('argument must be a string');\n if (typeof (tag) !== 'number')\n tag = ASN1.OID;\n\n if (!/^([0-9]+\\.){3,}[0-9]+$/.test(s))\n throw new Error('argument is not a valid OID string');\n\n function encodeOctet(bytes, octet) {\n if (octet < 128) {\n bytes.push(octet);\n } else if (octet < 16384) {\n bytes.push((octet >>> 7) | 0x80);\n bytes.push(octet & 0x7F);\n } else if (octet < 2097152) {\n bytes.push((octet >>> 14) | 0x80);\n bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n bytes.push(octet & 0x7F);\n } else if (octet < 268435456) {\n bytes.push((octet >>> 21) | 0x80);\n bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n bytes.push(octet & 0x7F);\n } else {\n bytes.push(((octet >>> 28) | 0x80) & 0xFF);\n bytes.push(((octet >>> 21) | 0x80) & 0xFF);\n bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n bytes.push(octet & 0x7F);\n }\n }\n\n var tmp = s.split('.');\n var bytes = [];\n bytes.push(parseInt(tmp[0], 10) * 40 + parseInt(tmp[1], 10));\n tmp.slice(2).forEach(function (b) {\n encodeOctet(bytes, parseInt(b, 10));\n });\n\n var self = this;\n this._ensure(2 + bytes.length);\n this.writeByte(tag);\n this.writeLength(bytes.length);\n bytes.forEach(function (b) {\n self.writeByte(b);\n });\n};\n\n\nWriter.prototype.writeLength = function (len) {\n if (typeof (len) !== 'number')\n throw new TypeError('argument must be a Number');\n\n this._ensure(4);\n\n if (len <= 0x7f) {\n this._buf[this._offset++] = len;\n } else if (len <= 0xff) {\n this._buf[this._offset++] = 0x81;\n this._buf[this._offset++] = len;\n } else if (len <= 0xffff) {\n this._buf[this._offset++] = 0x82;\n this._buf[this._offset++] = len >> 8;\n this._buf[this._offset++] = len;\n } else if (len <= 0xffffff) {\n this._buf[this._offset++] = 0x83;\n this._buf[this._offset++] = len >> 16;\n this._buf[this._offset++] = len >> 8;\n this._buf[this._offset++] = len;\n } else {\n throw newInvalidAsn1Error('Length too long (> 4 bytes)');\n }\n};\n\nWriter.prototype.startSequence = function (tag) {\n if (typeof (tag) !== 'number')\n tag = ASN1.Sequence | ASN1.Constructor;\n\n this.writeByte(tag);\n this._seq.push(this._offset);\n this._ensure(3);\n this._offset += 3;\n};\n\n\nWriter.prototype.endSequence = function () {\n var seq = this._seq.pop();\n var start = seq + 3;\n var len = this._offset - start;\n\n if (len <= 0x7f) {\n this._shift(start, len, -2);\n this._buf[seq] = len;\n } else if (len <= 0xff) {\n this._shift(start, len, -1);\n this._buf[seq] = 0x81;\n this._buf[seq + 1] = len;\n } else if (len <= 0xffff) {\n this._buf[seq] = 0x82;\n this._buf[seq + 1] = len >> 8;\n this._buf[seq + 2] = len;\n } else if (len <= 0xffffff) {\n this._shift(start, len, 1);\n this._buf[seq] = 0x83;\n this._buf[seq + 1] = len >> 16;\n this._buf[seq + 2] = len >> 8;\n this._buf[seq + 3] = len;\n } else {\n throw newInvalidAsn1Error('Sequence too long');\n }\n};\n\n\nWriter.prototype._shift = function (start, len, shift) {\n assert.ok(start !== undefined);\n assert.ok(len !== undefined);\n assert.ok(shift);\n\n this._buf.copy(this._buf, start + shift, start, start + len);\n this._offset += shift;\n};\n\nWriter.prototype._ensure = function (len) {\n assert.ok(len);\n\n if (this._size - this._offset < len) {\n var sz = this._size * this._options.growthFactor;\n if (sz - this._offset < len)\n sz += len;\n\n var buf = Buffer.alloc(sz);\n\n this._buf.copy(buf, 0, 0, this._offset);\n this._buf = buf;\n this._size = sz;\n }\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Writer;\n","// Copyright 2011 Mark Cavage All rights reserved.\n\n// If you have no idea what ASN.1 or BER is, see this:\n// ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc\n\nvar Ber = require('./ber/index');\n\n\n\n// --- Exported API\n\nmodule.exports = {\n\n Ber: Ber,\n\n BerReader: Ber.Reader,\n\n BerWriter: Ber.Writer\n\n};\n","'use strict';\n\nvar crypto_hash_sha512 = require('tweetnacl').lowlevel.crypto_hash;\n\n/*\n * This file is a 1:1 port from the OpenBSD blowfish.c and bcrypt_pbkdf.c. As a\n * result, it retains the original copyright and license. The two files are\n * under slightly different (but compatible) licenses, and are here combined in\n * one file.\n *\n * Credit for the actual porting work goes to:\n * Devi Mandiri \n */\n\n/*\n * The Blowfish portions are under the following license:\n *\n * Blowfish block cipher for OpenBSD\n * Copyright 1997 Niels Provos \n * All rights reserved.\n *\n * Implementation advice by David Mazieres .\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n */\n\n/*\n * The bcrypt_pbkdf portions are under the following license:\n *\n * Copyright (c) 2013 Ted Unangst \n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n/*\n * Performance improvements (Javascript-specific):\n *\n * Copyright 2016, Joyent Inc\n * Author: Alex Wilson \n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n// Ported from OpenBSD bcrypt_pbkdf.c v1.9\n\nvar BLF_J = 0;\n\nvar Blowfish = function() {\n this.S = [\n new Uint32Array([\n 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7,\n 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,\n 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,\n 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,\n 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee,\n 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,\n 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef,\n 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e,\n 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,\n 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440,\n 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce,\n 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,\n 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e,\n 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677,\n 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,\n 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032,\n 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88,\n 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,\n 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e,\n 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0,\n 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,\n 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98,\n 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88,\n 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,\n 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6,\n 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d,\n 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,\n 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7,\n 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba,\n 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,\n 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f,\n 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09,\n 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,\n 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb,\n 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279,\n 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,\n 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab,\n 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82,\n 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,\n 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573,\n 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0,\n 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,\n 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790,\n 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8,\n 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,\n 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0,\n 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7,\n 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,\n 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad,\n 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1,\n 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,\n 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9,\n 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477,\n 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,\n 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49,\n 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af,\n 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,\n 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5,\n 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41,\n 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,\n 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,\n 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,\n 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,\n 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a]),\n new Uint32Array([\n 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623,\n 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,\n 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1,\n 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e,\n 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6,\n 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1,\n 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e,\n 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1,\n 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737,\n 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8,\n 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff,\n 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd,\n 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701,\n 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7,\n 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41,\n 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331,\n 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf,\n 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af,\n 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e,\n 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87,\n 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c,\n 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2,\n 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16,\n 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd,\n 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b,\n 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509,\n 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,\n 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3,\n 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f,\n 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a,\n 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4,\n 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960,\n 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66,\n 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28,\n 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802,\n 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,\n 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510,\n 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf,\n 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14,\n 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e,\n 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50,\n 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,\n 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8,\n 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281,\n 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99,\n 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696,\n 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128,\n 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73,\n 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0,\n 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0,\n 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105,\n 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250,\n 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3,\n 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285,\n 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00,\n 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061,\n 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb,\n 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e,\n 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735,\n 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc,\n 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9,\n 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340,\n 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,\n 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7]),\n new Uint32Array([\n 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934,\n 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,\n 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af,\n 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840,\n 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45,\n 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504,\n 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a,\n 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb,\n 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee,\n 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6,\n 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42,\n 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b,\n 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2,\n 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb,\n 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527,\n 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b,\n 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33,\n 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c,\n 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3,\n 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc,\n 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17,\n 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564,\n 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b,\n 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115,\n 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922,\n 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728,\n 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0,\n 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e,\n 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37,\n 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,\n 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804,\n 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b,\n 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,\n 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb,\n 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d,\n 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c,\n 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350,\n 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9,\n 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a,\n 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe,\n 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d,\n 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc,\n 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f,\n 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61,\n 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2,\n 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9,\n 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2,\n 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c,\n 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e,\n 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633,\n 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10,\n 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169,\n 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52,\n 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027,\n 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5,\n 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62,\n 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634,\n 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76,\n 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24,\n 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,\n 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4,\n 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c,\n 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,\n 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0]),\n new Uint32Array([\n 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b,\n 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,\n 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b,\n 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4,\n 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8,\n 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6,\n 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304,\n 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22,\n 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,\n 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6,\n 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9,\n 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59,\n 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593,\n 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51,\n 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,\n 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c,\n 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b,\n 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28,\n 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c,\n 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd,\n 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a,\n 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319,\n 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb,\n 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f,\n 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991,\n 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32,\n 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680,\n 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166,\n 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae,\n 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb,\n 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5,\n 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47,\n 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370,\n 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d,\n 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84,\n 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048,\n 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8,\n 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd,\n 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9,\n 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7,\n 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38,\n 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f,\n 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c,\n 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525,\n 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1,\n 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442,\n 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964,\n 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e,\n 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8,\n 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d,\n 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f,\n 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299,\n 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02,\n 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc,\n 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614,\n 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a,\n 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,\n 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,\n 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0,\n 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060,\n 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e,\n 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9,\n 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,\n 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6])\n ];\n this.P = new Uint32Array([\n 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,\n 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89,\n 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,\n 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917,\n 0x9216d5d9, 0x8979fb1b]);\n};\n\nfunction F(S, x8, i) {\n return (((S[0][x8[i+3]] +\n S[1][x8[i+2]]) ^\n S[2][x8[i+1]]) +\n S[3][x8[i]]);\n};\n\nBlowfish.prototype.encipher = function(x, x8) {\n if (x8 === undefined) {\n x8 = new Uint8Array(x.buffer);\n if (x.byteOffset !== 0)\n x8 = x8.subarray(x.byteOffset);\n }\n x[0] ^= this.P[0];\n for (var i = 1; i < 16; i += 2) {\n x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n x[0] ^= F(this.S, x8, 4) ^ this.P[i+1];\n }\n var t = x[0];\n x[0] = x[1] ^ this.P[17];\n x[1] = t;\n};\n\nBlowfish.prototype.decipher = function(x) {\n var x8 = new Uint8Array(x.buffer);\n if (x.byteOffset !== 0)\n x8 = x8.subarray(x.byteOffset);\n x[0] ^= this.P[17];\n for (var i = 16; i > 0; i -= 2) {\n x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n x[0] ^= F(this.S, x8, 4) ^ this.P[i-1];\n }\n var t = x[0];\n x[0] = x[1] ^ this.P[0];\n x[1] = t;\n};\n\nfunction stream2word(data, databytes){\n var i, temp = 0;\n for (i = 0; i < 4; i++, BLF_J++) {\n if (BLF_J >= databytes) BLF_J = 0;\n temp = (temp << 8) | data[BLF_J];\n }\n return temp;\n};\n\nBlowfish.prototype.expand0state = function(key, keybytes) {\n var d = new Uint32Array(2), i, k;\n var d8 = new Uint8Array(d.buffer);\n\n for (i = 0, BLF_J = 0; i < 18; i++) {\n this.P[i] ^= stream2word(key, keybytes);\n }\n BLF_J = 0;\n\n for (i = 0; i < 18; i += 2) {\n this.encipher(d, d8);\n this.P[i] = d[0];\n this.P[i+1] = d[1];\n }\n\n for (i = 0; i < 4; i++) {\n for (k = 0; k < 256; k += 2) {\n this.encipher(d, d8);\n this.S[i][k] = d[0];\n this.S[i][k+1] = d[1];\n }\n }\n};\n\nBlowfish.prototype.expandstate = function(data, databytes, key, keybytes) {\n var d = new Uint32Array(2), i, k;\n\n for (i = 0, BLF_J = 0; i < 18; i++) {\n this.P[i] ^= stream2word(key, keybytes);\n }\n\n for (i = 0, BLF_J = 0; i < 18; i += 2) {\n d[0] ^= stream2word(data, databytes);\n d[1] ^= stream2word(data, databytes);\n this.encipher(d);\n this.P[i] = d[0];\n this.P[i+1] = d[1];\n }\n\n for (i = 0; i < 4; i++) {\n for (k = 0; k < 256; k += 2) {\n d[0] ^= stream2word(data, databytes);\n d[1] ^= stream2word(data, databytes);\n this.encipher(d);\n this.S[i][k] = d[0];\n this.S[i][k+1] = d[1];\n }\n }\n BLF_J = 0;\n};\n\nBlowfish.prototype.enc = function(data, blocks) {\n for (var i = 0; i < blocks; i++) {\n this.encipher(data.subarray(i*2));\n }\n};\n\nBlowfish.prototype.dec = function(data, blocks) {\n for (var i = 0; i < blocks; i++) {\n this.decipher(data.subarray(i*2));\n }\n};\n\nvar BCRYPT_BLOCKS = 8,\n BCRYPT_HASHSIZE = 32;\n\nfunction bcrypt_hash(sha2pass, sha2salt, out) {\n var state = new Blowfish(),\n cdata = new Uint32Array(BCRYPT_BLOCKS), i,\n ciphertext = new Uint8Array([79,120,121,99,104,114,111,109,97,116,105,\n 99,66,108,111,119,102,105,115,104,83,119,97,116,68,121,110,97,109,\n 105,116,101]); //\"OxychromaticBlowfishSwatDynamite\"\n\n state.expandstate(sha2salt, 64, sha2pass, 64);\n for (i = 0; i < 64; i++) {\n state.expand0state(sha2salt, 64);\n state.expand0state(sha2pass, 64);\n }\n\n for (i = 0; i < BCRYPT_BLOCKS; i++)\n cdata[i] = stream2word(ciphertext, ciphertext.byteLength);\n for (i = 0; i < 64; i++)\n state.enc(cdata, cdata.byteLength / 8);\n\n for (i = 0; i < BCRYPT_BLOCKS; i++) {\n out[4*i+3] = cdata[i] >>> 24;\n out[4*i+2] = cdata[i] >>> 16;\n out[4*i+1] = cdata[i] >>> 8;\n out[4*i+0] = cdata[i];\n }\n};\n\nfunction bcrypt_pbkdf(pass, passlen, salt, saltlen, key, keylen, rounds) {\n var sha2pass = new Uint8Array(64),\n sha2salt = new Uint8Array(64),\n out = new Uint8Array(BCRYPT_HASHSIZE),\n tmpout = new Uint8Array(BCRYPT_HASHSIZE),\n countsalt = new Uint8Array(saltlen+4),\n i, j, amt, stride, dest, count,\n origkeylen = keylen;\n\n if (rounds < 1)\n return -1;\n if (passlen === 0 || saltlen === 0 || keylen === 0 ||\n keylen > (out.byteLength * out.byteLength) || saltlen > (1<<20))\n return -1;\n\n stride = Math.floor((keylen + out.byteLength - 1) / out.byteLength);\n amt = Math.floor((keylen + stride - 1) / stride);\n\n for (i = 0; i < saltlen; i++)\n countsalt[i] = salt[i];\n\n crypto_hash_sha512(sha2pass, pass, passlen);\n\n for (count = 1; keylen > 0; count++) {\n countsalt[saltlen+0] = count >>> 24;\n countsalt[saltlen+1] = count >>> 16;\n countsalt[saltlen+2] = count >>> 8;\n countsalt[saltlen+3] = count;\n\n crypto_hash_sha512(sha2salt, countsalt, saltlen + 4);\n bcrypt_hash(sha2pass, sha2salt, tmpout);\n for (i = out.byteLength; i--;)\n out[i] = tmpout[i];\n\n for (i = 1; i < rounds; i++) {\n crypto_hash_sha512(sha2salt, tmpout, tmpout.byteLength);\n bcrypt_hash(sha2pass, sha2salt, tmpout);\n for (j = 0; j < out.byteLength; j++)\n out[j] ^= tmpout[j];\n }\n\n amt = Math.min(amt, keylen);\n for (i = 0; i < amt; i++) {\n dest = i * stride + (count - 1);\n if (dest >= origkeylen)\n break;\n key[dest] = out[i];\n }\n keylen -= i;\n }\n\n return 0;\n};\n\nmodule.exports = {\n BLOCKS: BCRYPT_BLOCKS,\n HASHSIZE: BCRYPT_HASHSIZE,\n hash: bcrypt_hash,\n pbkdf: bcrypt_pbkdf\n};\n","'use strict';\n\nconst binding = require('../build/Release/cpufeatures.node');\n\nmodule.exports = binding.getCPUInfo;\n","'use strict';\n\nconst isStream = stream =>\n\tstream !== null &&\n\ttypeof stream === 'object' &&\n\ttypeof stream.pipe === 'function';\n\nisStream.writable = stream =>\n\tisStream(stream) &&\n\tstream.writable !== false &&\n\ttypeof stream._write === 'function' &&\n\ttypeof stream._writableState === 'object';\n\nisStream.readable = stream =>\n\tisStream(stream) &&\n\tstream.readable !== false &&\n\ttypeof stream._read === 'function' &&\n\ttypeof stream._readableState === 'object';\n\nisStream.duplex = stream =>\n\tisStream.writable(stream) &&\n\tisStream.readable(stream);\n\nisStream.transform = stream =>\n\tisStream.duplex(stream) &&\n\ttypeof stream._transform === 'function';\n\nmodule.exports = isStream;\n","'use strict';\nconst fs = require('fs');\nconst path = require('path');\nconst {promisify} = require('util');\nconst semver = require('semver');\n\nconst useNativeRecursiveOption = semver.satisfies(process.version, '>=10.12.0');\n\n// https://github.com/nodejs/node/issues/8987\n// https://github.com/libuv/libuv/pull/1088\nconst checkPath = pth => {\n\tif (process.platform === 'win32') {\n\t\tconst pathHasInvalidWinCharacters = /[<>:\"|?*]/.test(pth.replace(path.parse(pth).root, ''));\n\n\t\tif (pathHasInvalidWinCharacters) {\n\t\t\tconst error = new Error(`Path contains invalid characters: ${pth}`);\n\t\t\terror.code = 'EINVAL';\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n\nconst processOptions = options => {\n\t// https://github.com/sindresorhus/make-dir/issues/18\n\tconst defaults = {\n\t\tmode: 0o777,\n\t\tfs\n\t};\n\n\treturn {\n\t\t...defaults,\n\t\t...options\n\t};\n};\n\nconst permissionError = pth => {\n\t// This replicates the exception of `fs.mkdir` with native the\n\t// `recusive` option when run on an invalid drive under Windows.\n\tconst error = new Error(`operation not permitted, mkdir '${pth}'`);\n\terror.code = 'EPERM';\n\terror.errno = -4048;\n\terror.path = pth;\n\terror.syscall = 'mkdir';\n\treturn error;\n};\n\nconst makeDir = async (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tconst mkdir = promisify(options.fs.mkdir);\n\tconst stat = promisify(options.fs.stat);\n\n\tif (useNativeRecursiveOption && options.fs.mkdir === fs.mkdir) {\n\t\tconst pth = path.resolve(input);\n\n\t\tawait mkdir(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = async pth => {\n\t\ttry {\n\t\t\tawait mkdir(pth, options.mode);\n\n\t\t\treturn pth;\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tawait make(path.dirname(pth));\n\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tconst stats = await stat(pth);\n\t\t\t\tif (!stats.isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\treturn pth;\n\t\t}\n\t};\n\n\treturn make(path.resolve(input));\n};\n\nmodule.exports = makeDir;\n\nmodule.exports.sync = (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tif (useNativeRecursiveOption && options.fs.mkdirSync === fs.mkdirSync) {\n\t\tconst pth = path.resolve(input);\n\n\t\tfs.mkdirSync(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = pth => {\n\t\ttry {\n\t\t\toptions.fs.mkdirSync(pth, options.mode);\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tmake(path.dirname(pth));\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tif (!options.fs.statSync(pth).isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\t\t}\n\n\t\treturn pth;\n\t};\n\n\treturn make(path.resolve(input));\n};\n","/* eslint-disable node/no-deprecated-api */\n\n'use strict'\n\nvar buffer = require('buffer')\nvar Buffer = buffer.Buffer\n\nvar safer = {}\n\nvar key\n\nfor (key in buffer) {\n if (!buffer.hasOwnProperty(key)) continue\n if (key === 'SlowBuffer' || key === 'Buffer') continue\n safer[key] = buffer[key]\n}\n\nvar Safer = safer.Buffer = {}\nfor (key in Buffer) {\n if (!Buffer.hasOwnProperty(key)) continue\n if (key === 'allocUnsafe' || key === 'allocUnsafeSlow') continue\n Safer[key] = Buffer[key]\n}\n\nsafer.Buffer.prototype = Buffer.prototype\n\nif (!Safer.from || Safer.from === Uint8Array.from) {\n Safer.from = function (value, encodingOrOffset, length) {\n if (typeof value === 'number') {\n throw new TypeError('The \"value\" argument must not be of type number. Received type ' + typeof value)\n }\n if (value && typeof value.length === 'undefined') {\n throw new TypeError('The first argument must be one of type string, Buffer, ArrayBuffer, Array, or Array-like Object. Received type ' + typeof value)\n }\n return Buffer(value, encodingOrOffset, length)\n }\n}\n\nif (!Safer.alloc) {\n Safer.alloc = function (size, fill, encoding) {\n if (typeof size !== 'number') {\n throw new TypeError('The \"size\" argument must be of type number. Received type ' + typeof size)\n }\n if (size < 0 || size >= 2 * (1 << 30)) {\n throw new RangeError('The value \"' + size + '\" is invalid for option \"size\"')\n }\n var buf = Buffer(size)\n if (!fill || fill.length === 0) {\n buf.fill(0)\n } else if (typeof encoding === 'string') {\n buf.fill(fill, encoding)\n } else {\n buf.fill(fill)\n }\n return buf\n }\n}\n\nif (!safer.kStringMaxLength) {\n try {\n safer.kStringMaxLength = process.binding('buffer').kStringMaxLength\n } catch (e) {\n // we can't determine kStringMaxLength in environments where process.binding\n // is unsupported, so let's not set it\n }\n}\n\nif (!safer.constants) {\n safer.constants = {\n MAX_LENGTH: safer.kMaxLength\n }\n if (safer.kStringMaxLength) {\n safer.constants.MAX_STRING_LENGTH = safer.kStringMaxLength\n }\n}\n\nmodule.exports = safer\n","exports = module.exports = SemVer\n\nvar debug\n/* istanbul ignore next */\nif (typeof process === 'object' &&\n process.env &&\n process.env.NODE_DEBUG &&\n /\\bsemver\\b/i.test(process.env.NODE_DEBUG)) {\n debug = function () {\n var args = Array.prototype.slice.call(arguments, 0)\n args.unshift('SEMVER')\n console.log.apply(console, args)\n }\n} else {\n debug = function () {}\n}\n\n// Note: this is the semver.org version of the spec that it implements\n// Not necessarily the package version of this code.\nexports.SEMVER_SPEC_VERSION = '2.0.0'\n\nvar MAX_LENGTH = 256\nvar MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER ||\n /* istanbul ignore next */ 9007199254740991\n\n// Max safe segment length for coercion.\nvar MAX_SAFE_COMPONENT_LENGTH = 16\n\nvar MAX_SAFE_BUILD_LENGTH = MAX_LENGTH - 6\n\n// The actual regexps go on exports.re\nvar re = exports.re = []\nvar safeRe = exports.safeRe = []\nvar src = exports.src = []\nvar t = exports.tokens = {}\nvar R = 0\n\nfunction tok (n) {\n t[n] = R++\n}\n\nvar LETTERDASHNUMBER = '[a-zA-Z0-9-]'\n\n// Replace some greedy regex tokens to prevent regex dos issues. These regex are\n// used internally via the safeRe object since all inputs in this library get\n// normalized first to trim and collapse all extra whitespace. The original\n// regexes are exported for userland consumption and lower level usage. A\n// future breaking change could export the safer regex only with a note that\n// all input should have extra whitespace removed.\nvar safeRegexReplacements = [\n ['\\\\s', 1],\n ['\\\\d', MAX_LENGTH],\n [LETTERDASHNUMBER, MAX_SAFE_BUILD_LENGTH],\n]\n\nfunction makeSafeRe (value) {\n for (var i = 0; i < safeRegexReplacements.length; i++) {\n var token = safeRegexReplacements[i][0]\n var max = safeRegexReplacements[i][1]\n value = value\n .split(token + '*').join(token + '{0,' + max + '}')\n .split(token + '+').join(token + '{1,' + max + '}')\n }\n return value\n}\n\n// The following Regular Expressions can be used for tokenizing,\n// validating, and parsing SemVer version strings.\n\n// ## Numeric Identifier\n// A single `0`, or a non-zero digit followed by zero or more digits.\n\ntok('NUMERICIDENTIFIER')\nsrc[t.NUMERICIDENTIFIER] = '0|[1-9]\\\\d*'\ntok('NUMERICIDENTIFIERLOOSE')\nsrc[t.NUMERICIDENTIFIERLOOSE] = '\\\\d+'\n\n// ## Non-numeric Identifier\n// Zero or more digits, followed by a letter or hyphen, and then zero or\n// more letters, digits, or hyphens.\n\ntok('NONNUMERICIDENTIFIER')\nsrc[t.NONNUMERICIDENTIFIER] = '\\\\d*[a-zA-Z-]' + LETTERDASHNUMBER + '*'\n\n// ## Main Version\n// Three dot-separated numeric identifiers.\n\ntok('MAINVERSION')\nsrc[t.MAINVERSION] = '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIER] + ')'\n\ntok('MAINVERSIONLOOSE')\nsrc[t.MAINVERSIONLOOSE] = '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')'\n\n// ## Pre-release Version Identifier\n// A numeric identifier, or a non-numeric identifier.\n\ntok('PRERELEASEIDENTIFIER')\nsrc[t.PRERELEASEIDENTIFIER] = '(?:' + src[t.NUMERICIDENTIFIER] +\n '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\ntok('PRERELEASEIDENTIFIERLOOSE')\nsrc[t.PRERELEASEIDENTIFIERLOOSE] = '(?:' + src[t.NUMERICIDENTIFIERLOOSE] +\n '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\n// ## Pre-release Version\n// Hyphen, followed by one or more dot-separated pre-release version\n// identifiers.\n\ntok('PRERELEASE')\nsrc[t.PRERELEASE] = '(?:-(' + src[t.PRERELEASEIDENTIFIER] +\n '(?:\\\\.' + src[t.PRERELEASEIDENTIFIER] + ')*))'\n\ntok('PRERELEASELOOSE')\nsrc[t.PRERELEASELOOSE] = '(?:-?(' + src[t.PRERELEASEIDENTIFIERLOOSE] +\n '(?:\\\\.' + src[t.PRERELEASEIDENTIFIERLOOSE] + ')*))'\n\n// ## Build Metadata Identifier\n// Any combination of digits, letters, or hyphens.\n\ntok('BUILDIDENTIFIER')\nsrc[t.BUILDIDENTIFIER] = LETTERDASHNUMBER + '+'\n\n// ## Build Metadata\n// Plus sign, followed by one or more period-separated build metadata\n// identifiers.\n\ntok('BUILD')\nsrc[t.BUILD] = '(?:\\\\+(' + src[t.BUILDIDENTIFIER] +\n '(?:\\\\.' + src[t.BUILDIDENTIFIER] + ')*))'\n\n// ## Full Version String\n// A main version, followed optionally by a pre-release version and\n// build metadata.\n\n// Note that the only major, minor, patch, and pre-release sections of\n// the version string are capturing groups. The build metadata is not a\n// capturing group, because it should not ever be used in version\n// comparison.\n\ntok('FULL')\ntok('FULLPLAIN')\nsrc[t.FULLPLAIN] = 'v?' + src[t.MAINVERSION] +\n src[t.PRERELEASE] + '?' +\n src[t.BUILD] + '?'\n\nsrc[t.FULL] = '^' + src[t.FULLPLAIN] + '$'\n\n// like full, but allows v1.2.3 and =1.2.3, which people do sometimes.\n// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty\n// common in the npm registry.\ntok('LOOSEPLAIN')\nsrc[t.LOOSEPLAIN] = '[v=\\\\s]*' + src[t.MAINVERSIONLOOSE] +\n src[t.PRERELEASELOOSE] + '?' +\n src[t.BUILD] + '?'\n\ntok('LOOSE')\nsrc[t.LOOSE] = '^' + src[t.LOOSEPLAIN] + '$'\n\ntok('GTLT')\nsrc[t.GTLT] = '((?:<|>)?=?)'\n\n// Something like \"2.*\" or \"1.2.x\".\n// Note that \"x.x\" is a valid xRange identifer, meaning \"any version\"\n// Only the first item is strictly required.\ntok('XRANGEIDENTIFIERLOOSE')\nsrc[t.XRANGEIDENTIFIERLOOSE] = src[t.NUMERICIDENTIFIERLOOSE] + '|x|X|\\\\*'\ntok('XRANGEIDENTIFIER')\nsrc[t.XRANGEIDENTIFIER] = src[t.NUMERICIDENTIFIER] + '|x|X|\\\\*'\n\ntok('XRANGEPLAIN')\nsrc[t.XRANGEPLAIN] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIER] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n '(?:' + src[t.PRERELEASE] + ')?' +\n src[t.BUILD] + '?' +\n ')?)?'\n\ntok('XRANGEPLAINLOOSE')\nsrc[t.XRANGEPLAINLOOSE] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n '(?:' + src[t.PRERELEASELOOSE] + ')?' +\n src[t.BUILD] + '?' +\n ')?)?'\n\ntok('XRANGE')\nsrc[t.XRANGE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAIN] + '$'\ntok('XRANGELOOSE')\nsrc[t.XRANGELOOSE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Coercion.\n// Extract anything that could conceivably be a part of a valid semver\ntok('COERCE')\nsrc[t.COERCE] = '(^|[^\\\\d])' +\n '(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '})' +\n '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n '(?:$|[^\\\\d])'\ntok('COERCERTL')\nre[t.COERCERTL] = new RegExp(src[t.COERCE], 'g')\nsafeRe[t.COERCERTL] = new RegExp(makeSafeRe(src[t.COERCE]), 'g')\n\n// Tilde ranges.\n// Meaning is \"reasonably at or greater than\"\ntok('LONETILDE')\nsrc[t.LONETILDE] = '(?:~>?)'\n\ntok('TILDETRIM')\nsrc[t.TILDETRIM] = '(\\\\s*)' + src[t.LONETILDE] + '\\\\s+'\nre[t.TILDETRIM] = new RegExp(src[t.TILDETRIM], 'g')\nsafeRe[t.TILDETRIM] = new RegExp(makeSafeRe(src[t.TILDETRIM]), 'g')\nvar tildeTrimReplace = '$1~'\n\ntok('TILDE')\nsrc[t.TILDE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAIN] + '$'\ntok('TILDELOOSE')\nsrc[t.TILDELOOSE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Caret ranges.\n// Meaning is \"at least and backwards compatible with\"\ntok('LONECARET')\nsrc[t.LONECARET] = '(?:\\\\^)'\n\ntok('CARETTRIM')\nsrc[t.CARETTRIM] = '(\\\\s*)' + src[t.LONECARET] + '\\\\s+'\nre[t.CARETTRIM] = new RegExp(src[t.CARETTRIM], 'g')\nsafeRe[t.CARETTRIM] = new RegExp(makeSafeRe(src[t.CARETTRIM]), 'g')\nvar caretTrimReplace = '$1^'\n\ntok('CARET')\nsrc[t.CARET] = '^' + src[t.LONECARET] + src[t.XRANGEPLAIN] + '$'\ntok('CARETLOOSE')\nsrc[t.CARETLOOSE] = '^' + src[t.LONECARET] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// A simple gt/lt/eq thing, or just \"\" to indicate \"any version\"\ntok('COMPARATORLOOSE')\nsrc[t.COMPARATORLOOSE] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.LOOSEPLAIN] + ')$|^$'\ntok('COMPARATOR')\nsrc[t.COMPARATOR] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.FULLPLAIN] + ')$|^$'\n\n// An expression to strip any whitespace between the gtlt and the thing\n// it modifies, so that `> 1.2.3` ==> `>1.2.3`\ntok('COMPARATORTRIM')\nsrc[t.COMPARATORTRIM] = '(\\\\s*)' + src[t.GTLT] +\n '\\\\s*(' + src[t.LOOSEPLAIN] + '|' + src[t.XRANGEPLAIN] + ')'\n\n// this one has to use the /g flag\nre[t.COMPARATORTRIM] = new RegExp(src[t.COMPARATORTRIM], 'g')\nsafeRe[t.COMPARATORTRIM] = new RegExp(makeSafeRe(src[t.COMPARATORTRIM]), 'g')\nvar comparatorTrimReplace = '$1$2$3'\n\n// Something like `1.2.3 - 1.2.4`\n// Note that these all use the loose form, because they'll be\n// checked against either the strict or loose comparator form\n// later.\ntok('HYPHENRANGE')\nsrc[t.HYPHENRANGE] = '^\\\\s*(' + src[t.XRANGEPLAIN] + ')' +\n '\\\\s+-\\\\s+' +\n '(' + src[t.XRANGEPLAIN] + ')' +\n '\\\\s*$'\n\ntok('HYPHENRANGELOOSE')\nsrc[t.HYPHENRANGELOOSE] = '^\\\\s*(' + src[t.XRANGEPLAINLOOSE] + ')' +\n '\\\\s+-\\\\s+' +\n '(' + src[t.XRANGEPLAINLOOSE] + ')' +\n '\\\\s*$'\n\n// Star ranges basically just allow anything at all.\ntok('STAR')\nsrc[t.STAR] = '(<|>)?=?\\\\s*\\\\*'\n\n// Compile to actual regexp objects.\n// All are flag-free, unless they were created above with a flag.\nfor (var i = 0; i < R; i++) {\n debug(i, src[i])\n if (!re[i]) {\n re[i] = new RegExp(src[i])\n\n // Replace all greedy whitespace to prevent regex dos issues. These regex are\n // used internally via the safeRe object since all inputs in this library get\n // normalized first to trim and collapse all extra whitespace. The original\n // regexes are exported for userland consumption and lower level usage. A\n // future breaking change could export the safer regex only with a note that\n // all input should have extra whitespace removed.\n safeRe[i] = new RegExp(makeSafeRe(src[i]))\n }\n}\n\nexports.parse = parse\nfunction parse (version, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n if (version instanceof SemVer) {\n return version\n }\n\n if (typeof version !== 'string') {\n return null\n }\n\n if (version.length > MAX_LENGTH) {\n return null\n }\n\n var r = options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL]\n if (!r.test(version)) {\n return null\n }\n\n try {\n return new SemVer(version, options)\n } catch (er) {\n return null\n }\n}\n\nexports.valid = valid\nfunction valid (version, options) {\n var v = parse(version, options)\n return v ? v.version : null\n}\n\nexports.clean = clean\nfunction clean (version, options) {\n var s = parse(version.trim().replace(/^[=v]+/, ''), options)\n return s ? s.version : null\n}\n\nexports.SemVer = SemVer\n\nfunction SemVer (version, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n if (version instanceof SemVer) {\n if (version.loose === options.loose) {\n return version\n } else {\n version = version.version\n }\n } else if (typeof version !== 'string') {\n throw new TypeError('Invalid Version: ' + version)\n }\n\n if (version.length > MAX_LENGTH) {\n throw new TypeError('version is longer than ' + MAX_LENGTH + ' characters')\n }\n\n if (!(this instanceof SemVer)) {\n return new SemVer(version, options)\n }\n\n debug('SemVer', version, options)\n this.options = options\n this.loose = !!options.loose\n\n var m = version.trim().match(options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL])\n\n if (!m) {\n throw new TypeError('Invalid Version: ' + version)\n }\n\n this.raw = version\n\n // these are actually numbers\n this.major = +m[1]\n this.minor = +m[2]\n this.patch = +m[3]\n\n if (this.major > MAX_SAFE_INTEGER || this.major < 0) {\n throw new TypeError('Invalid major version')\n }\n\n if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) {\n throw new TypeError('Invalid minor version')\n }\n\n if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) {\n throw new TypeError('Invalid patch version')\n }\n\n // numberify any prerelease numeric ids\n if (!m[4]) {\n this.prerelease = []\n } else {\n this.prerelease = m[4].split('.').map(function (id) {\n if (/^[0-9]+$/.test(id)) {\n var num = +id\n if (num >= 0 && num < MAX_SAFE_INTEGER) {\n return num\n }\n }\n return id\n })\n }\n\n this.build = m[5] ? m[5].split('.') : []\n this.format()\n}\n\nSemVer.prototype.format = function () {\n this.version = this.major + '.' + this.minor + '.' + this.patch\n if (this.prerelease.length) {\n this.version += '-' + this.prerelease.join('.')\n }\n return this.version\n}\n\nSemVer.prototype.toString = function () {\n return this.version\n}\n\nSemVer.prototype.compare = function (other) {\n debug('SemVer.compare', this.version, this.options, other)\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n return this.compareMain(other) || this.comparePre(other)\n}\n\nSemVer.prototype.compareMain = function (other) {\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n return compareIdentifiers(this.major, other.major) ||\n compareIdentifiers(this.minor, other.minor) ||\n compareIdentifiers(this.patch, other.patch)\n}\n\nSemVer.prototype.comparePre = function (other) {\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n // NOT having a prerelease is > having one\n if (this.prerelease.length && !other.prerelease.length) {\n return -1\n } else if (!this.prerelease.length && other.prerelease.length) {\n return 1\n } else if (!this.prerelease.length && !other.prerelease.length) {\n return 0\n }\n\n var i = 0\n do {\n var a = this.prerelease[i]\n var b = other.prerelease[i]\n debug('prerelease compare', i, a, b)\n if (a === undefined && b === undefined) {\n return 0\n } else if (b === undefined) {\n return 1\n } else if (a === undefined) {\n return -1\n } else if (a === b) {\n continue\n } else {\n return compareIdentifiers(a, b)\n }\n } while (++i)\n}\n\nSemVer.prototype.compareBuild = function (other) {\n if (!(other instanceof SemVer)) {\n other = new SemVer(other, this.options)\n }\n\n var i = 0\n do {\n var a = this.build[i]\n var b = other.build[i]\n debug('prerelease compare', i, a, b)\n if (a === undefined && b === undefined) {\n return 0\n } else if (b === undefined) {\n return 1\n } else if (a === undefined) {\n return -1\n } else if (a === b) {\n continue\n } else {\n return compareIdentifiers(a, b)\n }\n } while (++i)\n}\n\n// preminor will bump the version up to the next minor release, and immediately\n// down to pre-release. premajor and prepatch work the same way.\nSemVer.prototype.inc = function (release, identifier) {\n switch (release) {\n case 'premajor':\n this.prerelease.length = 0\n this.patch = 0\n this.minor = 0\n this.major++\n this.inc('pre', identifier)\n break\n case 'preminor':\n this.prerelease.length = 0\n this.patch = 0\n this.minor++\n this.inc('pre', identifier)\n break\n case 'prepatch':\n // If this is already a prerelease, it will bump to the next version\n // drop any prereleases that might already exist, since they are not\n // relevant at this point.\n this.prerelease.length = 0\n this.inc('patch', identifier)\n this.inc('pre', identifier)\n break\n // If the input is a non-prerelease version, this acts the same as\n // prepatch.\n case 'prerelease':\n if (this.prerelease.length === 0) {\n this.inc('patch', identifier)\n }\n this.inc('pre', identifier)\n break\n\n case 'major':\n // If this is a pre-major version, bump up to the same major version.\n // Otherwise increment major.\n // 1.0.0-5 bumps to 1.0.0\n // 1.1.0 bumps to 2.0.0\n if (this.minor !== 0 ||\n this.patch !== 0 ||\n this.prerelease.length === 0) {\n this.major++\n }\n this.minor = 0\n this.patch = 0\n this.prerelease = []\n break\n case 'minor':\n // If this is a pre-minor version, bump up to the same minor version.\n // Otherwise increment minor.\n // 1.2.0-5 bumps to 1.2.0\n // 1.2.1 bumps to 1.3.0\n if (this.patch !== 0 || this.prerelease.length === 0) {\n this.minor++\n }\n this.patch = 0\n this.prerelease = []\n break\n case 'patch':\n // If this is not a pre-release version, it will increment the patch.\n // If it is a pre-release it will bump up to the same patch version.\n // 1.2.0-5 patches to 1.2.0\n // 1.2.0 patches to 1.2.1\n if (this.prerelease.length === 0) {\n this.patch++\n }\n this.prerelease = []\n break\n // This probably shouldn't be used publicly.\n // 1.0.0 \"pre\" would become 1.0.0-0 which is the wrong direction.\n case 'pre':\n if (this.prerelease.length === 0) {\n this.prerelease = [0]\n } else {\n var i = this.prerelease.length\n while (--i >= 0) {\n if (typeof this.prerelease[i] === 'number') {\n this.prerelease[i]++\n i = -2\n }\n }\n if (i === -1) {\n // didn't increment anything\n this.prerelease.push(0)\n }\n }\n if (identifier) {\n // 1.2.0-beta.1 bumps to 1.2.0-beta.2,\n // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0\n if (this.prerelease[0] === identifier) {\n if (isNaN(this.prerelease[1])) {\n this.prerelease = [identifier, 0]\n }\n } else {\n this.prerelease = [identifier, 0]\n }\n }\n break\n\n default:\n throw new Error('invalid increment argument: ' + release)\n }\n this.format()\n this.raw = this.version\n return this\n}\n\nexports.inc = inc\nfunction inc (version, release, loose, identifier) {\n if (typeof (loose) === 'string') {\n identifier = loose\n loose = undefined\n }\n\n try {\n return new SemVer(version, loose).inc(release, identifier).version\n } catch (er) {\n return null\n }\n}\n\nexports.diff = diff\nfunction diff (version1, version2) {\n if (eq(version1, version2)) {\n return null\n } else {\n var v1 = parse(version1)\n var v2 = parse(version2)\n var prefix = ''\n if (v1.prerelease.length || v2.prerelease.length) {\n prefix = 'pre'\n var defaultResult = 'prerelease'\n }\n for (var key in v1) {\n if (key === 'major' || key === 'minor' || key === 'patch') {\n if (v1[key] !== v2[key]) {\n return prefix + key\n }\n }\n }\n return defaultResult // may be undefined\n }\n}\n\nexports.compareIdentifiers = compareIdentifiers\n\nvar numeric = /^[0-9]+$/\nfunction compareIdentifiers (a, b) {\n var anum = numeric.test(a)\n var bnum = numeric.test(b)\n\n if (anum && bnum) {\n a = +a\n b = +b\n }\n\n return a === b ? 0\n : (anum && !bnum) ? -1\n : (bnum && !anum) ? 1\n : a < b ? -1\n : 1\n}\n\nexports.rcompareIdentifiers = rcompareIdentifiers\nfunction rcompareIdentifiers (a, b) {\n return compareIdentifiers(b, a)\n}\n\nexports.major = major\nfunction major (a, loose) {\n return new SemVer(a, loose).major\n}\n\nexports.minor = minor\nfunction minor (a, loose) {\n return new SemVer(a, loose).minor\n}\n\nexports.patch = patch\nfunction patch (a, loose) {\n return new SemVer(a, loose).patch\n}\n\nexports.compare = compare\nfunction compare (a, b, loose) {\n return new SemVer(a, loose).compare(new SemVer(b, loose))\n}\n\nexports.compareLoose = compareLoose\nfunction compareLoose (a, b) {\n return compare(a, b, true)\n}\n\nexports.compareBuild = compareBuild\nfunction compareBuild (a, b, loose) {\n var versionA = new SemVer(a, loose)\n var versionB = new SemVer(b, loose)\n return versionA.compare(versionB) || versionA.compareBuild(versionB)\n}\n\nexports.rcompare = rcompare\nfunction rcompare (a, b, loose) {\n return compare(b, a, loose)\n}\n\nexports.sort = sort\nfunction sort (list, loose) {\n return list.sort(function (a, b) {\n return exports.compareBuild(a, b, loose)\n })\n}\n\nexports.rsort = rsort\nfunction rsort (list, loose) {\n return list.sort(function (a, b) {\n return exports.compareBuild(b, a, loose)\n })\n}\n\nexports.gt = gt\nfunction gt (a, b, loose) {\n return compare(a, b, loose) > 0\n}\n\nexports.lt = lt\nfunction lt (a, b, loose) {\n return compare(a, b, loose) < 0\n}\n\nexports.eq = eq\nfunction eq (a, b, loose) {\n return compare(a, b, loose) === 0\n}\n\nexports.neq = neq\nfunction neq (a, b, loose) {\n return compare(a, b, loose) !== 0\n}\n\nexports.gte = gte\nfunction gte (a, b, loose) {\n return compare(a, b, loose) >= 0\n}\n\nexports.lte = lte\nfunction lte (a, b, loose) {\n return compare(a, b, loose) <= 0\n}\n\nexports.cmp = cmp\nfunction cmp (a, op, b, loose) {\n switch (op) {\n case '===':\n if (typeof a === 'object')\n a = a.version\n if (typeof b === 'object')\n b = b.version\n return a === b\n\n case '!==':\n if (typeof a === 'object')\n a = a.version\n if (typeof b === 'object')\n b = b.version\n return a !== b\n\n case '':\n case '=':\n case '==':\n return eq(a, b, loose)\n\n case '!=':\n return neq(a, b, loose)\n\n case '>':\n return gt(a, b, loose)\n\n case '>=':\n return gte(a, b, loose)\n\n case '<':\n return lt(a, b, loose)\n\n case '<=':\n return lte(a, b, loose)\n\n default:\n throw new TypeError('Invalid operator: ' + op)\n }\n}\n\nexports.Comparator = Comparator\nfunction Comparator (comp, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n if (comp instanceof Comparator) {\n if (comp.loose === !!options.loose) {\n return comp\n } else {\n comp = comp.value\n }\n }\n\n if (!(this instanceof Comparator)) {\n return new Comparator(comp, options)\n }\n\n comp = comp.trim().split(/\\s+/).join(' ')\n debug('comparator', comp, options)\n this.options = options\n this.loose = !!options.loose\n this.parse(comp)\n\n if (this.semver === ANY) {\n this.value = ''\n } else {\n this.value = this.operator + this.semver.version\n }\n\n debug('comp', this)\n}\n\nvar ANY = {}\nComparator.prototype.parse = function (comp) {\n var r = this.options.loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]\n var m = comp.match(r)\n\n if (!m) {\n throw new TypeError('Invalid comparator: ' + comp)\n }\n\n this.operator = m[1] !== undefined ? m[1] : ''\n if (this.operator === '=') {\n this.operator = ''\n }\n\n // if it literally is just '>' or '' then allow anything.\n if (!m[2]) {\n this.semver = ANY\n } else {\n this.semver = new SemVer(m[2], this.options.loose)\n }\n}\n\nComparator.prototype.toString = function () {\n return this.value\n}\n\nComparator.prototype.test = function (version) {\n debug('Comparator.test', version, this.options.loose)\n\n if (this.semver === ANY || version === ANY) {\n return true\n }\n\n if (typeof version === 'string') {\n try {\n version = new SemVer(version, this.options)\n } catch (er) {\n return false\n }\n }\n\n return cmp(version, this.operator, this.semver, this.options)\n}\n\nComparator.prototype.intersects = function (comp, options) {\n if (!(comp instanceof Comparator)) {\n throw new TypeError('a Comparator is required')\n }\n\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n var rangeTmp\n\n if (this.operator === '') {\n if (this.value === '') {\n return true\n }\n rangeTmp = new Range(comp.value, options)\n return satisfies(this.value, rangeTmp, options)\n } else if (comp.operator === '') {\n if (comp.value === '') {\n return true\n }\n rangeTmp = new Range(this.value, options)\n return satisfies(comp.semver, rangeTmp, options)\n }\n\n var sameDirectionIncreasing =\n (this.operator === '>=' || this.operator === '>') &&\n (comp.operator === '>=' || comp.operator === '>')\n var sameDirectionDecreasing =\n (this.operator === '<=' || this.operator === '<') &&\n (comp.operator === '<=' || comp.operator === '<')\n var sameSemVer = this.semver.version === comp.semver.version\n var differentDirectionsInclusive =\n (this.operator === '>=' || this.operator === '<=') &&\n (comp.operator === '>=' || comp.operator === '<=')\n var oppositeDirectionsLessThan =\n cmp(this.semver, '<', comp.semver, options) &&\n ((this.operator === '>=' || this.operator === '>') &&\n (comp.operator === '<=' || comp.operator === '<'))\n var oppositeDirectionsGreaterThan =\n cmp(this.semver, '>', comp.semver, options) &&\n ((this.operator === '<=' || this.operator === '<') &&\n (comp.operator === '>=' || comp.operator === '>'))\n\n return sameDirectionIncreasing || sameDirectionDecreasing ||\n (sameSemVer && differentDirectionsInclusive) ||\n oppositeDirectionsLessThan || oppositeDirectionsGreaterThan\n}\n\nexports.Range = Range\nfunction Range (range, options) {\n if (!options || typeof options !== 'object') {\n options = {\n loose: !!options,\n includePrerelease: false\n }\n }\n\n if (range instanceof Range) {\n if (range.loose === !!options.loose &&\n range.includePrerelease === !!options.includePrerelease) {\n return range\n } else {\n return new Range(range.raw, options)\n }\n }\n\n if (range instanceof Comparator) {\n return new Range(range.value, options)\n }\n\n if (!(this instanceof Range)) {\n return new Range(range, options)\n }\n\n this.options = options\n this.loose = !!options.loose\n this.includePrerelease = !!options.includePrerelease\n\n // First reduce all whitespace as much as possible so we do not have to rely\n // on potentially slow regexes like \\s*. This is then stored and used for\n // future error messages as well.\n this.raw = range\n .trim()\n .split(/\\s+/)\n .join(' ')\n\n // First, split based on boolean or ||\n this.set = this.raw.split('||').map(function (range) {\n return this.parseRange(range.trim())\n }, this).filter(function (c) {\n // throw out any that are not relevant for whatever reason\n return c.length\n })\n\n if (!this.set.length) {\n throw new TypeError('Invalid SemVer Range: ' + this.raw)\n }\n\n this.format()\n}\n\nRange.prototype.format = function () {\n this.range = this.set.map(function (comps) {\n return comps.join(' ').trim()\n }).join('||').trim()\n return this.range\n}\n\nRange.prototype.toString = function () {\n return this.range\n}\n\nRange.prototype.parseRange = function (range) {\n var loose = this.options.loose\n // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4`\n var hr = loose ? safeRe[t.HYPHENRANGELOOSE] : safeRe[t.HYPHENRANGE]\n range = range.replace(hr, hyphenReplace)\n debug('hyphen replace', range)\n // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5`\n range = range.replace(safeRe[t.COMPARATORTRIM], comparatorTrimReplace)\n debug('comparator trim', range, safeRe[t.COMPARATORTRIM])\n\n // `~ 1.2.3` => `~1.2.3`\n range = range.replace(safeRe[t.TILDETRIM], tildeTrimReplace)\n\n // `^ 1.2.3` => `^1.2.3`\n range = range.replace(safeRe[t.CARETTRIM], caretTrimReplace)\n\n // normalize spaces\n range = range.split(/\\s+/).join(' ')\n\n // At this point, the range is completely trimmed and\n // ready to be split into comparators.\n\n var compRe = loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]\n var set = range.split(' ').map(function (comp) {\n return parseComparator(comp, this.options)\n }, this).join(' ').split(/\\s+/)\n if (this.options.loose) {\n // in loose mode, throw out any that are not valid comparators\n set = set.filter(function (comp) {\n return !!comp.match(compRe)\n })\n }\n set = set.map(function (comp) {\n return new Comparator(comp, this.options)\n }, this)\n\n return set\n}\n\nRange.prototype.intersects = function (range, options) {\n if (!(range instanceof Range)) {\n throw new TypeError('a Range is required')\n }\n\n return this.set.some(function (thisComparators) {\n return (\n isSatisfiable(thisComparators, options) &&\n range.set.some(function (rangeComparators) {\n return (\n isSatisfiable(rangeComparators, options) &&\n thisComparators.every(function (thisComparator) {\n return rangeComparators.every(function (rangeComparator) {\n return thisComparator.intersects(rangeComparator, options)\n })\n })\n )\n })\n )\n })\n}\n\n// take a set of comparators and determine whether there\n// exists a version which can satisfy it\nfunction isSatisfiable (comparators, options) {\n var result = true\n var remainingComparators = comparators.slice()\n var testComparator = remainingComparators.pop()\n\n while (result && remainingComparators.length) {\n result = remainingComparators.every(function (otherComparator) {\n return testComparator.intersects(otherComparator, options)\n })\n\n testComparator = remainingComparators.pop()\n }\n\n return result\n}\n\n// Mostly just for testing and legacy API reasons\nexports.toComparators = toComparators\nfunction toComparators (range, options) {\n return new Range(range, options).set.map(function (comp) {\n return comp.map(function (c) {\n return c.value\n }).join(' ').trim().split(' ')\n })\n}\n\n// comprised of xranges, tildes, stars, and gtlt's at this point.\n// already replaced the hyphen ranges\n// turn into a set of JUST comparators.\nfunction parseComparator (comp, options) {\n debug('comp', comp, options)\n comp = replaceCarets(comp, options)\n debug('caret', comp)\n comp = replaceTildes(comp, options)\n debug('tildes', comp)\n comp = replaceXRanges(comp, options)\n debug('xrange', comp)\n comp = replaceStars(comp, options)\n debug('stars', comp)\n return comp\n}\n\nfunction isX (id) {\n return !id || id.toLowerCase() === 'x' || id === '*'\n}\n\n// ~, ~> --> * (any, kinda silly)\n// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0\n// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0\n// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0\n// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0\n// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0\nfunction replaceTildes (comp, options) {\n return comp.trim().split(/\\s+/).map(function (comp) {\n return replaceTilde(comp, options)\n }).join(' ')\n}\n\nfunction replaceTilde (comp, options) {\n var r = options.loose ? safeRe[t.TILDELOOSE] : safeRe[t.TILDE]\n return comp.replace(r, function (_, M, m, p, pr) {\n debug('tilde', comp, _, M, m, p, pr)\n var ret\n\n if (isX(M)) {\n ret = ''\n } else if (isX(m)) {\n ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n } else if (isX(p)) {\n // ~1.2 == >=1.2.0 <1.3.0\n ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n } else if (pr) {\n debug('replaceTilde pr', pr)\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + M + '.' + (+m + 1) + '.0'\n } else {\n // ~1.2.3 == >=1.2.3 <1.3.0\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + M + '.' + (+m + 1) + '.0'\n }\n\n debug('tilde return', ret)\n return ret\n })\n}\n\n// ^ --> * (any, kinda silly)\n// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0\n// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0\n// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0\n// ^1.2.3 --> >=1.2.3 <2.0.0\n// ^1.2.0 --> >=1.2.0 <2.0.0\nfunction replaceCarets (comp, options) {\n return comp.trim().split(/\\s+/).map(function (comp) {\n return replaceCaret(comp, options)\n }).join(' ')\n}\n\nfunction replaceCaret (comp, options) {\n debug('caret', comp, options)\n var r = options.loose ? safeRe[t.CARETLOOSE] : safeRe[t.CARET]\n return comp.replace(r, function (_, M, m, p, pr) {\n debug('caret', comp, _, M, m, p, pr)\n var ret\n\n if (isX(M)) {\n ret = ''\n } else if (isX(m)) {\n ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n } else if (isX(p)) {\n if (M === '0') {\n ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n } else {\n ret = '>=' + M + '.' + m + '.0 <' + (+M + 1) + '.0.0'\n }\n } else if (pr) {\n debug('replaceCaret pr', pr)\n if (M === '0') {\n if (m === '0') {\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + M + '.' + m + '.' + (+p + 1)\n } else {\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + M + '.' + (+m + 1) + '.0'\n }\n } else {\n ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n ' <' + (+M + 1) + '.0.0'\n }\n } else {\n debug('no pr')\n if (M === '0') {\n if (m === '0') {\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + M + '.' + m + '.' + (+p + 1)\n } else {\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + M + '.' + (+m + 1) + '.0'\n }\n } else {\n ret = '>=' + M + '.' + m + '.' + p +\n ' <' + (+M + 1) + '.0.0'\n }\n }\n\n debug('caret return', ret)\n return ret\n })\n}\n\nfunction replaceXRanges (comp, options) {\n debug('replaceXRanges', comp, options)\n return comp.split(/\\s+/).map(function (comp) {\n return replaceXRange(comp, options)\n }).join(' ')\n}\n\nfunction replaceXRange (comp, options) {\n comp = comp.trim()\n var r = options.loose ? safeRe[t.XRANGELOOSE] : safeRe[t.XRANGE]\n return comp.replace(r, function (ret, gtlt, M, m, p, pr) {\n debug('xRange', comp, ret, gtlt, M, m, p, pr)\n var xM = isX(M)\n var xm = xM || isX(m)\n var xp = xm || isX(p)\n var anyX = xp\n\n if (gtlt === '=' && anyX) {\n gtlt = ''\n }\n\n // if we're including prereleases in the match, then we need\n // to fix this to -0, the lowest possible prerelease value\n pr = options.includePrerelease ? '-0' : ''\n\n if (xM) {\n if (gtlt === '>' || gtlt === '<') {\n // nothing is allowed\n ret = '<0.0.0-0'\n } else {\n // nothing is forbidden\n ret = '*'\n }\n } else if (gtlt && anyX) {\n // we know patch is an x, because we have any x at all.\n // replace X with 0\n if (xm) {\n m = 0\n }\n p = 0\n\n if (gtlt === '>') {\n // >1 => >=2.0.0\n // >1.2 => >=1.3.0\n // >1.2.3 => >= 1.2.4\n gtlt = '>='\n if (xm) {\n M = +M + 1\n m = 0\n p = 0\n } else {\n m = +m + 1\n p = 0\n }\n } else if (gtlt === '<=') {\n // <=0.7.x is actually <0.8.0, since any 0.7.x should\n // pass. Similarly, <=7.x is actually <8.0.0, etc.\n gtlt = '<'\n if (xm) {\n M = +M + 1\n } else {\n m = +m + 1\n }\n }\n\n ret = gtlt + M + '.' + m + '.' + p + pr\n } else if (xm) {\n ret = '>=' + M + '.0.0' + pr + ' <' + (+M + 1) + '.0.0' + pr\n } else if (xp) {\n ret = '>=' + M + '.' + m + '.0' + pr +\n ' <' + M + '.' + (+m + 1) + '.0' + pr\n }\n\n debug('xRange return', ret)\n\n return ret\n })\n}\n\n// Because * is AND-ed with everything else in the comparator,\n// and '' means \"any version\", just remove the *s entirely.\nfunction replaceStars (comp, options) {\n debug('replaceStars', comp, options)\n // Looseness is ignored here. star is always as loose as it gets!\n return comp.trim().replace(safeRe[t.STAR], '')\n}\n\n// This function is passed to string.replace(re[t.HYPHENRANGE])\n// M, m, patch, prerelease, build\n// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5\n// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do\n// 1.2 - 3.4 => >=1.2.0 <3.5.0\nfunction hyphenReplace ($0,\n from, fM, fm, fp, fpr, fb,\n to, tM, tm, tp, tpr, tb) {\n if (isX(fM)) {\n from = ''\n } else if (isX(fm)) {\n from = '>=' + fM + '.0.0'\n } else if (isX(fp)) {\n from = '>=' + fM + '.' + fm + '.0'\n } else {\n from = '>=' + from\n }\n\n if (isX(tM)) {\n to = ''\n } else if (isX(tm)) {\n to = '<' + (+tM + 1) + '.0.0'\n } else if (isX(tp)) {\n to = '<' + tM + '.' + (+tm + 1) + '.0'\n } else if (tpr) {\n to = '<=' + tM + '.' + tm + '.' + tp + '-' + tpr\n } else {\n to = '<=' + to\n }\n\n return (from + ' ' + to).trim()\n}\n\n// if ANY of the sets match ALL of its comparators, then pass\nRange.prototype.test = function (version) {\n if (!version) {\n return false\n }\n\n if (typeof version === 'string') {\n try {\n version = new SemVer(version, this.options)\n } catch (er) {\n return false\n }\n }\n\n for (var i = 0; i < this.set.length; i++) {\n if (testSet(this.set[i], version, this.options)) {\n return true\n }\n }\n return false\n}\n\nfunction testSet (set, version, options) {\n for (var i = 0; i < set.length; i++) {\n if (!set[i].test(version)) {\n return false\n }\n }\n\n if (version.prerelease.length && !options.includePrerelease) {\n // Find the set of versions that are allowed to have prereleases\n // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0\n // That should allow `1.2.3-pr.2` to pass.\n // However, `1.2.4-alpha.notready` should NOT be allowed,\n // even though it's within the range set by the comparators.\n for (i = 0; i < set.length; i++) {\n debug(set[i].semver)\n if (set[i].semver === ANY) {\n continue\n }\n\n if (set[i].semver.prerelease.length > 0) {\n var allowed = set[i].semver\n if (allowed.major === version.major &&\n allowed.minor === version.minor &&\n allowed.patch === version.patch) {\n return true\n }\n }\n }\n\n // Version has a -pre, but it's not one of the ones we like.\n return false\n }\n\n return true\n}\n\nexports.satisfies = satisfies\nfunction satisfies (version, range, options) {\n try {\n range = new Range(range, options)\n } catch (er) {\n return false\n }\n return range.test(version)\n}\n\nexports.maxSatisfying = maxSatisfying\nfunction maxSatisfying (versions, range, options) {\n var max = null\n var maxSV = null\n try {\n var rangeObj = new Range(range, options)\n } catch (er) {\n return null\n }\n versions.forEach(function (v) {\n if (rangeObj.test(v)) {\n // satisfies(v, range, options)\n if (!max || maxSV.compare(v) === -1) {\n // compare(max, v, true)\n max = v\n maxSV = new SemVer(max, options)\n }\n }\n })\n return max\n}\n\nexports.minSatisfying = minSatisfying\nfunction minSatisfying (versions, range, options) {\n var min = null\n var minSV = null\n try {\n var rangeObj = new Range(range, options)\n } catch (er) {\n return null\n }\n versions.forEach(function (v) {\n if (rangeObj.test(v)) {\n // satisfies(v, range, options)\n if (!min || minSV.compare(v) === 1) {\n // compare(min, v, true)\n min = v\n minSV = new SemVer(min, options)\n }\n }\n })\n return min\n}\n\nexports.minVersion = minVersion\nfunction minVersion (range, loose) {\n range = new Range(range, loose)\n\n var minver = new SemVer('0.0.0')\n if (range.test(minver)) {\n return minver\n }\n\n minver = new SemVer('0.0.0-0')\n if (range.test(minver)) {\n return minver\n }\n\n minver = null\n for (var i = 0; i < range.set.length; ++i) {\n var comparators = range.set[i]\n\n comparators.forEach(function (comparator) {\n // Clone to avoid manipulating the comparator's semver object.\n var compver = new SemVer(comparator.semver.version)\n switch (comparator.operator) {\n case '>':\n if (compver.prerelease.length === 0) {\n compver.patch++\n } else {\n compver.prerelease.push(0)\n }\n compver.raw = compver.format()\n /* fallthrough */\n case '':\n case '>=':\n if (!minver || gt(minver, compver)) {\n minver = compver\n }\n break\n case '<':\n case '<=':\n /* Ignore maximum versions */\n break\n /* istanbul ignore next */\n default:\n throw new Error('Unexpected operation: ' + comparator.operator)\n }\n })\n }\n\n if (minver && range.test(minver)) {\n return minver\n }\n\n return null\n}\n\nexports.validRange = validRange\nfunction validRange (range, options) {\n try {\n // Return '*' instead of '' so that truthiness works.\n // This will throw if it's invalid anyway\n return new Range(range, options).range || '*'\n } catch (er) {\n return null\n }\n}\n\n// Determine if version is less than all the versions possible in the range\nexports.ltr = ltr\nfunction ltr (version, range, options) {\n return outside(version, range, '<', options)\n}\n\n// Determine if version is greater than all the versions possible in the range.\nexports.gtr = gtr\nfunction gtr (version, range, options) {\n return outside(version, range, '>', options)\n}\n\nexports.outside = outside\nfunction outside (version, range, hilo, options) {\n version = new SemVer(version, options)\n range = new Range(range, options)\n\n var gtfn, ltefn, ltfn, comp, ecomp\n switch (hilo) {\n case '>':\n gtfn = gt\n ltefn = lte\n ltfn = lt\n comp = '>'\n ecomp = '>='\n break\n case '<':\n gtfn = lt\n ltefn = gte\n ltfn = gt\n comp = '<'\n ecomp = '<='\n break\n default:\n throw new TypeError('Must provide a hilo val of \"<\" or \">\"')\n }\n\n // If it satisifes the range it is not outside\n if (satisfies(version, range, options)) {\n return false\n }\n\n // From now on, variable terms are as if we're in \"gtr\" mode.\n // but note that everything is flipped for the \"ltr\" function.\n\n for (var i = 0; i < range.set.length; ++i) {\n var comparators = range.set[i]\n\n var high = null\n var low = null\n\n comparators.forEach(function (comparator) {\n if (comparator.semver === ANY) {\n comparator = new Comparator('>=0.0.0')\n }\n high = high || comparator\n low = low || comparator\n if (gtfn(comparator.semver, high.semver, options)) {\n high = comparator\n } else if (ltfn(comparator.semver, low.semver, options)) {\n low = comparator\n }\n })\n\n // If the edge version comparator has a operator then our version\n // isn't outside it\n if (high.operator === comp || high.operator === ecomp) {\n return false\n }\n\n // If the lowest version comparator has an operator and our version\n // is less than it then it isn't higher than the range\n if ((!low.operator || low.operator === comp) &&\n ltefn(version, low.semver)) {\n return false\n } else if (low.operator === ecomp && ltfn(version, low.semver)) {\n return false\n }\n }\n return true\n}\n\nexports.prerelease = prerelease\nfunction prerelease (version, options) {\n var parsed = parse(version, options)\n return (parsed && parsed.prerelease.length) ? parsed.prerelease : null\n}\n\nexports.intersects = intersects\nfunction intersects (r1, r2, options) {\n r1 = new Range(r1, options)\n r2 = new Range(r2, options)\n return r1.intersects(r2)\n}\n\nexports.coerce = coerce\nfunction coerce (version, options) {\n if (version instanceof SemVer) {\n return version\n }\n\n if (typeof version === 'number') {\n version = String(version)\n }\n\n if (typeof version !== 'string') {\n return null\n }\n\n options = options || {}\n\n var match = null\n if (!options.rtl) {\n match = version.match(safeRe[t.COERCE])\n } else {\n // Find the right-most coercible string that does not share\n // a terminus with a more left-ward coercible string.\n // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4'\n //\n // Walk through the string checking with a /g regexp\n // Manually set the index so as to pick up overlapping matches.\n // Stop when we get a match that ends at the string end, since no\n // coercible string can be more right-ward without the same terminus.\n var next\n while ((next = safeRe[t.COERCERTL].exec(version)) &&\n (!match || match.index + match[0].length !== version.length)\n ) {\n if (!match ||\n next.index + next[0].length !== match.index + match[0].length) {\n match = next\n }\n safeRe[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length\n }\n // leave it in a clean state\n safeRe[t.COERCERTL].lastIndex = -1\n }\n\n if (match === null) {\n return null\n }\n\n return parse(match[2] +\n '.' + (match[3] || '0') +\n '.' + (match[4] || '0'), options)\n}\n","module.exports = shellescape;\n\n// return a shell compatible format\nfunction shellescape(a) {\n var ret = [];\n\n a.forEach(function(s) {\n if (!/^[A-Za-z0-9_\\/-]+$/.test(s)) {\n s = \"'\"+s.replace(/'/g,\"'\\\\''\")+\"'\";\n s = s.replace(/^(?:'')+/g, '') // unduplicate single-quote at the beginning\n .replace(/\\\\'''/g, \"\\\\'\" ); // remove non-escaped single-quote if there are enclosed between 2 escaped\n }\n ret.push(s);\n });\n\n return ret.join(' ');\n}\n","'use strict';\n\nconst {\n Duplex: DuplexStream,\n Readable: ReadableStream,\n Writable: WritableStream,\n} = require('stream');\n\nconst {\n CHANNEL_EXTENDED_DATATYPE: { STDERR },\n} = require('./protocol/constants.js');\nconst { bufferSlice } = require('./protocol/utils.js');\n\nconst PACKET_SIZE = 32 * 1024;\nconst MAX_WINDOW = 2 * 1024 * 1024;\nconst WINDOW_THRESHOLD = MAX_WINDOW / 2;\n\nclass ClientStderr extends ReadableStream {\n constructor(channel, streamOpts) {\n super(streamOpts);\n\n this._channel = channel;\n }\n _read(n) {\n if (this._channel._waitChanDrain) {\n this._channel._waitChanDrain = false;\n if (this._channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(this._channel);\n }\n }\n}\n\nclass ServerStderr extends WritableStream {\n constructor(channel) {\n super({ highWaterMark: MAX_WINDOW });\n\n this._channel = channel;\n }\n\n _write(data, encoding, cb) {\n const channel = this._channel;\n const protocol = channel._client._protocol;\n const outgoing = channel.outgoing;\n const packetSize = outgoing.packetSize;\n const id = outgoing.id;\n let window = outgoing.window;\n const len = data.length;\n let p = 0;\n\n if (outgoing.state !== 'open')\n return;\n\n while (len - p > 0 && window > 0) {\n let sliceLen = len - p;\n if (sliceLen > window)\n sliceLen = window;\n if (sliceLen > packetSize)\n sliceLen = packetSize;\n\n if (p === 0 && sliceLen === len)\n protocol.channelExtData(id, data, STDERR);\n else\n protocol.channelExtData(id, bufferSlice(data, p, p + sliceLen), STDERR);\n\n p += sliceLen;\n window -= sliceLen;\n }\n\n outgoing.window = window;\n\n if (len - p > 0) {\n if (window === 0)\n channel._waitWindow = true;\n if (p > 0)\n channel._chunkErr = bufferSlice(data, p, len);\n else\n channel._chunkErr = data;\n channel._chunkcbErr = cb;\n return;\n }\n\n cb();\n }\n}\n\nclass Channel extends DuplexStream {\n constructor(client, info, opts) {\n const streamOpts = {\n highWaterMark: MAX_WINDOW,\n allowHalfOpen: (!opts || (opts && opts.allowHalfOpen !== false)),\n emitClose: false,\n };\n super(streamOpts);\n this.allowHalfOpen = streamOpts.allowHalfOpen;\n\n const server = !!(opts && opts.server);\n\n this.server = server;\n this.type = info.type;\n this.subtype = undefined;\n\n /*\n incoming and outgoing contain these properties:\n {\n id: undefined,\n window: undefined,\n packetSize: undefined,\n state: 'closed'\n }\n */\n this.incoming = info.incoming;\n this.outgoing = info.outgoing;\n this._callbacks = [];\n\n this._client = client;\n this._hasX11 = false;\n this._exit = {\n code: undefined,\n signal: undefined,\n dump: undefined,\n desc: undefined,\n };\n\n this.stdin = this.stdout = this;\n\n if (server)\n this.stderr = new ServerStderr(this);\n else\n this.stderr = new ClientStderr(this, streamOpts);\n\n // Outgoing data\n this._waitWindow = false; // SSH-level backpressure\n\n // Incoming data\n this._waitChanDrain = false; // Channel Readable side backpressure\n\n this._chunk = undefined;\n this._chunkcb = undefined;\n this._chunkErr = undefined;\n this._chunkcbErr = undefined;\n\n this.on('finish', onFinish)\n .on('prefinish', onFinish); // For node v0.11+\n\n this.on('end', onEnd).on('close', onEnd);\n }\n\n _read(n) {\n if (this._waitChanDrain) {\n this._waitChanDrain = false;\n if (this.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(this);\n }\n }\n\n _write(data, encoding, cb) {\n const protocol = this._client._protocol;\n const outgoing = this.outgoing;\n const packetSize = outgoing.packetSize;\n const id = outgoing.id;\n let window = outgoing.window;\n const len = data.length;\n let p = 0;\n\n if (outgoing.state !== 'open')\n return;\n\n while (len - p > 0 && window > 0) {\n let sliceLen = len - p;\n if (sliceLen > window)\n sliceLen = window;\n if (sliceLen > packetSize)\n sliceLen = packetSize;\n\n if (p === 0 && sliceLen === len)\n protocol.channelData(id, data);\n else\n protocol.channelData(id, bufferSlice(data, p, p + sliceLen));\n\n p += sliceLen;\n window -= sliceLen;\n }\n\n outgoing.window = window;\n\n if (len - p > 0) {\n if (window === 0)\n this._waitWindow = true;\n if (p > 0)\n this._chunk = bufferSlice(data, p, len);\n else\n this._chunk = data;\n this._chunkcb = cb;\n return;\n }\n\n cb();\n }\n\n eof() {\n if (this.outgoing.state === 'open') {\n this.outgoing.state = 'eof';\n this._client._protocol.channelEOF(this.outgoing.id);\n }\n }\n\n close() {\n if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n this.outgoing.state = 'closing';\n this._client._protocol.channelClose(this.outgoing.id);\n }\n }\n\n destroy() {\n this.end();\n this.close();\n return this;\n }\n\n // Session type-specific methods =============================================\n setWindow(rows, cols, height, width) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (this.type === 'session'\n && (this.subtype === 'shell' || this.subtype === 'exec')\n && this.writable\n && this.outgoing.state === 'open') {\n this._client._protocol.windowChange(this.outgoing.id,\n rows,\n cols,\n height,\n width);\n }\n }\n\n signal(signalName) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (this.type === 'session'\n && this.writable\n && this.outgoing.state === 'open') {\n this._client._protocol.signal(this.outgoing.id, signalName);\n }\n }\n\n exit(statusOrSignal, coreDumped, msg) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (this.type === 'session'\n && this.writable\n && this.outgoing.state === 'open') {\n if (typeof statusOrSignal === 'number') {\n this._client._protocol.exitStatus(this.outgoing.id, statusOrSignal);\n } else {\n this._client._protocol.exitSignal(this.outgoing.id,\n statusOrSignal,\n coreDumped,\n msg);\n }\n }\n }\n\n}\n\nfunction onFinish() {\n this.eof();\n if (this.server || !this.allowHalfOpen)\n this.close();\n this.writable = false;\n}\n\nfunction onEnd() {\n this.readable = false;\n}\n\nfunction windowAdjust(self) {\n if (self.outgoing.state === 'closed')\n return;\n const amt = MAX_WINDOW - self.incoming.window;\n if (amt <= 0)\n return;\n self.incoming.window += amt;\n self._client._protocol.channelWindowAdjust(self.outgoing.id, amt);\n}\n\nmodule.exports = {\n Channel,\n MAX_WINDOW,\n PACKET_SIZE,\n windowAdjust,\n WINDOW_THRESHOLD,\n};\n",null,"// TODO:\n// * add `.connected` or similar property to allow immediate connection\n// status checking\n// * add/improve debug output during user authentication phase\n'use strict';\n\nconst {\n createHash,\n getHashes,\n randomFillSync,\n} = require('crypto');\nconst { Socket } = require('net');\nconst { lookup: dnsLookup } = require('dns');\nconst EventEmitter = require('events');\nconst HASHES = getHashes();\n\nconst {\n COMPAT,\n CHANNEL_EXTENDED_DATATYPE: { STDERR },\n CHANNEL_OPEN_FAILURE,\n DEFAULT_CIPHER,\n DEFAULT_COMPRESSION,\n DEFAULT_KEX,\n DEFAULT_MAC,\n DEFAULT_SERVER_HOST_KEY,\n DISCONNECT_REASON,\n DISCONNECT_REASON_BY_VALUE,\n SUPPORTED_CIPHER,\n SUPPORTED_COMPRESSION,\n SUPPORTED_KEX,\n SUPPORTED_MAC,\n SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst {\n bufferCopy,\n makeBufferParser,\n makeError,\n readUInt32BE,\n sigSSHToASN1,\n writeUInt32BE,\n} = require('./protocol/utils.js');\n\nconst { AgentContext, createAgent, isAgent } = require('./agent.js');\nconst {\n Channel,\n MAX_WINDOW,\n PACKET_SIZE,\n windowAdjust,\n WINDOW_THRESHOLD,\n} = require('./Channel.js');\nconst {\n ChannelManager,\n generateAlgorithmList,\n isWritable,\n onChannelOpenFailure,\n onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst bufferParser = makeBufferParser();\nconst sigParser = makeBufferParser();\nconst RE_OPENSSH = /^OpenSSH_(?:(?![0-4])\\d)|(?:\\d{2,})/;\nconst noop = (err) => {};\n\nclass Client extends EventEmitter {\n constructor() {\n super();\n\n this.config = {\n host: undefined,\n port: undefined,\n localAddress: undefined,\n localPort: undefined,\n forceIPv4: undefined,\n forceIPv6: undefined,\n keepaliveCountMax: undefined,\n keepaliveInterval: undefined,\n readyTimeout: undefined,\n ident: undefined,\n\n username: undefined,\n password: undefined,\n privateKey: undefined,\n tryKeyboard: undefined,\n agent: undefined,\n allowAgentFwd: undefined,\n authHandler: undefined,\n\n hostHashAlgo: undefined,\n hostHashCb: undefined,\n strictVendor: undefined,\n debug: undefined\n };\n\n this._agent = undefined;\n this._readyTimeout = undefined;\n this._chanMgr = undefined;\n this._callbacks = undefined;\n this._forwarding = undefined;\n this._forwardingUnix = undefined;\n this._acceptX11 = undefined;\n this._agentFwdEnabled = undefined;\n this._remoteVer = undefined;\n\n this._protocol = undefined;\n this._sock = undefined;\n this._resetKA = undefined;\n }\n\n connect(cfg) {\n if (this._sock && isWritable(this._sock)) {\n this.once('close', () => {\n this.connect(cfg);\n });\n this.end();\n return this;\n }\n\n this.config.host = cfg.hostname || cfg.host || 'localhost';\n this.config.port = cfg.port || 22;\n this.config.localAddress = (typeof cfg.localAddress === 'string'\n ? cfg.localAddress\n : undefined);\n this.config.localPort = (typeof cfg.localPort === 'string'\n || typeof cfg.localPort === 'number'\n ? cfg.localPort\n : undefined);\n this.config.forceIPv4 = cfg.forceIPv4 || false;\n this.config.forceIPv6 = cfg.forceIPv6 || false;\n this.config.keepaliveCountMax = (typeof cfg.keepaliveCountMax === 'number'\n && cfg.keepaliveCountMax >= 0\n ? cfg.keepaliveCountMax\n : 3);\n this.config.keepaliveInterval = (typeof cfg.keepaliveInterval === 'number'\n && cfg.keepaliveInterval > 0\n ? cfg.keepaliveInterval\n : 0);\n this.config.readyTimeout = (typeof cfg.readyTimeout === 'number'\n && cfg.readyTimeout >= 0\n ? cfg.readyTimeout\n : 20000);\n this.config.ident = (typeof cfg.ident === 'string'\n || Buffer.isBuffer(cfg.ident)\n ? cfg.ident\n : undefined);\n\n const algorithms = {\n kex: undefined,\n serverHostKey: undefined,\n cs: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: [],\n },\n sc: undefined,\n };\n let allOfferDefaults = true;\n if (typeof cfg.algorithms === 'object' && cfg.algorithms !== null) {\n algorithms.kex = generateAlgorithmList(cfg.algorithms.kex,\n DEFAULT_KEX,\n SUPPORTED_KEX);\n if (algorithms.kex !== DEFAULT_KEX)\n allOfferDefaults = false;\n\n algorithms.serverHostKey =\n generateAlgorithmList(cfg.algorithms.serverHostKey,\n DEFAULT_SERVER_HOST_KEY,\n SUPPORTED_SERVER_HOST_KEY);\n if (algorithms.serverHostKey !== DEFAULT_SERVER_HOST_KEY)\n allOfferDefaults = false;\n\n algorithms.cs.cipher = generateAlgorithmList(cfg.algorithms.cipher,\n DEFAULT_CIPHER,\n SUPPORTED_CIPHER);\n if (algorithms.cs.cipher !== DEFAULT_CIPHER)\n allOfferDefaults = false;\n\n algorithms.cs.mac = generateAlgorithmList(cfg.algorithms.hmac,\n DEFAULT_MAC,\n SUPPORTED_MAC);\n if (algorithms.cs.mac !== DEFAULT_MAC)\n allOfferDefaults = false;\n\n algorithms.cs.compress = generateAlgorithmList(cfg.algorithms.compress,\n DEFAULT_COMPRESSION,\n SUPPORTED_COMPRESSION);\n if (algorithms.cs.compress !== DEFAULT_COMPRESSION)\n allOfferDefaults = false;\n\n if (!allOfferDefaults)\n algorithms.sc = algorithms.cs;\n }\n\n if (typeof cfg.username === 'string')\n this.config.username = cfg.username;\n else if (typeof cfg.user === 'string')\n this.config.username = cfg.user;\n else\n throw new Error('Invalid username');\n\n this.config.password = (typeof cfg.password === 'string'\n ? cfg.password\n : undefined);\n this.config.privateKey = (typeof cfg.privateKey === 'string'\n || Buffer.isBuffer(cfg.privateKey)\n ? cfg.privateKey\n : undefined);\n this.config.localHostname = (typeof cfg.localHostname === 'string'\n ? cfg.localHostname\n : undefined);\n this.config.localUsername = (typeof cfg.localUsername === 'string'\n ? cfg.localUsername\n : undefined);\n this.config.tryKeyboard = (cfg.tryKeyboard === true);\n if (typeof cfg.agent === 'string' && cfg.agent.length)\n this.config.agent = createAgent(cfg.agent);\n else if (isAgent(cfg.agent))\n this.config.agent = cfg.agent;\n else\n this.config.agent = undefined;\n this.config.allowAgentFwd = (cfg.agentForward === true\n && this.config.agent !== undefined);\n let authHandler = this.config.authHandler = (\n typeof cfg.authHandler === 'function'\n || Array.isArray(cfg.authHandler)\n ? cfg.authHandler\n : undefined\n );\n\n this.config.strictVendor = (typeof cfg.strictVendor === 'boolean'\n ? cfg.strictVendor\n : true);\n\n const debug = this.config.debug = (typeof cfg.debug === 'function'\n ? cfg.debug\n : undefined);\n\n if (cfg.agentForward === true && !this.config.allowAgentFwd) {\n throw new Error(\n 'You must set a valid agent path to allow agent forwarding'\n );\n }\n\n let callbacks = this._callbacks = [];\n this._chanMgr = new ChannelManager(this);\n this._forwarding = {};\n this._forwardingUnix = {};\n this._acceptX11 = 0;\n this._agentFwdEnabled = false;\n this._agent = (this.config.agent ? this.config.agent : undefined);\n this._remoteVer = undefined;\n let privateKey;\n\n if (this.config.privateKey) {\n privateKey = parseKey(this.config.privateKey, cfg.passphrase);\n if (privateKey instanceof Error)\n throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n if (Array.isArray(privateKey)) {\n // OpenSSH's newer format only stores 1 key for now\n privateKey = privateKey[0];\n }\n if (privateKey.getPrivatePEM() === null) {\n throw new Error(\n 'privateKey value does not contain a (valid) private key'\n );\n }\n }\n\n let hostVerifier;\n if (typeof cfg.hostVerifier === 'function') {\n const hashCb = cfg.hostVerifier;\n let hashAlgo;\n if (HASHES.indexOf(cfg.hostHash) !== -1) {\n // Default to old behavior of hashing on user's behalf\n hashAlgo = cfg.hostHash;\n }\n hostVerifier = (key, verify) => {\n if (hashAlgo)\n key = createHash(hashAlgo).update(key).digest('hex');\n const ret = hashCb(key, verify);\n if (ret !== undefined)\n verify(ret);\n };\n }\n\n const sock = this._sock = (cfg.sock || new Socket());\n let ready = false;\n let sawHeader = false;\n if (this._protocol)\n this._protocol.cleanup();\n const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n debug(`Debug output from server: ${JSON.stringify(msg)}`);\n });\n let serverSigAlgs;\n const proto = this._protocol = new Protocol({\n ident: this.config.ident,\n offer: (allOfferDefaults ? undefined : algorithms),\n onWrite: (data) => {\n if (isWritable(sock))\n sock.write(data);\n },\n onError: (err) => {\n if (err.level === 'handshake')\n clearTimeout(this._readyTimeout);\n if (!proto._destruct)\n sock.removeAllListeners('data');\n this.emit('error', err);\n try {\n sock.end();\n } catch {}\n },\n onHeader: (header) => {\n sawHeader = true;\n this._remoteVer = header.versions.software;\n if (header.greeting)\n this.emit('greeting', header.greeting);\n },\n onHandshakeComplete: (negotiated) => {\n this.emit('handshake', negotiated);\n if (!ready) {\n ready = true;\n proto.service('ssh-userauth');\n }\n },\n debug,\n hostVerifier,\n messageHandlers: {\n DEBUG: DEBUG_HANDLER,\n DISCONNECT: (p, reason, desc) => {\n if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n if (!desc) {\n desc = DISCONNECT_REASON_BY_VALUE[reason];\n if (desc === undefined)\n desc = `Unexpected disconnection reason: ${reason}`;\n }\n const err = new Error(desc);\n err.code = reason;\n this.emit('error', err);\n }\n sock.end();\n },\n SERVICE_ACCEPT: (p, name) => {\n if (name === 'ssh-userauth')\n tryNextAuth();\n },\n EXT_INFO: (p, exts) => {\n if (serverSigAlgs === undefined) {\n for (const ext of exts) {\n if (ext.name === 'server-sig-algs') {\n serverSigAlgs = ext.algs;\n return;\n }\n }\n serverSigAlgs = null;\n }\n },\n USERAUTH_BANNER: (p, msg) => {\n this.emit('banner', msg);\n },\n USERAUTH_SUCCESS: (p) => {\n // Start keepalive mechanism\n resetKA();\n\n clearTimeout(this._readyTimeout);\n\n this.emit('ready');\n },\n USERAUTH_FAILURE: (p, authMethods, partialSuccess) => {\n // For key-based authentication, check if we should retry the current\n // key with a different algorithm first\n if (curAuth.keyAlgos) {\n const oldKeyAlgo = curAuth.keyAlgos[0][0];\n if (debug)\n debug(`Client: ${curAuth.type} (${oldKeyAlgo}) auth failed`);\n curAuth.keyAlgos.shift();\n if (curAuth.keyAlgos.length) {\n const [keyAlgo, hashAlgo] = curAuth.keyAlgos[0];\n switch (curAuth.type) {\n case 'agent':\n proto.authPK(\n curAuth.username,\n curAuth.agentCtx.currentKey(),\n keyAlgo\n );\n return;\n case 'publickey':\n proto.authPK(curAuth.username, curAuth.key, keyAlgo);\n return;\n case 'hostbased':\n proto.authHostbased(curAuth.username,\n curAuth.key,\n curAuth.localHostname,\n curAuth.localUsername,\n keyAlgo,\n (buf, cb) => {\n const signature = curAuth.key.sign(buf, hashAlgo);\n if (signature instanceof Error) {\n signature.message =\n `Error while signing with key: ${signature.message}`;\n signature.level = 'client-authentication';\n this.emit('error', signature);\n return tryNextAuth();\n }\n\n cb(signature);\n });\n return;\n }\n } else {\n curAuth.keyAlgos = undefined;\n }\n }\n\n if (curAuth.type === 'agent') {\n const pos = curAuth.agentCtx.pos();\n debug && debug(`Client: Agent key #${pos + 1} failed`);\n return tryNextAgentKey();\n }\n\n debug && debug(`Client: ${curAuth.type} auth failed`);\n\n curPartial = partialSuccess;\n curAuthsLeft = authMethods;\n tryNextAuth();\n },\n USERAUTH_PASSWD_CHANGEREQ: (p, prompt) => {\n if (curAuth.type === 'password') {\n // TODO: support a `changePrompt()` on `curAuth` that defaults to\n // emitting 'change password' as before\n this.emit('change password', prompt, (newPassword) => {\n proto.authPassword(\n this.config.username,\n this.config.password,\n newPassword\n );\n });\n }\n },\n USERAUTH_PK_OK: (p) => {\n let keyAlgo;\n let hashAlgo;\n if (curAuth.keyAlgos)\n [keyAlgo, hashAlgo] = curAuth.keyAlgos[0];\n if (curAuth.type === 'agent') {\n const key = curAuth.agentCtx.currentKey();\n proto.authPK(curAuth.username, key, keyAlgo, (buf, cb) => {\n const opts = { hash: hashAlgo };\n curAuth.agentCtx.sign(key, buf, opts, (err, signed) => {\n if (err) {\n err.level = 'agent';\n this.emit('error', err);\n } else {\n return cb(signed);\n }\n\n tryNextAgentKey();\n });\n });\n } else if (curAuth.type === 'publickey') {\n proto.authPK(curAuth.username, curAuth.key, keyAlgo, (buf, cb) => {\n const signature = curAuth.key.sign(buf, hashAlgo);\n if (signature instanceof Error) {\n signature.message =\n `Error signing data with key: ${signature.message}`;\n signature.level = 'client-authentication';\n this.emit('error', signature);\n return tryNextAuth();\n }\n cb(signature);\n });\n }\n },\n USERAUTH_INFO_REQUEST: (p, name, instructions, prompts) => {\n if (curAuth.type === 'keyboard-interactive') {\n const nprompts = (Array.isArray(prompts) ? prompts.length : 0);\n if (nprompts === 0) {\n debug && debug(\n 'Client: Sending automatic USERAUTH_INFO_RESPONSE'\n );\n proto.authInfoRes();\n return;\n }\n // We sent a keyboard-interactive user authentication request and\n // now the server is sending us the prompts we need to present to\n // the user\n curAuth.prompt(\n name,\n instructions,\n '',\n prompts,\n (answers) => {\n proto.authInfoRes(answers);\n }\n );\n }\n },\n REQUEST_SUCCESS: (p, data) => {\n if (callbacks.length)\n callbacks.shift()(false, data);\n },\n REQUEST_FAILURE: (p) => {\n if (callbacks.length)\n callbacks.shift()(true);\n },\n GLOBAL_REQUEST: (p, name, wantReply, data) => {\n switch (name) {\n case 'hostkeys-00@openssh.com':\n // Automatically verify keys before passing to end user\n hostKeysProve(this, data, (err, keys) => {\n if (err)\n return;\n this.emit('hostkeys', keys);\n });\n if (wantReply)\n proto.requestSuccess();\n break;\n default:\n // Auto-reject all other global requests, this can be especially\n // useful if the server is sending us dummy keepalive global\n // requests\n if (wantReply)\n proto.requestFailure();\n }\n },\n CHANNEL_OPEN: (p, info) => {\n // Handle incoming requests from server, typically a forwarded TCP or\n // X11 connection\n onCHANNEL_OPEN(this, info);\n },\n CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n const channel = this._chanMgr.get(info.recipient);\n if (typeof channel !== 'function')\n return;\n\n const isSFTP = (channel.type === 'sftp');\n const type = (isSFTP ? 'session' : channel.type);\n const chanInfo = {\n type,\n incoming: {\n id: info.recipient,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n const instance = (\n isSFTP\n ? new SFTP(this, chanInfo, { debug })\n : new Channel(this, chanInfo)\n );\n this._chanMgr.update(info.recipient, instance);\n channel(undefined, instance);\n },\n CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'function')\n return;\n\n const info = { reason, description };\n onChannelOpenFailure(this, recipient, info, channel);\n },\n CHANNEL_DATA: (p, recipient, data) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n // The remote party should not be sending us data if there is no\n // window space available ...\n // TODO: raise error on data with not enough window?\n if (channel.incoming.window === 0)\n return;\n\n channel.incoming.window -= data.length;\n\n if (channel.push(data) === false) {\n channel._waitChanDrain = true;\n return;\n }\n\n if (channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(channel);\n },\n CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n if (type !== STDERR)\n return;\n\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n // The remote party should not be sending us data if there is no\n // window space available ...\n // TODO: raise error on data with not enough window?\n if (channel.incoming.window === 0)\n return;\n\n channel.incoming.window -= data.length;\n\n if (!channel.stderr.push(data)) {\n channel._waitChanDrain = true;\n return;\n }\n\n if (channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(channel);\n },\n CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n // The other side is allowing us to send `amount` more bytes of data\n channel.outgoing.window += amount;\n\n if (channel._waitWindow) {\n channel._waitWindow = false;\n\n if (channel._chunk) {\n channel._write(channel._chunk, null, channel._chunkcb);\n } else if (channel._chunkcb) {\n channel._chunkcb();\n } else if (channel._chunkErr) {\n channel.stderr._write(channel._chunkErr,\n null,\n channel._chunkcbErr);\n } else if (channel._chunkcbErr) {\n channel._chunkcbErr();\n }\n }\n },\n CHANNEL_SUCCESS: (p, recipient) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n this._resetKA();\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(false);\n },\n CHANNEL_FAILURE: (p, recipient) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n this._resetKA();\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(true);\n },\n CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n const exit = channel._exit;\n if (exit.code !== undefined)\n return;\n switch (type) {\n case 'exit-status':\n channel.emit('exit', exit.code = data);\n return;\n case 'exit-signal':\n channel.emit('exit',\n exit.code = null,\n exit.signal = `SIG${data.signal}`,\n exit.dump = data.coreDumped,\n exit.desc = data.errorMessage);\n return;\n }\n\n // Keepalive request? OpenSSH will send one as a channel request if\n // there is a channel open\n\n if (wantReply)\n p.channelFailure(channel.outgoing.id);\n },\n CHANNEL_EOF: (p, recipient) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.incoming.state !== 'open')\n return;\n channel.incoming.state = 'eof';\n\n if (channel.readable)\n channel.push(null);\n if (channel.stderr.readable)\n channel.stderr.push(null);\n },\n CHANNEL_CLOSE: (p, recipient) => {\n onCHANNEL_CLOSE(this, recipient, this._chanMgr.get(recipient));\n },\n },\n });\n\n sock.pause();\n\n // TODO: check keepalive implementation\n // Keepalive-related\n const kainterval = this.config.keepaliveInterval;\n const kacountmax = this.config.keepaliveCountMax;\n let kacount = 0;\n let katimer;\n const sendKA = () => {\n if (++kacount > kacountmax) {\n clearInterval(katimer);\n if (sock.readable) {\n const err = new Error('Keepalive timeout');\n err.level = 'client-timeout';\n this.emit('error', err);\n sock.destroy();\n }\n return;\n }\n if (isWritable(sock)) {\n // Append dummy callback to keep correct callback order\n callbacks.push(resetKA);\n proto.ping();\n } else {\n clearInterval(katimer);\n }\n };\n function resetKA() {\n if (kainterval > 0) {\n kacount = 0;\n clearInterval(katimer);\n if (isWritable(sock))\n katimer = setInterval(sendKA, kainterval);\n }\n }\n this._resetKA = resetKA;\n\n const onDone = (() => {\n let called = false;\n return () => {\n if (called)\n return;\n called = true;\n if (wasConnected && !sawHeader) {\n const err =\n makeError('Connection lost before handshake', 'protocol', true);\n this.emit('error', err);\n }\n };\n })();\n const onConnect = (() => {\n let called = false;\n return () => {\n if (called)\n return;\n called = true;\n\n wasConnected = true;\n debug && debug('Socket connected');\n this.emit('connect');\n\n cryptoInit.then(() => {\n proto.start();\n sock.on('data', (data) => {\n try {\n proto.parse(data, 0, data.length);\n } catch (ex) {\n this.emit('error', ex);\n try {\n if (isWritable(sock))\n sock.end();\n } catch {}\n }\n });\n\n // Drain stderr if we are connection hopping using an exec stream\n if (sock.stderr && typeof sock.stderr.resume === 'function')\n sock.stderr.resume();\n\n sock.resume();\n }).catch((err) => {\n this.emit('error', err);\n try {\n if (isWritable(sock))\n sock.end();\n } catch {}\n });\n };\n })();\n let wasConnected = false;\n sock.on('connect', onConnect)\n .on('timeout', () => {\n this.emit('timeout');\n }).on('error', (err) => {\n debug && debug(`Socket error: ${err.message}`);\n clearTimeout(this._readyTimeout);\n err.level = 'client-socket';\n this.emit('error', err);\n }).on('end', () => {\n debug && debug('Socket ended');\n onDone();\n proto.cleanup();\n clearTimeout(this._readyTimeout);\n clearInterval(katimer);\n this.emit('end');\n }).on('close', () => {\n debug && debug('Socket closed');\n onDone();\n proto.cleanup();\n clearTimeout(this._readyTimeout);\n clearInterval(katimer);\n this.emit('close');\n\n // Notify outstanding channel requests of disconnection ...\n const callbacks_ = callbacks;\n callbacks = this._callbacks = [];\n const err = new Error('No response from server');\n for (let i = 0; i < callbacks_.length; ++i)\n callbacks_[i](err);\n\n // Simulate error for any channels waiting to be opened\n this._chanMgr.cleanup(err);\n });\n\n // Begin authentication handling ===========================================\n let curAuth;\n let curPartial = null;\n let curAuthsLeft = null;\n const authsAllowed = ['none'];\n if (this.config.password !== undefined)\n authsAllowed.push('password');\n if (privateKey !== undefined)\n authsAllowed.push('publickey');\n if (this._agent !== undefined)\n authsAllowed.push('agent');\n if (this.config.tryKeyboard)\n authsAllowed.push('keyboard-interactive');\n if (privateKey !== undefined\n && this.config.localHostname !== undefined\n && this.config.localUsername !== undefined) {\n authsAllowed.push('hostbased');\n }\n\n if (Array.isArray(authHandler))\n authHandler = makeSimpleAuthHandler(authHandler);\n else if (typeof authHandler !== 'function')\n authHandler = makeSimpleAuthHandler(authsAllowed);\n\n let hasSentAuth = false;\n const doNextAuth = (nextAuth) => {\n if (hasSentAuth)\n return;\n hasSentAuth = true;\n\n if (nextAuth === false) {\n const err = new Error('All configured authentication methods failed');\n err.level = 'client-authentication';\n this.emit('error', err);\n this.end();\n return;\n }\n\n if (typeof nextAuth === 'string') {\n // Remain backwards compatible with original `authHandler()` usage,\n // which only supported passing names of next method to try using data\n // from the `connect()` config object\n\n const type = nextAuth;\n if (authsAllowed.indexOf(type) === -1)\n return skipAuth(`Authentication method not allowed: ${type}`);\n\n const username = this.config.username;\n switch (type) {\n case 'password':\n nextAuth = { type, username, password: this.config.password };\n break;\n case 'publickey':\n nextAuth = { type, username, key: privateKey };\n break;\n case 'hostbased':\n nextAuth = {\n type,\n username,\n key: privateKey,\n localHostname: this.config.localHostname,\n localUsername: this.config.localUsername,\n };\n break;\n case 'agent':\n nextAuth = {\n type,\n username,\n agentCtx: new AgentContext(this._agent),\n };\n break;\n case 'keyboard-interactive':\n nextAuth = {\n type,\n username,\n prompt: (...args) => this.emit('keyboard-interactive', ...args),\n };\n break;\n case 'none':\n nextAuth = { type, username };\n break;\n default:\n return skipAuth(\n `Skipping unsupported authentication method: ${nextAuth}`\n );\n }\n } else if (typeof nextAuth !== 'object' || nextAuth === null) {\n return skipAuth(\n `Skipping invalid authentication attempt: ${nextAuth}`\n );\n } else {\n const username = nextAuth.username;\n if (typeof username !== 'string') {\n return skipAuth(\n `Skipping invalid authentication attempt: ${nextAuth}`\n );\n }\n const type = nextAuth.type;\n switch (type) {\n case 'password': {\n const { password } = nextAuth;\n if (typeof password !== 'string' && !Buffer.isBuffer(password))\n return skipAuth('Skipping invalid password auth attempt');\n nextAuth = { type, username, password };\n break;\n }\n case 'publickey': {\n const key = parseKey(nextAuth.key, nextAuth.passphrase);\n if (key instanceof Error)\n return skipAuth('Skipping invalid key auth attempt');\n if (!key.isPrivateKey())\n return skipAuth('Skipping non-private key');\n nextAuth = { type, username, key };\n break;\n }\n case 'hostbased': {\n const { localHostname, localUsername } = nextAuth;\n const key = parseKey(nextAuth.key, nextAuth.passphrase);\n if (key instanceof Error\n || typeof localHostname !== 'string'\n || typeof localUsername !== 'string') {\n return skipAuth('Skipping invalid hostbased auth attempt');\n }\n if (!key.isPrivateKey())\n return skipAuth('Skipping non-private key');\n nextAuth = { type, username, key, localHostname, localUsername };\n break;\n }\n case 'agent': {\n let agent = nextAuth.agent;\n if (typeof agent === 'string' && agent.length) {\n agent = createAgent(agent);\n } else if (!isAgent(agent)) {\n return skipAuth(\n `Skipping invalid agent: ${nextAuth.agent}`\n );\n }\n nextAuth = { type, username, agentCtx: new AgentContext(agent) };\n break;\n }\n case 'keyboard-interactive': {\n const { prompt } = nextAuth;\n if (typeof prompt !== 'function') {\n return skipAuth(\n 'Skipping invalid keyboard-interactive auth attempt'\n );\n }\n nextAuth = { type, username, prompt };\n break;\n }\n case 'none':\n nextAuth = { type, username };\n break;\n default:\n return skipAuth(\n `Skipping unsupported authentication method: ${nextAuth}`\n );\n }\n }\n curAuth = nextAuth;\n\n // Begin authentication method's process\n try {\n const username = curAuth.username;\n switch (curAuth.type) {\n case 'password':\n proto.authPassword(username, curAuth.password);\n break;\n case 'publickey': {\n let keyAlgo;\n curAuth.keyAlgos = getKeyAlgos(this, curAuth.key, serverSigAlgs);\n if (curAuth.keyAlgos) {\n if (curAuth.keyAlgos.length) {\n keyAlgo = curAuth.keyAlgos[0][0];\n } else {\n return skipAuth(\n 'Skipping key authentication (no mutual hash algorithm)'\n );\n }\n }\n proto.authPK(username, curAuth.key, keyAlgo);\n break;\n }\n case 'hostbased': {\n let keyAlgo;\n let hashAlgo;\n curAuth.keyAlgos = getKeyAlgos(this, curAuth.key, serverSigAlgs);\n if (curAuth.keyAlgos) {\n if (curAuth.keyAlgos.length) {\n [keyAlgo, hashAlgo] = curAuth.keyAlgos[0];\n } else {\n return skipAuth(\n 'Skipping hostbased authentication (no mutual hash algorithm)'\n );\n }\n }\n\n proto.authHostbased(username,\n curAuth.key,\n curAuth.localHostname,\n curAuth.localUsername,\n keyAlgo,\n (buf, cb) => {\n const signature = curAuth.key.sign(buf, hashAlgo);\n if (signature instanceof Error) {\n signature.message =\n `Error while signing with key: ${signature.message}`;\n signature.level = 'client-authentication';\n this.emit('error', signature);\n return tryNextAuth();\n }\n\n cb(signature);\n });\n break;\n }\n case 'agent':\n curAuth.agentCtx.init((err) => {\n if (err) {\n err.level = 'agent';\n this.emit('error', err);\n return tryNextAuth();\n }\n tryNextAgentKey();\n });\n break;\n case 'keyboard-interactive':\n proto.authKeyboard(username);\n break;\n case 'none':\n proto.authNone(username);\n break;\n }\n } finally {\n hasSentAuth = false;\n }\n };\n\n function skipAuth(msg) {\n debug && debug(msg);\n process.nextTick(tryNextAuth);\n }\n\n function tryNextAuth() {\n hasSentAuth = false;\n const auth = authHandler(curAuthsLeft, curPartial, doNextAuth);\n if (hasSentAuth || auth === undefined)\n return;\n doNextAuth(auth);\n }\n\n const tryNextAgentKey = () => {\n if (curAuth.type === 'agent') {\n const key = curAuth.agentCtx.nextKey();\n if (key === false) {\n debug && debug('Agent: No more keys left to try');\n debug && debug('Client: agent auth failed');\n tryNextAuth();\n } else {\n const pos = curAuth.agentCtx.pos();\n let keyAlgo;\n curAuth.keyAlgos = getKeyAlgos(this, key, serverSigAlgs);\n if (curAuth.keyAlgos) {\n if (curAuth.keyAlgos.length) {\n keyAlgo = curAuth.keyAlgos[0][0];\n } else {\n debug && debug(\n `Agent: Skipping key #${pos + 1} (no mutual hash algorithm)`\n );\n tryNextAgentKey();\n return;\n }\n }\n debug && debug(`Agent: Trying key #${pos + 1}`);\n proto.authPK(curAuth.username, key, keyAlgo);\n }\n }\n };\n\n const startTimeout = () => {\n if (this.config.readyTimeout > 0) {\n this._readyTimeout = setTimeout(() => {\n const err = new Error('Timed out while waiting for handshake');\n err.level = 'client-timeout';\n this.emit('error', err);\n sock.destroy();\n }, this.config.readyTimeout);\n }\n };\n\n if (!cfg.sock) {\n let host = this.config.host;\n const forceIPv4 = this.config.forceIPv4;\n const forceIPv6 = this.config.forceIPv6;\n\n debug && debug(`Client: Trying ${host} on port ${this.config.port} ...`);\n\n const doConnect = () => {\n startTimeout();\n sock.connect({\n host,\n port: this.config.port,\n localAddress: this.config.localAddress,\n localPort: this.config.localPort\n });\n sock.setMaxListeners(0);\n sock.setTimeout(typeof cfg.timeout === 'number' ? cfg.timeout : 0);\n };\n\n if ((!forceIPv4 && !forceIPv6) || (forceIPv4 && forceIPv6)) {\n doConnect();\n } else {\n dnsLookup(host, (forceIPv4 ? 4 : 6), (err, address, family) => {\n if (err) {\n const type = (forceIPv4 ? 'IPv4' : 'IPv6');\n const error = new Error(\n `Error while looking up ${type} address for '${host}': ${err}`\n );\n clearTimeout(this._readyTimeout);\n error.level = 'client-dns';\n this.emit('error', error);\n this.emit('close');\n return;\n }\n host = address;\n doConnect();\n });\n }\n } else {\n // Custom socket passed in\n startTimeout();\n if (typeof sock.connecting === 'boolean') {\n // net.Socket\n\n if (!sock.connecting) {\n // Already connected\n onConnect();\n }\n } else {\n // Assume socket/stream is already \"connected\"\n onConnect();\n }\n }\n\n return this;\n }\n\n end() {\n if (this._sock && isWritable(this._sock)) {\n this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n this._sock.end();\n }\n return this;\n }\n\n destroy() {\n this._sock && isWritable(this._sock) && this._sock.destroy();\n return this;\n }\n\n exec(cmd, opts, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n\n const extraOpts = { allowHalfOpen: (opts.allowHalfOpen !== false) };\n\n openChannel(this, 'session', extraOpts, (err, chan) => {\n if (err) {\n cb(err);\n return;\n }\n\n const todo = [];\n\n function reqCb(err) {\n if (err) {\n chan.close();\n cb(err);\n return;\n }\n if (todo.length)\n todo.shift()();\n }\n\n if (this.config.allowAgentFwd === true\n || (opts\n && opts.agentForward === true\n && this._agent !== undefined)) {\n todo.push(() => reqAgentFwd(chan, reqCb));\n }\n\n if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.env === 'object' && opts.env !== null)\n reqEnv(chan, opts.env);\n if ((typeof opts.pty === 'object' && opts.pty !== null)\n || opts.pty === true) {\n todo.push(() => reqPty(chan, opts.pty, reqCb));\n }\n if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n || opts.x11 === 'number'\n || opts.x11 === true) {\n todo.push(() => reqX11(chan, opts.x11, reqCb));\n }\n }\n\n todo.push(() => reqExec(chan, cmd, opts, cb));\n todo.shift()();\n });\n\n return this;\n }\n\n shell(wndopts, opts, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof wndopts === 'function') {\n cb = wndopts;\n wndopts = opts = undefined;\n } else if (typeof opts === 'function') {\n cb = opts;\n opts = undefined;\n }\n if (wndopts && (wndopts.x11 !== undefined || wndopts.env !== undefined)) {\n opts = wndopts;\n wndopts = undefined;\n }\n\n openChannel(this, 'session', (err, chan) => {\n if (err) {\n cb(err);\n return;\n }\n\n const todo = [];\n\n function reqCb(err) {\n if (err) {\n chan.close();\n cb(err);\n return;\n }\n if (todo.length)\n todo.shift()();\n }\n\n if (this.config.allowAgentFwd === true\n || (opts\n && opts.agentForward === true\n && this._agent !== undefined)) {\n todo.push(() => reqAgentFwd(chan, reqCb));\n }\n\n if (wndopts !== false)\n todo.push(() => reqPty(chan, wndopts, reqCb));\n\n if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.env === 'object' && opts.env !== null)\n reqEnv(chan, opts.env);\n if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n || opts.x11 === 'number'\n || opts.x11 === true) {\n todo.push(() => reqX11(chan, opts.x11, reqCb));\n }\n }\n\n todo.push(() => reqShell(chan, cb));\n todo.shift()();\n });\n\n return this;\n }\n\n subsys(name, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n openChannel(this, 'session', (err, chan) => {\n if (err) {\n cb(err);\n return;\n }\n\n reqSubsystem(chan, name, (err, stream) => {\n if (err) {\n cb(err);\n return;\n }\n\n cb(undefined, stream);\n });\n });\n\n return this;\n }\n\n forwardIn(bindAddr, bindPort, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n // Send a request for the server to start forwarding TCP connections to us\n // on a particular address and port\n\n const wantReply = (typeof cb === 'function');\n\n if (wantReply) {\n this._callbacks.push((had_err, data) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to bind to ${bindAddr}:${bindPort}`));\n return;\n }\n\n let realPort = bindPort;\n if (bindPort === 0 && data && data.length >= 4) {\n realPort = readUInt32BE(data, 0);\n if (!(this._protocol._compatFlags & COMPAT.DYN_RPORT_BUG))\n bindPort = realPort;\n }\n\n this._forwarding[`${bindAddr}:${bindPort}`] = realPort;\n\n cb(undefined, realPort);\n });\n }\n\n this._protocol.tcpipForward(bindAddr, bindPort, wantReply);\n\n return this;\n }\n\n unforwardIn(bindAddr, bindPort, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n // Send a request to stop forwarding us new connections for a particular\n // address and port\n\n const wantReply = (typeof cb === 'function');\n\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to unbind from ${bindAddr}:${bindPort}`));\n return;\n }\n\n delete this._forwarding[`${bindAddr}:${bindPort}`];\n\n cb();\n });\n }\n\n this._protocol.cancelTcpipForward(bindAddr, bindPort, wantReply);\n\n return this;\n }\n\n forwardOut(srcIP, srcPort, dstIP, dstPort, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n // Send a request to forward a TCP connection to the server\n\n const cfg = {\n srcIP: srcIP,\n srcPort: srcPort,\n dstIP: dstIP,\n dstPort: dstPort\n };\n\n if (typeof cb !== 'function')\n cb = noop;\n\n openChannel(this, 'direct-tcpip', cfg, cb);\n\n return this;\n }\n\n openssh_noMoreSessions(cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n const wantReply = (typeof cb === 'function');\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to disable future sessions'));\n return;\n }\n\n cb();\n });\n }\n\n this._protocol.openssh_noMoreSessions(wantReply);\n return this;\n }\n\n if (!wantReply)\n return this;\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n openssh_forwardInStreamLocal(socketPath, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n const wantReply = (typeof cb === 'function');\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to bind to ${socketPath}`));\n return;\n }\n this._forwardingUnix[socketPath] = true;\n cb();\n });\n }\n\n this._protocol.openssh_streamLocalForward(socketPath, wantReply);\n return this;\n }\n\n if (!wantReply)\n return this;\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n openssh_unforwardInStreamLocal(socketPath, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n const wantReply = (typeof cb === 'function');\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n if (wantReply) {\n this._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to unbind from ${socketPath}`));\n return;\n }\n delete this._forwardingUnix[socketPath];\n cb();\n });\n }\n\n this._protocol.openssh_cancelStreamLocalForward(socketPath, wantReply);\n return this;\n }\n\n if (!wantReply)\n return this;\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n openssh_forwardOutStreamLocal(socketPath, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof cb !== 'function')\n cb = noop;\n\n if (!this.config.strictVendor\n || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n openChannel(this, 'direct-streamlocal@openssh.com', { socketPath }, cb);\n return this;\n }\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n\n return this;\n }\n\n sftp(env, cb) {\n if (!this._sock || !isWritable(this._sock))\n throw new Error('Not connected');\n\n if (typeof env === 'function') {\n cb = env;\n env = undefined;\n }\n\n openChannel(this, 'sftp', (err, sftp) => {\n if (err) {\n cb(err);\n return;\n }\n\n const reqSubsystemCb = (err, sftp_) => {\n if (err) {\n cb(err);\n return;\n }\n\n function removeListeners() {\n sftp.removeListener('ready', onReady);\n sftp.removeListener('error', onError);\n sftp.removeListener('exit', onExit);\n sftp.removeListener('close', onExit);\n }\n\n function onReady() {\n // TODO: do not remove exit/close in case remote end closes the\n // channel abruptly and we need to notify outstanding callbacks\n removeListeners();\n cb(undefined, sftp);\n }\n\n function onError(err) {\n removeListeners();\n cb(err);\n }\n\n function onExit(code, signal) {\n removeListeners();\n let msg;\n if (typeof code === 'number')\n msg = `Received exit code ${code} while establishing SFTP session`;\n else if (signal !== undefined)\n msg = `Received signal ${signal} while establishing SFTP session`;\n else\n msg = 'Received unexpected SFTP session termination';\n const err = new Error(msg);\n err.code = code;\n err.signal = signal;\n cb(err);\n }\n\n sftp.on('ready', onReady)\n .on('error', onError)\n .on('exit', onExit)\n .on('close', onExit);\n\n sftp._init();\n };\n\n if (typeof env === 'object' && env !== null) {\n reqEnv(sftp, env, (err) => {\n if (err) {\n cb(err);\n return;\n }\n\n reqSubsystem(sftp, 'sftp', reqSubsystemCb);\n });\n } else {\n reqSubsystem(sftp, 'sftp', reqSubsystemCb);\n }\n });\n\n return this;\n }\n\n setNoDelay(noDelay) {\n if (this._sock && typeof this._sock.setNoDelay === 'function')\n this._sock.setNoDelay(noDelay);\n\n return this;\n }\n}\n\nfunction openChannel(self, type, opts, cb) {\n // Ask the server to open a channel for some purpose\n // (e.g. session (sftp, exec, shell), or forwarding a TCP connection\n const initWindow = MAX_WINDOW;\n const maxPacket = PACKET_SIZE;\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n\n const wrapper = (err, stream) => {\n cb(err, stream);\n };\n wrapper.type = type;\n\n const localChan = self._chanMgr.add(wrapper);\n\n if (localChan === -1) {\n cb(new Error('No free channels available'));\n return;\n }\n\n switch (type) {\n case 'session':\n case 'sftp':\n self._protocol.session(localChan, initWindow, maxPacket);\n break;\n case 'direct-tcpip':\n self._protocol.directTcpip(localChan, initWindow, maxPacket, opts);\n break;\n case 'direct-streamlocal@openssh.com':\n self._protocol.openssh_directStreamLocal(\n localChan, initWindow, maxPacket, opts\n );\n break;\n default:\n throw new Error(`Unsupported channel type: ${type}`);\n }\n}\n\nfunction reqX11(chan, screen, cb) {\n // Asks server to start sending us X11 connections\n const cfg = {\n single: false,\n protocol: 'MIT-MAGIC-COOKIE-1',\n cookie: undefined,\n screen: 0\n };\n\n if (typeof screen === 'function') {\n cb = screen;\n } else if (typeof screen === 'object' && screen !== null) {\n if (typeof screen.single === 'boolean')\n cfg.single = screen.single;\n if (typeof screen.screen === 'number')\n cfg.screen = screen.screen;\n if (typeof screen.protocol === 'string')\n cfg.protocol = screen.protocol;\n if (typeof screen.cookie === 'string')\n cfg.cookie = screen.cookie;\n else if (Buffer.isBuffer(screen.cookie))\n cfg.cookie = screen.cookie.hexSlice(0, screen.cookie.length);\n }\n if (cfg.cookie === undefined)\n cfg.cookie = randomCookie();\n\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n if (wantReply)\n cb(new Error('Channel is not open'));\n return;\n }\n\n if (wantReply) {\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true ? had_err : new Error('Unable to request X11'));\n return;\n }\n\n chan._hasX11 = true;\n ++chan._client._acceptX11;\n chan.once('close', () => {\n if (chan._client._acceptX11)\n --chan._client._acceptX11;\n });\n\n cb();\n });\n }\n\n chan._client._protocol.x11Forward(chan.outgoing.id, cfg, wantReply);\n}\n\nfunction reqPty(chan, opts, cb) {\n let rows = 24;\n let cols = 80;\n let width = 640;\n let height = 480;\n let term = 'vt100';\n let modes = null;\n\n if (typeof opts === 'function') {\n cb = opts;\n } else if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.rows === 'number')\n rows = opts.rows;\n if (typeof opts.cols === 'number')\n cols = opts.cols;\n if (typeof opts.width === 'number')\n width = opts.width;\n if (typeof opts.height === 'number')\n height = opts.height;\n if (typeof opts.term === 'string')\n term = opts.term;\n if (typeof opts.modes === 'object')\n modes = opts.modes;\n }\n\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n if (wantReply)\n cb(new Error('Channel is not open'));\n return;\n }\n\n if (wantReply) {\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to request a pseudo-terminal'));\n return;\n }\n cb();\n });\n }\n\n chan._client._protocol.pty(chan.outgoing.id,\n rows,\n cols,\n height,\n width,\n term,\n modes,\n wantReply);\n}\n\nfunction reqAgentFwd(chan, cb) {\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n wantReply && cb(new Error('Channel is not open'));\n return;\n }\n if (chan._client._agentFwdEnabled) {\n wantReply && cb(false);\n return;\n }\n\n chan._client._agentFwdEnabled = true;\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n chan._client._agentFwdEnabled = false;\n if (wantReply) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to request agent forwarding'));\n }\n return;\n }\n\n if (wantReply)\n cb();\n });\n\n chan._client._protocol.openssh_agentForward(chan.outgoing.id, true);\n}\n\nfunction reqShell(chan, cb) {\n if (chan.outgoing.state !== 'open') {\n cb(new Error('Channel is not open'));\n return;\n }\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true ? had_err : new Error('Unable to open shell'));\n return;\n }\n chan.subtype = 'shell';\n cb(undefined, chan);\n });\n\n chan._client._protocol.shell(chan.outgoing.id, true);\n}\n\nfunction reqExec(chan, cmd, opts, cb) {\n if (chan.outgoing.state !== 'open') {\n cb(new Error('Channel is not open'));\n return;\n }\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true ? had_err : new Error('Unable to exec'));\n return;\n }\n chan.subtype = 'exec';\n chan.allowHalfOpen = (opts.allowHalfOpen !== false);\n cb(undefined, chan);\n });\n\n chan._client._protocol.exec(chan.outgoing.id, cmd, true);\n}\n\nfunction reqEnv(chan, env, cb) {\n const wantReply = (typeof cb === 'function');\n\n if (chan.outgoing.state !== 'open') {\n if (wantReply)\n cb(new Error('Channel is not open'));\n return;\n }\n\n if (wantReply) {\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Unable to set environment'));\n return;\n }\n cb();\n });\n }\n\n const keys = Object.keys(env || {});\n\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i];\n const val = env[key];\n chan._client._protocol.env(chan.outgoing.id, key, val, wantReply);\n }\n}\n\nfunction reqSubsystem(chan, name, cb) {\n if (chan.outgoing.state !== 'open') {\n cb(new Error('Channel is not open'));\n return;\n }\n\n chan._callbacks.push((had_err) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error(`Unable to start subsystem: ${name}`));\n return;\n }\n chan.subtype = 'subsystem';\n cb(undefined, chan);\n });\n\n chan._client._protocol.subsystem(chan.outgoing.id, name, true);\n}\n\n// TODO: inline implementation into single call site\nfunction onCHANNEL_OPEN(self, info) {\n // The server is trying to open a channel with us, this is usually when\n // we asked the server to forward us connections on some port and now they\n // are asking us to accept/deny an incoming connection on their side\n\n let localChan = -1;\n let reason;\n\n const accept = () => {\n const chanInfo = {\n type: info.type,\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n const stream = new Channel(self, chanInfo);\n self._chanMgr.update(localChan, stream);\n\n self._protocol.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n return stream;\n };\n const reject = () => {\n if (reason === undefined) {\n if (localChan === -1)\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n else\n reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n }\n\n if (localChan !== -1)\n self._chanMgr.remove(localChan);\n\n self._protocol.channelOpenFail(info.sender, reason, '');\n };\n const reserveChannel = () => {\n localChan = self._chanMgr.add();\n\n if (localChan === -1) {\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n if (self.config.debug) {\n self.config.debug(\n 'Client: Automatic rejection of incoming channel open: '\n + 'no channels available'\n );\n }\n }\n\n return (localChan !== -1);\n };\n\n const data = info.data;\n switch (info.type) {\n case 'forwarded-tcpip': {\n const val = self._forwarding[`${data.destIP}:${data.destPort}`];\n if (val !== undefined && reserveChannel()) {\n if (data.destPort === 0)\n data.destPort = val;\n self.emit('tcp connection', data, accept, reject);\n return;\n }\n break;\n }\n case 'forwarded-streamlocal@openssh.com':\n if (self._forwardingUnix[data.socketPath] !== undefined\n && reserveChannel()) {\n self.emit('unix connection', data, accept, reject);\n return;\n }\n break;\n case 'auth-agent@openssh.com':\n if (self._agentFwdEnabled\n && typeof self._agent.getStream === 'function'\n && reserveChannel()) {\n self._agent.getStream((err, stream) => {\n if (err)\n return reject();\n\n const upstream = accept();\n upstream.pipe(stream).pipe(upstream);\n });\n return;\n }\n break;\n case 'x11':\n if (self._acceptX11 !== 0 && reserveChannel()) {\n self.emit('x11', data, accept, reject);\n return;\n }\n break;\n default:\n // Automatically reject any unsupported channel open requests\n reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n if (self.config.debug) {\n self.config.debug(\n 'Client: Automatic rejection of unsupported incoming channel open '\n + `type: ${info.type}`\n );\n }\n }\n\n if (reason === undefined) {\n reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n if (self.config.debug) {\n self.config.debug(\n 'Client: Automatic rejection of unexpected incoming channel open for: '\n + info.type\n );\n }\n }\n\n reject();\n}\n\nconst randomCookie = (() => {\n const buffer = Buffer.allocUnsafe(16);\n return () => {\n randomFillSync(buffer, 0, 16);\n return buffer.hexSlice(0, 16);\n };\n})();\n\nfunction makeSimpleAuthHandler(authList) {\n if (!Array.isArray(authList))\n throw new Error('authList must be an array');\n\n let a = 0;\n return (authsLeft, partialSuccess, cb) => {\n if (a === authList.length)\n return false;\n return authList[a++];\n };\n}\n\nfunction hostKeysProve(client, keys_, cb) {\n if (!client._sock || !isWritable(client._sock))\n return;\n\n if (typeof cb !== 'function')\n cb = noop;\n\n if (!Array.isArray(keys_))\n throw new TypeError('Invalid keys argument type');\n\n const keys = [];\n for (const key of keys_) {\n const parsed = parseKey(key);\n if (parsed instanceof Error)\n throw parsed;\n keys.push(parsed);\n }\n\n if (!client.config.strictVendor\n || (client.config.strictVendor && RE_OPENSSH.test(client._remoteVer))) {\n client._callbacks.push((had_err, data) => {\n if (had_err) {\n cb(had_err !== true\n ? had_err\n : new Error('Server failed to prove supplied keys'));\n return;\n }\n\n // TODO: move all of this parsing/verifying logic out of the client?\n const ret = [];\n let keyIdx = 0;\n bufferParser.init(data, 0);\n while (bufferParser.avail()) {\n if (keyIdx === keys.length)\n break;\n const key = keys[keyIdx++];\n const keyPublic = key.getPublicSSH();\n\n const sigEntry = bufferParser.readString();\n sigParser.init(sigEntry, 0);\n const type = sigParser.readString(true);\n let value = sigParser.readString();\n\n let algo;\n if (type !== key.type) {\n if (key.type === 'ssh-rsa') {\n switch (type) {\n case 'rsa-sha2-256':\n algo = 'sha256';\n break;\n case 'rsa-sha2-512':\n algo = 'sha512';\n break;\n default:\n continue;\n }\n } else {\n continue;\n }\n }\n\n const sessionID = client._protocol._kex.sessionID;\n const verifyData = Buffer.allocUnsafe(\n 4 + 29 + 4 + sessionID.length + 4 + keyPublic.length\n );\n let p = 0;\n writeUInt32BE(verifyData, 29, p);\n verifyData.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n writeUInt32BE(verifyData, sessionID.length, p += 29);\n bufferCopy(sessionID, verifyData, 0, sessionID.length, p += 4);\n writeUInt32BE(verifyData, keyPublic.length, p += sessionID.length);\n bufferCopy(keyPublic, verifyData, 0, keyPublic.length, p += 4);\n\n if (!(value = sigSSHToASN1(value, type)))\n continue;\n if (key.verify(verifyData, value, algo) === true)\n ret.push(key);\n }\n sigParser.clear();\n bufferParser.clear();\n\n cb(null, ret);\n });\n\n client._protocol.openssh_hostKeysProve(keys);\n return;\n }\n\n process.nextTick(\n cb,\n new Error(\n 'strictVendor enabled and server is not OpenSSH or compatible version'\n )\n );\n}\n\nfunction getKeyAlgos(client, key, serverSigAlgs) {\n switch (key.type) {\n case 'ssh-rsa':\n if (client._protocol._compatFlags & COMPAT.IMPLY_RSA_SHA2_SIGALGS) {\n if (!Array.isArray(serverSigAlgs))\n serverSigAlgs = ['rsa-sha2-256', 'rsa-sha2-512'];\n else\n serverSigAlgs = ['rsa-sha2-256', 'rsa-sha2-512', ...serverSigAlgs];\n }\n if (Array.isArray(serverSigAlgs)) {\n if (serverSigAlgs.indexOf('rsa-sha2-256') !== -1)\n return [['rsa-sha2-256', 'sha256']];\n if (serverSigAlgs.indexOf('rsa-sha2-512') !== -1)\n return [['rsa-sha2-512', 'sha512']];\n if (serverSigAlgs.indexOf('ssh-rsa') === -1)\n return [];\n }\n return [['ssh-rsa', 'sha1']];\n }\n}\n\nmodule.exports = Client;\n","'use strict';\n\nconst { Agent: HttpAgent } = require('http');\nconst { Agent: HttpsAgent } = require('https');\nconst { connect: tlsConnect } = require('tls');\n\nlet Client;\n\nfor (const ctor of [HttpAgent, HttpsAgent]) {\n class SSHAgent extends ctor {\n constructor(connectCfg, agentOptions) {\n super(agentOptions);\n\n this._connectCfg = connectCfg;\n this._defaultSrcIP = (agentOptions && agentOptions.srcIP) || 'localhost';\n }\n\n createConnection(options, cb) {\n const srcIP = (options && options.localAddress) || this._defaultSrcIP;\n const srcPort = (options && options.localPort) || 0;\n const dstIP = options.host;\n const dstPort = options.port;\n\n if (Client === undefined)\n Client = require('./client.js');\n\n const client = new Client();\n let triedForward = false;\n client.on('ready', () => {\n client.forwardOut(srcIP, srcPort, dstIP, dstPort, (err, stream) => {\n triedForward = true;\n if (err) {\n client.end();\n return cb(err);\n }\n stream.once('close', () => client.end());\n cb(null, decorateStream(stream, ctor, options));\n });\n }).on('error', cb).on('close', () => {\n if (!triedForward)\n cb(new Error('Unexpected connection close'));\n }).connect(this._connectCfg);\n }\n }\n\n exports[ctor === HttpAgent ? 'SSHTTPAgent' : 'SSHTTPSAgent'] = SSHAgent;\n}\n\nfunction noop() {}\n\nfunction decorateStream(stream, ctor, options) {\n if (ctor === HttpAgent) {\n // HTTP\n stream.setKeepAlive = noop;\n stream.setNoDelay = noop;\n stream.setTimeout = noop;\n stream.ref = noop;\n stream.unref = noop;\n stream.destroySoon = stream.destroy;\n return stream;\n }\n\n // HTTPS\n options.socket = stream;\n const wrapped = tlsConnect(options);\n\n // This is a workaround for a regression in node v12.16.3+\n // https://github.com/nodejs/node/issues/35904\n const onClose = (() => {\n let called = false;\n return () => {\n if (called)\n return;\n called = true;\n if (stream.isPaused())\n stream.resume();\n };\n })();\n // 'end' listener is needed because 'close' is not emitted in some scenarios\n // in node v12.x for some unknown reason\n wrapped.on('end', onClose).on('close', onClose);\n\n return wrapped;\n}\n","'use strict';\n\nconst {\n AgentProtocol,\n BaseAgent,\n createAgent,\n CygwinAgent,\n OpenSSHAgent,\n PageantAgent,\n} = require('./agent.js');\nconst {\n SSHTTPAgent: HTTPAgent,\n SSHTTPSAgent: HTTPSAgent,\n} = require('./http-agents.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst {\n flagsToString,\n OPEN_MODE,\n STATUS_CODE,\n stringToFlags,\n} = require('./protocol/SFTP.js');\n\nmodule.exports = {\n AgentProtocol,\n BaseAgent,\n createAgent,\n Client: require('./client.js'),\n CygwinAgent,\n HTTPAgent,\n HTTPSAgent,\n OpenSSHAgent,\n PageantAgent,\n Server: require('./server.js'),\n utils: {\n parseKey,\n ...require('./keygen.js'),\n sftp: {\n flagsToString,\n OPEN_MODE,\n STATUS_CODE,\n stringToFlags,\n },\n },\n};\n","'use strict';\n\nconst {\n createCipheriv,\n generateKeyPair: generateKeyPair_,\n generateKeyPairSync: generateKeyPairSync_,\n getCurves,\n randomBytes,\n} = require('crypto');\n\nconst { Ber } = require('asn1');\nconst bcrypt_pbkdf = require('bcrypt-pbkdf').pbkdf;\n\nconst { CIPHER_INFO } = require('./protocol/crypto.js');\n\nconst SALT_LEN = 16;\nconst DEFAULT_ROUNDS = 16;\n\nconst curves = getCurves();\nconst ciphers = new Map(Object.entries(CIPHER_INFO));\n\nfunction makeArgs(type, opts) {\n if (typeof type !== 'string')\n throw new TypeError('Key type must be a string');\n\n const publicKeyEncoding = { type: 'spki', format: 'der' };\n const privateKeyEncoding = { type: 'pkcs8', format: 'der' };\n\n switch (type.toLowerCase()) {\n case 'rsa': {\n if (typeof opts !== 'object' || opts === null)\n throw new TypeError('Missing options object for RSA key');\n const modulusLength = opts.bits;\n if (!Number.isInteger(modulusLength))\n throw new TypeError('RSA bits must be an integer');\n if (modulusLength <= 0 || modulusLength > 16384)\n throw new RangeError('RSA bits must be non-zero and <= 16384');\n return ['rsa', { modulusLength, publicKeyEncoding, privateKeyEncoding }];\n }\n case 'ecdsa': {\n if (typeof opts !== 'object' || opts === null)\n throw new TypeError('Missing options object for ECDSA key');\n if (!Number.isInteger(opts.bits))\n throw new TypeError('ECDSA bits must be an integer');\n let namedCurve;\n switch (opts.bits) {\n case 256:\n namedCurve = 'prime256v1';\n break;\n case 384:\n namedCurve = 'secp384r1';\n break;\n case 521:\n namedCurve = 'secp521r1';\n break;\n default:\n throw new Error('ECDSA bits must be 256, 384, or 521');\n }\n if (!curves.includes(namedCurve))\n throw new Error('Unsupported ECDSA bits value');\n return ['ec', { namedCurve, publicKeyEncoding, privateKeyEncoding }];\n }\n case 'ed25519':\n return ['ed25519', { publicKeyEncoding, privateKeyEncoding }];\n default:\n throw new Error(`Unsupported key type: ${type}`);\n }\n}\n\nfunction parseDERs(keyType, pub, priv) {\n switch (keyType) {\n case 'rsa': {\n // Note: we don't need to parse the public key since the PKCS8 private key\n // already includes the public key parameters\n\n // Parse private key\n let reader = new Ber.Reader(priv);\n reader.readSequence();\n\n // - Version\n if (reader.readInt() !== 0)\n throw new Error('Unsupported version in RSA private key');\n\n // - Algorithm\n reader.readSequence();\n if (reader.readOID() !== '1.2.840.113549.1.1.1')\n throw new Error('Bad RSA private OID');\n // - Algorithm parameters (RSA has none)\n if (reader.readByte() !== Ber.Null)\n throw new Error('Malformed RSA private key (expected null)');\n if (reader.readByte() !== 0x00) {\n throw new Error(\n 'Malformed RSA private key (expected zero-length null)'\n );\n }\n\n reader = new Ber.Reader(reader.readString(Ber.OctetString, true));\n reader.readSequence();\n if (reader.readInt() !== 0)\n throw new Error('Unsupported version in RSA private key');\n const n = reader.readString(Ber.Integer, true);\n const e = reader.readString(Ber.Integer, true);\n const d = reader.readString(Ber.Integer, true);\n const p = reader.readString(Ber.Integer, true);\n const q = reader.readString(Ber.Integer, true);\n reader.readString(Ber.Integer, true); // dmp1\n reader.readString(Ber.Integer, true); // dmq1\n const iqmp = reader.readString(Ber.Integer, true);\n\n /*\n OpenSSH RSA private key:\n string \"ssh-rsa\"\n string n -- public\n string e -- public\n string d -- private\n string iqmp -- private\n string p -- private\n string q -- private\n */\n const keyName = Buffer.from('ssh-rsa');\n const privBuf = Buffer.allocUnsafe(\n 4 + keyName.length\n + 4 + n.length\n + 4 + e.length\n + 4 + d.length\n + 4 + iqmp.length\n + 4 + p.length\n + 4 + q.length\n );\n let pos = 0;\n\n privBuf.writeUInt32BE(keyName.length, pos += 0);\n privBuf.set(keyName, pos += 4);\n privBuf.writeUInt32BE(n.length, pos += keyName.length);\n privBuf.set(n, pos += 4);\n privBuf.writeUInt32BE(e.length, pos += n.length);\n privBuf.set(e, pos += 4);\n privBuf.writeUInt32BE(d.length, pos += e.length);\n privBuf.set(d, pos += 4);\n privBuf.writeUInt32BE(iqmp.length, pos += d.length);\n privBuf.set(iqmp, pos += 4);\n privBuf.writeUInt32BE(p.length, pos += iqmp.length);\n privBuf.set(p, pos += 4);\n privBuf.writeUInt32BE(q.length, pos += p.length);\n privBuf.set(q, pos += 4);\n\n /*\n OpenSSH RSA public key:\n string \"ssh-rsa\"\n string e -- public\n string n -- public\n */\n const pubBuf = Buffer.allocUnsafe(\n 4 + keyName.length\n + 4 + e.length\n + 4 + n.length\n );\n pos = 0;\n\n pubBuf.writeUInt32BE(keyName.length, pos += 0);\n pubBuf.set(keyName, pos += 4);\n pubBuf.writeUInt32BE(e.length, pos += keyName.length);\n pubBuf.set(e, pos += 4);\n pubBuf.writeUInt32BE(n.length, pos += e.length);\n pubBuf.set(n, pos += 4);\n\n return { sshName: keyName.toString(), priv: privBuf, pub: pubBuf };\n }\n case 'ec': {\n // Parse public key\n let reader = new Ber.Reader(pub);\n reader.readSequence();\n\n reader.readSequence();\n if (reader.readOID() !== '1.2.840.10045.2.1')\n throw new Error('Bad ECDSA public OID');\n // Skip curve OID, we'll get it from the private key\n reader.readOID();\n let pubBin = reader.readString(Ber.BitString, true);\n {\n // Remove leading zero bytes\n let i = 0;\n for (; i < pubBin.length && pubBin[i] === 0x00; ++i);\n if (i > 0)\n pubBin = pubBin.slice(i);\n }\n\n // Parse private key\n reader = new Ber.Reader(priv);\n reader.readSequence();\n\n // - Version\n if (reader.readInt() !== 0)\n throw new Error('Unsupported version in ECDSA private key');\n\n reader.readSequence();\n if (reader.readOID() !== '1.2.840.10045.2.1')\n throw new Error('Bad ECDSA private OID');\n const curveOID = reader.readOID();\n let sshCurveName;\n switch (curveOID) {\n case '1.2.840.10045.3.1.7':\n // prime256v1/secp256r1\n sshCurveName = 'nistp256';\n break;\n case '1.3.132.0.34':\n // secp384r1\n sshCurveName = 'nistp384';\n break;\n case '1.3.132.0.35':\n // secp521r1\n sshCurveName = 'nistp521';\n break;\n default:\n throw new Error('Unsupported curve in ECDSA private key');\n }\n\n reader = new Ber.Reader(reader.readString(Ber.OctetString, true));\n reader.readSequence();\n\n // - Version\n if (reader.readInt() !== 1)\n throw new Error('Unsupported version in ECDSA private key');\n\n // Add leading zero byte to prevent negative bignum in private key\n const privBin = Buffer.concat([\n Buffer.from([0x00]),\n reader.readString(Ber.OctetString, true)\n ]);\n\n /*\n OpenSSH ECDSA private key:\n string \"ecdsa-sha2-\"\n string curve name\n string Q -- public\n string d -- private\n */\n const keyName = Buffer.from(`ecdsa-sha2-${sshCurveName}`);\n sshCurveName = Buffer.from(sshCurveName);\n const privBuf = Buffer.allocUnsafe(\n 4 + keyName.length\n + 4 + sshCurveName.length\n + 4 + pubBin.length\n + 4 + privBin.length\n );\n let pos = 0;\n\n privBuf.writeUInt32BE(keyName.length, pos += 0);\n privBuf.set(keyName, pos += 4);\n privBuf.writeUInt32BE(sshCurveName.length, pos += keyName.length);\n privBuf.set(sshCurveName, pos += 4);\n privBuf.writeUInt32BE(pubBin.length, pos += sshCurveName.length);\n privBuf.set(pubBin, pos += 4);\n privBuf.writeUInt32BE(privBin.length, pos += pubBin.length);\n privBuf.set(privBin, pos += 4);\n\n /*\n OpenSSH ECDSA public key:\n string \"ecdsa-sha2-\"\n string curve name\n string Q -- public\n */\n const pubBuf = Buffer.allocUnsafe(\n 4 + keyName.length\n + 4 + sshCurveName.length\n + 4 + pubBin.length\n );\n pos = 0;\n\n pubBuf.writeUInt32BE(keyName.length, pos += 0);\n pubBuf.set(keyName, pos += 4);\n pubBuf.writeUInt32BE(sshCurveName.length, pos += keyName.length);\n pubBuf.set(sshCurveName, pos += 4);\n pubBuf.writeUInt32BE(pubBin.length, pos += sshCurveName.length);\n pubBuf.set(pubBin, pos += 4);\n\n return { sshName: keyName.toString(), priv: privBuf, pub: pubBuf };\n }\n case 'ed25519': {\n // Parse public key\n let reader = new Ber.Reader(pub);\n reader.readSequence();\n\n // - Algorithm\n reader.readSequence();\n if (reader.readOID() !== '1.3.101.112')\n throw new Error('Bad ED25519 public OID');\n // - Attributes (absent for ED25519)\n\n let pubBin = reader.readString(Ber.BitString, true);\n {\n // Remove leading zero bytes\n let i = 0;\n for (; i < pubBin.length && pubBin[i] === 0x00; ++i);\n if (i > 0)\n pubBin = pubBin.slice(i);\n }\n\n // Parse private key\n reader = new Ber.Reader(priv);\n reader.readSequence();\n\n // - Version\n if (reader.readInt() !== 0)\n throw new Error('Unsupported version in ED25519 private key');\n\n // - Algorithm\n reader.readSequence();\n if (reader.readOID() !== '1.3.101.112')\n throw new Error('Bad ED25519 private OID');\n // - Attributes (absent)\n\n reader = new Ber.Reader(reader.readString(Ber.OctetString, true));\n const privBin = reader.readString(Ber.OctetString, true);\n\n /*\n OpenSSH ed25519 private key:\n string \"ssh-ed25519\"\n string public key\n string private key + public key\n */\n const keyName = Buffer.from('ssh-ed25519');\n const privBuf = Buffer.allocUnsafe(\n 4 + keyName.length\n + 4 + pubBin.length\n + 4 + (privBin.length + pubBin.length)\n );\n let pos = 0;\n\n privBuf.writeUInt32BE(keyName.length, pos += 0);\n privBuf.set(keyName, pos += 4);\n privBuf.writeUInt32BE(pubBin.length, pos += keyName.length);\n privBuf.set(pubBin, pos += 4);\n privBuf.writeUInt32BE(\n privBin.length + pubBin.length,\n pos += pubBin.length\n );\n privBuf.set(privBin, pos += 4);\n privBuf.set(pubBin, pos += privBin.length);\n\n /*\n OpenSSH ed25519 public key:\n string \"ssh-ed25519\"\n string public key\n */\n const pubBuf = Buffer.allocUnsafe(\n 4 + keyName.length\n + 4 + pubBin.length\n );\n pos = 0;\n\n pubBuf.writeUInt32BE(keyName.length, pos += 0);\n pubBuf.set(keyName, pos += 4);\n pubBuf.writeUInt32BE(pubBin.length, pos += keyName.length);\n pubBuf.set(pubBin, pos += 4);\n\n return { sshName: keyName.toString(), priv: privBuf, pub: pubBuf };\n }\n }\n}\n\nfunction convertKeys(keyType, pub, priv, opts) {\n let format = 'new';\n let encrypted;\n let comment = '';\n if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.comment === 'string' && opts.comment)\n comment = opts.comment;\n if (typeof opts.format === 'string' && opts.format)\n format = opts.format;\n if (opts.passphrase) {\n let passphrase;\n if (typeof opts.passphrase === 'string')\n passphrase = Buffer.from(opts.passphrase);\n else if (Buffer.isBuffer(opts.passphrase))\n passphrase = opts.passphrase;\n else\n throw new Error('Invalid passphrase');\n\n if (opts.cipher === undefined)\n throw new Error('Missing cipher name');\n const cipher = ciphers.get(opts.cipher);\n if (cipher === undefined)\n throw new Error('Invalid cipher name');\n\n if (format === 'new') {\n let rounds = DEFAULT_ROUNDS;\n if (opts.rounds !== undefined) {\n if (!Number.isInteger(opts.rounds))\n throw new TypeError('rounds must be an integer');\n if (opts.rounds > 0)\n rounds = opts.rounds;\n }\n\n const gen = Buffer.allocUnsafe(cipher.keyLen + cipher.ivLen);\n const salt = randomBytes(SALT_LEN);\n const r = bcrypt_pbkdf(\n passphrase,\n passphrase.length,\n salt,\n salt.length,\n gen,\n gen.length,\n rounds\n );\n if (r !== 0)\n return new Error('Failed to generate information to encrypt key');\n\n /*\n string salt\n uint32 rounds\n */\n const kdfOptions = Buffer.allocUnsafe(4 + salt.length + 4);\n {\n let pos = 0;\n kdfOptions.writeUInt32BE(salt.length, pos += 0);\n kdfOptions.set(salt, pos += 4);\n kdfOptions.writeUInt32BE(rounds, pos += salt.length);\n }\n\n encrypted = {\n cipher,\n cipherName: opts.cipher,\n kdfName: 'bcrypt',\n kdfOptions,\n key: gen.slice(0, cipher.keyLen),\n iv: gen.slice(cipher.keyLen),\n };\n }\n }\n }\n\n switch (format) {\n case 'new': {\n let privateB64 = '-----BEGIN OPENSSH PRIVATE KEY-----\\n';\n let publicB64;\n /*\n byte[] \"openssh-key-v1\\0\"\n string ciphername\n string kdfname\n string kdfoptions\n uint32 number of keys N\n string publickey1\n string encrypted, padded list of private keys\n uint32 checkint\n uint32 checkint\n byte[] privatekey1\n string comment1\n byte 1\n byte 2\n byte 3\n ...\n byte padlen % 255\n */\n const cipherName = Buffer.from(encrypted ? encrypted.cipherName : 'none');\n const kdfName = Buffer.from(encrypted ? encrypted.kdfName : 'none');\n const kdfOptions = (encrypted ? encrypted.kdfOptions : Buffer.alloc(0));\n const blockLen = (encrypted ? encrypted.cipher.blockLen : 8);\n\n const parsed = parseDERs(keyType, pub, priv);\n\n const checkInt = randomBytes(4);\n const commentBin = Buffer.from(comment);\n const privBlobLen = (4 + 4 + parsed.priv.length + 4 + commentBin.length);\n let padding = [];\n for (let i = 1; ((privBlobLen + padding.length) % blockLen); ++i)\n padding.push(i & 0xFF);\n padding = Buffer.from(padding);\n\n let privBlob = Buffer.allocUnsafe(privBlobLen + padding.length);\n let extra;\n {\n let pos = 0;\n privBlob.set(checkInt, pos += 0);\n privBlob.set(checkInt, pos += 4);\n privBlob.set(parsed.priv, pos += 4);\n privBlob.writeUInt32BE(commentBin.length, pos += parsed.priv.length);\n privBlob.set(commentBin, pos += 4);\n privBlob.set(padding, pos += commentBin.length);\n }\n\n if (encrypted) {\n const options = { authTagLength: encrypted.cipher.authLen };\n const cipher = createCipheriv(\n encrypted.cipher.sslName,\n encrypted.key,\n encrypted.iv,\n options\n );\n cipher.setAutoPadding(false);\n privBlob = Buffer.concat([ cipher.update(privBlob), cipher.final() ]);\n if (encrypted.cipher.authLen > 0)\n extra = cipher.getAuthTag();\n else\n extra = Buffer.alloc(0);\n encrypted.key.fill(0);\n encrypted.iv.fill(0);\n } else {\n extra = Buffer.alloc(0);\n }\n\n const magicBytes = Buffer.from('openssh-key-v1\\0');\n const privBin = Buffer.allocUnsafe(\n magicBytes.length\n + 4 + cipherName.length\n + 4 + kdfName.length\n + 4 + kdfOptions.length\n + 4\n + 4 + parsed.pub.length\n + 4 + privBlob.length\n + extra.length\n );\n {\n let pos = 0;\n privBin.set(magicBytes, pos += 0);\n privBin.writeUInt32BE(cipherName.length, pos += magicBytes.length);\n privBin.set(cipherName, pos += 4);\n privBin.writeUInt32BE(kdfName.length, pos += cipherName.length);\n privBin.set(kdfName, pos += 4);\n privBin.writeUInt32BE(kdfOptions.length, pos += kdfName.length);\n privBin.set(kdfOptions, pos += 4);\n privBin.writeUInt32BE(1, pos += kdfOptions.length);\n privBin.writeUInt32BE(parsed.pub.length, pos += 4);\n privBin.set(parsed.pub, pos += 4);\n privBin.writeUInt32BE(privBlob.length, pos += parsed.pub.length);\n privBin.set(privBlob, pos += 4);\n privBin.set(extra, pos += privBlob.length);\n }\n\n {\n const b64 = privBin.base64Slice(0, privBin.length);\n let formatted = b64.replace(/.{64}/g, '$&\\n');\n if (b64.length & 63)\n formatted += '\\n';\n privateB64 += formatted;\n }\n\n {\n const b64 = parsed.pub.base64Slice(0, parsed.pub.length);\n publicB64 = `${parsed.sshName} ${b64}${comment ? ` ${comment}` : ''}`;\n }\n\n privateB64 += '-----END OPENSSH PRIVATE KEY-----\\n';\n return {\n private: privateB64,\n public: publicB64,\n };\n }\n default:\n throw new Error('Invalid output key format');\n }\n}\n\nfunction noop() {}\n\nmodule.exports = {\n generateKeyPair: (keyType, opts, cb) => {\n if (typeof opts === 'function') {\n cb = opts;\n opts = undefined;\n }\n if (typeof cb !== 'function')\n cb = noop;\n const args = makeArgs(keyType, opts);\n generateKeyPair_(...args, (err, pub, priv) => {\n if (err)\n return cb(err);\n let ret;\n try {\n ret = convertKeys(args[0], pub, priv, opts);\n } catch (ex) {\n return cb(ex);\n }\n cb(null, ret);\n });\n },\n generateKeyPairSync: (keyType, opts) => {\n const args = makeArgs(keyType, opts);\n const { publicKey: pub, privateKey: priv } = generateKeyPairSync_(...args);\n return convertKeys(args[0], pub, priv, opts);\n }\n};\n","/*\n TODO:\n * Replace `buffer._pos` usage in keyParser.js and elsewhere\n * Utilize optional \"writev\" support when writing packets from\n cipher.encrypt()\n * Built-in support for automatic re-keying, on by default\n * Revisit receiving unexpected/unknown packets\n * Error (fatal or otherwise) or ignore or pass on to user (in some or all\n cases)?\n * Including server/client check for single directional packet types?\n * Check packets for validity or bail as early as possible?\n * Automatic re-key every 2**31 packets after the last key exchange (sent or\n received), as suggested by RFC4344. OpenSSH currently does this.\n * Automatic re-key every so many blocks depending on cipher. RFC4344:\n Because of a birthday property of block ciphers and some modes of\n operation, implementations must be careful not to encrypt too many\n blocks with the same encryption key.\n\n Let L be the block length (in bits) of an SSH encryption method's\n block cipher (e.g., 128 for AES). If L is at least 128, then, after\n rekeying, an SSH implementation SHOULD NOT encrypt more than 2**(L/4)\n blocks before rekeying again. If L is at least 128, then SSH\n implementations should also attempt to force a rekey before receiving\n more than 2**(L/4) blocks. If L is less than 128 (which is the case\n for older ciphers such as 3DES, Blowfish, CAST-128, and IDEA), then,\n although it may be too expensive to rekey every 2**(L/4) blocks, it\n is still advisable for SSH implementations to follow the original\n recommendation in [RFC4253]: rekey at least once for every gigabyte\n of transmitted data.\n\n Note that if L is less than or equal to 128, then the recommendation\n in this subsection supersedes the recommendation in Section 3.1. If\n an SSH implementation uses a block cipher with a larger block size\n (e.g., Rijndael with 256-bit blocks), then the recommendations in\n Section 3.1 may supersede the recommendations in this subsection\n (depending on the lengths of the packets).\n*/\n\n'use strict';\n\nconst { inspect } = require('util');\n\nconst { bindingAvailable, NullCipher, NullDecipher } = require('./crypto.js');\nconst {\n COMPAT_CHECKS,\n DISCONNECT_REASON,\n eddsaSupported,\n MESSAGE,\n SIGNALS,\n TERMINAL_MODE,\n} = require('./constants.js');\nconst {\n DEFAULT_KEXINIT_CLIENT,\n DEFAULT_KEXINIT_SERVER,\n KexInit,\n kexinit,\n onKEXPayload,\n} = require('./kex.js');\nconst {\n parseKey,\n} = require('./keyParser.js');\nconst MESSAGE_HANDLERS = require('./handlers.js');\nconst {\n bufferCopy,\n bufferFill,\n bufferSlice,\n convertSignature,\n sendPacket,\n writeUInt32BE,\n} = require('./utils.js');\nconst {\n PacketReader,\n PacketWriter,\n ZlibPacketReader,\n ZlibPacketWriter,\n} = require('./zlib.js');\n\nconst MODULE_VER = require('../../package.json').version;\n\nconst VALID_DISCONNECT_REASONS = new Map(\n Object.values(DISCONNECT_REASON).map((n) => [n, 1])\n);\nconst IDENT_RAW = Buffer.from(`SSH-2.0-ssh2js${MODULE_VER}`);\nconst IDENT = Buffer.from(`${IDENT_RAW}\\r\\n`);\nconst MAX_LINE_LEN = 8192;\nconst MAX_LINES = 1024;\nconst PING_PAYLOAD = Buffer.from([\n MESSAGE.GLOBAL_REQUEST,\n // \"keepalive@openssh.com\"\n 0, 0, 0, 21,\n 107, 101, 101, 112, 97, 108, 105, 118, 101, 64, 111, 112, 101, 110, 115,\n 115, 104, 46, 99, 111, 109,\n // Request a reply\n 1,\n]);\nconst NO_TERMINAL_MODES_BUFFER = Buffer.from([ TERMINAL_MODE.TTY_OP_END ]);\n\nfunction noop() {}\n\n/*\n Inbound:\n * kexinit payload (needed only until exchange hash is generated)\n * raw ident\n * rekey packet queue\n * expected packet (implemented as separate _parse() function?)\n Outbound:\n * kexinit payload (needed only until exchange hash is generated)\n * rekey packet queue\n * kex secret (needed only until NEWKEYS)\n * exchange hash (needed only until NEWKEYS)\n * session ID (set to exchange hash from initial handshake)\n*/\nclass Protocol {\n constructor(config) {\n const onWrite = config.onWrite;\n if (typeof onWrite !== 'function')\n throw new Error('Missing onWrite function');\n this._onWrite = (data) => { onWrite(data); };\n\n const onError = config.onError;\n if (typeof onError !== 'function')\n throw new Error('Missing onError function');\n this._onError = (err) => { onError(err); };\n\n const debug = config.debug;\n this._debug = (typeof debug === 'function'\n ? (msg) => { debug(msg); }\n : undefined);\n\n const onHeader = config.onHeader;\n this._onHeader = (typeof onHeader === 'function'\n ? (...args) => { onHeader(...args); }\n : noop);\n\n const onPacket = config.onPacket;\n this._onPacket = (typeof onPacket === 'function'\n ? () => { onPacket(); }\n : noop);\n\n let onHandshakeComplete = config.onHandshakeComplete;\n if (typeof onHandshakeComplete !== 'function')\n onHandshakeComplete = noop;\n let firstHandshake;\n this._onHandshakeComplete = (...args) => {\n this._debug && this._debug('Handshake completed');\n if (firstHandshake === undefined)\n firstHandshake = true;\n else\n firstHandshake = false;\n\n // Process packets queued during a rekey where necessary\n const oldQueue = this._queue;\n if (oldQueue) {\n this._queue = undefined;\n this._debug && this._debug(\n `Draining outbound queue (${oldQueue.length}) ...`\n );\n for (let i = 0; i < oldQueue.length; ++i) {\n const data = oldQueue[i];\n // data === payload only\n\n // XXX: hacky\n let finalized = this._packetRW.write.finalize(data);\n if (finalized === data) {\n const packet = this._cipher.allocPacket(data.length);\n packet.set(data, 5);\n finalized = packet;\n }\n\n sendPacket(this, finalized);\n }\n this._debug && this._debug('... finished draining outbound queue');\n }\n\n if (firstHandshake && this._server && this._kex.remoteExtInfoEnabled)\n sendExtInfo(this);\n\n onHandshakeComplete(...args);\n };\n this._queue = undefined;\n\n const messageHandlers = config.messageHandlers;\n if (typeof messageHandlers === 'object' && messageHandlers !== null)\n this._handlers = messageHandlers;\n else\n this._handlers = {};\n\n this._onPayload = onPayload.bind(this);\n\n this._server = !!config.server;\n this._banner = undefined;\n let greeting;\n if (this._server) {\n if (typeof config.hostKeys !== 'object' || config.hostKeys === null)\n throw new Error('Missing server host key(s)');\n this._hostKeys = config.hostKeys;\n\n // Greeting displayed before the ssh identification string is sent, this\n // is usually ignored by most clients\n if (typeof config.greeting === 'string' && config.greeting.length) {\n greeting = (config.greeting.slice(-2) === '\\r\\n'\n ? config.greeting\n : `${config.greeting}\\r\\n`);\n }\n\n // Banner shown after the handshake completes, but before user\n // authentication begins\n if (typeof config.banner === 'string' && config.banner.length) {\n this._banner = (config.banner.slice(-2) === '\\r\\n'\n ? config.banner\n : `${config.banner}\\r\\n`);\n }\n } else {\n this._hostKeys = undefined;\n }\n\n let offer = config.offer;\n if (typeof offer !== 'object' || offer === null) {\n offer = (this._server ? DEFAULT_KEXINIT_SERVER : DEFAULT_KEXINIT_CLIENT);\n } else if (offer.constructor !== KexInit) {\n if (this._server) {\n offer.kex = offer.kex.concat(['kex-strict-s-v00@openssh.com']);\n } else {\n offer.kex = offer.kex.concat([\n 'ext-info-c',\n 'kex-strict-c-v00@openssh.com',\n ]);\n }\n offer = new KexInit(offer);\n }\n this._kex = undefined;\n this._strictMode = undefined;\n this._kexinit = undefined;\n this._offer = offer;\n this._cipher = new NullCipher(0, this._onWrite);\n this._decipher = undefined;\n this._skipNextInboundPacket = false;\n this._packetRW = {\n read: new PacketReader(),\n write: new PacketWriter(this),\n };\n this._hostVerifier = (!this._server\n && typeof config.hostVerifier === 'function'\n ? config.hostVerifier\n : undefined);\n\n this._parse = parseHeader;\n this._buffer = undefined;\n this._authsQueue = [];\n this._authenticated = false;\n this._remoteIdentRaw = undefined;\n let sentIdent;\n if (typeof config.ident === 'string') {\n this._identRaw = Buffer.from(`SSH-2.0-${config.ident}`);\n\n sentIdent = Buffer.allocUnsafe(this._identRaw.length + 2);\n sentIdent.set(this._identRaw, 0);\n sentIdent[sentIdent.length - 2] = 13; // '\\r'\n sentIdent[sentIdent.length - 1] = 10; // '\\n'\n } else if (Buffer.isBuffer(config.ident)) {\n const fullIdent = Buffer.allocUnsafe(8 + config.ident.length);\n fullIdent.latin1Write('SSH-2.0-', 0, 8);\n fullIdent.set(config.ident, 8);\n this._identRaw = fullIdent;\n\n sentIdent = Buffer.allocUnsafe(fullIdent.length + 2);\n sentIdent.set(fullIdent, 0);\n sentIdent[sentIdent.length - 2] = 13; // '\\r'\n sentIdent[sentIdent.length - 1] = 10; // '\\n'\n } else {\n this._identRaw = IDENT_RAW;\n sentIdent = IDENT;\n }\n this._compatFlags = 0;\n\n if (this._debug) {\n if (bindingAvailable)\n this._debug('Custom crypto binding available');\n else\n this._debug('Custom crypto binding not available');\n }\n\n this._debug && this._debug(\n `Local ident: ${inspect(this._identRaw.toString())}`\n );\n this.start = () => {\n this.start = undefined;\n if (greeting)\n this._onWrite(greeting);\n this._onWrite(sentIdent);\n };\n }\n _destruct(reason) {\n this._packetRW.read.cleanup();\n this._packetRW.write.cleanup();\n this._cipher && this._cipher.free();\n this._decipher && this._decipher.free();\n if (typeof reason !== 'string' || reason.length === 0)\n reason = 'fatal error';\n this.parse = () => {\n throw new Error(`Instance unusable after ${reason}`);\n };\n this._onWrite = () => {\n throw new Error(`Instance unusable after ${reason}`);\n };\n this._destruct = undefined;\n }\n cleanup() {\n this._destruct && this._destruct();\n }\n parse(chunk, i, len) {\n while (i < len)\n i = this._parse(chunk, i, len);\n }\n\n // Protocol message API\n\n // ===========================================================================\n // Common/Shared =============================================================\n // ===========================================================================\n\n // Global\n // ------\n disconnect(reason) {\n const pktLen = 1 + 4 + 4 + 4;\n // We don't use _packetRW.write.* here because we need to make sure that\n // we always get a full packet allocated because this message can be sent\n // at any time -- even during a key exchange\n let p = this._packetRW.write.allocStartKEX;\n const packet = this._packetRW.write.alloc(pktLen, true);\n const end = p + pktLen;\n\n if (!VALID_DISCONNECT_REASONS.has(reason))\n reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n\n packet[p] = MESSAGE.DISCONNECT;\n writeUInt32BE(packet, reason, ++p);\n packet.fill(0, p += 4, end);\n\n this._debug && this._debug(`Outbound: Sending DISCONNECT (${reason})`);\n sendPacket(this, this._packetRW.write.finalize(packet, true), true);\n }\n ping() {\n const p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(PING_PAYLOAD.length);\n\n packet.set(PING_PAYLOAD, p);\n\n this._debug && this._debug(\n 'Outbound: Sending ping (GLOBAL_REQUEST: keepalive@openssh.com)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n rekey() {\n if (this._kexinit === undefined) {\n this._debug && this._debug('Outbound: Initiated explicit rekey');\n this._queue = [];\n kexinit(this);\n } else {\n this._debug && this._debug('Outbound: Ignoring rekey during handshake');\n }\n }\n\n // 'ssh-connection' service-specific\n // ---------------------------------\n requestSuccess(data) {\n let p = this._packetRW.write.allocStart;\n let packet;\n if (Buffer.isBuffer(data)) {\n packet = this._packetRW.write.alloc(1 + data.length);\n\n packet[p] = MESSAGE.REQUEST_SUCCESS;\n\n packet.set(data, ++p);\n } else {\n packet = this._packetRW.write.alloc(1);\n\n packet[p] = MESSAGE.REQUEST_SUCCESS;\n }\n\n this._debug && this._debug('Outbound: Sending REQUEST_SUCCESS');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n requestFailure() {\n const p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1);\n\n packet[p] = MESSAGE.REQUEST_FAILURE;\n\n this._debug && this._debug('Outbound: Sending REQUEST_FAILURE');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelSuccess(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_SUCCESS;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_SUCCESS (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelFailure(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_FAILURE;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_FAILURE (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelEOF(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_EOF;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_EOF (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelClose(chan) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_CLOSE;\n\n writeUInt32BE(packet, chan, ++p);\n\n this._debug && this._debug(`Outbound: Sending CHANNEL_CLOSE (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelWindowAdjust(chan, amount) {\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_WINDOW_ADJUST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, amount, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_WINDOW_ADJUST (r:${chan}, ${amount})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelData(chan, data) {\n const isBuffer = Buffer.isBuffer(data);\n const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + dataLen);\n\n packet[p] = MESSAGE.CHANNEL_DATA;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, dataLen, p += 4);\n\n if (isBuffer)\n packet.set(data, p += 4);\n else\n packet.utf8Write(data, p += 4, dataLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_DATA (r:${chan}, ${dataLen})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelExtData(chan, data, type) {\n const isBuffer = Buffer.isBuffer(data);\n const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + dataLen);\n\n packet[p] = MESSAGE.CHANNEL_EXTENDED_DATA;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, type, p += 4);\n\n writeUInt32BE(packet, dataLen, p += 4);\n\n if (isBuffer)\n packet.set(data, p += 4);\n else\n packet.utf8Write(data, p += 4, dataLen);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_EXTENDED_DATA (r:${chan})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelOpenConfirm(remote, local, initWindow, maxPacket) {\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN_CONFIRMATION;\n\n writeUInt32BE(packet, remote, ++p);\n\n writeUInt32BE(packet, local, p += 4);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN_CONFIRMATION (r:${remote}, l:${local})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n channelOpenFail(remote, reason, desc) {\n if (typeof desc !== 'string')\n desc = '';\n\n const descLen = Buffer.byteLength(desc);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + descLen + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN_FAILURE;\n\n writeUInt32BE(packet, remote, ++p);\n\n writeUInt32BE(packet, reason, p += 4);\n\n writeUInt32BE(packet, descLen, p += 4);\n\n p += 4;\n if (descLen) {\n packet.utf8Write(desc, p, descLen);\n p += descLen;\n }\n\n writeUInt32BE(packet, 0, p); // Empty language tag\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_OPEN_FAILURE (r:${remote})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // ===========================================================================\n // Client-specific ===========================================================\n // ===========================================================================\n\n // Global\n // ------\n service(name) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const nameLen = Buffer.byteLength(name);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + nameLen);\n\n packet[p] = MESSAGE.SERVICE_REQUEST;\n\n writeUInt32BE(packet, nameLen, ++p);\n packet.utf8Write(name, p += 4, nameLen);\n\n this._debug && this._debug(`Outbound: Sending SERVICE_REQUEST (${name})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // 'ssh-userauth' service-specific\n // -------------------------------\n authPassword(username, password, newPassword) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const userLen = Buffer.byteLength(username);\n const passLen = Buffer.byteLength(password);\n const newPassLen = (newPassword ? Buffer.byteLength(newPassword) : 0);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + userLen + 4 + 14 + 4 + 8 + 1 + 4 + passLen\n + (newPassword ? 4 + newPassLen : 0)\n );\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 8, p += 14);\n packet.utf8Write('password', p += 4, 8);\n\n packet[p += 8] = (newPassword ? 1 : 0);\n\n writeUInt32BE(packet, passLen, ++p);\n if (Buffer.isBuffer(password))\n bufferCopy(password, packet, 0, passLen, p += 4);\n else\n packet.utf8Write(password, p += 4, passLen);\n\n if (newPassword) {\n writeUInt32BE(packet, newPassLen, p += passLen);\n if (Buffer.isBuffer(newPassword))\n bufferCopy(newPassword, packet, 0, newPassLen, p += 4);\n else\n packet.utf8Write(newPassword, p += 4, newPassLen);\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (changed password)'\n );\n } else {\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (password)'\n );\n }\n\n this._authsQueue.push('password');\n\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authPK(username, pubKey, keyAlgo, cbSign) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n pubKey = parseKey(pubKey);\n if (pubKey instanceof Error)\n throw new Error('Invalid key');\n\n const keyType = pubKey.type;\n pubKey = pubKey.getPublicSSH();\n\n if (typeof keyAlgo === 'function') {\n cbSign = keyAlgo;\n keyAlgo = undefined;\n }\n if (!keyAlgo)\n keyAlgo = keyType;\n\n const userLen = Buffer.byteLength(username);\n const algoLen = Buffer.byteLength(keyAlgo);\n const pubKeyLen = pubKey.length;\n const sessionID = this._kex.sessionID;\n const sesLen = sessionID.length;\n const payloadLen =\n (cbSign ? 4 + sesLen : 0)\n + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen;\n let packet;\n let p;\n if (cbSign) {\n packet = Buffer.allocUnsafe(payloadLen);\n p = 0;\n writeUInt32BE(packet, sesLen, p);\n packet.set(sessionID, p += 4);\n p += sesLen;\n } else {\n packet = this._packetRW.write.alloc(payloadLen);\n p = this._packetRW.write.allocStart;\n }\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 9, p += 14);\n packet.utf8Write('publickey', p += 4, 9);\n\n packet[p += 9] = (cbSign ? 1 : 0);\n\n writeUInt32BE(packet, algoLen, ++p);\n packet.utf8Write(keyAlgo, p += 4, algoLen);\n\n writeUInt32BE(packet, pubKeyLen, p += algoLen);\n packet.set(pubKey, p += 4);\n\n if (!cbSign) {\n this._authsQueue.push('publickey');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (publickey -- check)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n return;\n }\n\n cbSign(packet, (signature) => {\n signature = convertSignature(signature, keyType);\n if (signature === false)\n throw new Error('Error while converting handshake signature');\n\n const sigLen = signature.length;\n p = this._packetRW.write.allocStart;\n packet = this._packetRW.write.alloc(\n 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen + 4\n + 4 + algoLen + 4 + sigLen\n );\n\n // TODO: simply copy from original \"packet\" to new `packet` to avoid\n // having to write each individual field a second time?\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 9, p += 14);\n packet.utf8Write('publickey', p += 4, 9);\n\n packet[p += 9] = 1;\n\n writeUInt32BE(packet, algoLen, ++p);\n packet.utf8Write(keyAlgo, p += 4, algoLen);\n\n writeUInt32BE(packet, pubKeyLen, p += algoLen);\n packet.set(pubKey, p += 4);\n\n writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += pubKeyLen);\n\n writeUInt32BE(packet, algoLen, p += 4);\n packet.utf8Write(keyAlgo, p += 4, algoLen);\n\n writeUInt32BE(packet, sigLen, p += algoLen);\n packet.set(signature, p += 4);\n\n // Servers shouldn't send packet type 60 in response to signed publickey\n // attempts, but if they do, interpret as type 60.\n this._authsQueue.push('publickey');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (publickey)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n });\n }\n authHostbased(username, pubKey, hostname, userlocal, keyAlgo, cbSign) {\n // TODO: Make DRY by sharing similar code with authPK()\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n pubKey = parseKey(pubKey);\n if (pubKey instanceof Error)\n throw new Error('Invalid key');\n\n const keyType = pubKey.type;\n pubKey = pubKey.getPublicSSH();\n\n if (typeof keyAlgo === 'function') {\n cbSign = keyAlgo;\n keyAlgo = undefined;\n }\n if (!keyAlgo)\n keyAlgo = keyType;\n\n const userLen = Buffer.byteLength(username);\n const algoLen = Buffer.byteLength(keyAlgo);\n const pubKeyLen = pubKey.length;\n const sessionID = this._kex.sessionID;\n const sesLen = sessionID.length;\n const hostnameLen = Buffer.byteLength(hostname);\n const userlocalLen = Buffer.byteLength(userlocal);\n const data = Buffer.allocUnsafe(\n 4 + sesLen + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 4 + algoLen\n + 4 + pubKeyLen + 4 + hostnameLen + 4 + userlocalLen\n );\n let p = 0;\n\n writeUInt32BE(data, sesLen, p);\n data.set(sessionID, p += 4);\n\n data[p += sesLen] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(data, userLen, ++p);\n data.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(data, 14, p += userLen);\n data.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(data, 9, p += 14);\n data.utf8Write('hostbased', p += 4, 9);\n\n writeUInt32BE(data, algoLen, p += 9);\n data.utf8Write(keyAlgo, p += 4, algoLen);\n\n writeUInt32BE(data, pubKeyLen, p += algoLen);\n data.set(pubKey, p += 4);\n\n writeUInt32BE(data, hostnameLen, p += pubKeyLen);\n data.utf8Write(hostname, p += 4, hostnameLen);\n\n writeUInt32BE(data, userlocalLen, p += hostnameLen);\n data.utf8Write(userlocal, p += 4, userlocalLen);\n\n cbSign(data, (signature) => {\n signature = convertSignature(signature, keyType);\n if (!signature)\n throw new Error('Error while converting handshake signature');\n\n const sigLen = signature.length;\n const reqDataLen = (data.length - sesLen - 4);\n p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n reqDataLen + 4 + 4 + algoLen + 4 + sigLen\n );\n\n bufferCopy(data, packet, 4 + sesLen, data.length, p);\n\n writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += reqDataLen);\n writeUInt32BE(packet, algoLen, p += 4);\n packet.utf8Write(keyAlgo, p += 4, algoLen);\n writeUInt32BE(packet, sigLen, p += algoLen);\n packet.set(signature, p += 4);\n\n this._authsQueue.push('hostbased');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (hostbased)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n });\n }\n authKeyboard(username) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const userLen = Buffer.byteLength(username);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + userLen + 4 + 14 + 4 + 20 + 4 + 4\n );\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 20, p += 14);\n packet.utf8Write('keyboard-interactive', p += 4, 20);\n\n writeUInt32BE(packet, 0, p += 20);\n\n writeUInt32BE(packet, 0, p += 4);\n\n this._authsQueue.push('keyboard-interactive');\n\n this._debug && this._debug(\n 'Outbound: Sending USERAUTH_REQUEST (keyboard-interactive)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authNone(username) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const userLen = Buffer.byteLength(username);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + userLen + 4 + 14 + 4 + 4);\n\n packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n writeUInt32BE(packet, userLen, ++p);\n packet.utf8Write(username, p += 4, userLen);\n\n writeUInt32BE(packet, 14, p += userLen);\n packet.utf8Write('ssh-connection', p += 4, 14);\n\n writeUInt32BE(packet, 4, p += 14);\n packet.utf8Write('none', p += 4, 4);\n\n this._authsQueue.push('none');\n\n this._debug && this._debug('Outbound: Sending USERAUTH_REQUEST (none)');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authInfoRes(responses) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n let responsesTotalLen = 0;\n let responseLens;\n\n if (responses) {\n responseLens = new Array(responses.length);\n for (let i = 0; i < responses.length; ++i) {\n const len = Buffer.byteLength(responses[i]);\n responseLens[i] = len;\n responsesTotalLen += 4 + len;\n }\n }\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + responsesTotalLen);\n\n packet[p] = MESSAGE.USERAUTH_INFO_RESPONSE;\n\n if (responses) {\n writeUInt32BE(packet, responses.length, ++p);\n p += 4;\n for (let i = 0; i < responses.length; ++i) {\n const len = responseLens[i];\n writeUInt32BE(packet, len, p);\n p += 4;\n if (len) {\n packet.utf8Write(responses[i], p, len);\n p += len;\n }\n }\n } else {\n writeUInt32BE(packet, 0, ++p);\n }\n\n this._debug && this._debug('Outbound: Sending USERAUTH_INFO_RESPONSE');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // 'ssh-connection' service-specific\n // ---------------------------------\n tcpipForward(bindAddr, bindPort, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const addrLen = Buffer.byteLength(bindAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 13 + 1 + 4 + addrLen + 4);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 13, ++p);\n packet.utf8Write('tcpip-forward', p += 4, 13);\n\n packet[p += 13] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, addrLen, ++p);\n packet.utf8Write(bindAddr, p += 4, addrLen);\n\n writeUInt32BE(packet, bindPort, p += addrLen);\n\n this._debug\n && this._debug('Outbound: Sending GLOBAL_REQUEST (tcpip-forward)');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n cancelTcpipForward(bindAddr, bindPort, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const addrLen = Buffer.byteLength(bindAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 20 + 1 + 4 + addrLen + 4);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 20, ++p);\n packet.utf8Write('cancel-tcpip-forward', p += 4, 20);\n\n packet[p += 20] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, addrLen, ++p);\n packet.utf8Write(bindAddr, p += 4, addrLen);\n\n writeUInt32BE(packet, bindPort, p += addrLen);\n\n this._debug\n && this._debug('Outbound: Sending GLOBAL_REQUEST (cancel-tcpip-forward)');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_streamLocalForward(socketPath, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const socketPathLen = Buffer.byteLength(socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 31 + 1 + 4 + socketPathLen\n );\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 31, ++p);\n packet.utf8Write('streamlocal-forward@openssh.com', p += 4, 31);\n\n packet[p += 31] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, socketPathLen, ++p);\n packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n this._debug && this._debug(\n 'Outbound: Sending GLOBAL_REQUEST (streamlocal-forward@openssh.com)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_cancelStreamLocalForward(socketPath, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const socketPathLen = Buffer.byteLength(socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 38 + 1 + 4 + socketPathLen\n );\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 38, ++p);\n packet.utf8Write('cancel-streamlocal-forward@openssh.com', p += 4, 38);\n\n packet[p += 38] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, socketPathLen, ++p);\n packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending GLOBAL_REQUEST '\n + '(cancel-streamlocal-forward@openssh.com)'\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n directTcpip(chan, initWindow, maxPacket, cfg) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const srcLen = Buffer.byteLength(cfg.srcIP);\n const dstLen = Buffer.byteLength(cfg.dstIP);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 12 + 4 + 4 + 4 + 4 + srcLen + 4 + 4 + dstLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 12, ++p);\n packet.utf8Write('direct-tcpip', p += 4, 12);\n\n writeUInt32BE(packet, chan, p += 12);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, dstLen, p += 4);\n packet.utf8Write(cfg.dstIP, p += 4, dstLen);\n\n writeUInt32BE(packet, cfg.dstPort, p += dstLen);\n\n writeUInt32BE(packet, srcLen, p += 4);\n packet.utf8Write(cfg.srcIP, p += 4, srcLen);\n\n writeUInt32BE(packet, cfg.srcPort, p += srcLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, direct-tcpip)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_directStreamLocal(chan, initWindow, maxPacket, cfg) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n const pathLen = Buffer.byteLength(cfg.socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 30 + 4 + 4 + 4 + 4 + pathLen + 4 + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 30, ++p);\n packet.utf8Write('direct-streamlocal@openssh.com', p += 4, 30);\n\n writeUInt32BE(packet, chan, p += 30);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, pathLen, p += 4);\n packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n // zero-fill reserved fields (string and uint32)\n bufferFill(packet, 0, p += pathLen, p + 8);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending CHANNEL_OPEN '\n + `(r:${chan}, direct-streamlocal@openssh.com)`\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_noMoreSessions(wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 28 + 1);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 28, ++p);\n packet.utf8Write('no-more-sessions@openssh.com', p += 4, 28);\n\n packet[p += 28] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n this._debug && this._debug(\n 'Outbound: Sending GLOBAL_REQUEST (no-more-sessions@openssh.com)'\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n session(chan, initWindow, maxPacket) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 7 + 4 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 7, ++p);\n packet.utf8Write('session', p += 4, 7);\n\n writeUInt32BE(packet, chan, p += 7);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_OPEN (r:${chan}, session)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n windowChange(chan, rows, cols, height, width) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 13 + 1 + 4 + 4 + 4 + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 13, p += 4);\n packet.utf8Write('window-change', p += 4, 13);\n\n packet[p += 13] = 0;\n\n writeUInt32BE(packet, cols, ++p);\n\n writeUInt32BE(packet, rows, p += 4);\n\n writeUInt32BE(packet, width, p += 4);\n\n writeUInt32BE(packet, height, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, window-change)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n pty(chan, rows, cols, height, width, term, modes, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n if (!term || !term.length)\n term = 'vt100';\n if (modes\n && !Buffer.isBuffer(modes)\n && !Array.isArray(modes)\n && typeof modes === 'object'\n && modes !== null) {\n modes = modesToBytes(modes);\n }\n if (!modes || !modes.length)\n modes = NO_TERMINAL_MODES_BUFFER;\n\n const termLen = term.length;\n const modesLen = modes.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 7 + 1 + 4 + termLen + 4 + 4 + 4 + 4 + 4 + modesLen\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 7, p += 4);\n packet.utf8Write('pty-req', p += 4, 7);\n\n packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, termLen, ++p);\n packet.utf8Write(term, p += 4, termLen);\n\n writeUInt32BE(packet, cols, p += termLen);\n\n writeUInt32BE(packet, rows, p += 4);\n\n writeUInt32BE(packet, width, p += 4);\n\n writeUInt32BE(packet, height, p += 4);\n\n writeUInt32BE(packet, modesLen, p += 4);\n p += 4;\n if (Array.isArray(modes)) {\n for (let i = 0; i < modesLen; ++i)\n packet[p++] = modes[i];\n } else if (Buffer.isBuffer(modes)) {\n packet.set(modes, p);\n }\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, pty-req)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n shell(chan, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 5 + 1);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 5, p += 4);\n packet.utf8Write('shell', p += 4, 5);\n\n packet[p += 5] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, shell)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n exec(chan, cmd, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const isBuf = Buffer.isBuffer(cmd);\n const cmdLen = (isBuf ? cmd.length : Buffer.byteLength(cmd));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 1 + 4 + cmdLen);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 4, p += 4);\n packet.utf8Write('exec', p += 4, 4);\n\n packet[p += 4] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, cmdLen, ++p);\n if (isBuf)\n packet.set(cmd, p += 4);\n else\n packet.utf8Write(cmd, p += 4, cmdLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exec: ${cmd})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n signal(chan, signal) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const origSignal = signal;\n\n signal = signal.toUpperCase();\n if (signal.slice(0, 3) === 'SIG')\n signal = signal.slice(3);\n\n if (SIGNALS[signal] !== 1)\n throw new Error(`Invalid signal: ${origSignal}`);\n\n const signalLen = signal.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 6 + 1 + 4 + signalLen\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 6, p += 4);\n packet.utf8Write('signal', p += 4, 6);\n\n packet[p += 6] = 0;\n\n writeUInt32BE(packet, signalLen, ++p);\n packet.utf8Write(signal, p += 4, signalLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, signal: ${signal})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n env(chan, key, val, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const keyLen = Buffer.byteLength(key);\n const isBuf = Buffer.isBuffer(val);\n const valLen = (isBuf ? val.length : Buffer.byteLength(val));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 3 + 1 + 4 + keyLen + 4 + valLen\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 3, p += 4);\n packet.utf8Write('env', p += 4, 3);\n\n packet[p += 3] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, keyLen, ++p);\n packet.utf8Write(key, p += 4, keyLen);\n\n writeUInt32BE(packet, valLen, p += keyLen);\n if (isBuf)\n packet.set(val, p += 4);\n else\n packet.utf8Write(val, p += 4, valLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, env: ${key}=${val})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n x11Forward(chan, cfg, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n const protocol = cfg.protocol;\n const cookie = cfg.cookie;\n const isBufProto = Buffer.isBuffer(protocol);\n const protoLen = (isBufProto\n ? protocol.length\n : Buffer.byteLength(protocol));\n const isBufCookie = Buffer.isBuffer(cookie);\n const cookieLen = (isBufCookie\n ? cookie.length\n : Buffer.byteLength(cookie));\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 7 + 1 + 1 + 4 + protoLen + 4 + cookieLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 7, p += 4);\n packet.utf8Write('x11-req', p += 4, 7);\n\n packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n packet[++p] = (cfg.single ? 1 : 0);\n\n writeUInt32BE(packet, protoLen, ++p);\n if (isBufProto)\n packet.set(protocol, p += 4);\n else\n packet.utf8Write(protocol, p += 4, protoLen);\n\n writeUInt32BE(packet, cookieLen, p += protoLen);\n if (isBufCookie)\n packet.set(cookie, p += 4);\n else\n packet.latin1Write(cookie, p += 4, cookieLen);\n\n writeUInt32BE(packet, (cfg.screen || 0), p += cookieLen);\n\n this._debug\n && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, x11-req)`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n subsystem(chan, name, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n const nameLen = Buffer.byteLength(name);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 9 + 1 + 4 + nameLen);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 9, p += 4);\n packet.utf8Write('subsystem', p += 4, 9);\n\n packet[p += 9] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n writeUInt32BE(packet, nameLen, ++p);\n packet.utf8Write(name, p += 4, nameLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, subsystem: ${name})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_agentForward(chan, wantReply) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n // Does not consume window space\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 26 + 1);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 26, p += 4);\n packet.utf8Write('auth-agent-req@openssh.com', p += 4, 26);\n\n packet[p += 26] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending CHANNEL_REQUEST '\n + `(r:${chan}, auth-agent-req@openssh.com)`\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_hostKeysProve(keys) {\n if (this._server)\n throw new Error('Client-only method called in server mode');\n\n let keysTotal = 0;\n const publicKeys = [];\n for (const key of keys) {\n const publicKey = key.getPublicSSH();\n keysTotal += 4 + publicKey.length;\n publicKeys.push(publicKey);\n }\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 29 + 1 + keysTotal);\n\n packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n writeUInt32BE(packet, 29, ++p);\n packet.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n\n packet[p += 29] = 1; // want reply\n\n ++p;\n for (const buf of publicKeys) {\n writeUInt32BE(packet, buf.length, p);\n bufferCopy(buf, packet, 0, buf.length, p += 4);\n p += buf.length;\n }\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending GLOBAL_REQUEST (hostkeys-prove-00@openssh.com)'\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n\n // ===========================================================================\n // Server-specific ===========================================================\n // ===========================================================================\n\n // Global\n // ------\n serviceAccept(svcName) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const svcNameLen = Buffer.byteLength(svcName);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + svcNameLen);\n\n packet[p] = MESSAGE.SERVICE_ACCEPT;\n\n writeUInt32BE(packet, svcNameLen, ++p);\n packet.utf8Write(svcName, p += 4, svcNameLen);\n\n this._debug && this._debug(`Outbound: Sending SERVICE_ACCEPT (${svcName})`);\n sendPacket(this, this._packetRW.write.finalize(packet));\n\n if (this._server && this._banner && svcName === 'ssh-userauth') {\n const banner = this._banner;\n this._banner = undefined; // Prevent banner from being displayed again\n const bannerLen = Buffer.byteLength(banner);\n p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + bannerLen + 4);\n\n packet[p] = MESSAGE.USERAUTH_BANNER;\n\n writeUInt32BE(packet, bannerLen, ++p);\n packet.utf8Write(banner, p += 4, bannerLen);\n\n writeUInt32BE(packet, 0, p += bannerLen); // Empty language tag\n\n this._debug && this._debug('Outbound: Sending USERAUTH_BANNER');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n }\n // 'ssh-connection' service-specific\n forwardedTcpip(chan, initWindow, maxPacket, cfg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const boundAddrLen = Buffer.byteLength(cfg.boundAddr);\n const remoteAddrLen = Buffer.byteLength(cfg.remoteAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 15 + 4 + 4 + 4 + 4 + boundAddrLen + 4 + 4 + remoteAddrLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 15, ++p);\n packet.utf8Write('forwarded-tcpip', p += 4, 15);\n\n writeUInt32BE(packet, chan, p += 15);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, boundAddrLen, p += 4);\n packet.utf8Write(cfg.boundAddr, p += 4, boundAddrLen);\n\n writeUInt32BE(packet, cfg.boundPort, p += boundAddrLen);\n\n writeUInt32BE(packet, remoteAddrLen, p += 4);\n packet.utf8Write(cfg.remoteAddr, p += 4, remoteAddrLen);\n\n writeUInt32BE(packet, cfg.remotePort, p += remoteAddrLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, forwarded-tcpip)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n x11(chan, initWindow, maxPacket, cfg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const addrLen = Buffer.byteLength(cfg.originAddr);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 3 + 4 + 4 + 4 + 4 + addrLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 3, ++p);\n packet.utf8Write('x11', p += 4, 3);\n\n writeUInt32BE(packet, chan, p += 3);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, addrLen, p += 4);\n packet.utf8Write(cfg.originAddr, p += 4, addrLen);\n\n writeUInt32BE(packet, cfg.originPort, p += addrLen);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, x11)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_authAgent(chan, initWindow, maxPacket) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 22 + 4 + 4 + 4);\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 22, ++p);\n packet.utf8Write('auth-agent@openssh.com', p += 4, 22);\n\n writeUInt32BE(packet, chan, p += 22);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_OPEN (r:${chan}, auth-agent@openssh.com)`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n openssh_forwardedStreamLocal(chan, initWindow, maxPacket, cfg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const pathLen = Buffer.byteLength(cfg.socketPath);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 33 + 4 + 4 + 4 + 4 + pathLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_OPEN;\n\n writeUInt32BE(packet, 33, ++p);\n packet.utf8Write('forwarded-streamlocal@openssh.com', p += 4, 33);\n\n writeUInt32BE(packet, chan, p += 33);\n\n writeUInt32BE(packet, initWindow, p += 4);\n\n writeUInt32BE(packet, maxPacket, p += 4);\n\n writeUInt32BE(packet, pathLen, p += 4);\n packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n writeUInt32BE(packet, 0, p += pathLen);\n\n if (this._debug) {\n this._debug(\n 'Outbound: Sending CHANNEL_OPEN '\n + `(r:${chan}, forwarded-streamlocal@openssh.com)`\n );\n }\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n exitStatus(chan, status) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n // Does not consume window space\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + 4 + 11 + 1 + 4);\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 11, p += 4);\n packet.utf8Write('exit-status', p += 4, 11);\n\n packet[p += 11] = 0;\n\n writeUInt32BE(packet, status, ++p);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-status: ${status})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n exitSignal(chan, name, coreDumped, msg) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n // Does not consume window space\n\n const origSignal = name;\n\n if (typeof origSignal !== 'string' || !origSignal)\n throw new Error(`Invalid signal: ${origSignal}`);\n\n let signal = name.toUpperCase();\n if (signal.slice(0, 3) === 'SIG')\n signal = signal.slice(3);\n\n if (SIGNALS[signal] !== 1)\n throw new Error(`Invalid signal: ${origSignal}`);\n\n const nameLen = Buffer.byteLength(signal);\n const msgLen = (msg ? Buffer.byteLength(msg) : 0);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + 4 + 11 + 1 + 4 + nameLen + 1 + 4 + msgLen + 4\n );\n\n packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n writeUInt32BE(packet, chan, ++p);\n\n writeUInt32BE(packet, 11, p += 4);\n packet.utf8Write('exit-signal', p += 4, 11);\n\n packet[p += 11] = 0;\n\n writeUInt32BE(packet, nameLen, ++p);\n packet.utf8Write(signal, p += 4, nameLen);\n\n packet[p += nameLen] = (coreDumped ? 1 : 0);\n\n writeUInt32BE(packet, msgLen, ++p);\n\n p += 4;\n if (msgLen) {\n packet.utf8Write(msg, p, msgLen);\n p += msgLen;\n }\n\n writeUInt32BE(packet, 0, p);\n\n this._debug && this._debug(\n `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-signal: ${name})`\n );\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n // 'ssh-userauth' service-specific\n authFailure(authMethods, isPartial) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n if (this._authsQueue.length === 0)\n throw new Error('No auth in progress');\n\n let methods;\n\n if (typeof authMethods === 'boolean') {\n isPartial = authMethods;\n authMethods = undefined;\n }\n\n if (authMethods) {\n methods = [];\n for (let i = 0; i < authMethods.length; ++i) {\n if (authMethods[i].toLowerCase() === 'none')\n continue;\n methods.push(authMethods[i]);\n }\n methods = methods.join(',');\n } else {\n methods = '';\n }\n\n const methodsLen = methods.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + methodsLen + 1);\n\n packet[p] = MESSAGE.USERAUTH_FAILURE;\n\n writeUInt32BE(packet, methodsLen, ++p);\n packet.utf8Write(methods, p += 4, methodsLen);\n\n packet[p += methodsLen] = (isPartial === true ? 1 : 0);\n\n this._authsQueue.shift();\n\n this._debug && this._debug('Outbound: Sending USERAUTH_FAILURE');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authSuccess() {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n if (this._authsQueue.length === 0)\n throw new Error('No auth in progress');\n\n const p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1);\n\n packet[p] = MESSAGE.USERAUTH_SUCCESS;\n\n this._authsQueue.shift();\n this._authenticated = true;\n\n this._debug && this._debug('Outbound: Sending USERAUTH_SUCCESS');\n sendPacket(this, this._packetRW.write.finalize(packet));\n\n if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n this._packetRW.read = new ZlibPacketReader();\n if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n this._packetRW.write = new ZlibPacketWriter(this);\n }\n authPKOK(keyAlgo, key) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n if (this._authsQueue.length === 0 || this._authsQueue[0] !== 'publickey')\n throw new Error('\"publickey\" auth not in progress');\n\n // TODO: support parsed key for `key`\n\n const keyAlgoLen = Buffer.byteLength(keyAlgo);\n const keyLen = key.length;\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + keyAlgoLen + 4 + keyLen);\n\n packet[p] = MESSAGE.USERAUTH_PK_OK;\n\n writeUInt32BE(packet, keyAlgoLen, ++p);\n packet.utf8Write(keyAlgo, p += 4, keyAlgoLen);\n\n writeUInt32BE(packet, keyLen, p += keyAlgoLen);\n packet.set(key, p += 4);\n\n this._authsQueue.shift();\n\n this._debug && this._debug('Outbound: Sending USERAUTH_PK_OK');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authPasswdChg(prompt) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n const promptLen = Buffer.byteLength(prompt);\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(1 + 4 + promptLen + 4);\n\n packet[p] = MESSAGE.USERAUTH_PASSWD_CHANGEREQ;\n\n writeUInt32BE(packet, promptLen, ++p);\n packet.utf8Write(prompt, p += 4, promptLen);\n\n writeUInt32BE(packet, 0, p += promptLen); // Empty language tag\n\n this._debug && this._debug('Outbound: Sending USERAUTH_PASSWD_CHANGEREQ');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n authInfoReq(name, instructions, prompts) {\n if (!this._server)\n throw new Error('Server-only method called in client mode');\n\n let promptsLen = 0;\n const nameLen = name ? Buffer.byteLength(name) : 0;\n const instrLen = instructions ? Buffer.byteLength(instructions) : 0;\n\n for (let i = 0; i < prompts.length; ++i)\n promptsLen += 4 + Buffer.byteLength(prompts[i].prompt) + 1;\n\n let p = this._packetRW.write.allocStart;\n const packet = this._packetRW.write.alloc(\n 1 + 4 + nameLen + 4 + instrLen + 4 + 4 + promptsLen\n );\n\n packet[p] = MESSAGE.USERAUTH_INFO_REQUEST;\n\n writeUInt32BE(packet, nameLen, ++p);\n p += 4;\n if (name) {\n packet.utf8Write(name, p, nameLen);\n p += nameLen;\n }\n\n writeUInt32BE(packet, instrLen, p);\n p += 4;\n if (instructions) {\n packet.utf8Write(instructions, p, instrLen);\n p += instrLen;\n }\n\n writeUInt32BE(packet, 0, p);\n\n writeUInt32BE(packet, prompts.length, p += 4);\n p += 4;\n for (let i = 0; i < prompts.length; ++i) {\n const prompt = prompts[i];\n const promptLen = Buffer.byteLength(prompt.prompt);\n\n writeUInt32BE(packet, promptLen, p);\n p += 4;\n if (promptLen) {\n packet.utf8Write(prompt.prompt, p, promptLen);\n p += promptLen;\n }\n packet[p++] = (prompt.echo ? 1 : 0);\n }\n\n this._debug && this._debug('Outbound: Sending USERAUTH_INFO_REQUEST');\n sendPacket(this, this._packetRW.write.finalize(packet));\n }\n}\n\n// SSH-protoversion-softwareversion (SP comments) CR LF\nconst RE_IDENT = /^SSH-(2\\.0|1\\.99)-([^ ]+)(?: (.*))?$/;\n\n// TODO: optimize this by starting n bytes from the end of this._buffer instead\n// of the beginning\nfunction parseHeader(chunk, p, len) {\n let data;\n let chunkOffset;\n if (this._buffer) {\n data = Buffer.allocUnsafe(this._buffer.length + (len - p));\n data.set(this._buffer, 0);\n if (p === 0) {\n data.set(chunk, this._buffer.length);\n } else {\n data.set(new Uint8Array(chunk.buffer,\n chunk.byteOffset + p,\n (len - p)),\n this._buffer.length);\n }\n chunkOffset = this._buffer.length;\n p = 0;\n } else {\n data = chunk;\n chunkOffset = 0;\n }\n const op = p;\n let start = p;\n let end = p;\n let needNL = false;\n let lineLen = 0;\n let lines = 0;\n for (; p < data.length; ++p) {\n const ch = data[p];\n\n if (ch === 13 /* '\\r' */) {\n needNL = true;\n continue;\n }\n\n if (ch === 10 /* '\\n' */) {\n if (end > start\n && end - start > 4\n && data[start] === 83 /* 'S' */\n && data[start + 1] === 83 /* 'S' */\n && data[start + 2] === 72 /* 'H' */\n && data[start + 3] === 45 /* '-' */) {\n\n const full = data.latin1Slice(op, end + 1);\n const identRaw = (start === op ? full : full.slice(start - op));\n const m = RE_IDENT.exec(identRaw);\n if (!m)\n throw new Error('Invalid identification string');\n\n const header = {\n greeting: (start === op ? '' : full.slice(0, start - op)),\n identRaw,\n versions: {\n protocol: m[1],\n software: m[2],\n },\n comments: m[3]\n };\n\n // Needed during handshake\n this._remoteIdentRaw = Buffer.from(identRaw);\n\n this._debug && this._debug(`Remote ident: ${inspect(identRaw)}`);\n this._compatFlags = getCompatFlags(header);\n\n this._buffer = undefined;\n this._decipher =\n new NullDecipher(0, onKEXPayload.bind(this, { firstPacket: true }));\n this._parse = parsePacket;\n\n this._onHeader(header);\n if (!this._destruct) {\n // We disconnected inside _onHeader\n return len;\n }\n\n kexinit(this);\n\n return p + 1 - chunkOffset;\n }\n\n // Only allow pre-ident greetings when we're a client\n if (this._server)\n throw new Error('Greetings from clients not permitted');\n\n if (++lines > MAX_LINES)\n throw new Error('Max greeting lines exceeded');\n\n needNL = false;\n start = p + 1;\n lineLen = 0;\n } else if (needNL) {\n throw new Error('Invalid header: expected newline');\n } else if (++lineLen >= MAX_LINE_LEN) {\n throw new Error('Header line too long');\n }\n\n end = p;\n }\n if (!this._buffer)\n this._buffer = bufferSlice(data, op);\n\n return p - chunkOffset;\n}\n\nfunction parsePacket(chunk, p, len) {\n return this._decipher.decrypt(chunk, p, len);\n}\n\nfunction onPayload(payload) {\n // XXX: move this to the Decipher implementations?\n\n this._onPacket();\n\n if (payload.length === 0) {\n this._debug && this._debug('Inbound: Skipping empty packet payload');\n return;\n }\n\n payload = this._packetRW.read.read(payload);\n\n const type = payload[0];\n if (type === MESSAGE.USERAUTH_SUCCESS\n && !this._server\n && !this._authenticated) {\n this._authenticated = true;\n if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n this._packetRW.write = new ZlibPacketWriter(this);\n if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n this._packetRW.read = new ZlibPacketReader();\n }\n const handler = MESSAGE_HANDLERS[type];\n if (handler === undefined) {\n this._debug && this._debug(`Inbound: Unsupported message type: ${type}`);\n return;\n }\n\n return handler(this, payload);\n}\n\nfunction getCompatFlags(header) {\n const software = header.versions.software;\n\n let flags = 0;\n\n for (const rule of COMPAT_CHECKS) {\n if (typeof rule[0] === 'string') {\n if (software === rule[0])\n flags |= rule[1];\n } else if (rule[0].test(software)) {\n flags |= rule[1];\n }\n }\n\n return flags;\n}\n\nfunction modesToBytes(modes) {\n const keys = Object.keys(modes);\n const bytes = Buffer.allocUnsafe((5 * keys.length) + 1);\n let b = 0;\n\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i];\n if (key === 'TTY_OP_END')\n continue;\n\n const opcode = TERMINAL_MODE[key];\n if (opcode === undefined)\n continue;\n\n const val = modes[key];\n if (typeof val === 'number' && isFinite(val)) {\n bytes[b++] = opcode;\n bytes[b++] = val >>> 24;\n bytes[b++] = val >>> 16;\n bytes[b++] = val >>> 8;\n bytes[b++] = val;\n }\n }\n\n bytes[b++] = TERMINAL_MODE.TTY_OP_END;\n\n if (b < bytes.length)\n return bufferSlice(bytes, 0, b);\n\n return bytes;\n}\n\nfunction sendExtInfo(proto) {\n let serverSigAlgs =\n 'ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521'\n + 'rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss';\n if (eddsaSupported)\n serverSigAlgs = `ssh-ed25519,${serverSigAlgs}`;\n const algsLen = Buffer.byteLength(serverSigAlgs);\n\n let p = proto._packetRW.write.allocStart;\n const packet = proto._packetRW.write.alloc(1 + 4 + 4 + 15 + 4 + algsLen);\n\n packet[p] = MESSAGE.EXT_INFO;\n\n writeUInt32BE(packet, 1, ++p);\n\n writeUInt32BE(packet, 15, p += 4);\n packet.utf8Write('server-sig-algs', p += 4, 15);\n\n writeUInt32BE(packet, algsLen, p += 15);\n packet.utf8Write(serverSigAlgs, p += 4, algsLen);\n\n proto._debug && proto._debug('Outbound: Sending EXT_INFO');\n sendPacket(proto, proto._packetRW.write.finalize(packet));\n}\n\nmodule.exports = Protocol;\n","'use strict';\n\nconst EventEmitter = require('events');\nconst fs = require('fs');\nconst { constants } = fs;\nconst {\n Readable: ReadableStream,\n Writable: WritableStream\n} = require('stream');\nconst { inherits, types: { isDate } } = require('util');\n\nconst FastBuffer = Buffer[Symbol.species];\n\nconst {\n bufferCopy,\n bufferSlice,\n makeBufferParser,\n writeUInt32BE,\n} = require('./utils.js');\n\nconst ATTR = {\n SIZE: 0x00000001,\n UIDGID: 0x00000002,\n PERMISSIONS: 0x00000004,\n ACMODTIME: 0x00000008,\n EXTENDED: 0x80000000,\n};\n\n// Large enough to store all possible attributes\nconst ATTRS_BUF = Buffer.alloc(28);\n\nconst STATUS_CODE = {\n OK: 0,\n EOF: 1,\n NO_SUCH_FILE: 2,\n PERMISSION_DENIED: 3,\n FAILURE: 4,\n BAD_MESSAGE: 5,\n NO_CONNECTION: 6,\n CONNECTION_LOST: 7,\n OP_UNSUPPORTED: 8\n};\n\nconst VALID_STATUS_CODES = new Map(\n Object.values(STATUS_CODE).map((n) => [n, 1])\n);\n\nconst STATUS_CODE_STR = {\n [STATUS_CODE.OK]: 'No error',\n [STATUS_CODE.EOF]: 'End of file',\n [STATUS_CODE.NO_SUCH_FILE]: 'No such file or directory',\n [STATUS_CODE.PERMISSION_DENIED]: 'Permission denied',\n [STATUS_CODE.FAILURE]: 'Failure',\n [STATUS_CODE.BAD_MESSAGE]: 'Bad message',\n [STATUS_CODE.NO_CONNECTION]: 'No connection',\n [STATUS_CODE.CONNECTION_LOST]: 'Connection lost',\n [STATUS_CODE.OP_UNSUPPORTED]: 'Operation unsupported',\n};\n\nconst REQUEST = {\n INIT: 1,\n OPEN: 3,\n CLOSE: 4,\n READ: 5,\n WRITE: 6,\n LSTAT: 7,\n FSTAT: 8,\n SETSTAT: 9,\n FSETSTAT: 10,\n OPENDIR: 11,\n READDIR: 12,\n REMOVE: 13,\n MKDIR: 14,\n RMDIR: 15,\n REALPATH: 16,\n STAT: 17,\n RENAME: 18,\n READLINK: 19,\n SYMLINK: 20,\n EXTENDED: 200\n};\n\nconst RESPONSE = {\n VERSION: 2,\n STATUS: 101,\n HANDLE: 102,\n DATA: 103,\n NAME: 104,\n ATTRS: 105,\n EXTENDED: 201\n};\n\nconst OPEN_MODE = {\n READ: 0x00000001,\n WRITE: 0x00000002,\n APPEND: 0x00000004,\n CREAT: 0x00000008,\n TRUNC: 0x00000010,\n EXCL: 0x00000020\n};\n\nconst PKT_RW_OVERHEAD = 2 * 1024;\nconst MAX_REQID = 2 ** 32 - 1;\nconst CLIENT_VERSION_BUFFER = Buffer.from([\n 0, 0, 0, 5 /* length */,\n REQUEST.INIT,\n 0, 0, 0, 3 /* version */\n]);\nconst SERVER_VERSION_BUFFER = Buffer.from([\n 0, 0, 0, 5 /* length */,\n RESPONSE.VERSION,\n 0, 0, 0, 3 /* version */\n]);\n\nconst RE_OPENSSH = /^SSH-2.0-(?:OpenSSH|dropbear)/;\nconst OPENSSH_MAX_PKT_LEN = 256 * 1024;\n\nconst bufferParser = makeBufferParser();\n\nconst fakeStderr = {\n readable: false,\n writable: false,\n push: (data) => {},\n once: () => {},\n on: () => {},\n emit: () => {},\n end: () => {},\n};\n\nfunction noop() {}\n\n// Emulates enough of `Channel` to be able to be used as a drop-in replacement\n// in order to process incoming data with as little overhead as possible\nclass SFTP extends EventEmitter {\n constructor(client, chanInfo, cfg) {\n super();\n\n if (typeof cfg !== 'object' || !cfg)\n cfg = {};\n\n const remoteIdentRaw = client._protocol._remoteIdentRaw;\n\n this.server = !!cfg.server;\n this._debug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n this._isOpenSSH = (remoteIdentRaw && RE_OPENSSH.test(remoteIdentRaw));\n\n this._version = -1;\n this._extensions = {};\n this._biOpt = cfg.biOpt;\n this._pktLenBytes = 0;\n this._pktLen = 0;\n this._pktPos = 0;\n this._pktType = 0;\n this._pktData = undefined;\n this._writeReqid = -1;\n this._requests = {};\n this._maxInPktLen = OPENSSH_MAX_PKT_LEN;\n this._maxOutPktLen = 34000;\n this._maxReadLen =\n (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n this._maxWriteLen =\n (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n\n this.maxOpenHandles = undefined;\n\n // Channel compatibility\n this._client = client;\n this._protocol = client._protocol;\n this._callbacks = [];\n this._hasX11 = false;\n this._exit = {\n code: undefined,\n signal: undefined,\n dump: undefined,\n desc: undefined,\n };\n this._waitWindow = false; // SSH-level backpressure\n this._chunkcb = undefined;\n this._buffer = [];\n this.type = chanInfo.type;\n this.subtype = undefined;\n this.incoming = chanInfo.incoming;\n this.outgoing = chanInfo.outgoing;\n this.stderr = fakeStderr;\n this.readable = true;\n }\n\n // This handles incoming data to parse\n push(data) {\n if (data === null) {\n cleanupRequests(this);\n if (!this.readable)\n return;\n // No more incoming data from the remote side\n this.readable = false;\n this.emit('end');\n return;\n }\n /*\n uint32 length\n byte type\n byte[length - 1] data payload\n */\n let p = 0;\n\n while (p < data.length) {\n if (this._pktLenBytes < 4) {\n let nb = Math.min(4 - this._pktLenBytes, data.length - p);\n this._pktLenBytes += nb;\n\n while (nb--)\n this._pktLen = (this._pktLen << 8) + data[p++];\n\n if (this._pktLenBytes < 4)\n return;\n if (this._pktLen === 0)\n return doFatalSFTPError(this, 'Invalid packet length');\n if (this._pktLen > this._maxInPktLen) {\n const max = this._maxInPktLen;\n return doFatalSFTPError(\n this,\n `Packet length ${this._pktLen} exceeds max length of ${max}`\n );\n }\n if (p >= data.length)\n return;\n }\n if (this._pktPos < this._pktLen) {\n const nb = Math.min(this._pktLen - this._pktPos, data.length - p);\n if (p !== 0 || nb !== data.length) {\n if (nb === this._pktLen) {\n this._pkt = new FastBuffer(data.buffer, data.byteOffset + p, nb);\n } else {\n if (!this._pkt)\n this._pkt = Buffer.allocUnsafe(this._pktLen);\n this._pkt.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._pktPos\n );\n }\n } else if (nb === this._pktLen) {\n this._pkt = data;\n } else {\n if (!this._pkt)\n this._pkt = Buffer.allocUnsafe(this._pktLen);\n this._pkt.set(data, this._pktPos);\n }\n p += nb;\n this._pktPos += nb;\n if (this._pktPos < this._pktLen)\n return;\n }\n\n const type = this._pkt[0];\n const payload = this._pkt;\n\n // Prepare for next packet\n this._pktLen = 0;\n this._pktLenBytes = 0;\n this._pkt = undefined;\n this._pktPos = 0;\n\n const handler = (this.server\n ? SERVER_HANDLERS[type]\n : CLIENT_HANDLERS[type]);\n if (!handler)\n return doFatalSFTPError(this, `Unknown packet type ${type}`);\n\n if (this._version === -1) {\n if (this.server) {\n if (type !== REQUEST.INIT)\n return doFatalSFTPError(this, `Expected INIT packet, got ${type}`);\n } else if (type !== RESPONSE.VERSION) {\n return doFatalSFTPError(this, `Expected VERSION packet, got ${type}`);\n }\n }\n\n if (handler(this, payload) === false)\n return;\n }\n }\n\n end() {\n this.destroy();\n }\n destroy() {\n if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n this.outgoing.state = 'closing';\n this._protocol.channelClose(this.outgoing.id);\n }\n }\n _init() {\n this._init = noop;\n if (!this.server)\n sendOrBuffer(this, CLIENT_VERSION_BUFFER);\n }\n\n // ===========================================================================\n // Client-specific ===========================================================\n // ===========================================================================\n createReadStream(path, options) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n return new ReadStream(this, path, options);\n }\n createWriteStream(path, options) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n return new WriteStream(this, path, options);\n }\n open(path, flags_, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (typeof attrs === 'function') {\n cb = attrs;\n attrs = undefined;\n }\n\n const flags = (typeof flags_ === 'number' ? flags_ : stringToFlags(flags_));\n if (flags === null)\n throw new Error(`Unknown flags string: ${flags_}`);\n\n let attrsFlags = 0;\n let attrsLen = 0;\n if (typeof attrs === 'string' || typeof attrs === 'number')\n attrs = { mode: attrs };\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n attrsFlags = attrs.flags;\n attrsLen = attrs.nb;\n }\n\n /*\n uint32 id\n string filename\n uint32 pflags\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.OPEN;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n writeUInt32BE(buf, flags, p += pathLen);\n writeUInt32BE(buf, attrsFlags, p += 4);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPEN`\n );\n }\n close(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.CLOSE;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} CLOSE`\n );\n }\n read(handle, buf, off, len, position, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n if (!Buffer.isBuffer(buf))\n throw new Error('buffer is not a Buffer');\n if (off >= buf.length)\n throw new Error('offset is out of bounds');\n if (off + len > buf.length)\n throw new Error('length extends beyond buffer');\n if (position === null)\n throw new Error('null position currently unsupported');\n\n read_(this, handle, buf, off, len, position, cb);\n }\n readData(handle, buf, off, len, position, cb) {\n // Backwards compatibility\n this.read(handle, buf, off, len, position, cb);\n }\n write(handle, buf, off, len, position, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n if (!Buffer.isBuffer(buf))\n throw new Error('buffer is not a Buffer');\n if (off > buf.length)\n throw new Error('offset is out of bounds');\n if (off + len > buf.length)\n throw new Error('length extends beyond buffer');\n if (position === null)\n throw new Error('null position currently unsupported');\n\n if (!len) {\n cb && process.nextTick(cb, undefined, 0);\n return;\n }\n\n const maxDataLen = this._maxWriteLen;\n const overflow = Math.max(len - maxDataLen, 0);\n const origPosition = position;\n\n if (overflow)\n len = maxDataLen;\n\n /*\n uint32 id\n string handle\n uint64 offset\n string data\n */\n const handleLen = handle.length;\n let p = 9;\n const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4 + len);\n\n writeUInt32BE(out, out.length - 4, 0);\n out[4] = REQUEST.WRITE;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(out, reqid, 5);\n\n writeUInt32BE(out, handleLen, p);\n out.set(handle, p += 4);\n p += handleLen;\n for (let i = 7; i >= 0; --i) {\n out[p + i] = position & 0xFF;\n position /= 256;\n }\n writeUInt32BE(out, len, p += 8);\n bufferCopy(buf, out, off, off + len, p += 4);\n\n this._requests[reqid] = {\n cb: (err) => {\n if (err) {\n if (typeof cb === 'function')\n cb(err);\n } else if (overflow) {\n this.write(handle,\n buf,\n off + len,\n overflow,\n origPosition + len,\n cb);\n } else if (typeof cb === 'function') {\n cb(undefined, off + len);\n }\n }\n };\n\n const isSent = sendOrBuffer(this, out);\n if (this._debug) {\n const how = (isSent ? 'Sent' : 'Buffered');\n this._debug(`SFTP: Outbound: ${how} WRITE (id:${reqid})`);\n }\n }\n writeData(handle, buf, off, len, position, cb) {\n // Backwards compatibility\n this.write(handle, buf, off, len, position, cb);\n }\n fastGet(remotePath, localPath, opts, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n fastXfer(this, fs, remotePath, localPath, opts, cb);\n }\n fastPut(localPath, remotePath, opts, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n fastXfer(fs, this, localPath, remotePath, opts, cb);\n }\n readFile(path, options, callback_) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let callback;\n if (typeof callback_ === 'function') {\n callback = callback_;\n } else if (typeof options === 'function') {\n callback = options;\n options = undefined;\n }\n\n if (typeof options === 'string')\n options = { encoding: options, flag: 'r' };\n else if (!options)\n options = { encoding: null, flag: 'r' };\n else if (typeof options !== 'object')\n throw new TypeError('Bad arguments');\n\n const encoding = options.encoding;\n if (encoding && !Buffer.isEncoding(encoding))\n throw new Error(`Unknown encoding: ${encoding}`);\n\n // First stat the file, so we know the size.\n let size;\n let buffer; // Single buffer with file data\n let buffers; // List for when size is unknown\n let pos = 0;\n let handle;\n\n // SFTPv3 does not support using -1 for read position, so we have to track\n // read position manually\n let bytesRead = 0;\n\n const flag = options.flag || 'r';\n\n const read = () => {\n if (size === 0) {\n buffer = Buffer.allocUnsafe(8192);\n this.read(handle, buffer, 0, 8192, bytesRead, afterRead);\n } else {\n this.read(handle, buffer, pos, size - pos, bytesRead, afterRead);\n }\n };\n\n const afterRead = (er, nbytes) => {\n let eof;\n if (er) {\n eof = (er.code === STATUS_CODE.EOF);\n if (!eof) {\n return this.close(handle, () => {\n return callback && callback(er);\n });\n }\n } else {\n eof = false;\n }\n\n if (eof || (size === 0 && nbytes === 0))\n return close();\n\n bytesRead += nbytes;\n pos += nbytes;\n if (size !== 0) {\n if (pos === size)\n close();\n else\n read();\n } else {\n // Unknown size, just read until we don't get bytes.\n buffers.push(bufferSlice(buffer, 0, nbytes));\n read();\n }\n };\n afterRead._wantEOFError = true;\n\n const close = () => {\n this.close(handle, (er) => {\n if (size === 0) {\n // Collect the data into the buffers list.\n buffer = Buffer.concat(buffers, pos);\n } else if (pos < size) {\n buffer = bufferSlice(buffer, 0, pos);\n }\n\n if (encoding)\n buffer = buffer.toString(encoding);\n return callback && callback(er, buffer);\n });\n };\n\n this.open(path, flag, 0o666, (er, handle_) => {\n if (er)\n return callback && callback(er);\n handle = handle_;\n\n const tryStat = (er, st) => {\n if (er) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n this.stat(path, (er_, st_) => {\n if (er_) {\n return this.close(handle, () => {\n callback && callback(er);\n });\n }\n tryStat(null, st_);\n });\n return;\n }\n\n size = st.size || 0;\n if (size === 0) {\n // The kernel lies about many files.\n // Go ahead and try to read some bytes.\n buffers = [];\n return read();\n }\n\n buffer = Buffer.allocUnsafe(size);\n read();\n };\n this.fstat(handle, tryStat);\n });\n }\n writeFile(path, data, options, callback_) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let callback;\n if (typeof callback_ === 'function') {\n callback = callback_;\n } else if (typeof options === 'function') {\n callback = options;\n options = undefined;\n }\n\n if (typeof options === 'string')\n options = { encoding: options, mode: 0o666, flag: 'w' };\n else if (!options)\n options = { encoding: 'utf8', mode: 0o666, flag: 'w' };\n else if (typeof options !== 'object')\n throw new TypeError('Bad arguments');\n\n if (options.encoding && !Buffer.isEncoding(options.encoding))\n throw new Error(`Unknown encoding: ${options.encoding}`);\n\n const flag = options.flag || 'w';\n this.open(path, flag, options.mode, (openErr, handle) => {\n if (openErr) {\n callback && callback(openErr);\n } else {\n const buffer = (Buffer.isBuffer(data)\n ? data\n : Buffer.from('' + data, options.encoding || 'utf8'));\n const position = (/a/.test(flag) ? null : 0);\n\n // SFTPv3 does not support the notion of 'current position'\n // (null position), so we just attempt to append to the end of the file\n // instead\n if (position === null) {\n const tryStat = (er, st) => {\n if (er) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n this.stat(path, (er_, st_) => {\n if (er_) {\n return this.close(handle, () => {\n callback && callback(er);\n });\n }\n tryStat(null, st_);\n });\n return;\n }\n writeAll(this, handle, buffer, 0, buffer.length, st.size, callback);\n };\n this.fstat(handle, tryStat);\n return;\n }\n writeAll(this, handle, buffer, 0, buffer.length, position, callback);\n }\n });\n }\n appendFile(path, data, options, callback_) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let callback;\n if (typeof callback_ === 'function') {\n callback = callback_;\n } else if (typeof options === 'function') {\n callback = options;\n options = undefined;\n }\n\n if (typeof options === 'string')\n options = { encoding: options, mode: 0o666, flag: 'a' };\n else if (!options)\n options = { encoding: 'utf8', mode: 0o666, flag: 'a' };\n else if (typeof options !== 'object')\n throw new TypeError('Bad arguments');\n\n if (!options.flag)\n options = Object.assign({ flag: 'a' }, options);\n this.writeFile(path, data, options, callback);\n }\n exists(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n this.stat(path, (err) => {\n cb && cb(err ? false : true);\n });\n }\n unlink(filename, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string filename\n */\n const fnameLen = Buffer.byteLength(filename);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + fnameLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.REMOVE;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, fnameLen, p);\n buf.utf8Write(filename, p += 4, fnameLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REMOVE`\n );\n }\n rename(oldPath, newPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string oldpath\n string newpath\n */\n const oldLen = Buffer.byteLength(oldPath);\n const newLen = Buffer.byteLength(newPath);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + oldLen + 4 + newLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.RENAME;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, oldLen, p);\n buf.utf8Write(oldPath, p += 4, oldLen);\n writeUInt32BE(buf, newLen, p += oldLen);\n buf.utf8Write(newPath, p += 4, newLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RENAME`\n );\n }\n mkdir(path, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'function') {\n cb = attrs;\n attrs = undefined;\n }\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n }\n\n /*\n uint32 id\n string path\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.MKDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n writeUInt32BE(buf, flags, p += pathLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} MKDIR`\n );\n }\n rmdir(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.RMDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RMDIR`\n );\n }\n readdir(where, opts, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n if (typeof opts !== 'object' || opts === null)\n opts = {};\n\n const doFilter = (opts && opts.full ? false : true);\n\n if (!Buffer.isBuffer(where) && typeof where !== 'string')\n throw new Error('missing directory handle or path');\n\n if (typeof where === 'string') {\n const entries = [];\n let e = 0;\n\n const reread = (err, handle) => {\n if (err)\n return cb(err);\n\n this.readdir(handle, opts, (err, list) => {\n const eof = (err && err.code === STATUS_CODE.EOF);\n\n if (err && !eof)\n return this.close(handle, () => cb(err));\n\n if (eof) {\n return this.close(handle, (err) => {\n if (err)\n return cb(err);\n cb(undefined, entries);\n });\n }\n\n for (let i = 0; i < list.length; ++i, ++e)\n entries[e] = list[i];\n\n reread(undefined, handle);\n });\n };\n return this.opendir(where, reread);\n }\n\n /*\n uint32 id\n string handle\n */\n const handleLen = where.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.READDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(where, p += 4);\n\n this._requests[reqid] = {\n cb: (doFilter\n ? (err, list) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n\n for (let i = list.length - 1; i >= 0; --i) {\n if (list[i].filename === '.' || list[i].filename === '..')\n list.splice(i, 1);\n }\n\n cb(undefined, list);\n }\n : cb)\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READDIR`\n );\n }\n fstat(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.FSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSTAT`\n );\n }\n stat(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.STAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STAT`\n );\n }\n lstat(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.LSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} LSTAT`\n );\n }\n opendir(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.OPENDIR;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPENDIR`\n );\n }\n setstat(path, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n } else if (typeof attrs === 'function') {\n cb = attrs;\n }\n\n /*\n uint32 id\n string path\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.SETSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n writeUInt32BE(buf, flags, p += pathLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SETSTAT`\n );\n }\n fsetstat(handle, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n } else if (typeof attrs === 'function') {\n cb = attrs;\n }\n\n /*\n uint32 id\n string handle\n ATTRS attrs\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.FSETSTAT;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n buf.set(handle, p += 4);\n writeUInt32BE(buf, flags, p += handleLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSETSTAT`\n );\n }\n futimes(handle, atime, mtime, cb) {\n return this.fsetstat(handle, {\n atime: toUnixTimestamp(atime),\n mtime: toUnixTimestamp(mtime)\n }, cb);\n }\n utimes(path, atime, mtime, cb) {\n return this.setstat(path, {\n atime: toUnixTimestamp(atime),\n mtime: toUnixTimestamp(mtime)\n }, cb);\n }\n fchown(handle, uid, gid, cb) {\n return this.fsetstat(handle, {\n uid: uid,\n gid: gid\n }, cb);\n }\n chown(path, uid, gid, cb) {\n return this.setstat(path, {\n uid: uid,\n gid: gid\n }, cb);\n }\n fchmod(handle, mode, cb) {\n return this.fsetstat(handle, {\n mode: mode\n }, cb);\n }\n chmod(path, mode, cb) {\n return this.setstat(path, {\n mode: mode\n }, cb);\n }\n readlink(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.READLINK;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = {\n cb: (err, names) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n if (!names || !names.length)\n return cb(new Error('Response missing link info'));\n cb(undefined, names[0].filename);\n }\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READLINK`\n );\n }\n symlink(targetPath, linkPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string linkpath\n string targetpath\n */\n const linkLen = Buffer.byteLength(linkPath);\n const targetLen = Buffer.byteLength(targetPath);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + linkLen + 4 + targetLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.SYMLINK;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n if (this._isOpenSSH) {\n // OpenSSH has linkpath and targetpath positions switched\n writeUInt32BE(buf, targetLen, p);\n buf.utf8Write(targetPath, p += 4, targetLen);\n writeUInt32BE(buf, linkLen, p += targetLen);\n buf.utf8Write(linkPath, p += 4, linkLen);\n } else {\n writeUInt32BE(buf, linkLen, p);\n buf.utf8Write(linkPath, p += 4, linkLen);\n writeUInt32BE(buf, targetLen, p += linkLen);\n buf.utf8Write(targetPath, p += 4, targetLen);\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SYMLINK`\n );\n }\n realpath(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n /*\n uint32 id\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.REALPATH;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, pathLen, p);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = {\n cb: (err, names) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n if (!names || !names.length)\n return cb(new Error('Response missing path info'));\n cb(undefined, names[0].filename);\n }\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REALPATH`\n );\n }\n // extended requests\n ext_openssh_rename(oldPath, newPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['posix-rename@openssh.com'];\n if (!ext || ext !== '1')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"posix-rename@openssh.com\"\n string oldpath\n string newpath\n */\n const oldLen = Buffer.byteLength(oldPath);\n const newLen = Buffer.byteLength(newPath);\n let p = 9;\n const buf =\n Buffer.allocUnsafe(4 + 1 + 4 + 4 + 24 + 4 + oldLen + 4 + newLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 24, p);\n buf.utf8Write('posix-rename@openssh.com', p += 4, 24);\n writeUInt32BE(buf, oldLen, p += 24);\n buf.utf8Write(oldPath, p += 4, oldLen);\n writeUInt32BE(buf, newLen, p += oldLen);\n buf.utf8Write(newPath, p += 4, newLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} posix-rename@openssh.com`);\n }\n }\n ext_openssh_statvfs(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['statvfs@openssh.com'];\n if (!ext || ext !== '2')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"statvfs@openssh.com\"\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 19 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 19, p);\n buf.utf8Write('statvfs@openssh.com', p += 4, 19);\n writeUInt32BE(buf, pathLen, p += 19);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = { extended: 'statvfs@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} statvfs@openssh.com`);\n }\n }\n ext_openssh_fstatvfs(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['fstatvfs@openssh.com'];\n if (!ext || ext !== '2')\n throw new Error('Server does not support this extended request');\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string \"fstatvfs@openssh.com\"\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 20, p);\n buf.utf8Write('fstatvfs@openssh.com', p += 4, 20);\n writeUInt32BE(buf, handleLen, p += 20);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { extended: 'fstatvfs@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} fstatvfs@openssh.com`);\n }\n }\n ext_openssh_hardlink(oldPath, newPath, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['hardlink@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"hardlink@openssh.com\"\n string oldpath\n string newpath\n */\n const oldLen = Buffer.byteLength(oldPath);\n const newLen = Buffer.byteLength(newPath);\n let p = 9;\n const buf =\n Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + oldLen + 4 + newLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 20, p);\n buf.utf8Write('hardlink@openssh.com', p += 4, 20);\n writeUInt32BE(buf, oldLen, p += 20);\n buf.utf8Write(oldPath, p += 4, oldLen);\n writeUInt32BE(buf, newLen, p += oldLen);\n buf.utf8Write(newPath, p += 4, newLen);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${which} hardlink@openssh.com`);\n }\n }\n ext_openssh_fsync(handle, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['fsync@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n /*\n uint32 id\n string \"fsync@openssh.com\"\n string handle\n */\n const handleLen = handle.length;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 17 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 17, p);\n buf.utf8Write('fsync@openssh.com', p += 4, 17);\n writeUInt32BE(buf, handleLen, p += 17);\n buf.set(handle, p += 4);\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} fsync@openssh.com`\n );\n }\n ext_openssh_lsetstat(path, attrs, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['lsetstat@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n let flags = 0;\n let attrsLen = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n attrs = attrsToBytes(attrs);\n flags = attrs.flags;\n attrsLen = attrs.nb;\n } else if (typeof attrs === 'function') {\n cb = attrs;\n }\n\n /*\n uint32 id\n string \"lsetstat@openssh.com\"\n string path\n ATTRS attrs\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf =\n Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + pathLen + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 20, p);\n buf.utf8Write('lsetstat@openssh.com', p += 4, 20);\n\n writeUInt32BE(buf, pathLen, p += 20);\n buf.utf8Write(path, p += 4, pathLen);\n\n writeUInt32BE(buf, flags, p += pathLen);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} lsetstat@openssh.com`);\n }\n }\n ext_openssh_expandPath(path, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['expand-path@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n /*\n uint32 id\n string \"expand-path@openssh.com\"\n string path\n */\n const pathLen = Buffer.byteLength(path);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 23 + 4 + pathLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 23, p);\n buf.utf8Write('expand-path@openssh.com', p += 4, 23);\n\n writeUInt32BE(buf, pathLen, p += 20);\n buf.utf8Write(path, p += 4, pathLen);\n\n this._requests[reqid] = {\n cb: (err, names) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n if (!names || !names.length)\n return cb(new Error('Response missing expanded path'));\n cb(undefined, names[0].filename);\n }\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} expand-path@openssh.com`);\n }\n }\n ext_copy_data(srcHandle, srcOffset, len, dstHandle, dstOffset, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['copy-data'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n if (!Buffer.isBuffer(srcHandle))\n throw new Error('Source handle is not a Buffer');\n\n if (!Buffer.isBuffer(dstHandle))\n throw new Error('Destination handle is not a Buffer');\n\n /*\n uint32 id\n string \"copy-data\"\n string read-from-handle\n uint64 read-from-offset\n uint64 read-data-length\n string write-to-handle\n uint64 write-to-offset\n */\n let p = 0;\n const buf = Buffer.allocUnsafe(\n 4 + 1\n + 4\n + 4 + 9\n + 4 + srcHandle.length\n + 8\n + 8\n + 4 + dstHandle.length\n + 8\n );\n\n writeUInt32BE(buf, buf.length - 4, p);\n p += 4;\n\n buf[p] = REQUEST.EXTENDED;\n ++p;\n\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, p);\n p += 4;\n\n writeUInt32BE(buf, 9, p);\n p += 4;\n buf.utf8Write('copy-data', p, 9);\n p += 9;\n\n writeUInt32BE(buf, srcHandle.length, p);\n p += 4;\n buf.set(srcHandle, p);\n p += srcHandle.length;\n\n for (let i = 7; i >= 0; --i) {\n buf[p + i] = srcOffset & 0xFF;\n srcOffset /= 256;\n }\n p += 8;\n\n for (let i = 7; i >= 0; --i) {\n buf[p + i] = len & 0xFF;\n len /= 256;\n }\n p += 8;\n\n writeUInt32BE(buf, dstHandle.length, p);\n p += 4;\n buf.set(dstHandle, p);\n p += dstHandle.length;\n\n for (let i = 7; i >= 0; --i) {\n buf[p + i] = dstOffset & 0xFF;\n dstOffset /= 256;\n }\n\n this._requests[reqid] = { cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} copy-data`);\n }\n }\n ext_home_dir(username, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['home-directory'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n if (typeof username !== 'string')\n throw new TypeError('username is not a string');\n\n /*\n uint32 id\n string \"home-directory\"\n string username\n */\n let p = 0;\n const usernameLen = Buffer.byteLength(username);\n const buf = Buffer.allocUnsafe(\n 4 + 1\n + 4\n + 4 + 14\n + 4 + usernameLen\n );\n\n writeUInt32BE(buf, buf.length - 4, p);\n p += 4;\n\n buf[p] = REQUEST.EXTENDED;\n ++p;\n\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, p);\n p += 4;\n\n writeUInt32BE(buf, 14, p);\n p += 4;\n buf.utf8Write('home-directory', p, 14);\n p += 14;\n\n writeUInt32BE(buf, usernameLen, p);\n p += 4;\n buf.utf8Write(username, p, usernameLen);\n p += usernameLen;\n\n this._requests[reqid] = {\n cb: (err, names) => {\n if (typeof cb !== 'function')\n return;\n if (err)\n return cb(err);\n if (!names || !names.length)\n return cb(new Error('Response missing home directory'));\n cb(undefined, names[0].filename);\n }\n };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} home-directory`);\n }\n }\n ext_users_groups(uids, gids, cb) {\n if (this.server)\n throw new Error('Client-only method called in server mode');\n\n const ext = this._extensions['users-groups-by-id@openssh.com'];\n if (ext !== '1')\n throw new Error('Server does not support this extended request');\n\n if (!Array.isArray(uids))\n throw new TypeError('uids is not an array');\n for (const val of uids) {\n if (!Number.isInteger(val) || val < 0 || val > (2 ** 32 - 1))\n throw new Error('uid values must all be 32-bit unsigned integers');\n }\n if (!Array.isArray(gids))\n throw new TypeError('gids is not an array');\n for (const val of gids) {\n if (!Number.isInteger(val) || val < 0 || val > (2 ** 32 - 1))\n throw new Error('gid values must all be 32-bit unsigned integers');\n }\n\n /*\n uint32 id\n string \"users-groups-by-id@openssh.com\"\n string uids\n uint32 uid1\n ...\n string gids\n uint32 gid1\n ...\n */\n let p = 0;\n const buf = Buffer.allocUnsafe(\n 4 + 1\n + 4\n + 4 + 30\n + 4 + (4 * uids.length)\n + 4 + (4 * gids.length)\n );\n\n writeUInt32BE(buf, buf.length - 4, p);\n p += 4;\n\n buf[p] = REQUEST.EXTENDED;\n ++p;\n\n const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, p);\n p += 4;\n\n writeUInt32BE(buf, 30, p);\n p += 4;\n buf.utf8Write('users-groups-by-id@openssh.com', p, 30);\n p += 30;\n\n writeUInt32BE(buf, 4 * uids.length, p);\n p += 4;\n for (const val of uids) {\n writeUInt32BE(buf, val, p);\n p += 4;\n }\n\n writeUInt32BE(buf, 4 * gids.length, p);\n p += 4;\n for (const val of gids) {\n writeUInt32BE(buf, val, p);\n p += 4;\n }\n\n this._requests[reqid] = { extended: 'users-groups-by-id@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(this, buf);\n if (this._debug) {\n const status = (isBuffered ? 'Buffered' : 'Sending');\n this._debug(`SFTP: Outbound: ${status} users-groups-by-id@openssh.com`);\n }\n }\n // ===========================================================================\n // Server-specific ===========================================================\n // ===========================================================================\n handle(reqid, handle) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (!Buffer.isBuffer(handle))\n throw new Error('handle is not a Buffer');\n\n const handleLen = handle.length;\n\n if (handleLen > 256)\n throw new Error('handle too large (> 256 bytes)');\n\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.HANDLE;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, handleLen, p);\n if (handleLen)\n buf.set(handle, p += 4);\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} HANDLE`\n );\n }\n status(reqid, code, message) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (!VALID_STATUS_CODES.has(code))\n throw new Error(`Bad status code: ${code}`);\n\n message || (message = '');\n\n const msgLen = Buffer.byteLength(message);\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 4 + msgLen + 4);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.STATUS;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, code, p);\n\n writeUInt32BE(buf, msgLen, p += 4);\n p += 4;\n if (msgLen) {\n buf.utf8Write(message, p, msgLen);\n p += msgLen;\n }\n\n writeUInt32BE(buf, 0, p); // Empty language tag\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STATUS`\n );\n }\n data(reqid, data, encoding) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n const isBuffer = Buffer.isBuffer(data);\n\n if (!isBuffer && typeof data !== 'string')\n throw new Error('data is not a Buffer or string');\n\n let isUTF8;\n if (!isBuffer && !encoding) {\n encoding = undefined;\n isUTF8 = true;\n }\n\n const dataLen = (\n isBuffer\n ? data.length\n : Buffer.byteLength(data, encoding)\n );\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + dataLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.DATA;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, dataLen, p);\n if (dataLen) {\n if (isBuffer)\n buf.set(data, p += 4);\n else if (isUTF8)\n buf.utf8Write(data, p += 4, dataLen);\n else\n buf.write(data, p += 4, dataLen, encoding);\n }\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} DATA`\n );\n }\n name(reqid, names) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (!Array.isArray(names)) {\n if (typeof names !== 'object' || names === null)\n throw new Error('names is not an object or array');\n names = [ names ];\n }\n\n const count = names.length;\n let namesLen = 0;\n let nameAttrs;\n const attrs = [];\n\n for (let i = 0; i < count; ++i) {\n const name = names[i];\n const filename = (\n !name || !name.filename || typeof name.filename !== 'string'\n ? ''\n : name.filename\n );\n namesLen += 4 + Buffer.byteLength(filename);\n const longname = (\n !name || !name.longname || typeof name.longname !== 'string'\n ? ''\n : name.longname\n );\n namesLen += 4 + Buffer.byteLength(longname);\n\n if (typeof name.attrs === 'object' && name.attrs !== null) {\n nameAttrs = attrsToBytes(name.attrs);\n namesLen += 4 + nameAttrs.nb;\n\n if (nameAttrs.nb) {\n let bytes;\n\n if (nameAttrs.nb === ATTRS_BUF.length) {\n bytes = new Uint8Array(ATTRS_BUF);\n } else {\n bytes = new Uint8Array(nameAttrs.nb);\n bufferCopy(ATTRS_BUF, bytes, 0, nameAttrs.nb, 0);\n }\n\n nameAttrs.bytes = bytes;\n }\n\n attrs.push(nameAttrs);\n } else {\n namesLen += 4;\n attrs.push(null);\n }\n }\n\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + namesLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.NAME;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, count, p);\n\n p += 4;\n\n for (let i = 0; i < count; ++i) {\n const name = names[i];\n\n {\n const filename = (\n !name || !name.filename || typeof name.filename !== 'string'\n ? ''\n : name.filename\n );\n const len = Buffer.byteLength(filename);\n writeUInt32BE(buf, len, p);\n p += 4;\n if (len) {\n buf.utf8Write(filename, p, len);\n p += len;\n }\n }\n\n {\n const longname = (\n !name || !name.longname || typeof name.longname !== 'string'\n ? ''\n : name.longname\n );\n const len = Buffer.byteLength(longname);\n writeUInt32BE(buf, len, p);\n p += 4;\n if (len) {\n buf.utf8Write(longname, p, len);\n p += len;\n }\n }\n\n const attr = attrs[i];\n if (attr) {\n writeUInt32BE(buf, attr.flags, p);\n p += 4;\n if (attr.flags && attr.bytes) {\n buf.set(attr.bytes, p);\n p += attr.nb;\n }\n } else {\n writeUInt32BE(buf, 0, p);\n p += 4;\n }\n }\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} NAME`\n );\n }\n attrs(reqid, attrs) {\n if (!this.server)\n throw new Error('Server-only method called in client mode');\n\n if (typeof attrs !== 'object' || attrs === null)\n throw new Error('attrs is not an object');\n\n attrs = attrsToBytes(attrs);\n const flags = attrs.flags;\n const attrsLen = attrs.nb;\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + attrsLen);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = RESPONSE.ATTRS;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, flags, p);\n if (attrsLen) {\n p += 4;\n\n if (attrsLen === ATTRS_BUF.length)\n buf.set(ATTRS_BUF, p);\n else\n bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n p += attrsLen;\n }\n\n const isBuffered = sendOrBuffer(this, buf);\n this._debug && this._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} ATTRS`\n );\n }\n}\n\nfunction tryCreateBuffer(size) {\n try {\n return Buffer.allocUnsafe(size);\n } catch (ex) {\n return ex;\n }\n}\n\nfunction read_(self, handle, buf, off, len, position, cb, req_) {\n const maxDataLen = self._maxReadLen;\n const overflow = Math.max(len - maxDataLen, 0);\n\n if (overflow)\n len = maxDataLen;\n\n /*\n uint32 id\n string handle\n uint64 offset\n uint32 len\n */\n const handleLen = handle.length;\n let p = 9;\n let pos = position;\n const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4);\n\n writeUInt32BE(out, out.length - 4, 0);\n out[4] = REQUEST.READ;\n const reqid = self._writeReqid = (self._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(out, reqid, 5);\n\n writeUInt32BE(out, handleLen, p);\n out.set(handle, p += 4);\n p += handleLen;\n for (let i = 7; i >= 0; --i) {\n out[p + i] = pos & 0xFF;\n pos /= 256;\n }\n writeUInt32BE(out, len, p += 8);\n\n if (typeof cb !== 'function')\n cb = noop;\n\n const req = (req_ || {\n nb: 0,\n position,\n off,\n origOff: off,\n len: undefined,\n overflow: undefined,\n cb: (err, data, nb) => {\n const len = req.len;\n const overflow = req.overflow;\n\n if (err) {\n if (cb._wantEOFError || err.code !== STATUS_CODE.EOF)\n return cb(err);\n } else if (nb > len) {\n return cb(new Error('Received more data than requested'));\n } else if (nb === len && overflow) {\n req.nb += nb;\n req.position += nb;\n req.off += nb;\n read_(self, handle, buf, req.off, overflow, req.position, cb, req);\n return;\n }\n\n nb = (nb || 0);\n if (req.origOff === 0 && buf.length === req.nb)\n data = buf;\n else\n data = bufferSlice(buf, req.origOff, req.origOff + req.nb + nb);\n cb(undefined, req.nb + nb, data, req.position);\n },\n buffer: undefined,\n });\n\n req.len = len;\n req.overflow = overflow;\n\n // TODO: avoid creating multiple buffer slices when we need to re-call read_()\n // because of overflow\n req.buffer = bufferSlice(buf, off, off + len);\n\n self._requests[reqid] = req;\n\n const isBuffered = sendOrBuffer(self, out);\n self._debug && self._debug(\n `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READ`\n );\n}\n\nfunction fastXfer(src, dst, srcPath, dstPath, opts, cb) {\n let concurrency = 64;\n let chunkSize = 32768;\n let onstep;\n let mode;\n let fileSize;\n\n if (typeof opts === 'function') {\n cb = opts;\n } else if (typeof opts === 'object' && opts !== null) {\n if (typeof opts.concurrency === 'number'\n && opts.concurrency > 0\n && !isNaN(opts.concurrency)) {\n concurrency = opts.concurrency;\n }\n if (typeof opts.chunkSize === 'number'\n && opts.chunkSize > 0\n && !isNaN(opts.chunkSize)) {\n chunkSize = opts.chunkSize;\n }\n if (typeof opts.fileSize === 'number'\n && opts.fileSize > 0\n && !isNaN(opts.fileSize)) {\n fileSize = opts.fileSize;\n }\n if (typeof opts.step === 'function')\n onstep = opts.step;\n\n if (typeof opts.mode === 'string' || typeof opts.mode === 'number')\n mode = modeNum(opts.mode);\n }\n\n // Internal state variables\n let fsize;\n let pdst = 0;\n let total = 0;\n let hadError = false;\n let srcHandle;\n let dstHandle;\n let readbuf;\n let bufsize = chunkSize * concurrency;\n\n function onerror(err) {\n if (hadError)\n return;\n\n hadError = true;\n\n let left = 0;\n let cbfinal;\n\n if (srcHandle || dstHandle) {\n cbfinal = () => {\n if (--left === 0)\n cb(err);\n };\n if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n ++left;\n if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n ++left;\n if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n src.close(srcHandle, cbfinal);\n if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n dst.close(dstHandle, cbfinal);\n } else {\n cb(err);\n }\n }\n\n src.open(srcPath, 'r', (err, sourceHandle) => {\n if (err)\n return onerror(err);\n\n srcHandle = sourceHandle;\n\n if (fileSize === undefined)\n src.fstat(srcHandle, tryStat);\n else\n tryStat(null, { size: fileSize });\n\n function tryStat(err, attrs) {\n if (err) {\n if (src !== fs) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n src.stat(srcPath, (err_, attrs_) => {\n if (err_)\n return onerror(err);\n tryStat(null, attrs_);\n });\n return;\n }\n return onerror(err);\n }\n fsize = attrs.size;\n\n dst.open(dstPath, 'w', (err, destHandle) => {\n if (err)\n return onerror(err);\n\n dstHandle = destHandle;\n\n if (fsize <= 0)\n return onerror();\n\n // Use less memory where possible\n while (bufsize > fsize) {\n if (concurrency === 1) {\n bufsize = fsize;\n break;\n }\n bufsize -= chunkSize;\n --concurrency;\n }\n\n readbuf = tryCreateBuffer(bufsize);\n if (readbuf instanceof Error)\n return onerror(readbuf);\n\n if (mode !== undefined) {\n dst.fchmod(dstHandle, mode, function tryAgain(err) {\n if (err) {\n // Try chmod() for sftp servers that may not support fchmod()\n // for whatever reason\n dst.chmod(dstPath, mode, (err_) => tryAgain());\n return;\n }\n startReads();\n });\n } else {\n startReads();\n }\n\n function onread(err, nb, data, dstpos, datapos, origChunkLen) {\n if (err)\n return onerror(err);\n\n datapos = datapos || 0;\n\n dst.write(dstHandle, readbuf, datapos, nb, dstpos, writeCb);\n\n function writeCb(err) {\n if (err)\n return onerror(err);\n\n total += nb;\n onstep && onstep(total, nb, fsize);\n\n if (nb < origChunkLen)\n return singleRead(datapos, dstpos + nb, origChunkLen - nb);\n\n if (total === fsize) {\n dst.close(dstHandle, (err) => {\n dstHandle = undefined;\n if (err)\n return onerror(err);\n src.close(srcHandle, (err) => {\n srcHandle = undefined;\n if (err)\n return onerror(err);\n cb();\n });\n });\n return;\n }\n\n if (pdst >= fsize)\n return;\n\n const chunk =\n (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n singleRead(datapos, pdst, chunk);\n pdst += chunk;\n }\n }\n\n function makeCb(psrc, pdst, chunk) {\n return (err, nb, data) => {\n onread(err, nb, data, pdst, psrc, chunk);\n };\n }\n\n function singleRead(psrc, pdst, chunk) {\n src.read(srcHandle,\n readbuf,\n psrc,\n chunk,\n pdst,\n makeCb(psrc, pdst, chunk));\n }\n\n function startReads() {\n let reads = 0;\n let psrc = 0;\n while (pdst < fsize && reads < concurrency) {\n const chunk =\n (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n singleRead(psrc, pdst, chunk);\n psrc += chunk;\n pdst += chunk;\n ++reads;\n }\n }\n });\n }\n });\n}\n\nfunction writeAll(sftp, handle, buffer, offset, length, position, callback_) {\n const callback = (typeof callback_ === 'function' ? callback_ : undefined);\n\n sftp.write(handle,\n buffer,\n offset,\n length,\n position,\n (writeErr, written) => {\n if (writeErr) {\n return sftp.close(handle, () => {\n callback && callback(writeErr);\n });\n }\n if (written === length) {\n sftp.close(handle, callback);\n } else {\n offset += written;\n length -= written;\n position += written;\n writeAll(sftp, handle, buffer, offset, length, position, callback);\n }\n });\n}\n\nclass Stats {\n constructor(initial) {\n this.mode = (initial && initial.mode);\n this.uid = (initial && initial.uid);\n this.gid = (initial && initial.gid);\n this.size = (initial && initial.size);\n this.atime = (initial && initial.atime);\n this.mtime = (initial && initial.mtime);\n this.extended = (initial && initial.extended);\n }\n isDirectory() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFDIR);\n }\n isFile() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFREG);\n }\n isBlockDevice() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFBLK);\n }\n isCharacterDevice() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFCHR);\n }\n isSymbolicLink() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFLNK);\n }\n isFIFO() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFIFO);\n }\n isSocket() {\n return ((this.mode & constants.S_IFMT) === constants.S_IFSOCK);\n }\n}\n\nfunction attrsToBytes(attrs) {\n let flags = 0;\n let nb = 0;\n\n if (typeof attrs === 'object' && attrs !== null) {\n if (typeof attrs.size === 'number') {\n flags |= ATTR.SIZE;\n const val = attrs.size;\n // Big Endian\n ATTRS_BUF[nb++] = val / 72057594037927940; // 2**56\n ATTRS_BUF[nb++] = val / 281474976710656; // 2**48\n ATTRS_BUF[nb++] = val / 1099511627776; // 2**40\n ATTRS_BUF[nb++] = val / 4294967296; // 2**32\n ATTRS_BUF[nb++] = val / 16777216; // 2**24\n ATTRS_BUF[nb++] = val / 65536; // 2**16\n ATTRS_BUF[nb++] = val / 256; // 2**8\n ATTRS_BUF[nb++] = val;\n }\n if (typeof attrs.uid === 'number' && typeof attrs.gid === 'number') {\n flags |= ATTR.UIDGID;\n const uid = attrs.uid;\n const gid = attrs.gid;\n // Big Endian\n ATTRS_BUF[nb++] = uid >>> 24;\n ATTRS_BUF[nb++] = uid >>> 16;\n ATTRS_BUF[nb++] = uid >>> 8;\n ATTRS_BUF[nb++] = uid;\n ATTRS_BUF[nb++] = gid >>> 24;\n ATTRS_BUF[nb++] = gid >>> 16;\n ATTRS_BUF[nb++] = gid >>> 8;\n ATTRS_BUF[nb++] = gid;\n }\n if (typeof attrs.mode === 'number' || typeof attrs.mode === 'string') {\n const mode = modeNum(attrs.mode);\n flags |= ATTR.PERMISSIONS;\n // Big Endian\n ATTRS_BUF[nb++] = mode >>> 24;\n ATTRS_BUF[nb++] = mode >>> 16;\n ATTRS_BUF[nb++] = mode >>> 8;\n ATTRS_BUF[nb++] = mode;\n }\n if ((typeof attrs.atime === 'number' || isDate(attrs.atime))\n && (typeof attrs.mtime === 'number' || isDate(attrs.mtime))) {\n const atime = toUnixTimestamp(attrs.atime);\n const mtime = toUnixTimestamp(attrs.mtime);\n\n flags |= ATTR.ACMODTIME;\n // Big Endian\n ATTRS_BUF[nb++] = atime >>> 24;\n ATTRS_BUF[nb++] = atime >>> 16;\n ATTRS_BUF[nb++] = atime >>> 8;\n ATTRS_BUF[nb++] = atime;\n ATTRS_BUF[nb++] = mtime >>> 24;\n ATTRS_BUF[nb++] = mtime >>> 16;\n ATTRS_BUF[nb++] = mtime >>> 8;\n ATTRS_BUF[nb++] = mtime;\n }\n // TODO: extended attributes\n }\n\n return { flags, nb };\n}\n\nfunction toUnixTimestamp(time) {\n // eslint-disable-next-line no-self-compare\n if (typeof time === 'number' && time === time) // Valid, non-NaN number\n return time;\n if (isDate(time))\n return parseInt(time.getTime() / 1000, 10);\n throw new Error(`Cannot parse time: ${time}`);\n}\n\nfunction modeNum(mode) {\n // eslint-disable-next-line no-self-compare\n if (typeof mode === 'number' && mode === mode) // Valid, non-NaN number\n return mode;\n if (typeof mode === 'string')\n return modeNum(parseInt(mode, 8));\n throw new Error(`Cannot parse mode: ${mode}`);\n}\n\nconst stringFlagMap = {\n 'r': OPEN_MODE.READ,\n 'r+': OPEN_MODE.READ | OPEN_MODE.WRITE,\n 'w': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n 'wx': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'xw': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'w+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n 'wx+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL,\n 'xw+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL,\n 'a': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n 'ax': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'xa': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n 'a+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n 'ax+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL,\n 'xa+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n | OPEN_MODE.EXCL\n};\n\nfunction stringToFlags(str) {\n const flags = stringFlagMap[str];\n return (flags !== undefined ? flags : null);\n}\n\nconst flagsToString = (() => {\n const stringFlagMapKeys = Object.keys(stringFlagMap);\n return (flags) => {\n for (let i = 0; i < stringFlagMapKeys.length; ++i) {\n const key = stringFlagMapKeys[i];\n if (stringFlagMap[key] === flags)\n return key;\n }\n return null;\n };\n})();\n\nfunction readAttrs(biOpt) {\n /*\n uint32 flags\n uint64 size present only if flag SSH_FILEXFER_ATTR_SIZE\n uint32 uid present only if flag SSH_FILEXFER_ATTR_UIDGID\n uint32 gid present only if flag SSH_FILEXFER_ATTR_UIDGID\n uint32 permissions present only if flag SSH_FILEXFER_ATTR_PERMISSIONS\n uint32 atime present only if flag SSH_FILEXFER_ACMODTIME\n uint32 mtime present only if flag SSH_FILEXFER_ACMODTIME\n uint32 extended_count present only if flag SSH_FILEXFER_ATTR_EXTENDED\n string extended_type\n string extended_data\n ... more extended data (extended_type - extended_data pairs),\n so that number of pairs equals extended_count\n */\n const flags = bufferParser.readUInt32BE();\n if (flags === undefined)\n return;\n\n const attrs = new Stats();\n if (flags & ATTR.SIZE) {\n const size = bufferParser.readUInt64BE(biOpt);\n if (size === undefined)\n return;\n attrs.size = size;\n }\n\n if (flags & ATTR.UIDGID) {\n const uid = bufferParser.readUInt32BE();\n const gid = bufferParser.readUInt32BE();\n if (gid === undefined)\n return;\n attrs.uid = uid;\n attrs.gid = gid;\n }\n\n if (flags & ATTR.PERMISSIONS) {\n const mode = bufferParser.readUInt32BE();\n if (mode === undefined)\n return;\n attrs.mode = mode;\n }\n\n if (flags & ATTR.ACMODTIME) {\n const atime = bufferParser.readUInt32BE();\n const mtime = bufferParser.readUInt32BE();\n if (mtime === undefined)\n return;\n attrs.atime = atime;\n attrs.mtime = mtime;\n }\n\n if (flags & ATTR.EXTENDED) {\n const count = bufferParser.readUInt32BE();\n if (count === undefined)\n return;\n const extended = {};\n for (let i = 0; i < count; ++i) {\n const type = bufferParser.readString(true);\n const data = bufferParser.readString();\n if (data === undefined)\n return;\n extended[type] = data;\n }\n attrs.extended = extended;\n }\n\n return attrs;\n}\n\nfunction sendOrBuffer(sftp, payload) {\n const ret = tryWritePayload(sftp, payload);\n if (ret !== undefined) {\n sftp._buffer.push(ret);\n return false;\n }\n return true;\n}\n\nfunction tryWritePayload(sftp, payload) {\n const outgoing = sftp.outgoing;\n if (outgoing.state !== 'open')\n return;\n\n if (outgoing.window === 0) {\n sftp._waitWindow = true;\n sftp._chunkcb = drainBuffer;\n return payload;\n }\n\n let ret;\n const len = payload.length;\n let p = 0;\n\n while (len - p > 0 && outgoing.window > 0) {\n const actualLen = Math.min(len - p, outgoing.window, outgoing.packetSize);\n outgoing.window -= actualLen;\n if (outgoing.window === 0) {\n sftp._waitWindow = true;\n sftp._chunkcb = drainBuffer;\n }\n\n if (p === 0 && actualLen === len) {\n sftp._protocol.channelData(sftp.outgoing.id, payload);\n } else {\n sftp._protocol.channelData(sftp.outgoing.id,\n bufferSlice(payload, p, p + actualLen));\n }\n\n p += actualLen;\n }\n\n if (len - p > 0) {\n if (p > 0)\n ret = bufferSlice(payload, p, len);\n else\n ret = payload; // XXX: should never get here?\n }\n\n return ret;\n}\n\nfunction drainBuffer() {\n this._chunkcb = undefined;\n const buffer = this._buffer;\n let i = 0;\n while (i < buffer.length) {\n const payload = buffer[i];\n const ret = tryWritePayload(this, payload);\n if (ret !== undefined) {\n if (ret !== payload)\n buffer[i] = ret;\n if (i > 0)\n this._buffer = buffer.slice(i);\n return;\n }\n ++i;\n }\n if (i > 0)\n this._buffer = [];\n}\n\nfunction doFatalSFTPError(sftp, msg, noDebug) {\n const err = new Error(msg);\n err.level = 'sftp-protocol';\n if (!noDebug && sftp._debug)\n sftp._debug(`SFTP: Inbound: ${msg}`);\n sftp.emit('error', err);\n sftp.destroy();\n cleanupRequests(sftp);\n return false;\n}\n\nfunction cleanupRequests(sftp) {\n const keys = Object.keys(sftp._requests);\n if (keys.length === 0)\n return;\n\n const reqs = sftp._requests;\n sftp._requests = {};\n const err = new Error('No response from server');\n for (let i = 0; i < keys.length; ++i) {\n const req = reqs[keys[i]];\n if (typeof req.cb === 'function')\n req.cb(err);\n }\n}\n\nfunction requestLimits(sftp, cb) {\n /*\n uint32 id\n string \"limits@openssh.com\"\n */\n let p = 9;\n const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 18);\n\n writeUInt32BE(buf, buf.length - 4, 0);\n buf[4] = REQUEST.EXTENDED;\n const reqid = sftp._writeReqid = (sftp._writeReqid + 1) & MAX_REQID;\n writeUInt32BE(buf, reqid, 5);\n\n writeUInt32BE(buf, 18, p);\n buf.utf8Write('limits@openssh.com', p += 4, 18);\n\n sftp._requests[reqid] = { extended: 'limits@openssh.com', cb };\n\n const isBuffered = sendOrBuffer(sftp, buf);\n if (sftp._debug) {\n const which = (isBuffered ? 'Buffered' : 'Sending');\n sftp._debug(`SFTP: Outbound: ${which} limits@openssh.com`);\n }\n}\n\nconst CLIENT_HANDLERS = {\n [RESPONSE.VERSION]: (sftp, payload) => {\n if (sftp._version !== -1)\n return doFatalSFTPError(sftp, 'Duplicate VERSION packet');\n\n const extensions = {};\n\n /*\n uint32 version\n \n */\n bufferParser.init(payload, 1);\n let version = bufferParser.readUInt32BE();\n while (bufferParser.avail()) {\n const extName = bufferParser.readString(true);\n const extData = bufferParser.readString(true);\n if (extData === undefined) {\n version = undefined;\n break;\n }\n extensions[extName] = extData;\n }\n bufferParser.clear();\n\n if (version === undefined)\n return doFatalSFTPError(sftp, 'Malformed VERSION packet');\n\n if (sftp._debug) {\n const names = Object.keys(extensions);\n if (names.length) {\n sftp._debug(\n `SFTP: Inbound: Received VERSION (v${version}, exts:${names})`\n );\n } else {\n sftp._debug(`SFTP: Inbound: Received VERSION (v${version})`);\n }\n }\n\n sftp._version = version;\n sftp._extensions = extensions;\n\n if (extensions['limits@openssh.com'] === '1') {\n return requestLimits(sftp, (err, limits) => {\n if (!err) {\n if (limits.maxPktLen > 0)\n sftp._maxOutPktLen = limits.maxPktLen;\n if (limits.maxReadLen > 0)\n sftp._maxReadLen = limits.maxReadLen;\n if (limits.maxWriteLen > 0)\n sftp._maxWriteLen = limits.maxWriteLen;\n sftp.maxOpenHandles = (\n limits.maxOpenHandles > 0 ? limits.maxOpenHandles : Infinity\n );\n }\n sftp.emit('ready');\n });\n }\n\n sftp.emit('ready');\n },\n [RESPONSE.STATUS]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n uint32 error/status code\n string error message (ISO-10646 UTF-8)\n string language tag\n */\n const errorCode = bufferParser.readUInt32BE();\n const errorMsg = bufferParser.readString(true);\n bufferParser.clear();\n\n // Note: we avoid checking that the error message and language tag are in\n // the packet because there are some broken implementations that incorrectly\n // omit them. The language tag in general was never really used amongst ssh\n // implementations, so in the case of a missing error message we just\n // default to something sensible.\n\n if (sftp._debug) {\n const jsonMsg = JSON.stringify(errorMsg);\n sftp._debug(\n `SFTP: Inbound: Received STATUS (id:${reqID}, ${errorCode}, ${jsonMsg})`\n );\n }\n const req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n if (req && typeof req.cb === 'function') {\n if (errorCode === STATUS_CODE.OK) {\n req.cb();\n return;\n }\n const err = new Error(errorMsg\n || STATUS_CODE_STR[errorCode]\n || 'Unknown status');\n err.code = errorCode;\n req.cb(err);\n }\n },\n [RESPONSE.HANDLE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined) {\n if (reqID !== undefined)\n delete sftp._requests[reqID];\n return doFatalSFTPError(sftp, 'Malformed HANDLE packet');\n }\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received HANDLE (id:${reqID})`);\n\n const req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n if (req && typeof req.cb === 'function')\n req.cb(undefined, handle);\n },\n [RESPONSE.DATA]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n let req;\n if (reqID !== undefined) {\n req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n }\n /*\n string data\n */\n if (req && typeof req.cb === 'function') {\n if (req.buffer) {\n // We have already pre-allocated space to store the data\n\n const nb = bufferParser.readString(req.buffer);\n bufferParser.clear();\n\n if (nb !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n );\n req.cb(undefined, req.buffer, nb);\n return;\n }\n } else {\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received DATA (id:${reqID}, ${data.length})`\n );\n req.cb(undefined, data);\n return;\n }\n }\n } else {\n const nb = bufferParser.skipString();\n bufferParser.clear();\n if (nb !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n );\n return;\n }\n }\n\n return doFatalSFTPError(sftp, 'Malformed DATA packet');\n },\n [RESPONSE.NAME]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n let req;\n if (reqID !== undefined) {\n req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n }\n /*\n uint32 count\n repeats count times:\n string filename\n string longname\n ATTRS attrs\n */\n const count = bufferParser.readUInt32BE();\n if (count !== undefined) {\n let names = [];\n for (let i = 0; i < count; ++i) {\n // We are going to assume UTF-8 for filenames despite the SFTPv3\n // spec not specifying an encoding because the specs for newer\n // versions of the protocol all explicitly specify UTF-8 for\n // filenames\n const filename = bufferParser.readString(true);\n\n // `longname` only exists in SFTPv3 and since it typically will\n // contain the filename, we assume it is also UTF-8\n const longname = bufferParser.readString(true);\n\n const attrs = readAttrs(sftp._biOpt);\n if (attrs === undefined) {\n names = undefined;\n break;\n }\n names.push({ filename, longname, attrs });\n }\n if (names !== undefined) {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received NAME (id:${reqID}, ${names.length})`\n );\n bufferParser.clear();\n if (req && typeof req.cb === 'function')\n req.cb(undefined, names);\n return;\n }\n }\n\n bufferParser.clear();\n return doFatalSFTPError(sftp, 'Malformed NAME packet');\n },\n [RESPONSE.ATTRS]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n let req;\n if (reqID !== undefined) {\n req = sftp._requests[reqID];\n delete sftp._requests[reqID];\n }\n /*\n ATTRS attrs\n */\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n if (attrs !== undefined) {\n sftp._debug && sftp._debug(`SFTP: Inbound: Received ATTRS (id:${reqID})`);\n if (req && typeof req.cb === 'function')\n req.cb(undefined, attrs);\n return;\n }\n\n return doFatalSFTPError(sftp, 'Malformed ATTRS packet');\n },\n [RESPONSE.EXTENDED]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n if (reqID !== undefined) {\n const req = sftp._requests[reqID];\n if (req) {\n delete sftp._requests[reqID];\n switch (req.extended) {\n case 'statvfs@openssh.com':\n case 'fstatvfs@openssh.com': {\n /*\n uint64 f_bsize // file system block size\n uint64 f_frsize // fundamental fs block size\n uint64 f_blocks // number of blocks (unit f_frsize)\n uint64 f_bfree // free blocks in file system\n uint64 f_bavail // free blocks for non-root\n uint64 f_files // total file inodes\n uint64 f_ffree // free file inodes\n uint64 f_favail // free file inodes for to non-root\n uint64 f_fsid // file system id\n uint64 f_flag // bit mask of f_flag values\n uint64 f_namemax // maximum filename length\n */\n const biOpt = sftp._biOpt;\n const stats = {\n f_bsize: bufferParser.readUInt64BE(biOpt),\n f_frsize: bufferParser.readUInt64BE(biOpt),\n f_blocks: bufferParser.readUInt64BE(biOpt),\n f_bfree: bufferParser.readUInt64BE(biOpt),\n f_bavail: bufferParser.readUInt64BE(biOpt),\n f_files: bufferParser.readUInt64BE(biOpt),\n f_ffree: bufferParser.readUInt64BE(biOpt),\n f_favail: bufferParser.readUInt64BE(biOpt),\n f_sid: bufferParser.readUInt64BE(biOpt),\n f_flag: bufferParser.readUInt64BE(biOpt),\n f_namemax: bufferParser.readUInt64BE(biOpt),\n };\n if (stats.f_namemax === undefined)\n break;\n if (sftp._debug) {\n sftp._debug(\n 'SFTP: Inbound: Received EXTENDED_REPLY '\n + `(id:${reqID}, ${req.extended})`\n );\n }\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb(undefined, stats);\n return;\n }\n case 'limits@openssh.com': {\n /*\n uint64 max-packet-length\n uint64 max-read-length\n uint64 max-write-length\n uint64 max-open-handles\n */\n const limits = {\n maxPktLen: bufferParser.readUInt64BE(),\n maxReadLen: bufferParser.readUInt64BE(),\n maxWriteLen: bufferParser.readUInt64BE(),\n maxOpenHandles: bufferParser.readUInt64BE(),\n };\n if (limits.maxOpenHandles === undefined)\n break;\n if (sftp._debug) {\n sftp._debug(\n 'SFTP: Inbound: Received EXTENDED_REPLY '\n + `(id:${reqID}, ${req.extended})`\n );\n }\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb(undefined, limits);\n return;\n }\n case 'users-groups-by-id@openssh.com': {\n /*\n string usernames\n string username1\n ...\n string groupnames\n string groupname1\n ...\n */\n const usernameCount = bufferParser.readUInt32BE();\n if (usernameCount === undefined)\n break;\n const usernames = new Array(usernameCount);\n for (let i = 0; i < usernames.length; ++i)\n usernames[i] = bufferParser.readString(true);\n\n const groupnameCount = bufferParser.readUInt32BE();\n if (groupnameCount === undefined)\n break;\n const groupnames = new Array(groupnameCount);\n for (let i = 0; i < groupnames.length; ++i)\n groupnames[i] = bufferParser.readString(true);\n if (groupnames.length > 0\n && groupnames[groupnames.length - 1] === undefined) {\n break;\n }\n\n if (sftp._debug) {\n sftp._debug(\n 'SFTP: Inbound: Received EXTENDED_REPLY '\n + `(id:${reqID}, ${req.extended})`\n );\n }\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb(undefined, usernames, groupnames);\n return;\n }\n default:\n // Unknown extended request\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n );\n bufferParser.clear();\n if (typeof req.cb === 'function')\n req.cb();\n return;\n }\n } else {\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n );\n bufferParser.clear();\n return;\n }\n }\n\n bufferParser.clear();\n return doFatalSFTPError(sftp, 'Malformed EXTENDED_REPLY packet');\n },\n};\nconst SERVER_HANDLERS = {\n [REQUEST.INIT]: (sftp, payload) => {\n if (sftp._version !== -1)\n return doFatalSFTPError(sftp, 'Duplicate INIT packet');\n\n const extensions = {};\n\n /*\n uint32 version\n \n */\n bufferParser.init(payload, 1);\n let version = bufferParser.readUInt32BE();\n while (bufferParser.avail()) {\n const extName = bufferParser.readString(true);\n const extData = bufferParser.readString(true);\n if (extData === undefined) {\n version = undefined;\n break;\n }\n extensions[extName] = extData;\n }\n bufferParser.clear();\n\n if (version === undefined)\n return doFatalSFTPError(sftp, 'Malformed INIT packet');\n\n if (sftp._debug) {\n const names = Object.keys(extensions);\n if (names.length) {\n sftp._debug(\n `SFTP: Inbound: Received INIT (v${version}, exts:${names})`\n );\n } else {\n sftp._debug(`SFTP: Inbound: Received INIT (v${version})`);\n }\n }\n\n sendOrBuffer(sftp, SERVER_VERSION_BUFFER);\n\n sftp._version = version;\n sftp._extensions = extensions;\n sftp.emit('ready');\n },\n [REQUEST.OPEN]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string filename\n uint32 pflags\n ATTRS attrs\n */\n const filename = bufferParser.readString(true);\n const pflags = bufferParser.readUInt32BE();\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined)\n return doFatalSFTPError(sftp, 'Malformed OPEN packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received OPEN (id:${reqID})`);\n\n if (!sftp.emit('OPEN', reqID, filename, pflags, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.CLOSE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed CLOSE packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received CLOSE (id:${reqID})`);\n\n if (!sftp.emit('CLOSE', reqID, handle)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.READ]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n uint64 offset\n uint32 len\n */\n const handle = bufferParser.readString();\n const offset = bufferParser.readUInt64BE(sftp._biOpt);\n const len = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (len === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed READ packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received READ (id:${reqID})`);\n\n if (!sftp.emit('READ', reqID, handle, offset, len)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.WRITE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n uint64 offset\n string data\n */\n const handle = bufferParser.readString();\n const offset = bufferParser.readUInt64BE(sftp._biOpt);\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed WRITE packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received WRITE (id:${reqID})`);\n\n if (!sftp.emit('WRITE', reqID, handle, offset, data)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.LSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed LSTAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received LSTAT (id:${reqID})`);\n\n if (!sftp.emit('LSTAT', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.FSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed FSTAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received FSTAT (id:${reqID})`);\n\n if (!sftp.emit('FSTAT', reqID, handle)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.SETSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n ATTRS attrs\n */\n const path = bufferParser.readString(true);\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined)\n return doFatalSFTPError(sftp, 'Malformed SETSTAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received SETSTAT (id:${reqID})`);\n\n if (!sftp.emit('SETSTAT', reqID, path, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.FSETSTAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n ATTRS attrs\n */\n const handle = bufferParser.readString();\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed FSETSTAT packet');\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received FSETSTAT (id:${reqID})`\n );\n\n if (!sftp.emit('FSETSTAT', reqID, handle, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.OPENDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed OPENDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received OPENDIR (id:${reqID})`);\n\n if (!sftp.emit('OPENDIR', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.READDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string handle\n */\n const handle = bufferParser.readString();\n bufferParser.clear();\n\n if (handle === undefined || handle.length > 256)\n return doFatalSFTPError(sftp, 'Malformed READDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received READDIR (id:${reqID})`);\n\n if (!sftp.emit('READDIR', reqID, handle)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.REMOVE]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed REMOVE packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received REMOVE (id:${reqID})`);\n\n if (!sftp.emit('REMOVE', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.MKDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n ATTRS attrs\n */\n const path = bufferParser.readString(true);\n const attrs = readAttrs(sftp._biOpt);\n bufferParser.clear();\n\n if (attrs === undefined)\n return doFatalSFTPError(sftp, 'Malformed MKDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received MKDIR (id:${reqID})`);\n\n if (!sftp.emit('MKDIR', reqID, path, attrs)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.RMDIR]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed RMDIR packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received RMDIR (id:${reqID})`);\n\n if (!sftp.emit('RMDIR', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.REALPATH]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed REALPATH packet');\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received REALPATH (id:${reqID})`\n );\n\n if (!sftp.emit('REALPATH', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.STAT]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed STAT packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received STAT (id:${reqID})`);\n\n if (!sftp.emit('STAT', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.RENAME]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string oldpath\n string newpath\n */\n const oldPath = bufferParser.readString(true);\n const newPath = bufferParser.readString(true);\n bufferParser.clear();\n\n if (newPath === undefined)\n return doFatalSFTPError(sftp, 'Malformed RENAME packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received RENAME (id:${reqID})`);\n\n if (!sftp.emit('RENAME', reqID, oldPath, newPath)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.READLINK]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string path\n */\n const path = bufferParser.readString(true);\n bufferParser.clear();\n\n if (path === undefined)\n return doFatalSFTPError(sftp, 'Malformed READLINK packet');\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received READLINK (id:${reqID})`\n );\n\n if (!sftp.emit('READLINK', reqID, path)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.SYMLINK]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string linkpath\n string targetpath\n */\n const linkPath = bufferParser.readString(true);\n const targetPath = bufferParser.readString(true);\n bufferParser.clear();\n\n if (targetPath === undefined)\n return doFatalSFTPError(sftp, 'Malformed SYMLINK packet');\n\n sftp._debug && sftp._debug(`SFTP: Inbound: Received SYMLINK (id:${reqID})`);\n\n let handled;\n if (sftp._isOpenSSH) {\n // OpenSSH has linkpath and targetpath positions switched\n handled = sftp.emit('SYMLINK', reqID, targetPath, linkPath);\n } else {\n handled = sftp.emit('SYMLINK', reqID, linkPath, targetPath);\n }\n if (!handled) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n [REQUEST.EXTENDED]: (sftp, payload) => {\n bufferParser.init(payload, 1);\n const reqID = bufferParser.readUInt32BE();\n /*\n string extended-request\n ... any request-specific data ...\n */\n const extName = bufferParser.readString(true);\n if (extName === undefined) {\n bufferParser.clear();\n return doFatalSFTPError(sftp, 'Malformed EXTENDED packet');\n }\n\n let extData;\n if (bufferParser.avail())\n extData = bufferParser.readRaw();\n bufferParser.clear();\n\n sftp._debug && sftp._debug(\n `SFTP: Inbound: Received EXTENDED (id:${reqID})`\n );\n\n if (!sftp.emit('EXTENDED', reqID, extName, extData)) {\n // Automatically reject request if no handler for request type\n sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n }\n },\n};\n\n// =============================================================================\n// ReadStream/WriteStream-related ==============================================\n// =============================================================================\nconst {\n ERR_INVALID_ARG_TYPE,\n ERR_OUT_OF_RANGE,\n validateNumber\n} = require('./node-fs-compat');\n\nconst kMinPoolSpace = 128;\n\nlet pool;\n// It can happen that we expect to read a large chunk of data, and reserve\n// a large chunk of the pool accordingly, but the read() call only filled\n// a portion of it. If a concurrently executing read() then uses the same pool,\n// the \"reserved\" portion cannot be used, so we allow it to be re-used as a\n// new pool later.\nconst poolFragments = [];\n\nfunction allocNewPool(poolSize) {\n if (poolFragments.length > 0)\n pool = poolFragments.pop();\n else\n pool = Buffer.allocUnsafe(poolSize);\n pool.used = 0;\n}\n\n// Check the `this.start` and `this.end` of stream.\nfunction checkPosition(pos, name) {\n if (!Number.isSafeInteger(pos)) {\n validateNumber(pos, name);\n if (!Number.isInteger(pos))\n throw new ERR_OUT_OF_RANGE(name, 'an integer', pos);\n throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n }\n if (pos < 0)\n throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n}\n\nfunction roundUpToMultipleOf8(n) {\n return (n + 7) & ~7; // Align to 8 byte boundary.\n}\n\nfunction ReadStream(sftp, path, options) {\n if (options === undefined)\n options = {};\n else if (typeof options === 'string')\n options = { encoding: options };\n else if (options === null || typeof options !== 'object')\n throw new TypeError('\"options\" argument must be a string or an object');\n else\n options = Object.create(options);\n\n // A little bit bigger buffer and water marks by default\n if (options.highWaterMark === undefined)\n options.highWaterMark = 64 * 1024;\n\n // For backwards compat do not emit close on destroy.\n options.emitClose = false;\n options.autoDestroy = false; // Node 14 major change.\n\n ReadableStream.call(this, options);\n\n this.path = path;\n this.flags = options.flags === undefined ? 'r' : options.flags;\n this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n this.start = options.start;\n this.end = options.end;\n this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n this.pos = 0;\n this.bytesRead = 0;\n this.isClosed = false;\n\n this.handle = options.handle === undefined ? null : options.handle;\n this.sftp = sftp;\n this._opening = false;\n\n if (this.start !== undefined) {\n checkPosition(this.start, 'start');\n\n this.pos = this.start;\n }\n\n if (this.end === undefined) {\n this.end = Infinity;\n } else if (this.end !== Infinity) {\n checkPosition(this.end, 'end');\n\n if (this.start !== undefined && this.start > this.end) {\n throw new ERR_OUT_OF_RANGE(\n 'start',\n `<= \"end\" (here: ${this.end})`,\n this.start\n );\n }\n }\n\n this.on('end', function() {\n if (this.autoClose)\n this.destroy();\n });\n\n if (!Buffer.isBuffer(this.handle))\n this.open();\n}\ninherits(ReadStream, ReadableStream);\n\nReadStream.prototype.open = function() {\n if (this._opening)\n return;\n\n this._opening = true;\n\n this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n this._opening = false;\n\n if (er) {\n this.emit('error', er);\n if (this.autoClose)\n this.destroy();\n return;\n }\n\n this.handle = handle;\n this.emit('open', handle);\n this.emit('ready');\n // Start the flow of data.\n this.read();\n });\n};\n\nReadStream.prototype._read = function(n) {\n if (!Buffer.isBuffer(this.handle))\n return this.once('open', () => this._read(n));\n\n // XXX: safe to remove this?\n if (this.destroyed)\n return;\n\n if (!pool || pool.length - pool.used < kMinPoolSpace) {\n // Discard the old pool.\n allocNewPool(this.readableHighWaterMark\n || this._readableState.highWaterMark);\n }\n\n // Grab another reference to the pool in the case that while we're\n // in the thread pool another read() finishes up the pool, and\n // allocates a new one.\n const thisPool = pool;\n let toRead = Math.min(pool.length - pool.used, n);\n const start = pool.used;\n\n if (this.end !== undefined)\n toRead = Math.min(this.end - this.pos + 1, toRead);\n\n // Already read everything we were supposed to read!\n // treat as EOF.\n if (toRead <= 0)\n return this.push(null);\n\n // the actual read.\n this.sftp.read(this.handle,\n pool,\n pool.used,\n toRead,\n this.pos,\n (er, bytesRead) => {\n if (er) {\n this.emit('error', er);\n if (this.autoClose)\n this.destroy();\n return;\n }\n let b = null;\n\n // Now that we know how much data we have actually read, re-wind the\n // 'used' field if we can, and otherwise allow the remainder of our\n // reservation to be used as a new pool later.\n if (start + toRead === thisPool.used && thisPool === pool) {\n thisPool.used = roundUpToMultipleOf8(thisPool.used + bytesRead - toRead);\n } else {\n // Round down to the next lowest multiple of 8 to ensure the new pool\n // fragment start and end positions are aligned to an 8 byte boundary.\n const alignedEnd = (start + toRead) & ~7;\n const alignedStart = roundUpToMultipleOf8(start + bytesRead);\n if (alignedEnd - alignedStart >= kMinPoolSpace)\n poolFragments.push(thisPool.slice(alignedStart, alignedEnd));\n }\n\n if (bytesRead > 0) {\n this.bytesRead += bytesRead;\n b = thisPool.slice(start, start + bytesRead);\n }\n\n // Move the pool positions, and internal position for reading.\n this.pos += bytesRead;\n\n this.push(b);\n });\n\n pool.used = roundUpToMultipleOf8(pool.used + toRead);\n};\n\nReadStream.prototype._destroy = function(err, cb) {\n if (this._opening && !Buffer.isBuffer(this.handle)) {\n this.once('open', closeStream.bind(null, this, cb, err));\n return;\n }\n\n closeStream(this, cb, err);\n this.handle = null;\n this._opening = false;\n};\n\nfunction closeStream(stream, cb, err) {\n if (!stream.handle)\n return onclose();\n\n stream.sftp.close(stream.handle, onclose);\n\n function onclose(er) {\n er = er || err;\n cb(er);\n stream.isClosed = true;\n if (!er)\n stream.emit('close');\n }\n}\n\nReadStream.prototype.close = function(cb) {\n this.destroy(null, cb);\n};\n\nObject.defineProperty(ReadStream.prototype, 'pending', {\n get() {\n return this.handle === null;\n },\n configurable: true\n});\n\n// TODO: add `concurrency` setting to allow more than one in-flight WRITE\n// request to server to improve throughput\nfunction WriteStream(sftp, path, options) {\n if (options === undefined)\n options = {};\n else if (typeof options === 'string')\n options = { encoding: options };\n else if (options === null || typeof options !== 'object')\n throw new TypeError('\"options\" argument must be a string or an object');\n else\n options = Object.create(options);\n\n // For backwards compat do not emit close on destroy.\n options.emitClose = false;\n options.autoDestroy = false; // Node 14 major change.\n\n WritableStream.call(this, options);\n\n this.path = path;\n this.flags = options.flags === undefined ? 'w' : options.flags;\n this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n this.start = options.start;\n this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n this.pos = 0;\n this.bytesWritten = 0;\n this.isClosed = false;\n\n this.handle = options.handle === undefined ? null : options.handle;\n this.sftp = sftp;\n this._opening = false;\n\n if (this.start !== undefined) {\n checkPosition(this.start, 'start');\n\n this.pos = this.start;\n }\n\n if (options.encoding)\n this.setDefaultEncoding(options.encoding);\n\n // Node v6.x only\n this.on('finish', function() {\n if (this._writableState.finalCalled)\n return;\n if (this.autoClose)\n this.destroy();\n });\n\n if (!Buffer.isBuffer(this.handle))\n this.open();\n}\ninherits(WriteStream, WritableStream);\n\nWriteStream.prototype._final = function(cb) {\n if (this.autoClose)\n this.destroy();\n cb();\n};\n\nWriteStream.prototype.open = function() {\n if (this._opening)\n return;\n\n this._opening = true;\n\n this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n this._opening = false;\n\n if (er) {\n this.emit('error', er);\n if (this.autoClose)\n this.destroy();\n return;\n }\n\n this.handle = handle;\n\n const tryAgain = (err) => {\n if (err) {\n // Try chmod() for sftp servers that may not support fchmod() for\n // whatever reason\n this.sftp.chmod(this.path, this.mode, (err_) => tryAgain());\n return;\n }\n\n // SFTPv3 requires absolute offsets, no matter the open flag used\n if (this.flags[0] === 'a') {\n const tryStat = (err, st) => {\n if (err) {\n // Try stat() for sftp servers that may not support fstat() for\n // whatever reason\n this.sftp.stat(this.path, (err_, st_) => {\n if (err_) {\n this.destroy();\n this.emit('error', err);\n return;\n }\n tryStat(null, st_);\n });\n return;\n }\n\n this.pos = st.size;\n this.emit('open', handle);\n this.emit('ready');\n };\n\n this.sftp.fstat(handle, tryStat);\n return;\n }\n\n this.emit('open', handle);\n this.emit('ready');\n };\n\n this.sftp.fchmod(handle, this.mode, tryAgain);\n });\n};\n\nWriteStream.prototype._write = function(data, encoding, cb) {\n if (!Buffer.isBuffer(data)) {\n const err = new ERR_INVALID_ARG_TYPE('data', 'Buffer', data);\n return this.emit('error', err);\n }\n\n if (!Buffer.isBuffer(this.handle)) {\n return this.once('open', function() {\n this._write(data, encoding, cb);\n });\n }\n\n this.sftp.write(this.handle,\n data,\n 0,\n data.length,\n this.pos,\n (er, bytes) => {\n if (er) {\n if (this.autoClose)\n this.destroy();\n return cb(er);\n }\n this.bytesWritten += bytes;\n cb();\n });\n\n this.pos += data.length;\n};\n\nWriteStream.prototype._writev = function(data, cb) {\n if (!Buffer.isBuffer(this.handle)) {\n return this.once('open', function() {\n this._writev(data, cb);\n });\n }\n\n const sftp = this.sftp;\n const handle = this.handle;\n let writesLeft = data.length;\n\n const onwrite = (er, bytes) => {\n if (er) {\n this.destroy();\n return cb(er);\n }\n this.bytesWritten += bytes;\n if (--writesLeft === 0)\n cb();\n };\n\n // TODO: try to combine chunks to reduce number of requests to the server?\n for (let i = 0; i < data.length; ++i) {\n const chunk = data[i].chunk;\n\n sftp.write(handle, chunk, 0, chunk.length, this.pos, onwrite);\n this.pos += chunk.length;\n }\n};\n\nif (typeof WritableStream.prototype.destroy !== 'function')\n WriteStream.prototype.destroy = ReadStream.prototype.destroy;\n\nWriteStream.prototype._destroy = ReadStream.prototype._destroy;\nWriteStream.prototype.close = function(cb) {\n if (cb) {\n if (this.isClosed) {\n process.nextTick(cb);\n return;\n }\n this.on('close', cb);\n }\n\n // If we are not autoClosing, we should call\n // destroy on 'finish'.\n if (!this.autoClose)\n this.on('finish', this.destroy.bind(this));\n\n this.end();\n};\n\n// There is no shutdown() for files.\nWriteStream.prototype.destroySoon = WriteStream.prototype.end;\n\nObject.defineProperty(WriteStream.prototype, 'pending', {\n get() {\n return this.handle === null;\n },\n configurable: true\n});\n// =============================================================================\n\nmodule.exports = {\n flagsToString,\n OPEN_MODE,\n SFTP,\n Stats,\n STATUS_CODE,\n stringToFlags,\n};\n","'use strict';\n\nconst crypto = require('crypto');\n\nlet cpuInfo;\ntry {\n cpuInfo = require('cpu-features')();\n} catch {}\n\nconst { bindingAvailable, CIPHER_INFO, MAC_INFO } = require('./crypto.js');\n\nconst eddsaSupported = (() => {\n if (typeof crypto.sign === 'function'\n && typeof crypto.verify === 'function') {\n const key =\n '-----BEGIN PRIVATE KEY-----\\r\\nMC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD'\n + '/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\\r\\n-----END PRIVATE KEY-----';\n const data = Buffer.from('a');\n let sig;\n let verified;\n try {\n sig = crypto.sign(null, data, key);\n verified = crypto.verify(null, data, key, sig);\n } catch {}\n return (Buffer.isBuffer(sig) && sig.length === 64 && verified === true);\n }\n\n return false;\n})();\n\nconst curve25519Supported = (typeof crypto.diffieHellman === 'function'\n && typeof crypto.generateKeyPairSync === 'function'\n && typeof crypto.createPublicKey === 'function');\n\nconst DEFAULT_KEX = [\n // https://tools.ietf.org/html/rfc5656#section-10.1\n 'ecdh-sha2-nistp256',\n 'ecdh-sha2-nistp384',\n 'ecdh-sha2-nistp521',\n\n // https://tools.ietf.org/html/rfc4419#section-4\n 'diffie-hellman-group-exchange-sha256',\n\n // https://tools.ietf.org/html/rfc8268\n 'diffie-hellman-group14-sha256',\n 'diffie-hellman-group15-sha512',\n 'diffie-hellman-group16-sha512',\n 'diffie-hellman-group17-sha512',\n 'diffie-hellman-group18-sha512',\n];\nif (curve25519Supported) {\n DEFAULT_KEX.unshift('curve25519-sha256');\n DEFAULT_KEX.unshift('curve25519-sha256@libssh.org');\n}\nconst SUPPORTED_KEX = DEFAULT_KEX.concat([\n // https://tools.ietf.org/html/rfc4419#section-4\n 'diffie-hellman-group-exchange-sha1',\n\n 'diffie-hellman-group14-sha1', // REQUIRED\n 'diffie-hellman-group1-sha1', // REQUIRED\n]);\n\n\nconst DEFAULT_SERVER_HOST_KEY = [\n 'ecdsa-sha2-nistp256',\n 'ecdsa-sha2-nistp384',\n 'ecdsa-sha2-nistp521',\n 'rsa-sha2-512', // RFC 8332\n 'rsa-sha2-256', // RFC 8332\n 'ssh-rsa',\n];\nif (eddsaSupported)\n DEFAULT_SERVER_HOST_KEY.unshift('ssh-ed25519');\nconst SUPPORTED_SERVER_HOST_KEY = DEFAULT_SERVER_HOST_KEY.concat([\n 'ssh-dss',\n]);\n\n\nconst canUseCipher = (() => {\n const ciphers = crypto.getCiphers();\n return (name) => ciphers.includes(CIPHER_INFO[name].sslName);\n})();\nlet DEFAULT_CIPHER = [\n // http://tools.ietf.org/html/rfc5647\n 'aes128-gcm@openssh.com',\n 'aes256-gcm@openssh.com',\n\n // http://tools.ietf.org/html/rfc4344#section-4\n 'aes128-ctr',\n 'aes192-ctr',\n 'aes256-ctr',\n];\nif (cpuInfo && cpuInfo.flags && !cpuInfo.flags.aes) {\n // We know for sure the CPU does not support AES acceleration\n if (bindingAvailable)\n DEFAULT_CIPHER.unshift('chacha20-poly1305@openssh.com');\n else\n DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n} else if (bindingAvailable && cpuInfo && cpuInfo.arch === 'x86') {\n // Places chacha20-poly1305 immediately after GCM ciphers since GCM ciphers\n // seem to outperform it on x86, but it seems to be faster than CTR ciphers\n DEFAULT_CIPHER.splice(4, 0, 'chacha20-poly1305@openssh.com');\n} else {\n DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n}\nDEFAULT_CIPHER = DEFAULT_CIPHER.filter(canUseCipher);\nconst SUPPORTED_CIPHER = DEFAULT_CIPHER.concat([\n 'aes256-cbc',\n 'aes192-cbc',\n 'aes128-cbc',\n 'blowfish-cbc',\n '3des-cbc',\n 'aes128-gcm',\n 'aes256-gcm',\n\n // http://tools.ietf.org/html/rfc4345#section-4:\n 'arcfour256',\n 'arcfour128',\n\n 'cast128-cbc',\n 'arcfour',\n].filter(canUseCipher));\n\n\nconst canUseMAC = (() => {\n const hashes = crypto.getHashes();\n return (name) => hashes.includes(MAC_INFO[name].sslName);\n})();\nconst DEFAULT_MAC = [\n 'hmac-sha2-256-etm@openssh.com',\n 'hmac-sha2-512-etm@openssh.com',\n 'hmac-sha1-etm@openssh.com',\n 'hmac-sha2-256',\n 'hmac-sha2-512',\n 'hmac-sha1',\n].filter(canUseMAC);\nconst SUPPORTED_MAC = DEFAULT_MAC.concat([\n 'hmac-md5',\n 'hmac-sha2-256-96', // first 96 bits of HMAC-SHA256\n 'hmac-sha2-512-96', // first 96 bits of HMAC-SHA512\n 'hmac-ripemd160',\n 'hmac-sha1-96', // first 96 bits of HMAC-SHA1\n 'hmac-md5-96', // first 96 bits of HMAC-MD5\n].filter(canUseMAC));\n\nconst DEFAULT_COMPRESSION = [\n 'none',\n 'zlib@openssh.com', // ZLIB (LZ77) compression, except\n // compression/decompression does not start until after\n // successful user authentication\n 'zlib', // ZLIB (LZ77) compression\n];\nconst SUPPORTED_COMPRESSION = DEFAULT_COMPRESSION.concat([\n]);\n\n\nconst COMPAT = {\n BAD_DHGEX: 1 << 0,\n OLD_EXIT: 1 << 1,\n DYN_RPORT_BUG: 1 << 2,\n BUG_DHGEX_LARGE: 1 << 3,\n IMPLY_RSA_SHA2_SIGALGS: 1 << 4,\n};\n\nmodule.exports = {\n MESSAGE: {\n // Transport layer protocol -- generic (1-19)\n DISCONNECT: 1,\n IGNORE: 2,\n UNIMPLEMENTED: 3,\n DEBUG: 4,\n SERVICE_REQUEST: 5,\n SERVICE_ACCEPT: 6,\n EXT_INFO: 7, // RFC 8308\n\n // Transport layer protocol -- algorithm negotiation (20-29)\n KEXINIT: 20,\n NEWKEYS: 21,\n\n // Transport layer protocol -- key exchange method-specific (30-49)\n KEXDH_INIT: 30,\n KEXDH_REPLY: 31,\n\n KEXDH_GEX_GROUP: 31,\n KEXDH_GEX_INIT: 32,\n KEXDH_GEX_REPLY: 33,\n KEXDH_GEX_REQUEST: 34,\n\n KEXECDH_INIT: 30,\n KEXECDH_REPLY: 31,\n\n // User auth protocol -- generic (50-59)\n USERAUTH_REQUEST: 50,\n USERAUTH_FAILURE: 51,\n USERAUTH_SUCCESS: 52,\n USERAUTH_BANNER: 53,\n\n // User auth protocol -- user auth method-specific (60-79)\n USERAUTH_PASSWD_CHANGEREQ: 60,\n\n USERAUTH_PK_OK: 60,\n\n USERAUTH_INFO_REQUEST: 60,\n USERAUTH_INFO_RESPONSE: 61,\n\n // Connection protocol -- generic (80-89)\n GLOBAL_REQUEST: 80,\n REQUEST_SUCCESS: 81,\n REQUEST_FAILURE: 82,\n\n // Connection protocol -- channel-related (90-127)\n CHANNEL_OPEN: 90,\n CHANNEL_OPEN_CONFIRMATION: 91,\n CHANNEL_OPEN_FAILURE: 92,\n CHANNEL_WINDOW_ADJUST: 93,\n CHANNEL_DATA: 94,\n CHANNEL_EXTENDED_DATA: 95,\n CHANNEL_EOF: 96,\n CHANNEL_CLOSE: 97,\n CHANNEL_REQUEST: 98,\n CHANNEL_SUCCESS: 99,\n CHANNEL_FAILURE: 100\n\n // Reserved for client protocols (128-191)\n\n // Local extensions (192-155)\n },\n DISCONNECT_REASON: {\n HOST_NOT_ALLOWED_TO_CONNECT: 1,\n PROTOCOL_ERROR: 2,\n KEY_EXCHANGE_FAILED: 3,\n RESERVED: 4,\n MAC_ERROR: 5,\n COMPRESSION_ERROR: 6,\n SERVICE_NOT_AVAILABLE: 7,\n PROTOCOL_VERSION_NOT_SUPPORTED: 8,\n HOST_KEY_NOT_VERIFIABLE: 9,\n CONNECTION_LOST: 10,\n BY_APPLICATION: 11,\n TOO_MANY_CONNECTIONS: 12,\n AUTH_CANCELED_BY_USER: 13,\n NO_MORE_AUTH_METHODS_AVAILABLE: 14,\n ILLEGAL_USER_NAME: 15,\n },\n DISCONNECT_REASON_STR: undefined,\n CHANNEL_OPEN_FAILURE: {\n ADMINISTRATIVELY_PROHIBITED: 1,\n CONNECT_FAILED: 2,\n UNKNOWN_CHANNEL_TYPE: 3,\n RESOURCE_SHORTAGE: 4\n },\n TERMINAL_MODE: {\n TTY_OP_END: 0, // Indicates end of options.\n VINTR: 1, // Interrupt character; 255 if none. Similarly for the\n // other characters. Not all of these characters are\n // supported on all systems.\n VQUIT: 2, // The quit character (sends SIGQUIT signal on POSIX\n // systems).\n VERASE: 3, // Erase the character to left of the cursor.\n VKILL: 4, // Kill the current input line.\n VEOF: 5, // End-of-file character (sends EOF from the\n // terminal).\n VEOL: 6, // End-of-line character in addition to carriage\n // return and/or linefeed.\n VEOL2: 7, // Additional end-of-line character.\n VSTART: 8, // Continues paused output (normally control-Q).\n VSTOP: 9, // Pauses output (normally control-S).\n VSUSP: 10, // Suspends the current program.\n VDSUSP: 11, // Another suspend character.\n VREPRINT: 12, // Reprints the current input line.\n VWERASE: 13, // Erases a word left of cursor.\n VLNEXT: 14, // Enter the next character typed literally, even if\n // it is a special character\n VFLUSH: 15, // Character to flush output.\n VSWTCH: 16, // Switch to a different shell layer.\n VSTATUS: 17, // Prints system status line (load, command, pid,\n // etc).\n VDISCARD: 18, // Toggles the flushing of terminal output.\n IGNPAR: 30, // The ignore parity flag. The parameter SHOULD be 0\n // if this flag is FALSE, and 1 if it is TRUE.\n PARMRK: 31, // Mark parity and framing errors.\n INPCK: 32, // Enable checking of parity errors.\n ISTRIP: 33, // Strip 8th bit off characters.\n INLCR: 34, // Map NL into CR on input.\n IGNCR: 35, // Ignore CR on input.\n ICRNL: 36, // Map CR to NL on input.\n IUCLC: 37, // Translate uppercase characters to lowercase.\n IXON: 38, // Enable output flow control.\n IXANY: 39, // Any char will restart after stop.\n IXOFF: 40, // Enable input flow control.\n IMAXBEL: 41, // Ring bell on input queue full.\n ISIG: 50, // Enable signals INTR, QUIT, [D]SUSP.\n ICANON: 51, // Canonicalize input lines.\n XCASE: 52, // Enable input and output of uppercase characters by\n // preceding their lowercase equivalents with \"\\\".\n ECHO: 53, // Enable echoing.\n ECHOE: 54, // Visually erase chars.\n ECHOK: 55, // Kill character discards current line.\n ECHONL: 56, // Echo NL even if ECHO is off.\n NOFLSH: 57, // Don't flush after interrupt.\n TOSTOP: 58, // Stop background jobs from output.\n IEXTEN: 59, // Enable extensions.\n ECHOCTL: 60, // Echo control characters as ^(Char).\n ECHOKE: 61, // Visual erase for line kill.\n PENDIN: 62, // Retype pending input.\n OPOST: 70, // Enable output processing.\n OLCUC: 71, // Convert lowercase to uppercase.\n ONLCR: 72, // Map NL to CR-NL.\n OCRNL: 73, // Translate carriage return to newline (output).\n ONOCR: 74, // Translate newline to carriage return-newline\n // (output).\n ONLRET: 75, // Newline performs a carriage return (output).\n CS7: 90, // 7 bit mode.\n CS8: 91, // 8 bit mode.\n PARENB: 92, // Parity enable.\n PARODD: 93, // Odd parity, else even.\n TTY_OP_ISPEED: 128, // Specifies the input baud rate in bits per second.\n TTY_OP_OSPEED: 129, // Specifies the output baud rate in bits per second.\n },\n CHANNEL_EXTENDED_DATATYPE: {\n STDERR: 1,\n },\n\n SIGNALS: [\n 'ABRT', 'ALRM', 'FPE', 'HUP', 'ILL', 'INT', 'QUIT', 'SEGV', 'TERM', 'USR1',\n 'USR2', 'KILL', 'PIPE'\n ].reduce((cur, val) => ({ ...cur, [val]: 1 }), {}),\n\n COMPAT,\n COMPAT_CHECKS: [\n [ 'Cisco-1.25', COMPAT.BAD_DHGEX ],\n [ /^Cisco-1[.]/, COMPAT.BUG_DHGEX_LARGE ],\n [ /^[0-9.]+$/, COMPAT.OLD_EXIT ], // old SSH.com implementations\n [ /^OpenSSH_5[.][0-9]+/, COMPAT.DYN_RPORT_BUG ],\n [ /^OpenSSH_7[.]4/, COMPAT.IMPLY_RSA_SHA2_SIGALGS ],\n ],\n\n // KEX proposal-related\n DEFAULT_KEX,\n SUPPORTED_KEX,\n DEFAULT_SERVER_HOST_KEY,\n SUPPORTED_SERVER_HOST_KEY,\n DEFAULT_CIPHER,\n SUPPORTED_CIPHER,\n DEFAULT_MAC,\n SUPPORTED_MAC,\n DEFAULT_COMPRESSION,\n SUPPORTED_COMPRESSION,\n\n curve25519Supported,\n eddsaSupported,\n};\n\nmodule.exports.DISCONNECT_REASON_BY_VALUE =\n Array.from(Object.entries(module.exports.DISCONNECT_REASON))\n .reduce((obj, [key, value]) => ({ ...obj, [value]: key }), {});\n","// TODO:\n// * make max packet size configurable\n// * if decompression is enabled, use `._packet` in decipher instances as\n// input to (sync) zlib inflater with appropriate offset and length to\n// avoid an additional copy of payload data before inflation\n// * factor decompression status into packet length checks\n'use strict';\n\nconst {\n createCipheriv, createDecipheriv, createHmac, randomFillSync, timingSafeEqual\n} = require('crypto');\n\nconst { readUInt32BE, writeUInt32BE } = require('./utils.js');\n\nconst FastBuffer = Buffer[Symbol.species];\nconst MAX_SEQNO = 2 ** 32 - 1;\nconst EMPTY_BUFFER = Buffer.alloc(0);\nconst BUF_INT = Buffer.alloc(4);\nconst DISCARD_CACHE = new Map();\nconst MAX_PACKET_SIZE = 35000;\n\nlet binding;\nlet AESGCMCipher;\nlet ChaChaPolyCipher;\nlet GenericCipher;\nlet AESGCMDecipher;\nlet ChaChaPolyDecipher;\nlet GenericDecipher;\ntry {\n binding = require('./crypto/build/Release/sshcrypto.node');\n ({ AESGCMCipher, ChaChaPolyCipher, GenericCipher,\n AESGCMDecipher, ChaChaPolyDecipher, GenericDecipher } = binding);\n} catch {}\n\nconst CIPHER_STREAM = 1 << 0;\nconst CIPHER_INFO = (() => {\n function info(sslName, blockLen, keyLen, ivLen, authLen, discardLen, flags) {\n return {\n sslName,\n blockLen,\n keyLen,\n ivLen: (ivLen !== 0 || (flags & CIPHER_STREAM)\n ? ivLen\n : blockLen),\n authLen,\n discardLen,\n stream: !!(flags & CIPHER_STREAM),\n };\n }\n\n return {\n 'chacha20-poly1305@openssh.com':\n info('chacha20', 8, 64, 0, 16, 0, CIPHER_STREAM),\n\n 'aes128-gcm': info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n 'aes256-gcm': info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n 'aes128-gcm@openssh.com':\n info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n 'aes256-gcm@openssh.com':\n info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n\n 'aes128-cbc': info('aes-128-cbc', 16, 16, 0, 0, 0, 0),\n 'aes192-cbc': info('aes-192-cbc', 16, 24, 0, 0, 0, 0),\n 'aes256-cbc': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n 'rijndael-cbc@lysator.liu.se': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n '3des-cbc': info('des-ede3-cbc', 8, 24, 0, 0, 0, 0),\n 'blowfish-cbc': info('bf-cbc', 8, 16, 0, 0, 0, 0),\n 'idea-cbc': info('idea-cbc', 8, 16, 0, 0, 0, 0),\n 'cast128-cbc': info('cast-cbc', 8, 16, 0, 0, 0, 0),\n\n 'aes128-ctr': info('aes-128-ctr', 16, 16, 16, 0, 0, CIPHER_STREAM),\n 'aes192-ctr': info('aes-192-ctr', 16, 24, 16, 0, 0, CIPHER_STREAM),\n 'aes256-ctr': info('aes-256-ctr', 16, 32, 16, 0, 0, CIPHER_STREAM),\n '3des-ctr': info('des-ede3', 8, 24, 8, 0, 0, CIPHER_STREAM),\n 'blowfish-ctr': info('bf-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n 'cast128-ctr': info('cast5-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n\n /* The \"arcfour128\" algorithm is the RC4 cipher, as described in\n [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream\n generated by the cipher MUST be discarded, and the first byte of the\n first encrypted packet MUST be encrypted using the 1537th byte of\n keystream.\n\n -- http://tools.ietf.org/html/rfc4345#section-4 */\n 'arcfour': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n 'arcfour128': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n 'arcfour256': info('rc4', 8, 32, 0, 0, 1536, CIPHER_STREAM),\n 'arcfour512': info('rc4', 8, 64, 0, 0, 1536, CIPHER_STREAM),\n };\n})();\n\nconst MAC_INFO = (() => {\n function info(sslName, len, actualLen, isETM) {\n return {\n sslName,\n len,\n actualLen,\n isETM,\n };\n }\n\n return {\n 'hmac-md5': info('md5', 16, 16, false),\n 'hmac-md5-96': info('md5', 16, 12, false),\n 'hmac-ripemd160': info('ripemd160', 20, 20, false),\n 'hmac-sha1': info('sha1', 20, 20, false),\n 'hmac-sha1-etm@openssh.com': info('sha1', 20, 20, true),\n 'hmac-sha1-96': info('sha1', 20, 12, false),\n 'hmac-sha2-256': info('sha256', 32, 32, false),\n 'hmac-sha2-256-etm@openssh.com': info('sha256', 32, 32, true),\n 'hmac-sha2-256-96': info('sha256', 32, 12, false),\n 'hmac-sha2-512': info('sha512', 64, 64, false),\n 'hmac-sha2-512-etm@openssh.com': info('sha512', 64, 64, true),\n 'hmac-sha2-512-96': info('sha512', 64, 12, false),\n };\n})();\n\n\n// Should only_be used during the initial handshake\nclass NullCipher {\n constructor(seqno, onWrite) {\n this.outSeqno = seqno;\n this._onWrite = onWrite;\n this._dead = false;\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 8 - (pktLen & (8 - 1));\n if (padLen < 4)\n padLen += 8;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nconst POLY1305_ZEROS = Buffer.alloc(32);\nconst POLY1305_OUT_COMPUTE = Buffer.alloc(16);\nlet POLY1305_WASM_MODULE;\nlet POLY1305_RESULT_MALLOC;\nlet poly1305_auth;\nclass ChaChaPolyCipherNative {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encKeyMain = enc.cipherKey.slice(0, 32);\n this._encKeyPktLen = enc.cipherKey.slice(32);\n this._dead = false;\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 8 - ((pktLen - 4) & (8 - 1));\n if (padLen < 4)\n padLen += 8;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Generate Poly1305 key\n POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n writeUInt32BE(POLY1305_OUT_COMPUTE, this.outSeqno, 12);\n const polyKey =\n createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n .update(POLY1305_ZEROS);\n\n // Encrypt packet length\n const pktLenEnc =\n createCipheriv('chacha20', this._encKeyPktLen, POLY1305_OUT_COMPUTE)\n .update(packet.slice(0, 4));\n this._onWrite(pktLenEnc);\n\n // Encrypt rest of packet\n POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n const payloadEnc =\n createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n .update(packet.slice(4));\n this._onWrite(payloadEnc);\n\n // Calculate Poly1305 MAC\n poly1305_auth(POLY1305_RESULT_MALLOC,\n pktLenEnc,\n pktLenEnc.length,\n payloadEnc,\n payloadEnc.length,\n polyKey);\n const mac = Buffer.allocUnsafe(16);\n mac.set(\n new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n POLY1305_RESULT_MALLOC,\n 16),\n 0\n );\n this._onWrite(mac);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\nclass ChaChaPolyCipherBinding {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._instance = new ChaChaPolyCipher(enc.cipherKey);\n this._dead = false;\n }\n free() {\n this._dead = true;\n this._instance.free();\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 8 - ((pktLen - 4) & (8 - 1));\n if (padLen < 4)\n padLen += 8;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen + 16/* MAC */);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Encrypts in-place\n this._instance.encrypt(packet, this.outSeqno);\n\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nclass AESGCMCipherNative {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encSSLName = enc.cipherInfo.sslName;\n this._encKey = enc.cipherKey;\n this._encIV = enc.cipherIV;\n this._dead = false;\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 16 - ((pktLen - 4) & (16 - 1));\n if (padLen < 4)\n padLen += 16;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n const cipher = createCipheriv(this._encSSLName, this._encKey, this._encIV);\n cipher.setAutoPadding(false);\n\n const lenData = packet.slice(0, 4);\n cipher.setAAD(lenData);\n this._onWrite(lenData);\n\n // Encrypt pad length, payload, and padding\n const encrypted = cipher.update(packet.slice(4));\n this._onWrite(encrypted);\n const final = cipher.final();\n // XXX: final.length === 0 always?\n if (final.length)\n this._onWrite(final);\n\n // Generate MAC\n const tag = cipher.getAuthTag();\n this._onWrite(tag);\n\n // Increment counter in IV by 1 for next packet\n ivIncrement(this._encIV);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\nclass AESGCMCipherBinding {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._instance = new AESGCMCipher(enc.cipherInfo.sslName,\n enc.cipherKey,\n enc.cipherIV);\n this._dead = false;\n }\n free() {\n this._dead = true;\n this._instance.free();\n }\n allocPacket(payloadLen) {\n let pktLen = 4 + 1 + payloadLen;\n let padLen = 16 - ((pktLen - 4) & (16 - 1));\n if (padLen < 4)\n padLen += 16;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen + 16/* authTag */);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Encrypts in-place\n this._instance.encrypt(packet);\n\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nclass GenericCipherNative {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encBlockLen = enc.cipherInfo.blockLen;\n this._cipherInstance = createCipheriv(enc.cipherInfo.sslName,\n enc.cipherKey,\n enc.cipherIV);\n this._macSSLName = enc.macInfo.sslName;\n this._macKey = enc.macKey;\n this._macActualLen = enc.macInfo.actualLen;\n this._macETM = enc.macInfo.isETM;\n this._aadLen = (this._macETM ? 4 : 0);\n this._dead = false;\n\n const discardLen = enc.cipherInfo.discardLen;\n if (discardLen) {\n let discard = DISCARD_CACHE.get(discardLen);\n if (discard === undefined) {\n discard = Buffer.alloc(discardLen);\n DISCARD_CACHE.set(discardLen, discard);\n }\n this._cipherInstance.update(discard);\n }\n }\n free() {\n this._dead = true;\n }\n allocPacket(payloadLen) {\n const blockLen = this._encBlockLen;\n\n let pktLen = 4 + 1 + payloadLen;\n let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n if (padLen < 4)\n padLen += blockLen;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n let mac;\n if (this._macETM) {\n // Encrypt pad length, payload, and padding\n const lenBytes = new Uint8Array(packet.buffer, packet.byteOffset, 4);\n const encrypted = this._cipherInstance.update(\n new Uint8Array(packet.buffer,\n packet.byteOffset + 4,\n packet.length - 4)\n );\n\n this._onWrite(lenBytes);\n this._onWrite(encrypted);\n\n // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n mac = createHmac(this._macSSLName, this._macKey);\n writeUInt32BE(BUF_INT, this.outSeqno, 0);\n mac.update(BUF_INT);\n mac.update(lenBytes);\n mac.update(encrypted);\n } else {\n // Encrypt length field, pad length, payload, and padding\n const encrypted = this._cipherInstance.update(packet);\n this._onWrite(encrypted);\n\n // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n mac = createHmac(this._macSSLName, this._macKey);\n writeUInt32BE(BUF_INT, this.outSeqno, 0);\n mac.update(BUF_INT);\n mac.update(packet);\n }\n\n let digest = mac.digest();\n if (digest.length > this._macActualLen)\n digest = digest.slice(0, this._macActualLen);\n this._onWrite(digest);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\nclass GenericCipherBinding {\n constructor(config) {\n const enc = config.outbound;\n this.outSeqno = enc.seqno;\n this._onWrite = enc.onWrite;\n this._encBlockLen = enc.cipherInfo.blockLen;\n this._macLen = enc.macInfo.len;\n this._macActualLen = enc.macInfo.actualLen;\n this._aadLen = (enc.macInfo.isETM ? 4 : 0);\n this._instance = new GenericCipher(enc.cipherInfo.sslName,\n enc.cipherKey,\n enc.cipherIV,\n enc.macInfo.sslName,\n enc.macKey,\n enc.macInfo.isETM);\n this._dead = false;\n }\n free() {\n this._dead = true;\n this._instance.free();\n }\n allocPacket(payloadLen) {\n const blockLen = this._encBlockLen;\n\n let pktLen = 4 + 1 + payloadLen;\n let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n if (padLen < 4)\n padLen += blockLen;\n pktLen += padLen;\n\n const packet = Buffer.allocUnsafe(pktLen + this._macLen);\n\n writeUInt32BE(packet, pktLen - 4, 0);\n packet[4] = padLen;\n\n randomFillSync(packet, 5 + payloadLen, padLen);\n\n return packet;\n }\n encrypt(packet) {\n // `packet` === unencrypted packet\n\n if (this._dead)\n return;\n\n // Encrypts in-place\n this._instance.encrypt(packet, this.outSeqno);\n\n if (this._macActualLen < this._macLen) {\n packet = new FastBuffer(packet.buffer,\n packet.byteOffset,\n (packet.length\n - (this._macLen - this._macActualLen)));\n }\n this._onWrite(packet);\n\n this.outSeqno = (this.outSeqno + 1) >>> 0;\n }\n}\n\n\nclass NullDecipher {\n constructor(seqno, onPayload) {\n this.inSeqno = seqno;\n this._onPayload = onPayload;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n while (p < dataLen) {\n // Read packet length\n if (this._lenBytes < 4) {\n let nb = Math.min(4 - this._lenBytes, dataLen - p);\n\n this._lenBytes += nb;\n while (nb--)\n this._len = (this._len << 8) + data[p++];\n\n if (this._lenBytes < 4)\n return;\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 8\n || (4 + this._len & 7) !== 0) {\n throw new Error('Bad packet length');\n }\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._packetPos < this._len) {\n const nb = Math.min(this._len - this._packetPos, dataLen - p);\n let chunk;\n if (p !== 0 || nb !== dataLen)\n chunk = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n chunk = data;\n if (nb === this._len) {\n this._packet = chunk;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(chunk, this._packetPos);\n }\n p += nb;\n this._packetPos += nb;\n if (this._packetPos < this._len)\n return;\n }\n\n const payload = (!this._packet\n ? EMPTY_BUFFER\n : new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length\n - this._packet[0] - 1));\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass ChaChaPolyDecipherNative {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._decKeyMain = dec.decipherKey.slice(0, 32);\n this._decKeyPktLen = dec.decipherKey.slice(32);\n this._len = 0;\n this._lenBuf = Buffer.alloc(4);\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(16);\n this._calcMac = Buffer.allocUnsafe(16);\n this._macPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length\n if (this._lenPos < 4) {\n let nb = Math.min(4 - this._lenPos, dataLen - p);\n while (nb--)\n this._lenBuf[this._lenPos++] = data[p++];\n if (this._lenPos < 4)\n return;\n\n POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n\n const decLenBytes =\n createDecipheriv('chacha20', this._decKeyPktLen, POLY1305_OUT_COMPUTE)\n .update(this._lenBuf);\n this._len = readUInt32BE(decLenBytes, 0);\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 8\n || (this._len & 7) !== 0) {\n throw new Error('Bad packet length');\n }\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n if (p >= dataLen)\n return;\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read Poly1305 MAC\n {\n const nb = Math.min(16 - this._macPos, dataLen - p);\n // TODO: avoid copying if entire MAC is in current chunk\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < 16)\n return;\n }\n\n // Generate Poly1305 key\n POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n const polyKey =\n createCipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n .update(POLY1305_ZEROS);\n\n // Calculate and compare Poly1305 MACs\n poly1305_auth(POLY1305_RESULT_MALLOC,\n this._lenBuf,\n 4,\n this._packet,\n this._packet.length,\n polyKey);\n\n this._calcMac.set(\n new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n POLY1305_RESULT_MALLOC,\n 16),\n 0\n );\n if (!timingSafeEqual(this._calcMac, this._mac))\n throw new Error('Invalid MAC');\n\n // Decrypt packet\n POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n const packet =\n createDecipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n .update(this._packet);\n\n const payload = new FastBuffer(packet.buffer,\n packet.byteOffset + 1,\n packet.length - packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._macPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass ChaChaPolyDecipherBinding {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._instance = new ChaChaPolyDecipher(dec.decipherKey);\n this._len = 0;\n this._lenBuf = Buffer.alloc(4);\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(16);\n this._macPos = 0;\n }\n free() {\n this._instance.free();\n }\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length\n if (this._lenPos < 4) {\n let nb = Math.min(4 - this._lenPos, dataLen - p);\n while (nb--)\n this._lenBuf[this._lenPos++] = data[p++];\n if (this._lenPos < 4)\n return;\n\n this._len = this._instance.decryptLen(this._lenBuf, this.inSeqno);\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 8\n || (this._len & 7) !== 0) {\n throw new Error('Bad packet length');\n }\n\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read Poly1305 MAC\n {\n const nb = Math.min(16 - this._macPos, dataLen - p);\n // TODO: avoid copying if entire MAC is in current chunk\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < 16)\n return;\n }\n\n this._instance.decrypt(this._packet, this._mac, this.inSeqno);\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenPos = 0;\n this._packet = null;\n this._pktLen = 0;\n this._macPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass AESGCMDecipherNative {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._decipherInstance = null;\n this._decipherSSLName = dec.decipherInfo.sslName;\n this._decipherKey = dec.decipherKey;\n this._decipherIV = dec.decipherIV;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._tag = Buffer.allocUnsafe(16);\n this._tagPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length (unencrypted, but AAD)\n if (this._lenBytes < 4) {\n let nb = Math.min(4 - this._lenBytes, dataLen - p);\n this._lenBytes += nb;\n while (nb--)\n this._len = (this._len << 8) + data[p++];\n if (this._lenBytes < 4)\n return;\n\n if ((this._len + 20) > MAX_PACKET_SIZE\n || this._len < 16\n || (this._len & 15) !== 0) {\n throw new Error('Bad packet length');\n }\n\n this._decipherInstance = createDecipheriv(\n this._decipherSSLName,\n this._decipherKey,\n this._decipherIV\n );\n this._decipherInstance.setAutoPadding(false);\n this._decipherInstance.setAAD(intToBytes(this._len));\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n if (p >= dataLen)\n return;\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let decrypted;\n if (p !== 0 || nb !== dataLen) {\n decrypted = this._decipherInstance.update(\n new Uint8Array(data.buffer, data.byteOffset + p, nb)\n );\n } else {\n decrypted = this._decipherInstance.update(data);\n }\n if (decrypted.length) {\n if (nb === this._len) {\n this._packet = decrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(decrypted, this._packetPos);\n }\n this._packetPos += decrypted.length;\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read authentication tag\n {\n const nb = Math.min(16 - this._tagPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._tag.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._tagPos\n );\n } else {\n this._tag.set(data, this._tagPos);\n }\n p += nb;\n this._tagPos += nb;\n if (this._tagPos < 16)\n return;\n }\n\n {\n // Verify authentication tag\n this._decipherInstance.setAuthTag(this._tag);\n\n const decrypted = this._decipherInstance.final();\n\n // XXX: this should never output any data since stream ciphers always\n // return data from .update() and block ciphers must end on a multiple\n // of the block length, which would have caused an exception to be\n // thrown if the total input was not...\n if (decrypted.length) {\n if (this._packet)\n this._packet.set(decrypted, this._packetPos);\n else\n this._packet = decrypted;\n }\n }\n\n const payload = (!this._packet\n ? EMPTY_BUFFER\n : new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length\n - this._packet[0] - 1));\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n ivIncrement(this._decipherIV);\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._tagPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass AESGCMDecipherBinding {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._instance = new AESGCMDecipher(dec.decipherInfo.sslName,\n dec.decipherKey,\n dec.decipherIV);\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._pktLen = 0;\n this._tag = Buffer.allocUnsafe(16);\n this._tagPos = 0;\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read packet length (unencrypted, but AAD)\n if (this._lenBytes < 4) {\n let nb = Math.min(4 - this._lenBytes, dataLen - p);\n this._lenBytes += nb;\n while (nb--)\n this._len = (this._len << 8) + data[p++];\n if (this._lenBytes < 4)\n return;\n\n if ((this._len + 20) > MAX_PACKET_SIZE\n || this._len < 16\n || (this._len & 15) !== 0) {\n throw new Error(`Bad packet length: ${this._len}`);\n }\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n if (p >= dataLen)\n return;\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read authentication tag\n {\n const nb = Math.min(16 - this._tagPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._tag.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._tagPos\n );\n } else {\n this._tag.set(data, this._tagPos);\n }\n p += nb;\n this._tagPos += nb;\n if (this._tagPos < 16)\n return;\n }\n\n this._instance.decrypt(this._packet, this._len, this._tag);\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._len = 0;\n this._lenBytes = 0;\n this._packet = null;\n this._pktLen = 0;\n this._tagPos = 0;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\n// TODO: test incremental .update()s vs. copying to _packet and doing a single\n// .update() after entire packet read -- a single .update() would allow\n// verifying MAC before decrypting for ETM MACs\nclass GenericDecipherNative {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._decipherInstance = createDecipheriv(dec.decipherInfo.sslName,\n dec.decipherKey,\n dec.decipherIV);\n this._decipherInstance.setAutoPadding(false);\n this._block = Buffer.allocUnsafe(\n dec.macInfo.isETM ? 4 : dec.decipherInfo.blockLen\n );\n this._blockSize = dec.decipherInfo.blockLen;\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n this._macPos = 0;\n this._macSSLName = dec.macInfo.sslName;\n this._macKey = dec.macKey;\n this._macActualLen = dec.macInfo.actualLen;\n this._macETM = dec.macInfo.isETM;\n this._macInstance = null;\n\n const discardLen = dec.decipherInfo.discardLen;\n if (discardLen) {\n let discard = DISCARD_CACHE.get(discardLen);\n if (discard === undefined) {\n discard = Buffer.alloc(discardLen);\n DISCARD_CACHE.set(discardLen, discard);\n }\n this._decipherInstance.update(discard);\n }\n }\n free() {}\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read first encrypted block\n if (this._blockPos < this._block.length) {\n const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n if (p !== 0 || nb !== dataLen || nb < data.length) {\n this._block.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._blockPos\n );\n } else {\n this._block.set(data, this._blockPos);\n }\n\n p += nb;\n this._blockPos += nb;\n if (this._blockPos < this._block.length)\n return;\n\n let decrypted;\n let need;\n if (this._macETM) {\n this._len = need = readUInt32BE(this._block, 0);\n } else {\n // Decrypt first block to get packet length\n decrypted = this._decipherInstance.update(this._block);\n this._len = readUInt32BE(decrypted, 0);\n need = 4 + this._len - this._blockSize;\n }\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 5\n || (need & (this._blockSize - 1)) !== 0) {\n throw new Error('Bad packet length');\n }\n\n // Create MAC up front to calculate in parallel with decryption\n this._macInstance = createHmac(this._macSSLName, this._macKey);\n\n writeUInt32BE(BUF_INT, this.inSeqno, 0);\n this._macInstance.update(BUF_INT);\n if (this._macETM) {\n this._macInstance.update(this._block);\n } else {\n this._macInstance.update(new Uint8Array(decrypted.buffer,\n decrypted.byteOffset,\n 4));\n this._pktLen = decrypted.length - 4;\n this._packetPos = this._pktLen;\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(\n new Uint8Array(decrypted.buffer,\n decrypted.byteOffset + 4,\n this._packetPos),\n 0\n );\n }\n\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (this._macETM)\n this._macInstance.update(encrypted);\n const decrypted = this._decipherInstance.update(encrypted);\n if (decrypted.length) {\n if (nb === this._len) {\n this._packet = decrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(decrypted, this._packetPos);\n }\n this._packetPos += decrypted.length;\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read MAC\n {\n const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < this._macActualLen)\n return;\n }\n\n // Verify MAC\n if (!this._macETM)\n this._macInstance.update(this._packet);\n let calculated = this._macInstance.digest();\n if (this._macActualLen < calculated.length) {\n calculated = new Uint8Array(calculated.buffer,\n calculated.byteOffset,\n this._macActualLen);\n }\n if (!timingSafeEquals(calculated, this._mac))\n throw new Error('Invalid MAC');\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._packetPos = 0;\n this._pktLen = 0;\n this._macPos = 0;\n this._macInstance = null;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\nclass GenericDecipherBinding {\n constructor(config) {\n const dec = config.inbound;\n this.inSeqno = dec.seqno;\n this._onPayload = dec.onPayload;\n this._instance = new GenericDecipher(dec.decipherInfo.sslName,\n dec.decipherKey,\n dec.decipherIV,\n dec.macInfo.sslName,\n dec.macKey,\n dec.macInfo.isETM,\n dec.macInfo.actualLen);\n this._block = Buffer.allocUnsafe(\n dec.macInfo.isETM || dec.decipherInfo.stream\n ? 4\n : dec.decipherInfo.blockLen\n );\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._pktLen = 0;\n this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n this._macPos = 0;\n this._macActualLen = dec.macInfo.actualLen;\n this._macETM = dec.macInfo.isETM;\n }\n free() {\n this._instance.free();\n }\n decrypt(data, p, dataLen) {\n // `data` === encrypted data\n\n while (p < dataLen) {\n // Read first encrypted block\n if (this._blockPos < this._block.length) {\n const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n if (p !== 0 || nb !== dataLen || nb < data.length) {\n this._block.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._blockPos\n );\n } else {\n this._block.set(data, this._blockPos);\n }\n\n p += nb;\n this._blockPos += nb;\n if (this._blockPos < this._block.length)\n return;\n\n let need;\n if (this._macETM) {\n this._len = need = readUInt32BE(this._block, 0);\n } else {\n // Decrypt first block to get packet length\n this._instance.decryptBlock(this._block);\n this._len = readUInt32BE(this._block, 0);\n need = 4 + this._len - this._block.length;\n }\n\n if (this._len > MAX_PACKET_SIZE\n || this._len < 5\n || (need & (this._block.length - 1)) !== 0) {\n throw new Error('Bad packet length');\n }\n\n if (!this._macETM) {\n this._pktLen = (this._block.length - 4);\n if (this._pktLen) {\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(\n new Uint8Array(this._block.buffer,\n this._block.byteOffset + 4,\n this._pktLen),\n 0\n );\n }\n }\n\n if (p >= dataLen)\n return;\n }\n\n // Read padding length, payload, and padding\n if (this._pktLen < this._len) {\n const nb = Math.min(this._len - this._pktLen, dataLen - p);\n let encrypted;\n if (p !== 0 || nb !== dataLen)\n encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n else\n encrypted = data;\n if (nb === this._len) {\n this._packet = encrypted;\n } else {\n if (!this._packet)\n this._packet = Buffer.allocUnsafe(this._len);\n this._packet.set(encrypted, this._pktLen);\n }\n p += nb;\n this._pktLen += nb;\n if (this._pktLen < this._len || p >= dataLen)\n return;\n }\n\n // Read MAC\n {\n const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n if (p !== 0 || nb !== dataLen) {\n this._mac.set(\n new Uint8Array(data.buffer, data.byteOffset + p, nb),\n this._macPos\n );\n } else {\n this._mac.set(data, this._macPos);\n }\n p += nb;\n this._macPos += nb;\n if (this._macPos < this._macActualLen)\n return;\n }\n\n // Decrypt and verify MAC\n this._instance.decrypt(this._packet,\n this.inSeqno,\n this._block,\n this._mac);\n\n const payload = new FastBuffer(this._packet.buffer,\n this._packet.byteOffset + 1,\n this._packet.length - this._packet[0] - 1);\n\n // Prepare for next packet\n this.inSeqno = (this.inSeqno + 1) >>> 0;\n this._blockPos = 0;\n this._len = 0;\n this._packet = null;\n this._pktLen = 0;\n this._macPos = 0;\n this._macInstance = null;\n\n {\n const ret = this._onPayload(payload);\n if (ret !== undefined)\n return (ret === false ? p : ret);\n }\n }\n }\n}\n\n// Increments unsigned, big endian counter (last 8 bytes) of AES-GCM IV\nfunction ivIncrement(iv) {\n // eslint-disable-next-line no-unused-expressions\n ++iv[11] >>> 8\n && ++iv[10] >>> 8\n && ++iv[9] >>> 8\n && ++iv[8] >>> 8\n && ++iv[7] >>> 8\n && ++iv[6] >>> 8\n && ++iv[5] >>> 8\n && ++iv[4] >>> 8;\n}\n\nconst intToBytes = (() => {\n const ret = Buffer.alloc(4);\n return (n) => {\n ret[0] = (n >>> 24);\n ret[1] = (n >>> 16);\n ret[2] = (n >>> 8);\n ret[3] = n;\n return ret;\n };\n})();\n\nfunction timingSafeEquals(a, b) {\n if (a.length !== b.length) {\n timingSafeEqual(a, a);\n return false;\n }\n return timingSafeEqual(a, b);\n}\n\nfunction createCipher(config) {\n if (typeof config !== 'object' || config === null)\n throw new Error('Invalid config');\n\n if (typeof config.outbound !== 'object' || config.outbound === null)\n throw new Error('Invalid outbound');\n\n const outbound = config.outbound;\n\n if (typeof outbound.onWrite !== 'function')\n throw new Error('Invalid outbound.onWrite');\n\n if (typeof outbound.cipherInfo !== 'object' || outbound.cipherInfo === null)\n throw new Error('Invalid outbound.cipherInfo');\n\n if (!Buffer.isBuffer(outbound.cipherKey)\n || outbound.cipherKey.length !== outbound.cipherInfo.keyLen) {\n throw new Error('Invalid outbound.cipherKey');\n }\n\n if (outbound.cipherInfo.ivLen\n && (!Buffer.isBuffer(outbound.cipherIV)\n || outbound.cipherIV.length !== outbound.cipherInfo.ivLen)) {\n throw new Error('Invalid outbound.cipherIV');\n }\n\n if (typeof outbound.seqno !== 'number'\n || outbound.seqno < 0\n || outbound.seqno > MAX_SEQNO) {\n throw new Error('Invalid outbound.seqno');\n }\n\n const forceNative = !!outbound.forceNative;\n\n switch (outbound.cipherInfo.sslName) {\n case 'aes-128-gcm':\n case 'aes-256-gcm':\n return (AESGCMCipher && !forceNative\n ? new AESGCMCipherBinding(config)\n : new AESGCMCipherNative(config));\n case 'chacha20':\n return (ChaChaPolyCipher && !forceNative\n ? new ChaChaPolyCipherBinding(config)\n : new ChaChaPolyCipherNative(config));\n default: {\n if (typeof outbound.macInfo !== 'object' || outbound.macInfo === null)\n throw new Error('Invalid outbound.macInfo');\n if (!Buffer.isBuffer(outbound.macKey)\n || outbound.macKey.length !== outbound.macInfo.len) {\n throw new Error('Invalid outbound.macKey');\n }\n return (GenericCipher && !forceNative\n ? new GenericCipherBinding(config)\n : new GenericCipherNative(config));\n }\n }\n}\n\nfunction createDecipher(config) {\n if (typeof config !== 'object' || config === null)\n throw new Error('Invalid config');\n\n if (typeof config.inbound !== 'object' || config.inbound === null)\n throw new Error('Invalid inbound');\n\n const inbound = config.inbound;\n\n if (typeof inbound.onPayload !== 'function')\n throw new Error('Invalid inbound.onPayload');\n\n if (typeof inbound.decipherInfo !== 'object'\n || inbound.decipherInfo === null) {\n throw new Error('Invalid inbound.decipherInfo');\n }\n\n if (!Buffer.isBuffer(inbound.decipherKey)\n || inbound.decipherKey.length !== inbound.decipherInfo.keyLen) {\n throw new Error('Invalid inbound.decipherKey');\n }\n\n if (inbound.decipherInfo.ivLen\n && (!Buffer.isBuffer(inbound.decipherIV)\n || inbound.decipherIV.length !== inbound.decipherInfo.ivLen)) {\n throw new Error('Invalid inbound.decipherIV');\n }\n\n if (typeof inbound.seqno !== 'number'\n || inbound.seqno < 0\n || inbound.seqno > MAX_SEQNO) {\n throw new Error('Invalid inbound.seqno');\n }\n\n const forceNative = !!inbound.forceNative;\n\n switch (inbound.decipherInfo.sslName) {\n case 'aes-128-gcm':\n case 'aes-256-gcm':\n return (AESGCMDecipher && !forceNative\n ? new AESGCMDecipherBinding(config)\n : new AESGCMDecipherNative(config));\n case 'chacha20':\n return (ChaChaPolyDecipher && !forceNative\n ? new ChaChaPolyDecipherBinding(config)\n : new ChaChaPolyDecipherNative(config));\n default: {\n if (typeof inbound.macInfo !== 'object' || inbound.macInfo === null)\n throw new Error('Invalid inbound.macInfo');\n if (!Buffer.isBuffer(inbound.macKey)\n || inbound.macKey.length !== inbound.macInfo.len) {\n throw new Error('Invalid inbound.macKey');\n }\n return (GenericDecipher && !forceNative\n ? new GenericDecipherBinding(config)\n : new GenericDecipherNative(config));\n }\n }\n}\n\nmodule.exports = {\n CIPHER_INFO,\n MAC_INFO,\n bindingAvailable: !!binding,\n init: (() => {\n // eslint-disable-next-line no-async-promise-executor\n return new Promise(async (resolve, reject) => {\n try {\n POLY1305_WASM_MODULE = await require('./crypto/poly1305.js')();\n POLY1305_RESULT_MALLOC = POLY1305_WASM_MODULE._malloc(16);\n poly1305_auth = POLY1305_WASM_MODULE.cwrap(\n 'poly1305_auth',\n null,\n ['number', 'array', 'number', 'array', 'number', 'array']\n );\n } catch (ex) {\n return reject(ex);\n }\n resolve();\n });\n })(),\n\n NullCipher,\n createCipher,\n NullDecipher,\n createDecipher,\n};\n","\nvar createPoly1305 = (function() {\n var _scriptDir = typeof document !== 'undefined' && document.currentScript ? document.currentScript.src : undefined;\n if (typeof __filename !== 'undefined') _scriptDir = _scriptDir || __filename;\n return (\nfunction(createPoly1305) {\n createPoly1305 = createPoly1305 || {};\n\n\nvar b;b||(b=typeof createPoly1305 !== 'undefined' ? createPoly1305 : {});var q,r;b.ready=new Promise(function(a,c){q=a;r=c});var u={},w;for(w in b)b.hasOwnProperty(w)&&(u[w]=b[w]);var x=\"object\"===typeof window,y=\"function\"===typeof importScripts,z=\"object\"===typeof process&&\"object\"===typeof process.versions&&\"string\"===typeof process.versions.node,B=\"\",C,D,E,F,G;\nif(z)B=y?require(\"path\").dirname(B)+\"/\":__dirname+\"/\",C=function(a,c){var d=H(a);if(d)return c?d:d.toString();F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);return F.readFileSync(a,c?null:\"utf8\")},E=function(a){a=C(a,!0);a.buffer||(a=new Uint8Array(a));assert(a.buffer);return a},D=function(a,c,d){var e=H(a);e&&c(e);F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);F.readFile(a,function(f,l){f?d(f):c(l.buffer)})},1=m){var oa=g.charCodeAt(++v);m=65536+((m&1023)<<10)|oa&1023}if(127>=m){if(k>=n)break;h[k++]=m}else{if(2047>=m){if(k+1>=n)break;h[k++]=192|m>>6}else{if(65535>=m){if(k+2>=n)break;h[k++]=224|m>>12}else{if(k+3>=n)break;h[k++]=240|m>>18;h[k++]=128|m>>12&63}h[k++]=128|m>>6&63}h[k++]=128|m&63}}h[k]=\n0}}return p},array:function(g){var p=O(g.length);Q.set(g,p);return p}},l=N(a),A=[];a=0;if(e)for(var t=0;t=n);)++k;if(16h?n+=String.fromCharCode(h):(h-=65536,n+=String.fromCharCode(55296|h>>10,56320|h&1023))}}else n+=String.fromCharCode(h)}g=n}}else g=\"\";else g=\"boolean\"===c?!!g:g;return g}(d);0!==a&&fa(a);return d}var ea=\"undefined\"!==typeof TextDecoder?new TextDecoder(\"utf8\"):void 0,ha,Q,P;\nfunction ia(){var a=L.buffer;ha=a;b.HEAP8=Q=new Int8Array(a);b.HEAP16=new Int16Array(a);b.HEAP32=new Int32Array(a);b.HEAPU8=P=new Uint8Array(a);b.HEAPU16=new Uint16Array(a);b.HEAPU32=new Uint32Array(a);b.HEAPF32=new Float32Array(a);b.HEAPF64=new Float64Array(a)}var R,ja=[],ka=[],la=[];function ma(){var a=b.preRun.shift();ja.unshift(a)}var S=0,T=null,U=null;b.preloadedImages={};b.preloadedAudios={};\nfunction K(a){if(b.onAbort)b.onAbort(a);I(a);M=!0;a=new WebAssembly.RuntimeError(\"abort(\"+a+\"). Build with -s ASSERTIONS=1 for more info.\");r(a);throw a;}var V=\"data:application/octet-stream;base64,\",W;W=\"data:application/octet-stream;base64,AGFzbQEAAAABIAZgAX8Bf2ADf39/AGABfwBgAABgAAF/YAZ/f39/f38AAgcBAWEBYQAAAwsKAAEDAQAAAgQFAgQFAXABAQEFBwEBgAKAgAIGCQF/AUGAjMACCwclCQFiAgABYwADAWQACQFlAAgBZgAHAWcABgFoAAUBaQAKAWoBAAqGTQpPAQJ/QYAIKAIAIgEgAEEDakF8cSICaiEAAkAgAkEAIAAgAU0bDQAgAD8AQRB0SwRAIAAQAEUNAQtBgAggADYCACABDwtBhAhBMDYCAEF/C4wFAg5+Cn8gACgCJCEUIAAoAiAhFSAAKAIcIREgACgCGCESIAAoAhQhEyACQRBPBEAgAC0ATEVBGHQhFyAAKAIEIhZBBWytIQ8gACgCCCIYQQVsrSENIAAoAgwiGUEFbK0hCyAAKAIQIhpBBWytIQkgADUCACEIIBqtIRAgGa0hDiAYrSEMIBatIQoDQCASIAEtAAMiEiABLQAEQQh0ciABLQAFQRB0ciABLQAGIhZBGHRyQQJ2Qf///x9xaq0iAyAOfiABLwAAIAEtAAJBEHRyIBNqIBJBGHRBgICAGHFqrSIEIBB+fCARIAEtAAdBCHQgFnIgAS0ACEEQdHIgAS0ACSIRQRh0ckEEdkH///8fcWqtIgUgDH58IAEtAApBCHQgEXIgAS0AC0EQdHIgAS0ADEEYdHJBBnYgFWqtIgYgCn58IBQgF2ogAS8ADSABLQAPQRB0cmqtIgcgCH58IAMgDH4gBCAOfnwgBSAKfnwgBiAIfnwgByAJfnwgAyAKfiAEIAx+fCAFIAh+fCAGIAl+fCAHIAt+fCADIAh+IAQgCn58IAUgCX58IAYgC358IAcgDX58IAMgCX4gBCAIfnwgBSALfnwgBiANfnwgByAPfnwiA0IaiEL/////D4N8IgRCGohC/////w+DfCIFQhqIQv////8Pg3wiBkIaiEL/////D4N8IgdCGoinQQVsIAOnQf///x9xaiITQRp2IASnQf///x9xaiESIAWnQf///x9xIREgBqdB////H3EhFSAHp0H///8fcSEUIBNB////H3EhEyABQRBqIQEgAkEQayICQQ9LDQALCyAAIBQ2AiQgACAVNgIgIAAgETYCHCAAIBI2AhggACATNgIUCwMAAQu2BAEGfwJAIAAoAjgiBARAIABBPGohBQJAIAJBECAEayIDIAIgA0kbIgZFDQAgBkEDcSEHAkAgBkEBa0EDSQRAQQAhAwwBCyAGQXxxIQhBACEDA0AgBSADIARqaiABIANqLQAAOgAAIAUgA0EBciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0ECciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0EDciIEIAAoAjhqaiABIARqLQAAOgAAIANBBGohAyAAKAI4IQQgCEEEayIIDQALCyAHRQ0AA0AgBSADIARqaiABIANqLQAAOgAAIANBAWohAyAAKAI4IQQgB0EBayIHDQALCyAAIAQgBmoiAzYCOCADQRBJDQEgACAFQRAQAiAAQQA2AjggAiAGayECIAEgBmohAQsgAkEQTwRAIAAgASACQXBxIgMQAiACQQ9xIQIgASADaiEBCyACRQ0AIAJBA3EhBCAAQTxqIQVBACEDIAJBAWtBA08EQCACQXxxIQcDQCAFIAAoAjggA2pqIAEgA2otAAA6AAAgBSADQQFyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQJyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQNyIgYgACgCOGpqIAEgBmotAAA6AAAgA0EEaiEDIAdBBGsiBw0ACwsgBARAA0AgBSAAKAI4IANqaiABIANqLQAAOgAAIANBAWohAyAEQQFrIgQNAAsLIAAgACgCOCACajYCOAsLoS0BDH8jAEEQayIMJAACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAEH0AU0EQEGICCgCACIFQRAgAEELakF4cSAAQQtJGyIIQQN2IgJ2IgFBA3EEQCABQX9zQQFxIAJqIgNBA3QiAUG4CGooAgAiBEEIaiEAAkAgBCgCCCICIAFBsAhqIgFGBEBBiAggBUF+IAN3cTYCAAwBCyACIAE2AgwgASACNgIICyAEIANBA3QiAUEDcjYCBCABIARqIgEgASgCBEEBcjYCBAwNCyAIQZAIKAIAIgpNDQEgAQRAAkBBAiACdCIAQQAgAGtyIAEgAnRxIgBBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2aiIDQQN0IgBBuAhqKAIAIgQoAggiASAAQbAIaiIARgRAQYgIIAVBfiADd3EiBTYCAAwBCyABIAA2AgwgACABNgIICyAEQQhqIQAgBCAIQQNyNgIEIAQgCGoiAiADQQN0IgEgCGsiA0EBcjYCBCABIARqIAM2AgAgCgRAIApBA3YiAUEDdEGwCGohB0GcCCgCACEEAn8gBUEBIAF0IgFxRQRAQYgIIAEgBXI2AgAgBwwBCyAHKAIICyEBIAcgBDYCCCABIAQ2AgwgBCAHNgIMIAQgATYCCAtBnAggAjYCAEGQCCADNgIADA0LQYwIKAIAIgZFDQEgBkEAIAZrcUEBayIAIABBDHZBEHEiAnYiAUEFdkEIcSIAIAJyIAEgAHYiAUECdkEEcSIAciABIAB2IgFBAXZBAnEiAHIgASAAdiIBQQF2QQFxIgByIAEgAHZqQQJ0QbgKaigCACIBKAIEQXhxIAhrIQMgASECA0ACQCACKAIQIgBFBEAgAigCFCIARQ0BCyAAKAIEQXhxIAhrIgIgAyACIANJIgIbIQMgACABIAIbIQEgACECDAELCyABIAhqIgkgAU0NAiABKAIYIQsgASABKAIMIgRHBEAgASgCCCIAQZgIKAIASRogACAENgIMIAQgADYCCAwMCyABQRRqIgIoAgAiAEUEQCABKAIQIgBFDQQgAUEQaiECCwNAIAIhByAAIgRBFGoiAigCACIADQAgBEEQaiECIAQoAhAiAA0ACyAHQQA2AgAMCwtBfyEIIABBv39LDQAgAEELaiIAQXhxIQhBjAgoAgAiCUUNAEEAIAhrIQMCQAJAAkACf0EAIAhBgAJJDQAaQR8gCEH///8HSw0AGiAAQQh2IgAgAEGA/j9qQRB2QQhxIgJ0IgAgAEGA4B9qQRB2QQRxIgF0IgAgAEGAgA9qQRB2QQJxIgB0QQ92IAEgAnIgAHJrIgBBAXQgCCAAQRVqdkEBcXJBHGoLIgVBAnRBuApqKAIAIgJFBEBBACEADAELQQAhACAIQQBBGSAFQQF2ayAFQR9GG3QhAQNAAkAgAigCBEF4cSAIayIHIANPDQAgAiEEIAciAw0AQQAhAyACIQAMAwsgACACKAIUIgcgByACIAFBHXZBBHFqKAIQIgJGGyAAIAcbIQAgAUEBdCEBIAINAAsLIAAgBHJFBEBBACEEQQIgBXQiAEEAIABrciAJcSIARQ0DIABBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2akECdEG4CmooAgAhAAsgAEUNAQsDQCAAKAIEQXhxIAhrIgEgA0khAiABIAMgAhshAyAAIAQgAhshBCAAKAIQIgEEfyABBSAAKAIUCyIADQALCyAERQ0AIANBkAgoAgAgCGtPDQAgBCAIaiIGIARNDQEgBCgCGCEFIAQgBCgCDCIBRwRAIAQoAggiAEGYCCgCAEkaIAAgATYCDCABIAA2AggMCgsgBEEUaiICKAIAIgBFBEAgBCgCECIARQ0EIARBEGohAgsDQCACIQcgACIBQRRqIgIoAgAiAA0AIAFBEGohAiABKAIQIgANAAsgB0EANgIADAkLIAhBkAgoAgAiAk0EQEGcCCgCACEDAkAgAiAIayIBQRBPBEBBkAggATYCAEGcCCADIAhqIgA2AgAgACABQQFyNgIEIAIgA2ogATYCACADIAhBA3I2AgQMAQtBnAhBADYCAEGQCEEANgIAIAMgAkEDcjYCBCACIANqIgAgACgCBEEBcjYCBAsgA0EIaiEADAsLIAhBlAgoAgAiBkkEQEGUCCAGIAhrIgE2AgBBoAhBoAgoAgAiAiAIaiIANgIAIAAgAUEBcjYCBCACIAhBA3I2AgQgAkEIaiEADAsLQQAhACAIQS9qIgkCf0HgCygCAARAQegLKAIADAELQewLQn83AgBB5AtCgKCAgICABDcCAEHgCyAMQQxqQXBxQdiq1aoFczYCAEH0C0EANgIAQcQLQQA2AgBBgCALIgFqIgVBACABayIHcSICIAhNDQpBwAsoAgAiBARAQbgLKAIAIgMgAmoiASADTQ0LIAEgBEsNCwtBxAstAABBBHENBQJAAkBBoAgoAgAiAwRAQcgLIQADQCADIAAoAgAiAU8EQCABIAAoAgRqIANLDQMLIAAoAggiAA0ACwtBABABIgFBf0YNBiACIQVB5AsoAgAiA0EBayIAIAFxBEAgAiABayAAIAFqQQAgA2txaiEFCyAFIAhNDQYgBUH+////B0sNBkHACygCACIEBEBBuAsoAgAiAyAFaiIAIANNDQcgACAESw0HCyAFEAEiACABRw0BDAgLIAUgBmsgB3EiBUH+////B0sNBSAFEAEiASAAKAIAIAAoAgRqRg0EIAEhAAsCQCAAQX9GDQAgCEEwaiAFTQ0AQegLKAIAIgEgCSAFa2pBACABa3EiAUH+////B0sEQCAAIQEMCAsgARABQX9HBEAgASAFaiEFIAAhAQwIC0EAIAVrEAEaDAULIAAiAUF/Rw0GDAQLAAtBACEEDAcLQQAhAQwFCyABQX9HDQILQcQLQcQLKAIAQQRyNgIACyACQf7///8HSw0BIAIQASEBQQAQASEAIAFBf0YNASAAQX9GDQEgACABTQ0BIAAgAWsiBSAIQShqTQ0BC0G4C0G4CygCACAFaiIANgIAQbwLKAIAIABJBEBBvAsgADYCAAsCQAJAAkBBoAgoAgAiBwRAQcgLIQADQCABIAAoAgAiAyAAKAIEIgJqRg0CIAAoAggiAA0ACwwCC0GYCCgCACIAQQAgACABTRtFBEBBmAggATYCAAtBACEAQcwLIAU2AgBByAsgATYCAEGoCEF/NgIAQawIQeALKAIANgIAQdQLQQA2AgADQCAAQQN0IgNBuAhqIANBsAhqIgI2AgAgA0G8CGogAjYCACAAQQFqIgBBIEcNAAtBlAggBUEoayIDQXggAWtBB3FBACABQQhqQQdxGyIAayICNgIAQaAIIAAgAWoiADYCACAAIAJBAXI2AgQgASADakEoNgIEQaQIQfALKAIANgIADAILIAAtAAxBCHENACADIAdLDQAgASAHTQ0AIAAgAiAFajYCBEGgCCAHQXggB2tBB3FBACAHQQhqQQdxGyIAaiICNgIAQZQIQZQIKAIAIAVqIgEgAGsiADYCACACIABBAXI2AgQgASAHakEoNgIEQaQIQfALKAIANgIADAELQZgIKAIAIAFLBEBBmAggATYCAAsgASAFaiECQcgLIQACQAJAAkACQAJAAkADQCACIAAoAgBHBEAgACgCCCIADQEMAgsLIAAtAAxBCHFFDQELQcgLIQADQCAHIAAoAgAiAk8EQCACIAAoAgRqIgQgB0sNAwsgACgCCCEADAALAAsgACABNgIAIAAgACgCBCAFajYCBCABQXggAWtBB3FBACABQQhqQQdxG2oiCSAIQQNyNgIEIAJBeCACa0EHcUEAIAJBCGpBB3EbaiIFIAggCWoiBmshAiAFIAdGBEBBoAggBjYCAEGUCEGUCCgCACACaiIANgIAIAYgAEEBcjYCBAwDCyAFQZwIKAIARgRAQZwIIAY2AgBBkAhBkAgoAgAgAmoiADYCACAGIABBAXI2AgQgACAGaiAANgIADAMLIAUoAgQiAEEDcUEBRgRAIABBeHEhBwJAIABB/wFNBEAgBSgCCCIDIABBA3YiAEEDdEGwCGpGGiADIAUoAgwiAUYEQEGICEGICCgCAEF+IAB3cTYCAAwCCyADIAE2AgwgASADNgIIDAELIAUoAhghCAJAIAUgBSgCDCIBRwRAIAUoAggiACABNgIMIAEgADYCCAwBCwJAIAVBFGoiACgCACIDDQAgBUEQaiIAKAIAIgMNAEEAIQEMAQsDQCAAIQQgAyIBQRRqIgAoAgAiAw0AIAFBEGohACABKAIQIgMNAAsgBEEANgIACyAIRQ0AAkAgBSAFKAIcIgNBAnRBuApqIgAoAgBGBEAgACABNgIAIAENAUGMCEGMCCgCAEF+IAN3cTYCAAwCCyAIQRBBFCAIKAIQIAVGG2ogATYCACABRQ0BCyABIAg2AhggBSgCECIABEAgASAANgIQIAAgATYCGAsgBSgCFCIARQ0AIAEgADYCFCAAIAE2AhgLIAUgB2ohBSACIAdqIQILIAUgBSgCBEF+cTYCBCAGIAJBAXI2AgQgAiAGaiACNgIAIAJB/wFNBEAgAkEDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwDC0EfIQAgAkH///8HTQRAIAJBCHYiACAAQYD+P2pBEHZBCHEiA3QiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASADciAAcmsiAEEBdCACIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQQCQEGMCCgCACIDQQEgAHQiAXFFBEBBjAggASADcjYCACAEIAY2AgAgBiAENgIYDAELIAJBAEEZIABBAXZrIABBH0YbdCEAIAQoAgAhAQNAIAEiAygCBEF4cSACRg0DIABBHXYhASAAQQF0IQAgAyABQQRxaiIEKAIQIgENAAsgBCAGNgIQIAYgAzYCGAsgBiAGNgIMIAYgBjYCCAwCC0GUCCAFQShrIgNBeCABa0EHcUEAIAFBCGpBB3EbIgBrIgI2AgBBoAggACABaiIANgIAIAAgAkEBcjYCBCABIANqQSg2AgRBpAhB8AsoAgA2AgAgByAEQScgBGtBB3FBACAEQSdrQQdxG2pBL2siACAAIAdBEGpJGyICQRs2AgQgAkHQCykCADcCECACQcgLKQIANwIIQdALIAJBCGo2AgBBzAsgBTYCAEHICyABNgIAQdQLQQA2AgAgAkEYaiEAA0AgAEEHNgIEIABBCGohASAAQQRqIQAgASAESQ0ACyACIAdGDQMgAiACKAIEQX5xNgIEIAcgAiAHayIEQQFyNgIEIAIgBDYCACAEQf8BTQRAIARBA3YiAEEDdEGwCGohAgJ/QYgIKAIAIgFBASAAdCIAcUUEQEGICCAAIAFyNgIAIAIMAQsgAigCCAshACACIAc2AgggACAHNgIMIAcgAjYCDCAHIAA2AggMBAtBHyEAIAdCADcCECAEQf///wdNBEAgBEEIdiIAIABBgP4/akEQdkEIcSICdCIAIABBgOAfakEQdkEEcSIBdCIAIABBgIAPakEQdkECcSIAdEEPdiABIAJyIAByayIAQQF0IAQgAEEVanZBAXFyQRxqIQALIAcgADYCHCAAQQJ0QbgKaiEDAkBBjAgoAgAiAkEBIAB0IgFxRQRAQYwIIAEgAnI2AgAgAyAHNgIAIAcgAzYCGAwBCyAEQQBBGSAAQQF2ayAAQR9GG3QhACADKAIAIQEDQCABIgIoAgRBeHEgBEYNBCAAQR12IQEgAEEBdCEAIAIgAUEEcWoiAygCECIBDQALIAMgBzYCECAHIAI2AhgLIAcgBzYCDCAHIAc2AggMAwsgAygCCCIAIAY2AgwgAyAGNgIIIAZBADYCGCAGIAM2AgwgBiAANgIICyAJQQhqIQAMBQsgAigCCCIAIAc2AgwgAiAHNgIIIAdBADYCGCAHIAI2AgwgByAANgIIC0GUCCgCACIAIAhNDQBBlAggACAIayIBNgIAQaAIQaAIKAIAIgIgCGoiADYCACAAIAFBAXI2AgQgAiAIQQNyNgIEIAJBCGohAAwDC0GECEEwNgIAQQAhAAwCCwJAIAVFDQACQCAEKAIcIgJBAnRBuApqIgAoAgAgBEYEQCAAIAE2AgAgAQ0BQYwIIAlBfiACd3EiCTYCAAwCCyAFQRBBFCAFKAIQIARGG2ogATYCACABRQ0BCyABIAU2AhggBCgCECIABEAgASAANgIQIAAgATYCGAsgBCgCFCIARQ0AIAEgADYCFCAAIAE2AhgLAkAgA0EPTQRAIAQgAyAIaiIAQQNyNgIEIAAgBGoiACAAKAIEQQFyNgIEDAELIAQgCEEDcjYCBCAGIANBAXI2AgQgAyAGaiADNgIAIANB/wFNBEAgA0EDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwBC0EfIQAgA0H///8HTQRAIANBCHYiACAAQYD+P2pBEHZBCHEiAnQiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASACciAAcmsiAEEBdCADIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQICQAJAIAlBASAAdCIBcUUEQEGMCCABIAlyNgIAIAIgBjYCACAGIAI2AhgMAQsgA0EAQRkgAEEBdmsgAEEfRht0IQAgAigCACEIA0AgCCIBKAIEQXhxIANGDQIgAEEddiECIABBAXQhACABIAJBBHFqIgIoAhAiCA0ACyACIAY2AhAgBiABNgIYCyAGIAY2AgwgBiAGNgIIDAELIAEoAggiACAGNgIMIAEgBjYCCCAGQQA2AhggBiABNgIMIAYgADYCCAsgBEEIaiEADAELAkAgC0UNAAJAIAEoAhwiAkECdEG4CmoiACgCACABRgRAIAAgBDYCACAEDQFBjAggBkF+IAJ3cTYCAAwCCyALQRBBFCALKAIQIAFGG2ogBDYCACAERQ0BCyAEIAs2AhggASgCECIABEAgBCAANgIQIAAgBDYCGAsgASgCFCIARQ0AIAQgADYCFCAAIAQ2AhgLAkAgA0EPTQRAIAEgAyAIaiIAQQNyNgIEIAAgAWoiACAAKAIEQQFyNgIEDAELIAEgCEEDcjYCBCAJIANBAXI2AgQgAyAJaiADNgIAIAoEQCAKQQN2IgBBA3RBsAhqIQRBnAgoAgAhAgJ/QQEgAHQiACAFcUUEQEGICCAAIAVyNgIAIAQMAQsgBCgCCAshACAEIAI2AgggACACNgIMIAIgBDYCDCACIAA2AggLQZwIIAk2AgBBkAggAzYCAAsgAUEIaiEACyAMQRBqJAAgAAsQACMAIABrQXBxIgAkACAACwYAIAAkAAsEACMAC4AJAgh/BH4jAEGQAWsiBiQAIAYgBS0AA0EYdEGAgIAYcSAFLwAAIAUtAAJBEHRycjYCACAGIAUoAANBAnZBg/7/H3E2AgQgBiAFKAAGQQR2Qf+B/x9xNgIIIAYgBSgACUEGdkH//8AfcTYCDCAFLwANIQggBS0ADyEJIAZCADcCFCAGQgA3AhwgBkEANgIkIAYgCCAJQRB0QYCAPHFyNgIQIAYgBSgAEDYCKCAGIAUoABQ2AiwgBiAFKAAYNgIwIAUoABwhBSAGQQA6AEwgBkEANgI4IAYgBTYCNCAGIAEgAhAEIAQEQCAGIAMgBBAECyAGKAI4IgEEQCAGQTxqIgIgAWpBAToAACABQQFqQQ9NBEAgASAGakE9aiEEAkBBDyABayIDRQ0AIAMgBGoiAUEBa0EAOgAAIARBADoAACADQQNJDQAgAUECa0EAOgAAIARBADoAASABQQNrQQA6AAAgBEEAOgACIANBB0kNACABQQRrQQA6AAAgBEEAOgADIANBCUkNACAEQQAgBGtBA3EiAWoiBEEANgIAIAQgAyABa0F8cSIBaiIDQQRrQQA2AgAgAUEJSQ0AIARBADYCCCAEQQA2AgQgA0EIa0EANgIAIANBDGtBADYCACABQRlJDQAgBEEANgIYIARBADYCFCAEQQA2AhAgBEEANgIMIANBEGtBADYCACADQRRrQQA2AgAgA0EYa0EANgIAIANBHGtBADYCACABIARBBHFBGHIiAWsiA0EgSQ0AIAEgBGohAQNAIAFCADcDGCABQgA3AxAgAUIANwMIIAFCADcDACABQSBqIQEgA0EgayIDQR9LDQALCwsgBkEBOgBMIAYgAkEQEAILIAY1AjQhECAGNQIwIREgBjUCLCEOIAAgBjUCKCAGKAIkIAYoAiAgBigCHCAGKAIYIgNBGnZqIgJBGnZqIgFBGnZqIgtBgICAYHIgAUH///8fcSINIAJB////H3EiCCAGKAIUIAtBGnZBBWxqIgFB////H3EiCUEFaiIFQRp2IANB////H3EgAUEadmoiA2oiAUEadmoiAkEadmoiBEEadmoiDEEfdSIHIANxIAEgDEEfdkEBayIDQf///x9xIgpxciIBQRp0IAUgCnEgByAJcXJyrXwiDzwAACAAIA9CGIg8AAMgACAPQhCIPAACIAAgD0IIiDwAASAAIA4gByAIcSACIApxciICQRR0IAFBBnZyrXwgD0IgiHwiDjwABCAAIA5CGIg8AAcgACAOQhCIPAAGIAAgDkIIiDwABSAAIBEgByANcSAEIApxciIBQQ50IAJBDHZyrXwgDkIgiHwiDjwACCAAIA5CGIg8AAsgACAOQhCIPAAKIAAgDkIIiDwACSAAIBAgAyAMcSAHIAtxckEIdCABQRJ2cq18IA5CIIh8Ig48AAwgACAOQhiIPAAPIAAgDkIQiDwADiAAIA5CCIg8AA0gBkIANwIwIAZCADcCKCAGQgA3AiAgBkIANwIYIAZCADcCECAGQgA3AgggBkIANwIAIAZBkAFqJAALpwwBB38CQCAARQ0AIABBCGsiAyAAQQRrKAIAIgFBeHEiAGohBQJAIAFBAXENACABQQNxRQ0BIAMgAygCACIBayIDQZgIKAIASQ0BIAAgAWohACADQZwIKAIARwRAIAFB/wFNBEAgAygCCCICIAFBA3YiBEEDdEGwCGpGGiACIAMoAgwiAUYEQEGICEGICCgCAEF+IAR3cTYCAAwDCyACIAE2AgwgASACNgIIDAILIAMoAhghBgJAIAMgAygCDCIBRwRAIAMoAggiAiABNgIMIAEgAjYCCAwBCwJAIANBFGoiAigCACIEDQAgA0EQaiICKAIAIgQNAEEAIQEMAQsDQCACIQcgBCIBQRRqIgIoAgAiBA0AIAFBEGohAiABKAIQIgQNAAsgB0EANgIACyAGRQ0BAkAgAyADKAIcIgJBAnRBuApqIgQoAgBGBEAgBCABNgIAIAENAUGMCEGMCCgCAEF+IAJ3cTYCAAwDCyAGQRBBFCAGKAIQIANGG2ogATYCACABRQ0CCyABIAY2AhggAygCECICBEAgASACNgIQIAIgATYCGAsgAygCFCICRQ0BIAEgAjYCFCACIAE2AhgMAQsgBSgCBCIBQQNxQQNHDQBBkAggADYCACAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAA8LIAMgBU8NACAFKAIEIgFBAXFFDQACQCABQQJxRQRAIAVBoAgoAgBGBEBBoAggAzYCAEGUCEGUCCgCACAAaiIANgIAIAMgAEEBcjYCBCADQZwIKAIARw0DQZAIQQA2AgBBnAhBADYCAA8LIAVBnAgoAgBGBEBBnAggAzYCAEGQCEGQCCgCACAAaiIANgIAIAMgAEEBcjYCBCAAIANqIAA2AgAPCyABQXhxIABqIQACQCABQf8BTQRAIAUoAggiAiABQQN2IgRBA3RBsAhqRhogAiAFKAIMIgFGBEBBiAhBiAgoAgBBfiAEd3E2AgAMAgsgAiABNgIMIAEgAjYCCAwBCyAFKAIYIQYCQCAFIAUoAgwiAUcEQCAFKAIIIgJBmAgoAgBJGiACIAE2AgwgASACNgIIDAELAkAgBUEUaiICKAIAIgQNACAFQRBqIgIoAgAiBA0AQQAhAQwBCwNAIAIhByAEIgFBFGoiAigCACIEDQAgAUEQaiECIAEoAhAiBA0ACyAHQQA2AgALIAZFDQACQCAFIAUoAhwiAkECdEG4CmoiBCgCAEYEQCAEIAE2AgAgAQ0BQYwIQYwIKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiABNgIAIAFFDQELIAEgBjYCGCAFKAIQIgIEQCABIAI2AhAgAiABNgIYCyAFKAIUIgJFDQAgASACNgIUIAIgATYCGAsgAyAAQQFyNgIEIAAgA2ogADYCACADQZwIKAIARw0BQZAIIAA2AgAPCyAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAAsgAEH/AU0EQCAAQQN2IgFBA3RBsAhqIQACf0GICCgCACICQQEgAXQiAXFFBEBBiAggASACcjYCACAADAELIAAoAggLIQIgACADNgIIIAIgAzYCDCADIAA2AgwgAyACNgIIDwtBHyECIANCADcCECAAQf///wdNBEAgAEEIdiIBIAFBgP4/akEQdkEIcSIBdCICIAJBgOAfakEQdkEEcSICdCIEIARBgIAPakEQdkECcSIEdEEPdiABIAJyIARyayIBQQF0IAAgAUEVanZBAXFyQRxqIQILIAMgAjYCHCACQQJ0QbgKaiEBAkACQAJAQYwIKAIAIgRBASACdCIHcUUEQEGMCCAEIAdyNgIAIAEgAzYCACADIAE2AhgMAQsgAEEAQRkgAkEBdmsgAkEfRht0IQIgASgCACEBA0AgASIEKAIEQXhxIABGDQIgAkEddiEBIAJBAXQhAiAEIAFBBHFqIgdBEGooAgAiAQ0ACyAHIAM2AhAgAyAENgIYCyADIAM2AgwgAyADNgIIDAELIAQoAggiACADNgIMIAQgAzYCCCADQQA2AhggAyAENgIMIAMgADYCCAtBqAhBqAgoAgBBAWsiAEF/IAAbNgIACwsLCQEAQYEICwIGUA==\";if(!W.startsWith(V)){var na=W;W=b.locateFile?b.locateFile(na,B):B+na}function pa(){var a=W;try{if(a==W&&J)return new Uint8Array(J);var c=H(a);if(c)return c;if(E)return E(a);throw\"both async and sync fetching of the wasm failed\";}catch(d){K(d)}}\nfunction qa(){if(!J&&(x||y)){if(\"function\"===typeof fetch&&!W.startsWith(\"file://\"))return fetch(W,{credentials:\"same-origin\"}).then(function(a){if(!a.ok)throw\"failed to load wasm binary file at '\"+W+\"'\";return a.arrayBuffer()}).catch(function(){return pa()});if(D)return new Promise(function(a,c){D(W,function(d){a(new Uint8Array(d))},c)})}return Promise.resolve().then(function(){return pa()})}\nfunction X(a){for(;0>4;f=(f&15)<<4|l>>2;var t=(l&3)<<6|A;c+=String.fromCharCode(e);64!==l&&(c+=String.fromCharCode(f));64!==A&&(c+=String.fromCharCode(t))}while(d>>=0;if(2147483648=d;d*=2){var e=c*(1+.2/d);e=Math.min(e,a+100663296);e=Math.max(a,e);0>>16);ia();var f=1;break a}catch(l){}f=void 0}if(f)return!0}return!1}};\n(function(){function a(f){b.asm=f.exports;L=b.asm.b;ia();R=b.asm.j;ka.unshift(b.asm.c);S--;b.monitorRunDependencies&&b.monitorRunDependencies(S);0==S&&(null!==T&&(clearInterval(T),T=null),U&&(f=U,U=null,f()))}function c(f){a(f.instance)}function d(f){return qa().then(function(l){return WebAssembly.instantiate(l,e)}).then(f,function(l){I(\"failed to asynchronously prepare wasm: \"+l);K(l)})}var e={a:sa};S++;b.monitorRunDependencies&&b.monitorRunDependencies(S);if(b.instantiateWasm)try{return b.instantiateWasm(e,\na)}catch(f){return I(\"Module.instantiateWasm callback failed with error: \"+f),!1}(function(){return J||\"function\"!==typeof WebAssembly.instantiateStreaming||W.startsWith(V)||W.startsWith(\"file://\")||\"function\"!==typeof fetch?d(c):fetch(W,{credentials:\"same-origin\"}).then(function(f){return WebAssembly.instantiateStreaming(f,e).then(c,function(l){I(\"wasm streaming compile failed: \"+l);I(\"falling back to ArrayBuffer instantiation\");return d(c)})})})().catch(r);return{}})();\nb.___wasm_call_ctors=function(){return(b.___wasm_call_ctors=b.asm.c).apply(null,arguments)};b._poly1305_auth=function(){return(b._poly1305_auth=b.asm.d).apply(null,arguments)};var da=b.stackSave=function(){return(da=b.stackSave=b.asm.e).apply(null,arguments)},fa=b.stackRestore=function(){return(fa=b.stackRestore=b.asm.f).apply(null,arguments)},O=b.stackAlloc=function(){return(O=b.stackAlloc=b.asm.g).apply(null,arguments)};b._malloc=function(){return(b._malloc=b.asm.h).apply(null,arguments)};\nb._free=function(){return(b._free=b.asm.i).apply(null,arguments)};b.cwrap=function(a,c,d,e){d=d||[];var f=d.every(function(l){return\"number\"===l});return\"string\"!==c&&f&&!e?N(a):function(){return ca(a,c,d,arguments)}};var Y;U=function ta(){Y||Z();Y||(U=ta)};\nfunction Z(){function a(){if(!Y&&(Y=!0,b.calledRun=!0,!M)){X(ka);q(b);if(b.onRuntimeInitialized)b.onRuntimeInitialized();if(b.postRun)for(\"function\"==typeof b.postRun&&(b.postRun=[b.postRun]);b.postRun.length;){var c=b.postRun.shift();la.unshift(c)}X(la)}}if(!(0 {\n // eslint-disable-next-line prefer-const\n for (let [type, handler] of Object.entries(handlers)) {\n type = +type;\n if (isFinite(type) && type >= 0 && type < MESSAGE_HANDLERS.length)\n MESSAGE_HANDLERS[type] = handler;\n }\n});\n\nmodule.exports = MESSAGE_HANDLERS;\n","'use strict';\n\nconst {\n bufferSlice,\n bufferParser,\n doFatalError,\n sigSSHToASN1,\n writeUInt32BE,\n} = require('./utils.js');\n\nconst {\n CHANNEL_OPEN_FAILURE,\n COMPAT,\n MESSAGE,\n TERMINAL_MODE,\n} = require('./constants.js');\n\nconst {\n parseKey,\n} = require('./keyParser.js');\n\nconst TERMINAL_MODE_BY_VALUE =\n Array.from(Object.entries(TERMINAL_MODE))\n .reduce((obj, [key, value]) => ({ ...obj, [key]: value }), {});\n\nmodule.exports = {\n // Transport layer protocol ==================================================\n [MESSAGE.DISCONNECT]: (self, payload) => {\n /*\n byte SSH_MSG_DISCONNECT\n uint32 reason code\n string description in ISO-10646 UTF-8 encoding\n string language tag\n */\n bufferParser.init(payload, 1);\n const reason = bufferParser.readUInt32BE();\n const desc = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed DISCONNECT packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: Received DISCONNECT (${reason}, \"${desc}\")`\n );\n\n const handler = self._handlers.DISCONNECT;\n handler && handler(self, reason, desc);\n },\n [MESSAGE.IGNORE]: (self, payload) => {\n /*\n byte SSH_MSG_IGNORE\n string data\n */\n self._debug && self._debug('Inbound: Received IGNORE');\n },\n [MESSAGE.UNIMPLEMENTED]: (self, payload) => {\n /*\n byte SSH_MSG_UNIMPLEMENTED\n uint32 packet sequence number of rejected message\n */\n bufferParser.init(payload, 1);\n const seqno = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (seqno === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed UNIMPLEMENTED packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: Received UNIMPLEMENTED (seqno ${seqno})`);\n },\n [MESSAGE.DEBUG]: (self, payload) => {\n /*\n byte SSH_MSG_DEBUG\n boolean always_display\n string message in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const display = bufferParser.readBool();\n const msg = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed DEBUG packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received DEBUG');\n\n const handler = self._handlers.DEBUG;\n handler && handler(self, display, msg);\n },\n [MESSAGE.SERVICE_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_SERVICE_REQUEST\n string service name\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n bufferParser.clear();\n\n if (name === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed SERVICE_REQUEST packet'\n );\n }\n\n self._debug && self._debug(`Inbound: Received SERVICE_REQUEST (${name})`);\n\n const handler = self._handlers.SERVICE_REQUEST;\n handler && handler(self, name);\n },\n [MESSAGE.SERVICE_ACCEPT]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_SERVICE_ACCEPT\n string service name\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n bufferParser.clear();\n\n if (name === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed SERVICE_ACCEPT packet'\n );\n }\n\n self._debug && self._debug(`Inbound: Received SERVICE_ACCEPT (${name})`);\n\n const handler = self._handlers.SERVICE_ACCEPT;\n handler && handler(self, name);\n },\n [MESSAGE.EXT_INFO]: (self, payload) => {\n /*\n byte SSH_MSG_EXT_INFO\n uint32 nr-extensions\n repeat the following 2 fields \"nr-extensions\" times:\n string extension-name\n string extension-value (binary)\n */\n bufferParser.init(payload, 1);\n const numExts = bufferParser.readUInt32BE();\n let exts;\n if (numExts !== undefined) {\n exts = [];\n for (let i = 0; i < numExts; ++i) {\n const name = bufferParser.readString(true);\n const data = bufferParser.readString();\n if (data !== undefined) {\n switch (name) {\n case 'server-sig-algs': {\n const algs = data.latin1Slice(0, data.length).split(',');\n exts.push({ name, algs });\n continue;\n }\n default:\n continue;\n }\n }\n // Malformed\n exts = undefined;\n break;\n }\n }\n bufferParser.clear();\n\n if (exts === undefined)\n return doFatalError(self, 'Inbound: Malformed EXT_INFO packet');\n\n self._debug && self._debug('Inbound: Received EXT_INFO');\n\n const handler = self._handlers.EXT_INFO;\n handler && handler(self, exts);\n },\n\n // User auth protocol -- generic =============================================\n [MESSAGE.USERAUTH_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_USERAUTH_REQUEST\n string user name in ISO-10646 UTF-8 encoding [RFC3629]\n string service name in US-ASCII\n string method name in US-ASCII\n .... method specific fields\n */\n bufferParser.init(payload, 1);\n const user = bufferParser.readString(true);\n const service = bufferParser.readString(true);\n const method = bufferParser.readString(true);\n let methodData;\n let methodDesc;\n switch (method) {\n case 'none':\n methodData = null;\n break;\n case 'password': {\n /*\n boolean \n string plaintext password in ISO-10646 UTF-8 encoding [RFC3629]\n [string new password]\n */\n const isChange = bufferParser.readBool();\n if (isChange !== undefined) {\n methodData = bufferParser.readString(true);\n if (methodData !== undefined && isChange) {\n const newPassword = bufferParser.readString(true);\n if (newPassword !== undefined)\n methodData = { oldPassword: methodData, newPassword };\n else\n methodData = undefined;\n }\n }\n break;\n }\n case 'publickey': {\n /*\n boolean \n string public key algorithm name\n string public key blob\n [string signature]\n */\n const hasSig = bufferParser.readBool();\n if (hasSig !== undefined) {\n const keyAlgo = bufferParser.readString(true);\n let realKeyAlgo = keyAlgo;\n const key = bufferParser.readString();\n\n let hashAlgo;\n switch (keyAlgo) {\n case 'rsa-sha2-256':\n realKeyAlgo = 'ssh-rsa';\n hashAlgo = 'sha256';\n break;\n case 'rsa-sha2-512':\n realKeyAlgo = 'ssh-rsa';\n hashAlgo = 'sha512';\n break;\n }\n\n if (hasSig) {\n const blobEnd = bufferParser.pos();\n let signature = bufferParser.readString();\n if (signature !== undefined) {\n if (signature.length > (4 + keyAlgo.length + 4)\n && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n // Skip algoLen + algo + sigLen\n signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n }\n\n signature = sigSSHToASN1(signature, realKeyAlgo);\n if (signature) {\n const sessionID = self._kex.sessionID;\n const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n writeUInt32BE(blob, sessionID.length, 0);\n blob.set(sessionID, 4);\n blob.set(\n new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n 4 + sessionID.length\n );\n methodData = {\n keyAlgo: realKeyAlgo,\n key,\n signature,\n blob,\n hashAlgo,\n };\n }\n }\n } else {\n methodData = { keyAlgo: realKeyAlgo, key, hashAlgo };\n methodDesc = 'publickey -- check';\n }\n }\n break;\n }\n case 'hostbased': {\n /*\n string public key algorithm for host key\n string public host key and certificates for client host\n string client host name expressed as the FQDN in US-ASCII\n string user name on the client host in ISO-10646 UTF-8 encoding\n [RFC3629]\n string signature\n */\n const keyAlgo = bufferParser.readString(true);\n let realKeyAlgo = keyAlgo;\n const key = bufferParser.readString();\n const localHostname = bufferParser.readString(true);\n const localUsername = bufferParser.readString(true);\n\n let hashAlgo;\n switch (keyAlgo) {\n case 'rsa-sha2-256':\n realKeyAlgo = 'ssh-rsa';\n hashAlgo = 'sha256';\n break;\n case 'rsa-sha2-512':\n realKeyAlgo = 'ssh-rsa';\n hashAlgo = 'sha512';\n break;\n }\n\n const blobEnd = bufferParser.pos();\n let signature = bufferParser.readString();\n if (signature !== undefined) {\n if (signature.length > (4 + keyAlgo.length + 4)\n && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n // Skip algoLen + algo + sigLen\n signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n }\n\n signature = sigSSHToASN1(signature, realKeyAlgo);\n if (signature !== undefined) {\n const sessionID = self._kex.sessionID;\n const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n writeUInt32BE(blob, sessionID.length, 0);\n blob.set(sessionID, 4);\n blob.set(\n new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n 4 + sessionID.length\n );\n methodData = {\n keyAlgo: realKeyAlgo,\n key,\n signature,\n blob,\n localHostname,\n localUsername,\n hashAlgo\n };\n }\n }\n break;\n }\n case 'keyboard-interactive':\n /*\n string language tag (as defined in [RFC-3066])\n string submethods (ISO-10646 UTF-8)\n */\n // Skip/ignore language field -- it's deprecated in RFC 4256\n bufferParser.skipString();\n\n methodData = bufferParser.readList();\n break;\n default:\n if (method !== undefined)\n methodData = bufferParser.readRaw();\n }\n bufferParser.clear();\n\n if (methodData === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_REQUEST packet'\n );\n }\n\n if (methodDesc === undefined)\n methodDesc = method;\n\n self._authsQueue.push(method);\n\n self._debug\n && self._debug(`Inbound: Received USERAUTH_REQUEST (${methodDesc})`);\n\n const handler = self._handlers.USERAUTH_REQUEST;\n handler && handler(self, user, service, method, methodData);\n },\n [MESSAGE.USERAUTH_FAILURE]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_FAILURE\n name-list authentications that can continue\n boolean partial success\n */\n bufferParser.init(payload, 1);\n const authMethods = bufferParser.readList();\n const partialSuccess = bufferParser.readBool();\n bufferParser.clear();\n\n if (partialSuccess === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_FAILURE packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: Received USERAUTH_FAILURE (${authMethods})`);\n\n self._authsQueue.shift();\n const handler = self._handlers.USERAUTH_FAILURE;\n handler && handler(self, authMethods, partialSuccess);\n },\n [MESSAGE.USERAUTH_SUCCESS]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_SUCCESS\n */\n self._debug && self._debug('Inbound: Received USERAUTH_SUCCESS');\n\n self._authsQueue.shift();\n const handler = self._handlers.USERAUTH_SUCCESS;\n handler && handler(self);\n },\n [MESSAGE.USERAUTH_BANNER]: (self, payload) => {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_BANNER\n string message in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const msg = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_BANNER packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_BANNER');\n\n const handler = self._handlers.USERAUTH_BANNER;\n handler && handler(self, msg);\n },\n\n // User auth protocol -- method-specific =====================================\n 60: (self, payload) => {\n if (!self._authsQueue.length) {\n self._debug\n && self._debug('Inbound: Received payload type 60 without auth');\n return;\n }\n\n switch (self._authsQueue[0]) {\n case 'password': {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_PASSWD_CHANGEREQ\n string prompt in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const prompt = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_PASSWD_CHANGEREQ packet'\n );\n }\n\n self._debug\n && self._debug('Inbound: Received USERAUTH_PASSWD_CHANGEREQ');\n\n const handler = self._handlers.USERAUTH_PASSWD_CHANGEREQ;\n handler && handler(self, prompt);\n break;\n }\n case 'publickey': {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_PK_OK\n string public key algorithm name from the request\n string public key blob from the request\n */\n bufferParser.init(payload, 1);\n const keyAlgo = bufferParser.readString(true);\n const key = bufferParser.readString();\n bufferParser.clear();\n\n if (key === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_PK_OK packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_PK_OK');\n\n self._authsQueue.shift();\n const handler = self._handlers.USERAUTH_PK_OK;\n handler && handler(self, keyAlgo, key);\n break;\n }\n case 'keyboard-interactive': {\n // S->C\n /*\n byte SSH_MSG_USERAUTH_INFO_REQUEST\n string name (ISO-10646 UTF-8)\n string instruction (ISO-10646 UTF-8)\n string language tag (as defined in [RFC-3066])\n int num-prompts\n string prompt[1] (ISO-10646 UTF-8)\n boolean echo[1]\n ...\n string prompt[num-prompts] (ISO-10646 UTF-8)\n boolean echo[num-prompts]\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n const instructions = bufferParser.readString(true);\n bufferParser.readString(); // skip lang\n const numPrompts = bufferParser.readUInt32BE();\n let prompts;\n if (numPrompts !== undefined) {\n prompts = new Array(numPrompts);\n let i;\n for (i = 0; i < numPrompts; ++i) {\n const prompt = bufferParser.readString(true);\n const echo = bufferParser.readBool();\n if (echo === undefined)\n break;\n prompts[i] = { prompt, echo };\n }\n if (i !== numPrompts)\n prompts = undefined;\n }\n bufferParser.clear();\n\n if (prompts === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_INFO_REQUEST packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_INFO_REQUEST');\n\n const handler = self._handlers.USERAUTH_INFO_REQUEST;\n handler && handler(self, name, instructions, prompts);\n break;\n }\n default:\n self._debug\n && self._debug('Inbound: Received unexpected payload type 60');\n }\n },\n 61: (self, payload) => {\n if (!self._authsQueue.length) {\n self._debug\n && self._debug('Inbound: Received payload type 61 without auth');\n return;\n }\n /*\n byte SSH_MSG_USERAUTH_INFO_RESPONSE\n int num-responses\n string response[1] (ISO-10646 UTF-8)\n ...\n string response[num-responses] (ISO-10646 UTF-8)\n */\n if (self._authsQueue[0] !== 'keyboard-interactive') {\n return doFatalError(\n self,\n 'Inbound: Received unexpected payload type 61'\n );\n }\n bufferParser.init(payload, 1);\n const numResponses = bufferParser.readUInt32BE();\n let responses;\n if (numResponses !== undefined) {\n responses = new Array(numResponses);\n let i;\n for (i = 0; i < numResponses; ++i) {\n const response = bufferParser.readString(true);\n if (response === undefined)\n break;\n responses[i] = response;\n }\n if (i !== numResponses)\n responses = undefined;\n }\n bufferParser.clear();\n\n if (responses === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed USERAUTH_INFO_RESPONSE packet'\n );\n }\n\n self._debug && self._debug('Inbound: Received USERAUTH_INFO_RESPONSE');\n\n const handler = self._handlers.USERAUTH_INFO_RESPONSE;\n handler && handler(self, responses);\n },\n\n // Connection protocol -- generic ============================================\n [MESSAGE.GLOBAL_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_GLOBAL_REQUEST\n string request name in US-ASCII only\n boolean want reply\n .... request-specific data follows\n */\n bufferParser.init(payload, 1);\n const name = bufferParser.readString(true);\n const wantReply = bufferParser.readBool();\n let data;\n if (wantReply !== undefined) {\n switch (name) {\n case 'tcpip-forward':\n case 'cancel-tcpip-forward': {\n /*\n string address to bind (e.g., \"0.0.0.0\")\n uint32 port number to bind\n */\n const bindAddr = bufferParser.readString(true);\n const bindPort = bufferParser.readUInt32BE();\n if (bindPort !== undefined)\n data = { bindAddr, bindPort };\n break;\n }\n case 'streamlocal-forward@openssh.com':\n case 'cancel-streamlocal-forward@openssh.com': {\n /*\n string socket path\n */\n const socketPath = bufferParser.readString(true);\n if (socketPath !== undefined)\n data = { socketPath };\n break;\n }\n case 'no-more-sessions@openssh.com':\n data = null;\n break;\n case 'hostkeys-00@openssh.com': {\n data = [];\n while (bufferParser.avail() > 0) {\n const keyRaw = bufferParser.readString();\n if (keyRaw === undefined) {\n data = undefined;\n break;\n }\n const key = parseKey(keyRaw);\n if (!(key instanceof Error))\n data.push(key);\n }\n break;\n }\n default:\n data = bufferParser.readRaw();\n }\n }\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed GLOBAL_REQUEST packet'\n );\n }\n\n self._debug && self._debug(`Inbound: GLOBAL_REQUEST (${name})`);\n\n const handler = self._handlers.GLOBAL_REQUEST;\n if (handler)\n handler(self, name, wantReply, data);\n else\n self.requestFailure(); // Auto reject\n },\n [MESSAGE.REQUEST_SUCCESS]: (self, payload) => {\n /*\n byte SSH_MSG_REQUEST_SUCCESS\n .... response specific data\n */\n const data = (payload.length > 1 ? bufferSlice(payload, 1) : null);\n\n self._debug && self._debug('Inbound: REQUEST_SUCCESS');\n\n const handler = self._handlers.REQUEST_SUCCESS;\n handler && handler(self, data);\n },\n [MESSAGE.REQUEST_FAILURE]: (self, payload) => {\n /*\n byte SSH_MSG_REQUEST_FAILURE\n */\n self._debug && self._debug('Inbound: Received REQUEST_FAILURE');\n\n const handler = self._handlers.REQUEST_FAILURE;\n handler && handler(self);\n },\n\n // Connection protocol -- channel-related ====================================\n [MESSAGE.CHANNEL_OPEN]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_OPEN\n string channel type in US-ASCII only\n uint32 sender channel\n uint32 initial window size\n uint32 maximum packet size\n .... channel type specific data follows\n */\n bufferParser.init(payload, 1);\n const type = bufferParser.readString(true);\n const sender = bufferParser.readUInt32BE();\n const window = bufferParser.readUInt32BE();\n const packetSize = bufferParser.readUInt32BE();\n let channelInfo;\n\n switch (type) {\n case 'forwarded-tcpip': // S->C\n case 'direct-tcpip': { // C->S\n /*\n string address that was connected / host to connect\n uint32 port that was connected / port to connect\n string originator IP address\n uint32 originator port\n */\n const destIP = bufferParser.readString(true);\n const destPort = bufferParser.readUInt32BE();\n const srcIP = bufferParser.readString(true);\n const srcPort = bufferParser.readUInt32BE();\n if (srcPort !== undefined) {\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: { destIP, destPort, srcIP, srcPort }\n };\n }\n break;\n }\n case 'forwarded-streamlocal@openssh.com': // S->C\n case 'direct-streamlocal@openssh.com': { // C->S\n /*\n string socket path\n string reserved for future use\n\n (direct-streamlocal@openssh.com additionally has:)\n uint32 reserved\n */\n const socketPath = bufferParser.readString(true);\n if (socketPath !== undefined) {\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: { socketPath }\n };\n }\n break;\n }\n case 'x11': { // S->C\n /*\n string originator address (e.g., \"192.168.7.38\")\n uint32 originator port\n */\n const srcIP = bufferParser.readString(true);\n const srcPort = bufferParser.readUInt32BE();\n if (srcPort !== undefined) {\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: { srcIP, srcPort }\n };\n }\n break;\n }\n default:\n // Includes:\n // 'session' (C->S)\n // 'auth-agent@openssh.com' (S->C)\n channelInfo = {\n type,\n sender,\n window,\n packetSize,\n data: {}\n };\n }\n bufferParser.clear();\n\n if (channelInfo === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_OPEN packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_OPEN (s:${sender}, ${type})`);\n\n const handler = self._handlers.CHANNEL_OPEN;\n if (handler) {\n handler(self, channelInfo);\n } else {\n self.channelOpenFail(\n channelInfo.sender,\n CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED,\n '',\n ''\n );\n }\n },\n [MESSAGE.CHANNEL_OPEN_CONFIRMATION]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_OPEN_CONFIRMATION\n uint32 recipient channel\n uint32 sender channel\n uint32 initial window size\n uint32 maximum packet size\n .... channel type specific data follows\n */\n // \"The 'recipient channel' is the channel number given in the\n // original open request, and 'sender channel' is the channel number\n // allocated by the other side.\"\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const sender = bufferParser.readUInt32BE();\n const window = bufferParser.readUInt32BE();\n const packetSize = bufferParser.readUInt32BE();\n const data = (bufferParser.avail() ? bufferParser.readRaw() : undefined);\n bufferParser.clear();\n\n if (packetSize === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_OPEN_CONFIRMATION packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: CHANNEL_OPEN_CONFIRMATION (r:${recipient}, s:${sender})`\n );\n\n const handler = self._handlers.CHANNEL_OPEN_CONFIRMATION;\n if (handler)\n handler(self, { recipient, sender, window, packetSize, data });\n },\n [MESSAGE.CHANNEL_OPEN_FAILURE]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_OPEN_FAILURE\n uint32 recipient channel\n uint32 reason code\n string description in ISO-10646 UTF-8 encoding [RFC3629]\n string language tag [RFC3066]\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const reason = bufferParser.readUInt32BE();\n const description = bufferParser.readString(true);\n const lang = bufferParser.readString();\n bufferParser.clear();\n\n if (lang === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_OPEN_FAILURE packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: CHANNEL_OPEN_FAILURE (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_OPEN_FAILURE;\n handler && handler(self, recipient, reason, description);\n },\n [MESSAGE.CHANNEL_WINDOW_ADJUST]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_WINDOW_ADJUST\n uint32 recipient channel\n uint32 bytes to add\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const bytesToAdd = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (bytesToAdd === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_WINDOW_ADJUST packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: CHANNEL_WINDOW_ADJUST (r:${recipient}, ${bytesToAdd})`\n );\n\n const handler = self._handlers.CHANNEL_WINDOW_ADJUST;\n handler && handler(self, recipient, bytesToAdd);\n },\n [MESSAGE.CHANNEL_DATA]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_DATA\n uint32 recipient channel\n string data\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_DATA packet'\n );\n }\n\n self._debug\n && self._debug(`Inbound: CHANNEL_DATA (r:${recipient}, ${data.length})`);\n\n const handler = self._handlers.CHANNEL_DATA;\n handler && handler(self, recipient, data);\n },\n [MESSAGE.CHANNEL_EXTENDED_DATA]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_EXTENDED_DATA\n uint32 recipient channel\n uint32 data_type_code\n string data\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const type = bufferParser.readUInt32BE();\n const data = bufferParser.readString();\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_EXTENDED_DATA packet'\n );\n }\n\n self._debug && self._debug(\n `Inbound: CHANNEL_EXTENDED_DATA (r:${recipient}, ${data.length})`\n );\n\n const handler = self._handlers.CHANNEL_EXTENDED_DATA;\n handler && handler(self, recipient, data, type);\n },\n [MESSAGE.CHANNEL_EOF]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_EOF\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_EOF packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_EOF (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_EOF;\n handler && handler(self, recipient);\n },\n [MESSAGE.CHANNEL_CLOSE]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_CLOSE\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_CLOSE packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_CLOSE (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_CLOSE;\n handler && handler(self, recipient);\n },\n [MESSAGE.CHANNEL_REQUEST]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_REQUEST\n uint32 recipient channel\n string request type in US-ASCII characters only\n boolean want reply\n .... type-specific data follows\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n const type = bufferParser.readString(true);\n const wantReply = bufferParser.readBool();\n let data;\n if (wantReply !== undefined) {\n switch (type) {\n case 'exit-status': // S->C\n /*\n uint32 exit_status\n */\n data = bufferParser.readUInt32BE();\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'exit-signal': { // S->C\n /*\n string signal name (without the \"SIG\" prefix)\n boolean core dumped\n string error message in ISO-10646 UTF-8 encoding\n string language tag\n */\n let signal;\n let coreDumped;\n if (self._compatFlags & COMPAT.OLD_EXIT) {\n /*\n Instead of `signal name` and `core dumped`, we have just:\n uint32 signal number\n */\n const num = bufferParser.readUInt32BE();\n switch (num) {\n case 1:\n signal = 'HUP';\n break;\n case 2:\n signal = 'INT';\n break;\n case 3:\n signal = 'QUIT';\n break;\n case 6:\n signal = 'ABRT';\n break;\n case 9:\n signal = 'KILL';\n break;\n case 14:\n signal = 'ALRM';\n break;\n case 15:\n signal = 'TERM';\n break;\n default:\n if (num !== undefined) {\n // Unknown or OS-specific\n signal = `UNKNOWN (${num})`;\n }\n }\n coreDumped = false;\n } else {\n signal = bufferParser.readString(true);\n coreDumped = bufferParser.readBool();\n if (coreDumped === undefined)\n signal = undefined;\n }\n const errorMessage = bufferParser.readString(true);\n if (bufferParser.skipString() !== undefined)\n data = { signal, coreDumped, errorMessage };\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${signal})`\n );\n break;\n }\n case 'pty-req': { // C->S\n /*\n string TERM environment variable value (e.g., vt100)\n uint32 terminal width, characters (e.g., 80)\n uint32 terminal height, rows (e.g., 24)\n uint32 terminal width, pixels (e.g., 640)\n uint32 terminal height, pixels (e.g., 480)\n string encoded terminal modes\n */\n const term = bufferParser.readString(true);\n const cols = bufferParser.readUInt32BE();\n const rows = bufferParser.readUInt32BE();\n const width = bufferParser.readUInt32BE();\n const height = bufferParser.readUInt32BE();\n const modesBinary = bufferParser.readString();\n if (modesBinary !== undefined) {\n bufferParser.init(modesBinary, 1);\n let modes = {};\n while (bufferParser.avail()) {\n const opcode = bufferParser.readByte();\n if (opcode === TERMINAL_MODE.TTY_OP_END)\n break;\n const name = TERMINAL_MODE_BY_VALUE[opcode];\n const value = bufferParser.readUInt32BE();\n if (opcode === undefined\n || name === undefined\n || value === undefined) {\n modes = undefined;\n break;\n }\n modes[name] = value;\n }\n if (modes !== undefined)\n data = { term, cols, rows, width, height, modes };\n }\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n }\n case 'window-change': { // C->S\n /*\n uint32 terminal width, columns\n uint32 terminal height, rows\n uint32 terminal width, pixels\n uint32 terminal height, pixels\n */\n const cols = bufferParser.readUInt32BE();\n const rows = bufferParser.readUInt32BE();\n const width = bufferParser.readUInt32BE();\n const height = bufferParser.readUInt32BE();\n if (height !== undefined)\n data = { cols, rows, width, height };\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n }\n case 'x11-req': { // C->S\n /*\n boolean single connection\n string x11 authentication protocol\n string x11 authentication cookie\n uint32 x11 screen number\n */\n const single = bufferParser.readBool();\n const protocol = bufferParser.readString(true);\n const cookie = bufferParser.readString();\n const screen = bufferParser.readUInt32BE();\n if (screen !== undefined)\n data = { single, protocol, cookie, screen };\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n }\n case 'env': { // C->S\n /*\n string variable name\n string variable value\n */\n const name = bufferParser.readString(true);\n const value = bufferParser.readString(true);\n if (value !== undefined)\n data = { name, value };\n if (self._debug) {\n self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: `\n + `${name}=${value})`\n );\n }\n break;\n }\n case 'shell': // C->S\n data = null; // No extra data\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n case 'exec': // C->S\n /*\n string command\n */\n data = bufferParser.readString(true);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'subsystem': // C->S\n /*\n string subsystem name\n */\n data = bufferParser.readString(true);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'signal': // C->S\n /*\n string signal name (without the \"SIG\" prefix)\n */\n data = bufferParser.readString(true);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'xon-xoff': // C->S\n /*\n boolean client can do\n */\n data = bufferParser.readBool();\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n );\n break;\n case 'auth-agent-req@openssh.com': // C-S\n data = null; // No extra data\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n break;\n default:\n data = (bufferParser.avail() ? bufferParser.readRaw() : null);\n self._debug && self._debug(\n `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n );\n }\n }\n bufferParser.clear();\n\n if (data === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_REQUEST packet'\n );\n }\n\n const handler = self._handlers.CHANNEL_REQUEST;\n handler && handler(self, recipient, type, wantReply, data);\n },\n [MESSAGE.CHANNEL_SUCCESS]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_SUCCESS\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_SUCCESS packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_SUCCESS (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_SUCCESS;\n handler && handler(self, recipient);\n },\n [MESSAGE.CHANNEL_FAILURE]: (self, payload) => {\n /*\n byte SSH_MSG_CHANNEL_FAILURE\n uint32 recipient channel\n */\n bufferParser.init(payload, 1);\n const recipient = bufferParser.readUInt32BE();\n bufferParser.clear();\n\n if (recipient === undefined) {\n return doFatalError(\n self,\n 'Inbound: Malformed CHANNEL_FAILURE packet'\n );\n }\n\n self._debug && self._debug(`Inbound: CHANNEL_FAILURE (r:${recipient})`);\n\n const handler = self._handlers.CHANNEL_FAILURE;\n handler && handler(self, recipient);\n },\n};\n","'use strict';\n\nconst {\n createDiffieHellman,\n createDiffieHellmanGroup,\n createECDH,\n createHash,\n createPublicKey,\n diffieHellman,\n generateKeyPairSync,\n randomFillSync,\n} = require('crypto');\n\nconst { Ber } = require('asn1');\n\nconst {\n COMPAT,\n curve25519Supported,\n DEFAULT_KEX,\n DEFAULT_SERVER_HOST_KEY,\n DEFAULT_CIPHER,\n DEFAULT_MAC,\n DEFAULT_COMPRESSION,\n DISCONNECT_REASON,\n MESSAGE,\n} = require('./constants.js');\nconst {\n CIPHER_INFO,\n createCipher,\n createDecipher,\n MAC_INFO,\n} = require('./crypto.js');\nconst { parseDERKey } = require('./keyParser.js');\nconst {\n bufferFill,\n bufferParser,\n convertSignature,\n doFatalError,\n FastBuffer,\n sigSSHToASN1,\n writeUInt32BE,\n} = require('./utils.js');\nconst {\n PacketReader,\n PacketWriter,\n ZlibPacketReader,\n ZlibPacketWriter,\n} = require('./zlib.js');\n\nlet MESSAGE_HANDLERS;\n\nconst GEX_MIN_BITS = 2048; // RFC 8270\nconst GEX_MAX_BITS = 8192; // RFC 8270\n\nconst EMPTY_BUFFER = Buffer.alloc(0);\n\n// Client/Server\nfunction kexinit(self) {\n /*\n byte SSH_MSG_KEXINIT\n byte[16] cookie (random bytes)\n name-list kex_algorithms\n name-list server_host_key_algorithms\n name-list encryption_algorithms_client_to_server\n name-list encryption_algorithms_server_to_client\n name-list mac_algorithms_client_to_server\n name-list mac_algorithms_server_to_client\n name-list compression_algorithms_client_to_server\n name-list compression_algorithms_server_to_client\n name-list languages_client_to_server\n name-list languages_server_to_client\n boolean first_kex_packet_follows\n uint32 0 (reserved for future extension)\n */\n\n let payload;\n if (self._compatFlags & COMPAT.BAD_DHGEX) {\n const entry = self._offer.lists.kex;\n let kex = entry.array;\n let found = false;\n for (let i = 0; i < kex.length; ++i) {\n if (kex[i].includes('group-exchange')) {\n if (!found) {\n found = true;\n // Copy array lazily\n kex = kex.slice();\n }\n kex.splice(i--, 1);\n }\n }\n if (found) {\n let len = 1 + 16 + self._offer.totalSize + 1 + 4;\n const newKexBuf = Buffer.from(kex.join(','));\n len -= (entry.buffer.length - newKexBuf.length);\n\n const all = self._offer.lists.all;\n const rest = new Uint8Array(\n all.buffer,\n all.byteOffset + 4 + entry.buffer.length,\n all.length - (4 + entry.buffer.length)\n );\n\n payload = Buffer.allocUnsafe(len);\n writeUInt32BE(payload, newKexBuf.length, 17);\n payload.set(newKexBuf, 17 + 4);\n payload.set(rest, 17 + 4 + newKexBuf.length);\n }\n }\n\n if (payload === undefined) {\n payload = Buffer.allocUnsafe(1 + 16 + self._offer.totalSize + 1 + 4);\n self._offer.copyAllTo(payload, 17);\n }\n\n self._debug && self._debug('Outbound: Sending KEXINIT');\n\n payload[0] = MESSAGE.KEXINIT;\n randomFillSync(payload, 1, 16);\n\n // Zero-fill first_kex_packet_follows and reserved bytes\n bufferFill(payload, 0, payload.length - 5);\n\n self._kexinit = payload;\n\n // Needed to correct the starting position in allocated \"packets\" when packets\n // will be buffered due to active key exchange\n self._packetRW.write.allocStart = 0;\n\n // TODO: only create single buffer and set _kexinit as slice of packet instead\n {\n const p = self._packetRW.write.allocStartKEX;\n const packet = self._packetRW.write.alloc(payload.length, true);\n packet.set(payload, p);\n self._cipher.encrypt(self._packetRW.write.finalize(packet, true));\n }\n}\n\nfunction handleKexInit(self, payload) {\n /*\n byte SSH_MSG_KEXINIT\n byte[16] cookie (random bytes)\n name-list kex_algorithms\n name-list server_host_key_algorithms\n name-list encryption_algorithms_client_to_server\n name-list encryption_algorithms_server_to_client\n name-list mac_algorithms_client_to_server\n name-list mac_algorithms_server_to_client\n name-list compression_algorithms_client_to_server\n name-list compression_algorithms_server_to_client\n name-list languages_client_to_server\n name-list languages_server_to_client\n boolean first_kex_packet_follows\n uint32 0 (reserved for future extension)\n */\n const init = {\n kex: undefined,\n serverHostKey: undefined,\n cs: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n sc: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n };\n\n bufferParser.init(payload, 17);\n\n if ((init.kex = bufferParser.readList()) === undefined\n || (init.serverHostKey = bufferParser.readList()) === undefined\n || (init.cs.cipher = bufferParser.readList()) === undefined\n || (init.sc.cipher = bufferParser.readList()) === undefined\n || (init.cs.mac = bufferParser.readList()) === undefined\n || (init.sc.mac = bufferParser.readList()) === undefined\n || (init.cs.compress = bufferParser.readList()) === undefined\n || (init.sc.compress = bufferParser.readList()) === undefined\n || (init.cs.lang = bufferParser.readList()) === undefined\n || (init.sc.lang = bufferParser.readList()) === undefined) {\n bufferParser.clear();\n return doFatalError(\n self,\n 'Received malformed KEXINIT',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n const pos = bufferParser.pos();\n const firstFollows = (pos < payload.length && payload[pos] === 1);\n bufferParser.clear();\n\n const local = self._offer;\n const remote = init;\n\n let localKex = local.lists.kex.array;\n if (self._compatFlags & COMPAT.BAD_DHGEX) {\n let found = false;\n for (let i = 0; i < localKex.length; ++i) {\n if (localKex[i].indexOf('group-exchange') !== -1) {\n if (!found) {\n found = true;\n // Copy array lazily\n localKex = localKex.slice();\n }\n localKex.splice(i--, 1);\n }\n }\n }\n\n let clientList;\n let serverList;\n let i;\n const debug = self._debug;\n\n debug && debug('Inbound: Handshake in progress');\n\n // Key exchange method =======================================================\n debug && debug(`Handshake: (local) KEX method: ${localKex}`);\n debug && debug(`Handshake: (remote) KEX method: ${remote.kex}`);\n let remoteExtInfoEnabled;\n if (self._server) {\n serverList = localKex;\n clientList = remote.kex;\n remoteExtInfoEnabled = (clientList.indexOf('ext-info-c') !== -1);\n } else {\n serverList = remote.kex;\n clientList = localKex;\n remoteExtInfoEnabled = (serverList.indexOf('ext-info-s') !== -1);\n }\n if (self._strictMode === undefined) {\n if (self._server) {\n self._strictMode =\n (clientList.indexOf('kex-strict-c-v00@openssh.com') !== -1);\n } else {\n self._strictMode =\n (serverList.indexOf('kex-strict-s-v00@openssh.com') !== -1);\n }\n // Note: We check for seqno of 1 instead of 0 since we increment before\n // calling the packet handler\n if (self._strictMode) {\n debug && debug('Handshake: strict KEX mode enabled');\n if (self._decipher.inSeqno !== 1) {\n if (debug)\n debug('Handshake: KEXINIT not first packet in strict KEX mode');\n return doFatalError(\n self,\n 'Handshake failed: KEXINIT not first packet in strict KEX mode',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n }\n // Check for agreeable key exchange algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: no matching key exchange algorithm');\n return doFatalError(\n self,\n 'Handshake failed: no matching key exchange algorithm',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.kex = clientList[i];\n debug && debug(`Handshake: KEX algorithm: ${clientList[i]}`);\n if (firstFollows && (!remote.kex.length || clientList[i] !== remote.kex[0])) {\n // Ignore next inbound packet, it was a wrong first guess at KEX algorithm\n self._skipNextInboundPacket = true;\n }\n\n\n // Server host key format ====================================================\n const localSrvHostKey = local.lists.serverHostKey.array;\n debug && debug(`Handshake: (local) Host key format: ${localSrvHostKey}`);\n debug && debug(\n `Handshake: (remote) Host key format: ${remote.serverHostKey}`\n );\n if (self._server) {\n serverList = localSrvHostKey;\n clientList = remote.serverHostKey;\n } else {\n serverList = remote.serverHostKey;\n clientList = localSrvHostKey;\n }\n // Check for agreeable server host key format\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching host key format');\n return doFatalError(\n self,\n 'Handshake failed: no matching host key format',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.serverHostKey = clientList[i];\n debug && debug(`Handshake: Host key format: ${clientList[i]}`);\n\n\n // Client->Server cipher =====================================================\n const localCSCipher = local.lists.cs.cipher.array;\n debug && debug(`Handshake: (local) C->S cipher: ${localCSCipher}`);\n debug && debug(`Handshake: (remote) C->S cipher: ${remote.cs.cipher}`);\n if (self._server) {\n serverList = localCSCipher;\n clientList = remote.cs.cipher;\n } else {\n serverList = remote.cs.cipher;\n clientList = localCSCipher;\n }\n // Check for agreeable client->server cipher\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching C->S cipher');\n return doFatalError(\n self,\n 'Handshake failed: no matching C->S cipher',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.cs.cipher = clientList[i];\n debug && debug(`Handshake: C->S Cipher: ${clientList[i]}`);\n\n\n // Server->Client cipher =====================================================\n const localSCCipher = local.lists.sc.cipher.array;\n debug && debug(`Handshake: (local) S->C cipher: ${localSCCipher}`);\n debug && debug(`Handshake: (remote) S->C cipher: ${remote.sc.cipher}`);\n if (self._server) {\n serverList = localSCCipher;\n clientList = remote.sc.cipher;\n } else {\n serverList = remote.sc.cipher;\n clientList = localSCCipher;\n }\n // Check for agreeable server->client cipher\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching S->C cipher');\n return doFatalError(\n self,\n 'Handshake failed: no matching S->C cipher',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.sc.cipher = clientList[i];\n debug && debug(`Handshake: S->C cipher: ${clientList[i]}`);\n\n\n // Client->Server MAC ========================================================\n const localCSMAC = local.lists.cs.mac.array;\n debug && debug(`Handshake: (local) C->S MAC: ${localCSMAC}`);\n debug && debug(`Handshake: (remote) C->S MAC: ${remote.cs.mac}`);\n if (CIPHER_INFO[init.cs.cipher].authLen > 0) {\n init.cs.mac = '';\n debug && debug('Handshake: C->S MAC: ');\n } else {\n if (self._server) {\n serverList = localCSMAC;\n clientList = remote.cs.mac;\n } else {\n serverList = remote.cs.mac;\n clientList = localCSMAC;\n }\n // Check for agreeable client->server hmac algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching C->S MAC');\n return doFatalError(\n self,\n 'Handshake failed: no matching C->S MAC',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.cs.mac = clientList[i];\n debug && debug(`Handshake: C->S MAC: ${clientList[i]}`);\n }\n\n\n // Server->Client MAC ========================================================\n const localSCMAC = local.lists.sc.mac.array;\n debug && debug(`Handshake: (local) S->C MAC: ${localSCMAC}`);\n debug && debug(`Handshake: (remote) S->C MAC: ${remote.sc.mac}`);\n if (CIPHER_INFO[init.sc.cipher].authLen > 0) {\n init.sc.mac = '';\n debug && debug('Handshake: S->C MAC: ');\n } else {\n if (self._server) {\n serverList = localSCMAC;\n clientList = remote.sc.mac;\n } else {\n serverList = remote.sc.mac;\n clientList = localSCMAC;\n }\n // Check for agreeable server->client hmac algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching S->C MAC');\n return doFatalError(\n self,\n 'Handshake failed: no matching S->C MAC',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.sc.mac = clientList[i];\n debug && debug(`Handshake: S->C MAC: ${clientList[i]}`);\n }\n\n\n // Client->Server compression ================================================\n const localCSCompress = local.lists.cs.compress.array;\n debug && debug(`Handshake: (local) C->S compression: ${localCSCompress}`);\n debug && debug(`Handshake: (remote) C->S compression: ${remote.cs.compress}`);\n if (self._server) {\n serverList = localCSCompress;\n clientList = remote.cs.compress;\n } else {\n serverList = remote.cs.compress;\n clientList = localCSCompress;\n }\n // Check for agreeable client->server compression algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching C->S compression');\n return doFatalError(\n self,\n 'Handshake failed: no matching C->S compression',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.cs.compress = clientList[i];\n debug && debug(`Handshake: C->S compression: ${clientList[i]}`);\n\n\n // Server->Client compression ================================================\n const localSCCompress = local.lists.sc.compress.array;\n debug && debug(`Handshake: (local) S->C compression: ${localSCCompress}`);\n debug && debug(`Handshake: (remote) S->C compression: ${remote.sc.compress}`);\n if (self._server) {\n serverList = localSCCompress;\n clientList = remote.sc.compress;\n } else {\n serverList = remote.sc.compress;\n clientList = localSCCompress;\n }\n // Check for agreeable server->client compression algorithm\n for (i = 0;\n i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n ++i);\n if (i === clientList.length) {\n // No suitable match found!\n debug && debug('Handshake: No matching S->C compression');\n return doFatalError(\n self,\n 'Handshake failed: no matching S->C compression',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n init.sc.compress = clientList[i];\n debug && debug(`Handshake: S->C compression: ${clientList[i]}`);\n\n init.cs.lang = '';\n init.sc.lang = '';\n\n // XXX: hack -- find a better way to do this\n if (self._kex) {\n if (!self._kexinit) {\n // We received a rekey request, but we haven't sent a KEXINIT in response\n // yet\n kexinit(self);\n }\n self._decipher._onPayload = onKEXPayload.bind(self, { firstPacket: false });\n }\n\n self._kex = createKeyExchange(init, self, payload);\n self._kex.remoteExtInfoEnabled = remoteExtInfoEnabled;\n self._kex.start();\n}\n\nconst createKeyExchange = (() => {\n function convertToMpint(buf) {\n let idx = 0;\n let length = buf.length;\n while (buf[idx] === 0x00) {\n ++idx;\n --length;\n }\n let newBuf;\n if (buf[idx] & 0x80) {\n newBuf = Buffer.allocUnsafe(1 + length);\n newBuf[0] = 0;\n buf.copy(newBuf, 1, idx);\n buf = newBuf;\n } else if (length !== buf.length) {\n newBuf = Buffer.allocUnsafe(length);\n buf.copy(newBuf, 0, idx);\n buf = newBuf;\n }\n return buf;\n }\n\n class KeyExchange {\n constructor(negotiated, protocol, remoteKexinit) {\n this._protocol = protocol;\n\n this.sessionID = (protocol._kex ? protocol._kex.sessionID : undefined);\n this.negotiated = negotiated;\n this.remoteExtInfoEnabled = false;\n this._step = 1;\n this._public = null;\n this._dh = null;\n this._sentNEWKEYS = false;\n this._receivedNEWKEYS = false;\n this._finished = false;\n this._hostVerified = false;\n\n // Data needed for initializing cipher/decipher/etc.\n this._kexinit = protocol._kexinit;\n this._remoteKexinit = remoteKexinit;\n this._identRaw = protocol._identRaw;\n this._remoteIdentRaw = protocol._remoteIdentRaw;\n this._hostKey = undefined;\n this._dhData = undefined;\n this._sig = undefined;\n }\n finish(scOnly) {\n if (this._finished)\n return false;\n this._finished = true;\n\n const isServer = this._protocol._server;\n const negotiated = this.negotiated;\n\n const pubKey = this.convertPublicKey(this._dhData);\n let secret = this.computeSecret(this._dhData);\n if (secret instanceof Error) {\n secret.message =\n `Error while computing DH secret (${this.type}): ${secret.message}`;\n secret.level = 'handshake';\n return doFatalError(\n this._protocol,\n secret,\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n const hash = createHash(this.hashName);\n // V_C\n hashString(hash, (isServer ? this._remoteIdentRaw : this._identRaw));\n // \"V_S\"\n hashString(hash, (isServer ? this._identRaw : this._remoteIdentRaw));\n // \"I_C\"\n hashString(hash, (isServer ? this._remoteKexinit : this._kexinit));\n // \"I_S\"\n hashString(hash, (isServer ? this._kexinit : this._remoteKexinit));\n // \"K_S\"\n const serverPublicHostKey = (isServer\n ? this._hostKey.getPublicSSH()\n : this._hostKey);\n hashString(hash, serverPublicHostKey);\n\n if (this.type === 'groupex') {\n // Group exchange-specific\n const params = this.getDHParams();\n const num = Buffer.allocUnsafe(4);\n // min (uint32)\n writeUInt32BE(num, this._minBits, 0);\n hash.update(num);\n // preferred (uint32)\n writeUInt32BE(num, this._prefBits, 0);\n hash.update(num);\n // max (uint32)\n writeUInt32BE(num, this._maxBits, 0);\n hash.update(num);\n // prime\n hashString(hash, params.prime);\n // generator\n hashString(hash, params.generator);\n }\n\n // method-specific data sent by client\n hashString(hash, (isServer ? pubKey : this.getPublicKey()));\n // method-specific data sent by server\n const serverPublicKey = (isServer ? this.getPublicKey() : pubKey);\n hashString(hash, serverPublicKey);\n // shared secret (\"K\")\n hashString(hash, secret);\n\n // \"H\"\n const exchangeHash = hash.digest();\n\n if (!isServer) {\n bufferParser.init(this._sig, 0);\n const sigType = bufferParser.readString(true);\n\n if (!sigType) {\n return doFatalError(\n this._protocol,\n 'Malformed packet while reading signature',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n if (sigType !== negotiated.serverHostKey) {\n return doFatalError(\n this._protocol,\n `Wrong signature type: ${sigType}, `\n + `expected: ${negotiated.serverHostKey}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n // \"s\"\n let sigValue = bufferParser.readString();\n\n bufferParser.clear();\n\n if (sigValue === undefined) {\n return doFatalError(\n this._protocol,\n 'Malformed packet while reading signature',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n if (!(sigValue = sigSSHToASN1(sigValue, sigType))) {\n return doFatalError(\n this._protocol,\n 'Malformed signature',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n let parsedHostKey;\n {\n bufferParser.init(this._hostKey, 0);\n const name = bufferParser.readString(true);\n const hostKey = this._hostKey.slice(bufferParser.pos());\n bufferParser.clear();\n parsedHostKey = parseDERKey(hostKey, name);\n if (parsedHostKey instanceof Error) {\n parsedHostKey.level = 'handshake';\n return doFatalError(\n this._protocol,\n parsedHostKey,\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n\n let hashAlgo;\n // Check if we need to override the default hash algorithm\n switch (this.negotiated.serverHostKey) {\n case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n }\n\n this._protocol._debug\n && this._protocol._debug('Verifying signature ...');\n\n const verified = parsedHostKey.verify(exchangeHash, sigValue, hashAlgo);\n if (verified !== true) {\n if (verified instanceof Error) {\n this._protocol._debug && this._protocol._debug(\n `Signature verification failed: ${verified.stack}`\n );\n } else {\n this._protocol._debug && this._protocol._debug(\n 'Signature verification failed'\n );\n }\n return doFatalError(\n this._protocol,\n 'Handshake failed: signature verification failed',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug('Verified signature');\n } else {\n // Server\n\n let hashAlgo;\n // Check if we need to override the default hash algorithm\n switch (this.negotiated.serverHostKey) {\n case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n }\n\n this._protocol._debug && this._protocol._debug(\n 'Generating signature ...'\n );\n\n let signature = this._hostKey.sign(exchangeHash, hashAlgo);\n if (signature instanceof Error) {\n return doFatalError(\n this._protocol,\n 'Handshake failed: signature generation failed for '\n + `${this._hostKey.type} host key: ${signature.message}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n signature = convertSignature(signature, this._hostKey.type);\n if (signature === false) {\n return doFatalError(\n this._protocol,\n 'Handshake failed: signature conversion failed for '\n + `${this._hostKey.type} host key`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n // Send KEX reply\n /*\n byte SSH_MSG_KEXDH_REPLY\n / SSH_MSG_KEX_DH_GEX_REPLY\n / SSH_MSG_KEX_ECDH_REPLY\n string server public host key and certificates (K_S)\n string \n string signature of H\n */\n const sigType = this.negotiated.serverHostKey;\n const sigTypeLen = Buffer.byteLength(sigType);\n const sigLen = 4 + sigTypeLen + 4 + signature.length;\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet = this._protocol._packetRW.write.alloc(\n 1\n + 4 + serverPublicHostKey.length\n + 4 + serverPublicKey.length\n + 4 + sigLen,\n true\n );\n\n packet[p] = MESSAGE.KEXDH_REPLY;\n\n writeUInt32BE(packet, serverPublicHostKey.length, ++p);\n packet.set(serverPublicHostKey, p += 4);\n\n writeUInt32BE(packet,\n serverPublicKey.length,\n p += serverPublicHostKey.length);\n packet.set(serverPublicKey, p += 4);\n\n writeUInt32BE(packet, sigLen, p += serverPublicKey.length);\n\n writeUInt32BE(packet, sigTypeLen, p += 4);\n packet.utf8Write(sigType, p += 4, sigTypeLen);\n\n writeUInt32BE(packet, signature.length, p += sigTypeLen);\n packet.set(signature, p += 4);\n\n if (this._protocol._debug) {\n let type;\n switch (this.type) {\n case 'group':\n type = 'KEXDH_REPLY';\n break;\n case 'groupex':\n type = 'KEXDH_GEX_REPLY';\n break;\n default:\n type = 'KEXECDH_REPLY';\n }\n this._protocol._debug(`Outbound: Sending ${type}`);\n }\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n\n if (isServer || !scOnly)\n trySendNEWKEYS(this);\n\n let hsCipherConfig;\n let hsWrite;\n const completeHandshake = (partial) => {\n if (hsCipherConfig) {\n trySendNEWKEYS(this);\n hsCipherConfig.outbound.seqno = this._protocol._cipher.outSeqno;\n this._protocol._cipher.free();\n this._protocol._cipher = createCipher(hsCipherConfig);\n this._protocol._packetRW.write = hsWrite;\n hsCipherConfig = undefined;\n hsWrite = undefined;\n this._protocol._onHandshakeComplete(negotiated);\n\n return false;\n }\n\n if (!this.sessionID)\n this.sessionID = exchangeHash;\n\n {\n const newSecret = Buffer.allocUnsafe(4 + secret.length);\n writeUInt32BE(newSecret, secret.length, 0);\n newSecret.set(secret, 4);\n secret = newSecret;\n }\n\n // Initialize new ciphers, deciphers, etc.\n\n const csCipherInfo = CIPHER_INFO[negotiated.cs.cipher];\n const scCipherInfo = CIPHER_INFO[negotiated.sc.cipher];\n\n const csIV = generateKEXVal(csCipherInfo.ivLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'A');\n const scIV = generateKEXVal(scCipherInfo.ivLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'B');\n const csKey = generateKEXVal(csCipherInfo.keyLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'C');\n const scKey = generateKEXVal(scCipherInfo.keyLen,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'D');\n let csMacInfo;\n let csMacKey;\n if (!csCipherInfo.authLen) {\n csMacInfo = MAC_INFO[negotiated.cs.mac];\n csMacKey = generateKEXVal(csMacInfo.len,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'E');\n }\n let scMacInfo;\n let scMacKey;\n if (!scCipherInfo.authLen) {\n scMacInfo = MAC_INFO[negotiated.sc.mac];\n scMacKey = generateKEXVal(scMacInfo.len,\n this.hashName,\n secret,\n exchangeHash,\n this.sessionID,\n 'F');\n }\n\n const config = {\n inbound: {\n onPayload: this._protocol._onPayload,\n seqno: this._protocol._decipher.inSeqno,\n decipherInfo: (!isServer ? scCipherInfo : csCipherInfo),\n decipherIV: (!isServer ? scIV : csIV),\n decipherKey: (!isServer ? scKey : csKey),\n macInfo: (!isServer ? scMacInfo : csMacInfo),\n macKey: (!isServer ? scMacKey : csMacKey),\n },\n outbound: {\n onWrite: this._protocol._onWrite,\n seqno: this._protocol._cipher.outSeqno,\n cipherInfo: (isServer ? scCipherInfo : csCipherInfo),\n cipherIV: (isServer ? scIV : csIV),\n cipherKey: (isServer ? scKey : csKey),\n macInfo: (isServer ? scMacInfo : csMacInfo),\n macKey: (isServer ? scMacKey : csMacKey),\n },\n };\n this._protocol._decipher.free();\n hsCipherConfig = config;\n this._protocol._decipher = createDecipher(config);\n\n const rw = {\n read: undefined,\n write: undefined,\n };\n switch (negotiated.cs.compress) {\n case 'zlib': // starts immediately\n if (isServer)\n rw.read = new ZlibPacketReader();\n else\n rw.write = new ZlibPacketWriter(this._protocol);\n break;\n case 'zlib@openssh.com':\n // Starts after successful user authentication\n\n if (this._protocol._authenticated) {\n // If a rekey happens and this compression method is selected and\n // we already authenticated successfully, we need to start\n // immediately instead\n if (isServer)\n rw.read = new ZlibPacketReader();\n else\n rw.write = new ZlibPacketWriter(this._protocol);\n break;\n }\n // FALLTHROUGH\n default:\n // none -- never any compression/decompression\n\n if (isServer)\n rw.read = new PacketReader();\n else\n rw.write = new PacketWriter(this._protocol);\n }\n switch (negotiated.sc.compress) {\n case 'zlib': // starts immediately\n if (isServer)\n rw.write = new ZlibPacketWriter(this._protocol);\n else\n rw.read = new ZlibPacketReader();\n break;\n case 'zlib@openssh.com':\n // Starts after successful user authentication\n\n if (this._protocol._authenticated) {\n // If a rekey happens and this compression method is selected and\n // we already authenticated successfully, we need to start\n // immediately instead\n if (isServer)\n rw.write = new ZlibPacketWriter(this._protocol);\n else\n rw.read = new ZlibPacketReader();\n break;\n }\n // FALLTHROUGH\n default:\n // none -- never any compression/decompression\n\n if (isServer)\n rw.write = new PacketWriter(this._protocol);\n else\n rw.read = new PacketReader();\n }\n this._protocol._packetRW.read.cleanup();\n this._protocol._packetRW.write.cleanup();\n this._protocol._packetRW.read = rw.read;\n hsWrite = rw.write;\n\n // Cleanup/reset various state\n this._public = null;\n this._dh = null;\n this._kexinit = this._protocol._kexinit = undefined;\n this._remoteKexinit = undefined;\n this._identRaw = undefined;\n this._remoteIdentRaw = undefined;\n this._hostKey = undefined;\n this._dhData = undefined;\n this._sig = undefined;\n\n if (!partial)\n return completeHandshake();\n return false;\n };\n\n if (isServer || scOnly)\n this.finish = completeHandshake;\n\n if (!isServer)\n return completeHandshake(scOnly);\n }\n\n start() {\n if (!this._protocol._server) {\n if (this._protocol._debug) {\n let type;\n switch (this.type) {\n case 'group':\n type = 'KEXDH_INIT';\n break;\n default:\n type = 'KEXECDH_INIT';\n }\n this._protocol._debug(`Outbound: Sending ${type}`);\n }\n\n const pubKey = this.getPublicKey();\n\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet = this._protocol._packetRW.write.alloc(\n 1 + 4 + pubKey.length,\n true\n );\n packet[p] = MESSAGE.KEXDH_INIT;\n writeUInt32BE(packet, pubKey.length, ++p);\n packet.set(pubKey, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n }\n getPublicKey() {\n this.generateKeys();\n\n const key = this._public;\n\n if (key)\n return this.convertPublicKey(key);\n }\n convertPublicKey(key) {\n let newKey;\n let idx = 0;\n let len = key.length;\n while (key[idx] === 0x00) {\n ++idx;\n --len;\n }\n\n if (key[idx] & 0x80) {\n newKey = Buffer.allocUnsafe(1 + len);\n newKey[0] = 0;\n key.copy(newKey, 1, idx);\n return newKey;\n }\n\n if (len !== key.length) {\n newKey = Buffer.allocUnsafe(len);\n key.copy(newKey, 0, idx);\n key = newKey;\n }\n return key;\n }\n computeSecret(otherPublicKey) {\n this.generateKeys();\n\n try {\n return convertToMpint(this._dh.computeSecret(otherPublicKey));\n } catch (ex) {\n return ex;\n }\n }\n parse(payload) {\n const type = payload[0];\n switch (this._step) {\n case 1:\n if (this._protocol._server) {\n // Server\n if (type !== MESSAGE.KEXDH_INIT) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_INIT}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH Init'\n );\n /*\n byte SSH_MSG_KEXDH_INIT\n / SSH_MSG_KEX_ECDH_INIT\n string \n */\n bufferParser.init(payload, 1);\n const dhData = bufferParser.readString();\n bufferParser.clear();\n if (dhData === undefined) {\n return doFatalError(\n this._protocol,\n 'Received malformed KEX*_INIT',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n // Client public key\n this._dhData = dhData;\n\n let hostKey =\n this._protocol._hostKeys[this.negotiated.serverHostKey];\n if (Array.isArray(hostKey))\n hostKey = hostKey[0];\n this._hostKey = hostKey;\n\n this.finish();\n } else {\n // Client\n if (type !== MESSAGE.KEXDH_REPLY) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_REPLY}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH Reply'\n );\n /*\n byte SSH_MSG_KEXDH_REPLY\n / SSH_MSG_KEX_DH_GEX_REPLY\n / SSH_MSG_KEX_ECDH_REPLY\n string server public host key and certificates (K_S)\n string \n string signature of H\n */\n bufferParser.init(payload, 1);\n let hostPubKey;\n let dhData;\n let sig;\n if ((hostPubKey = bufferParser.readString()) === undefined\n || (dhData = bufferParser.readString()) === undefined\n || (sig = bufferParser.readString()) === undefined) {\n bufferParser.clear();\n return doFatalError(\n this._protocol,\n 'Received malformed KEX*_REPLY',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n bufferParser.clear();\n\n // Check that the host public key type matches what was negotiated\n // during KEXINIT swap\n bufferParser.init(hostPubKey, 0);\n const hostPubKeyType = bufferParser.readString(true);\n bufferParser.clear();\n if (hostPubKeyType === undefined) {\n return doFatalError(\n this._protocol,\n 'Received malformed host public key',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n if (hostPubKeyType !== this.negotiated.serverHostKey) {\n // Check if we need to make an exception\n switch (this.negotiated.serverHostKey) {\n case 'rsa-sha2-256':\n case 'rsa-sha2-512':\n if (hostPubKeyType === 'ssh-rsa')\n break;\n // FALLTHROUGH\n default:\n return doFatalError(\n this._protocol,\n 'Host key does not match negotiated type',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n\n this._hostKey = hostPubKey;\n this._dhData = dhData;\n this._sig = sig;\n\n let checked = false;\n let ret;\n if (this._protocol._hostVerifier === undefined) {\n ret = true;\n this._protocol._debug && this._protocol._debug(\n 'Host accepted by default (no verification)'\n );\n } else {\n ret = this._protocol._hostVerifier(hostPubKey, (permitted) => {\n if (checked)\n return;\n checked = true;\n if (permitted === false) {\n this._protocol._debug && this._protocol._debug(\n 'Host denied (verification failed)'\n );\n return doFatalError(\n this._protocol,\n 'Host denied (verification failed)',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Host accepted (verified)'\n );\n this._hostVerified = true;\n if (this._receivedNEWKEYS)\n this.finish();\n else\n trySendNEWKEYS(this);\n });\n }\n if (ret === undefined) {\n // Async host verification\n ++this._step;\n return;\n }\n checked = true;\n if (ret === false) {\n this._protocol._debug && this._protocol._debug(\n 'Host denied (verification failed)'\n );\n return doFatalError(\n this._protocol,\n 'Host denied (verification failed)',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Host accepted (verified)'\n );\n this._hostVerified = true;\n trySendNEWKEYS(this);\n }\n ++this._step;\n break;\n case 2:\n if (type !== MESSAGE.NEWKEYS) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.NEWKEYS}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Inbound: NEWKEYS'\n );\n this._receivedNEWKEYS = true;\n if (this._protocol._strictMode)\n this._protocol._decipher.inSeqno = 0;\n ++this._step;\n\n return this.finish(!this._protocol._server && !this._hostVerified);\n default:\n return doFatalError(\n this._protocol,\n `Received unexpected packet ${type} after NEWKEYS`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n }\n\n class Curve25519Exchange extends KeyExchange {\n constructor(hashName, ...args) {\n super(...args);\n\n this.type = '25519';\n this.hashName = hashName;\n this._keys = null;\n }\n generateKeys() {\n if (!this._keys)\n this._keys = generateKeyPairSync('x25519');\n }\n getPublicKey() {\n this.generateKeys();\n\n const key = this._keys.publicKey.export({ type: 'spki', format: 'der' });\n return key.slice(-32); // HACK: avoids parsing DER/BER header\n }\n convertPublicKey(key) {\n let newKey;\n let idx = 0;\n let len = key.length;\n while (key[idx] === 0x00) {\n ++idx;\n --len;\n }\n\n if (key.length === 32)\n return key;\n\n if (len !== key.length) {\n newKey = Buffer.allocUnsafe(len);\n key.copy(newKey, 0, idx);\n key = newKey;\n }\n return key;\n }\n computeSecret(otherPublicKey) {\n this.generateKeys();\n\n try {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.3.101.110'); // id-X25519\n asnWriter.endSequence();\n\n // PublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(otherPublicKey.length);\n otherPublicKey.copy(asnWriter._buf,\n asnWriter._offset,\n 0,\n otherPublicKey.length);\n asnWriter._offset += otherPublicKey.length;\n asnWriter.endSequence();\n asnWriter.endSequence();\n\n return convertToMpint(diffieHellman({\n privateKey: this._keys.privateKey,\n publicKey: createPublicKey({\n key: asnWriter.buffer,\n type: 'spki',\n format: 'der',\n }),\n }));\n } catch (ex) {\n return ex;\n }\n }\n }\n\n class ECDHExchange extends KeyExchange {\n constructor(curveName, hashName, ...args) {\n super(...args);\n\n this.type = 'ecdh';\n this.curveName = curveName;\n this.hashName = hashName;\n }\n generateKeys() {\n if (!this._dh) {\n this._dh = createECDH(this.curveName);\n this._public = this._dh.generateKeys();\n }\n }\n }\n\n class DHGroupExchange extends KeyExchange {\n constructor(hashName, ...args) {\n super(...args);\n\n this.type = 'groupex';\n this.hashName = hashName;\n this._prime = null;\n this._generator = null;\n this._minBits = GEX_MIN_BITS;\n this._prefBits = dhEstimate(this.negotiated);\n if (this._protocol._compatFlags & COMPAT.BUG_DHGEX_LARGE)\n this._prefBits = Math.min(this._prefBits, 4096);\n this._maxBits = GEX_MAX_BITS;\n }\n start() {\n if (this._protocol._server)\n return;\n this._protocol._debug && this._protocol._debug(\n 'Outbound: Sending KEXDH_GEX_REQUEST'\n );\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet = this._protocol._packetRW.write.alloc(\n 1 + 4 + 4 + 4,\n true\n );\n packet[p] = MESSAGE.KEXDH_GEX_REQUEST;\n writeUInt32BE(packet, this._minBits, ++p);\n writeUInt32BE(packet, this._prefBits, p += 4);\n writeUInt32BE(packet, this._maxBits, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n generateKeys() {\n if (!this._dh && this._prime && this._generator) {\n this._dh = createDiffieHellman(this._prime, this._generator);\n this._public = this._dh.generateKeys();\n }\n }\n setDHParams(prime, generator) {\n if (!Buffer.isBuffer(prime))\n throw new Error('Invalid prime value');\n if (!Buffer.isBuffer(generator))\n throw new Error('Invalid generator value');\n this._prime = prime;\n this._generator = generator;\n }\n getDHParams() {\n if (this._dh) {\n return {\n prime: convertToMpint(this._dh.getPrime()),\n generator: convertToMpint(this._dh.getGenerator()),\n };\n }\n }\n parse(payload) {\n const type = payload[0];\n switch (this._step) {\n case 1: {\n if (this._protocol._server) {\n if (type !== MESSAGE.KEXDH_GEX_REQUEST) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of `\n + MESSAGE.KEXDH_GEX_REQUEST,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n // TODO: allow user implementation to provide safe prime and\n // generator on demand to support group exchange on server side\n return doFatalError(\n this._protocol,\n 'Group exchange not implemented for server',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n if (type !== MESSAGE.KEXDH_GEX_GROUP) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_GROUP}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n\n this._protocol._debug && this._protocol._debug(\n 'Received DH GEX Group'\n );\n\n /*\n byte SSH_MSG_KEX_DH_GEX_GROUP\n mpint p, safe prime\n mpint g, generator for subgroup in GF(p)\n */\n bufferParser.init(payload, 1);\n let prime;\n let gen;\n if ((prime = bufferParser.readString()) === undefined\n || (gen = bufferParser.readString()) === undefined) {\n bufferParser.clear();\n return doFatalError(\n this._protocol,\n 'Received malformed KEXDH_GEX_GROUP',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n bufferParser.clear();\n\n // TODO: validate prime\n this.setDHParams(prime, gen);\n this.generateKeys();\n const pubkey = this.getPublicKey();\n\n this._protocol._debug && this._protocol._debug(\n 'Outbound: Sending KEXDH_GEX_INIT'\n );\n\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet =\n this._protocol._packetRW.write.alloc(1 + 4 + pubkey.length, true);\n packet[p] = MESSAGE.KEXDH_GEX_INIT;\n writeUInt32BE(packet, pubkey.length, ++p);\n packet.set(pubkey, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n\n ++this._step;\n break;\n }\n case 2:\n if (this._protocol._server) {\n if (type !== MESSAGE.KEXDH_GEX_INIT) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_INIT}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH GEX Init'\n );\n return doFatalError(\n this._protocol,\n 'Group exchange not implemented for server',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n } else if (type !== MESSAGE.KEXDH_GEX_REPLY) {\n return doFatalError(\n this._protocol,\n `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_REPLY}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n this._protocol._debug && this._protocol._debug(\n 'Received DH GEX Reply'\n );\n this._step = 1;\n payload[0] = MESSAGE.KEXDH_REPLY;\n this.parse = KeyExchange.prototype.parse;\n this.parse(payload);\n }\n }\n }\n\n class DHExchange extends KeyExchange {\n constructor(groupName, hashName, ...args) {\n super(...args);\n\n this.type = 'group';\n this.groupName = groupName;\n this.hashName = hashName;\n }\n start() {\n if (!this._protocol._server) {\n this._protocol._debug && this._protocol._debug(\n 'Outbound: Sending KEXDH_INIT'\n );\n const pubKey = this.getPublicKey();\n let p = this._protocol._packetRW.write.allocStartKEX;\n const packet =\n this._protocol._packetRW.write.alloc(1 + 4 + pubKey.length, true);\n packet[p] = MESSAGE.KEXDH_INIT;\n writeUInt32BE(packet, pubKey.length, ++p);\n packet.set(pubKey, p += 4);\n this._protocol._cipher.encrypt(\n this._protocol._packetRW.write.finalize(packet, true)\n );\n }\n }\n generateKeys() {\n if (!this._dh) {\n this._dh = createDiffieHellmanGroup(this.groupName);\n this._public = this._dh.generateKeys();\n }\n }\n getDHParams() {\n if (this._dh) {\n return {\n prime: convertToMpint(this._dh.getPrime()),\n generator: convertToMpint(this._dh.getGenerator()),\n };\n }\n }\n }\n\n return (negotiated, ...args) => {\n if (typeof negotiated !== 'object' || negotiated === null)\n throw new Error('Invalid negotiated argument');\n const kexType = negotiated.kex;\n if (typeof kexType === 'string') {\n args = [negotiated, ...args];\n switch (kexType) {\n case 'curve25519-sha256':\n case 'curve25519-sha256@libssh.org':\n if (!curve25519Supported)\n break;\n return new Curve25519Exchange('sha256', ...args);\n\n case 'ecdh-sha2-nistp256':\n return new ECDHExchange('prime256v1', 'sha256', ...args);\n case 'ecdh-sha2-nistp384':\n return new ECDHExchange('secp384r1', 'sha384', ...args);\n case 'ecdh-sha2-nistp521':\n return new ECDHExchange('secp521r1', 'sha512', ...args);\n\n case 'diffie-hellman-group1-sha1':\n return new DHExchange('modp2', 'sha1', ...args);\n case 'diffie-hellman-group14-sha1':\n return new DHExchange('modp14', 'sha1', ...args);\n case 'diffie-hellman-group14-sha256':\n return new DHExchange('modp14', 'sha256', ...args);\n case 'diffie-hellman-group15-sha512':\n return new DHExchange('modp15', 'sha512', ...args);\n case 'diffie-hellman-group16-sha512':\n return new DHExchange('modp16', 'sha512', ...args);\n case 'diffie-hellman-group17-sha512':\n return new DHExchange('modp17', 'sha512', ...args);\n case 'diffie-hellman-group18-sha512':\n return new DHExchange('modp18', 'sha512', ...args);\n\n case 'diffie-hellman-group-exchange-sha1':\n return new DHGroupExchange('sha1', ...args);\n case 'diffie-hellman-group-exchange-sha256':\n return new DHGroupExchange('sha256', ...args);\n }\n throw new Error(`Unsupported key exchange algorithm: ${kexType}`);\n }\n throw new Error(`Invalid key exchange type: ${kexType}`);\n };\n})();\n\nconst KexInit = (() => {\n const KEX_PROPERTY_NAMES = [\n 'kex',\n 'serverHostKey',\n ['cs', 'cipher' ],\n ['sc', 'cipher' ],\n ['cs', 'mac' ],\n ['sc', 'mac' ],\n ['cs', 'compress' ],\n ['sc', 'compress' ],\n ['cs', 'lang' ],\n ['sc', 'lang' ],\n ];\n return class KexInit {\n constructor(obj) {\n if (typeof obj !== 'object' || obj === null)\n throw new TypeError('Argument must be an object');\n\n const lists = {\n kex: undefined,\n serverHostKey: undefined,\n cs: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n sc: {\n cipher: undefined,\n mac: undefined,\n compress: undefined,\n lang: undefined,\n },\n\n all: undefined,\n };\n let totalSize = 0;\n for (const prop of KEX_PROPERTY_NAMES) {\n let base;\n let val;\n let desc;\n let key;\n if (typeof prop === 'string') {\n base = lists;\n val = obj[prop];\n desc = key = prop;\n } else {\n const parent = prop[0];\n base = lists[parent];\n key = prop[1];\n val = obj[parent][key];\n desc = `${parent}.${key}`;\n }\n const entry = { array: undefined, buffer: undefined };\n if (Buffer.isBuffer(val)) {\n entry.array = ('' + val).split(',');\n entry.buffer = val;\n totalSize += 4 + val.length;\n } else {\n if (typeof val === 'string')\n val = val.split(',');\n if (Array.isArray(val)) {\n entry.array = val;\n entry.buffer = Buffer.from(val.join(','));\n } else {\n throw new TypeError(`Invalid \\`${desc}\\` type: ${typeof val}`);\n }\n totalSize += 4 + entry.buffer.length;\n }\n base[key] = entry;\n }\n\n const all = Buffer.allocUnsafe(totalSize);\n lists.all = all;\n\n let allPos = 0;\n for (const prop of KEX_PROPERTY_NAMES) {\n let data;\n if (typeof prop === 'string')\n data = lists[prop].buffer;\n else\n data = lists[prop[0]][prop[1]].buffer;\n allPos = writeUInt32BE(all, data.length, allPos);\n all.set(data, allPos);\n allPos += data.length;\n }\n\n this.totalSize = totalSize;\n this.lists = lists;\n }\n copyAllTo(buf, offset) {\n const src = this.lists.all;\n if (typeof offset !== 'number')\n throw new TypeError(`Invalid offset value: ${typeof offset}`);\n if (buf.length - offset < src.length)\n throw new Error('Insufficient space to copy list');\n buf.set(src, offset);\n return src.length;\n }\n };\n})();\n\nconst hashString = (() => {\n const LEN = Buffer.allocUnsafe(4);\n return (hash, buf) => {\n writeUInt32BE(LEN, buf.length, 0);\n hash.update(LEN);\n hash.update(buf);\n };\n})();\n\nfunction generateKEXVal(len, hashName, secret, exchangeHash, sessionID, char) {\n let ret;\n if (len) {\n let digest = createHash(hashName)\n .update(secret)\n .update(exchangeHash)\n .update(char)\n .update(sessionID)\n .digest();\n while (digest.length < len) {\n const chunk = createHash(hashName)\n .update(secret)\n .update(exchangeHash)\n .update(digest)\n .digest();\n const extended = Buffer.allocUnsafe(digest.length + chunk.length);\n extended.set(digest, 0);\n extended.set(chunk, digest.length);\n digest = extended;\n }\n if (digest.length === len)\n ret = digest;\n else\n ret = new FastBuffer(digest.buffer, digest.byteOffset, len);\n } else {\n ret = EMPTY_BUFFER;\n }\n return ret;\n}\n\nfunction onKEXPayload(state, payload) {\n // XXX: move this to the Decipher implementations?\n if (payload.length === 0) {\n this._debug && this._debug('Inbound: Skipping empty packet payload');\n return;\n }\n\n if (this._skipNextInboundPacket) {\n this._skipNextInboundPacket = false;\n return;\n }\n\n payload = this._packetRW.read.read(payload);\n\n const type = payload[0];\n\n if (!this._strictMode) {\n switch (type) {\n case MESSAGE.IGNORE:\n case MESSAGE.UNIMPLEMENTED:\n case MESSAGE.DEBUG:\n if (!MESSAGE_HANDLERS)\n MESSAGE_HANDLERS = require('./handlers.js');\n return MESSAGE_HANDLERS[type](this, payload);\n }\n }\n\n switch (type) {\n case MESSAGE.DISCONNECT:\n if (!MESSAGE_HANDLERS)\n MESSAGE_HANDLERS = require('./handlers.js');\n return MESSAGE_HANDLERS[type](this, payload);\n case MESSAGE.KEXINIT:\n if (!state.firstPacket) {\n return doFatalError(\n this,\n 'Received extra KEXINIT during handshake',\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n state.firstPacket = false;\n return handleKexInit(this, payload);\n default:\n // Ensure packet is either an algorithm negotiation or KEX\n // algorithm-specific packet\n if (type < 20 || type > 49) {\n return doFatalError(\n this,\n `Received unexpected packet type ${type}`,\n 'handshake',\n DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n );\n }\n }\n\n return this._kex.parse(payload);\n}\n\nfunction dhEstimate(neg) {\n const csCipher = CIPHER_INFO[neg.cs.cipher];\n const scCipher = CIPHER_INFO[neg.sc.cipher];\n // XXX: if OpenSSH's `umac-*` MACs are ever supported, their key lengths will\n // also need to be considered when calculating `bits`\n const bits = Math.max(\n 0,\n (csCipher.sslName === 'des-ede3-cbc' ? 14 : csCipher.keyLen),\n csCipher.blockLen,\n csCipher.ivLen,\n (scCipher.sslName === 'des-ede3-cbc' ? 14 : scCipher.keyLen),\n scCipher.blockLen,\n scCipher.ivLen\n ) * 8;\n if (bits <= 112)\n return 2048;\n if (bits <= 128)\n return 3072;\n if (bits <= 192)\n return 7680;\n return 8192;\n}\n\nfunction trySendNEWKEYS(kex) {\n if (!kex._sentNEWKEYS) {\n kex._protocol._debug && kex._protocol._debug(\n 'Outbound: Sending NEWKEYS'\n );\n const p = kex._protocol._packetRW.write.allocStartKEX;\n const packet = kex._protocol._packetRW.write.alloc(1, true);\n packet[p] = MESSAGE.NEWKEYS;\n kex._protocol._cipher.encrypt(\n kex._protocol._packetRW.write.finalize(packet, true)\n );\n kex._sentNEWKEYS = true;\n if (kex._protocol._strictMode)\n kex._protocol._cipher.outSeqno = 0;\n }\n}\n\nmodule.exports = {\n KexInit,\n kexinit,\n onKEXPayload,\n DEFAULT_KEXINIT_CLIENT: new KexInit({\n kex: DEFAULT_KEX.concat(['ext-info-c', 'kex-strict-c-v00@openssh.com']),\n serverHostKey: DEFAULT_SERVER_HOST_KEY,\n cs: {\n cipher: DEFAULT_CIPHER,\n mac: DEFAULT_MAC,\n compress: DEFAULT_COMPRESSION,\n lang: [],\n },\n sc: {\n cipher: DEFAULT_CIPHER,\n mac: DEFAULT_MAC,\n compress: DEFAULT_COMPRESSION,\n lang: [],\n },\n }),\n DEFAULT_KEXINIT_SERVER: new KexInit({\n kex: DEFAULT_KEX.concat(['kex-strict-s-v00@openssh.com']),\n serverHostKey: DEFAULT_SERVER_HOST_KEY,\n cs: {\n cipher: DEFAULT_CIPHER,\n mac: DEFAULT_MAC,\n compress: DEFAULT_COMPRESSION,\n lang: [],\n },\n sc: {\n cipher: DEFAULT_CIPHER,\n mac: DEFAULT_MAC,\n compress: DEFAULT_COMPRESSION,\n lang: [],\n },\n }),\n HANDLERS: {\n [MESSAGE.KEXINIT]: handleKexInit,\n },\n};\n","// TODO:\n// * utilize `crypto.create(Private|Public)Key()` and `keyObject.export()`\n// * handle multi-line header values (OpenSSH)?\n// * more thorough validation?\n'use strict';\n\nconst {\n createDecipheriv,\n createECDH,\n createHash,\n createHmac,\n createSign,\n createVerify,\n getCiphers,\n sign: sign_,\n verify: verify_,\n} = require('crypto');\nconst supportedOpenSSLCiphers = getCiphers();\n\nconst { Ber } = require('asn1');\nconst bcrypt_pbkdf = require('bcrypt-pbkdf').pbkdf;\n\nconst { CIPHER_INFO } = require('./crypto.js');\nconst { eddsaSupported, SUPPORTED_CIPHER } = require('./constants.js');\nconst {\n bufferSlice,\n makeBufferParser,\n readString,\n readUInt32BE,\n writeUInt32BE,\n} = require('./utils.js');\n\nconst SYM_HASH_ALGO = Symbol('Hash Algorithm');\nconst SYM_PRIV_PEM = Symbol('Private key PEM');\nconst SYM_PUB_PEM = Symbol('Public key PEM');\nconst SYM_PUB_SSH = Symbol('Public key SSH');\nconst SYM_DECRYPTED = Symbol('Decrypted Key');\n\n// Create OpenSSL cipher name -> SSH cipher name conversion table\nconst CIPHER_INFO_OPENSSL = Object.create(null);\n{\n const keys = Object.keys(CIPHER_INFO);\n for (let i = 0; i < keys.length; ++i) {\n const cipherName = CIPHER_INFO[keys[i]].sslName;\n if (!cipherName || CIPHER_INFO_OPENSSL[cipherName])\n continue;\n CIPHER_INFO_OPENSSL[cipherName] = CIPHER_INFO[keys[i]];\n }\n}\n\nconst binaryKeyParser = makeBufferParser();\n\nfunction makePEM(type, data) {\n data = data.base64Slice(0, data.length);\n let formatted = data.replace(/.{64}/g, '$&\\n');\n if (data.length & 63)\n formatted += '\\n';\n return `-----BEGIN ${type} KEY-----\\n${formatted}-----END ${type} KEY-----`;\n}\n\nfunction combineBuffers(buf1, buf2) {\n const result = Buffer.allocUnsafe(buf1.length + buf2.length);\n result.set(buf1, 0);\n result.set(buf2, buf1.length);\n return result;\n}\n\nfunction skipFields(buf, nfields) {\n const bufLen = buf.length;\n let pos = (buf._pos || 0);\n for (let i = 0; i < nfields; ++i) {\n const left = (bufLen - pos);\n if (pos >= bufLen || left < 4)\n return false;\n const len = readUInt32BE(buf, pos);\n if (left < 4 + len)\n return false;\n pos += 4 + len;\n }\n buf._pos = pos;\n return true;\n}\n\nfunction genOpenSSLRSAPub(n, e) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.2.840.113549.1.1.1'); // rsaEncryption\n // algorithm parameters (RSA has none)\n asnWriter.writeNull();\n asnWriter.endSequence();\n\n // subjectPublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n asnWriter.startSequence();\n asnWriter.writeBuffer(n, Ber.Integer);\n asnWriter.writeBuffer(e, Ber.Integer);\n asnWriter.endSequence();\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHRSAPub(n, e) {\n const publicKey = Buffer.allocUnsafe(4 + 7 + 4 + e.length + 4 + n.length);\n\n writeUInt32BE(publicKey, 7, 0);\n publicKey.utf8Write('ssh-rsa', 4, 7);\n\n let i = 4 + 7;\n writeUInt32BE(publicKey, e.length, i);\n publicKey.set(e, i += 4);\n\n writeUInt32BE(publicKey, n.length, i += e.length);\n publicKey.set(n, i + 4);\n\n return publicKey;\n}\n\nconst genOpenSSLRSAPriv = (() => {\n function genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n asnWriter.writeInt(0x00, Ber.Integer);\n asnWriter.writeBuffer(n, Ber.Integer);\n asnWriter.writeBuffer(e, Ber.Integer);\n asnWriter.writeBuffer(d, Ber.Integer);\n asnWriter.writeBuffer(p, Ber.Integer);\n asnWriter.writeBuffer(q, Ber.Integer);\n asnWriter.writeBuffer(dmp1, Ber.Integer);\n asnWriter.writeBuffer(dmq1, Ber.Integer);\n asnWriter.writeBuffer(iqmp, Ber.Integer);\n asnWriter.endSequence();\n return asnWriter.buffer;\n }\n\n function bigIntFromBuffer(buf) {\n return BigInt(`0x${buf.hexSlice(0, buf.length)}`);\n }\n\n function bigIntToBuffer(bn) {\n let hex = bn.toString(16);\n if ((hex.length & 1) !== 0) {\n hex = `0${hex}`;\n } else {\n const sigbit = hex.charCodeAt(0);\n // BER/DER integers require leading zero byte to denote a positive value\n // when first byte >= 0x80\n if (sigbit === 56/* '8' */\n || sigbit === 57/* '9' */\n || (sigbit >= 97/* 'a' */ && sigbit <= 102/* 'f' */)) {\n hex = `00${hex}`;\n }\n }\n return Buffer.from(hex, 'hex');\n }\n\n return function genOpenSSLRSAPriv(n, e, d, iqmp, p, q) {\n const bn_d = bigIntFromBuffer(d);\n const dmp1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(p) - 1n));\n const dmq1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(q) - 1n));\n return makePEM('RSA PRIVATE',\n genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp));\n };\n})();\n\nfunction genOpenSSLDSAPub(p, q, g, y) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.2.840.10040.4.1'); // id-dsa\n // algorithm parameters\n asnWriter.startSequence();\n asnWriter.writeBuffer(p, Ber.Integer);\n asnWriter.writeBuffer(q, Ber.Integer);\n asnWriter.writeBuffer(g, Ber.Integer);\n asnWriter.endSequence();\n asnWriter.endSequence();\n\n // subjectPublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n asnWriter.writeBuffer(y, Ber.Integer);\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHDSAPub(p, q, g, y) {\n const publicKey = Buffer.allocUnsafe(\n 4 + 7 + 4 + p.length + 4 + q.length + 4 + g.length + 4 + y.length\n );\n\n writeUInt32BE(publicKey, 7, 0);\n publicKey.utf8Write('ssh-dss', 4, 7);\n\n let i = 4 + 7;\n writeUInt32BE(publicKey, p.length, i);\n publicKey.set(p, i += 4);\n\n writeUInt32BE(publicKey, q.length, i += p.length);\n publicKey.set(q, i += 4);\n\n writeUInt32BE(publicKey, g.length, i += q.length);\n publicKey.set(g, i += 4);\n\n writeUInt32BE(publicKey, y.length, i += g.length);\n publicKey.set(y, i + 4);\n\n return publicKey;\n}\n\nfunction genOpenSSLDSAPriv(p, q, g, y, x) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n asnWriter.writeInt(0x00, Ber.Integer);\n asnWriter.writeBuffer(p, Ber.Integer);\n asnWriter.writeBuffer(q, Ber.Integer);\n asnWriter.writeBuffer(g, Ber.Integer);\n asnWriter.writeBuffer(y, Ber.Integer);\n asnWriter.writeBuffer(x, Ber.Integer);\n asnWriter.endSequence();\n return makePEM('DSA PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLEdPub(pub) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n asnWriter.endSequence();\n\n // PublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(pub.length);\n asnWriter._buf.set(pub, asnWriter._offset);\n asnWriter._offset += pub.length;\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHEdPub(pub) {\n const publicKey = Buffer.allocUnsafe(4 + 11 + 4 + pub.length);\n\n writeUInt32BE(publicKey, 11, 0);\n publicKey.utf8Write('ssh-ed25519', 4, 11);\n\n writeUInt32BE(publicKey, pub.length, 15);\n publicKey.set(pub, 19);\n\n return publicKey;\n}\n\nfunction genOpenSSLEdPriv(priv) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // version\n asnWriter.writeInt(0x00, Ber.Integer);\n\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n asnWriter.endSequence();\n\n // PrivateKey\n asnWriter.startSequence(Ber.OctetString);\n asnWriter.writeBuffer(priv, Ber.OctetString);\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPub(oid, Q) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // algorithm\n asnWriter.startSequence();\n asnWriter.writeOID('1.2.840.10045.2.1'); // id-ecPublicKey\n // algorithm parameters (namedCurve)\n asnWriter.writeOID(oid);\n asnWriter.endSequence();\n\n // subjectPublicKey\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(Q.length);\n asnWriter._buf.set(Q, asnWriter._offset);\n asnWriter._offset += Q.length;\n // end hack\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHECDSAPub(oid, Q) {\n let curveName;\n switch (oid) {\n case '1.2.840.10045.3.1.7':\n // prime256v1/secp256r1\n curveName = 'nistp256';\n break;\n case '1.3.132.0.34':\n // secp384r1\n curveName = 'nistp384';\n break;\n case '1.3.132.0.35':\n // secp521r1\n curveName = 'nistp521';\n break;\n default:\n return;\n }\n\n const publicKey = Buffer.allocUnsafe(4 + 19 + 4 + 8 + 4 + Q.length);\n\n writeUInt32BE(publicKey, 19, 0);\n publicKey.utf8Write(`ecdsa-sha2-${curveName}`, 4, 19);\n\n writeUInt32BE(publicKey, 8, 23);\n publicKey.utf8Write(curveName, 27, 8);\n\n writeUInt32BE(publicKey, Q.length, 35);\n publicKey.set(Q, 39);\n\n return publicKey;\n}\n\nfunction genOpenSSLECDSAPriv(oid, pub, priv) {\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n // version\n asnWriter.writeInt(0x01, Ber.Integer);\n // privateKey\n asnWriter.writeBuffer(priv, Ber.OctetString);\n // parameters (optional)\n asnWriter.startSequence(0xA0);\n asnWriter.writeOID(oid);\n asnWriter.endSequence();\n // publicKey (optional)\n asnWriter.startSequence(0xA1);\n asnWriter.startSequence(Ber.BitString);\n asnWriter.writeByte(0x00);\n // XXX: hack to write a raw buffer without a tag -- yuck\n asnWriter._ensure(pub.length);\n asnWriter._buf.set(pub, asnWriter._offset);\n asnWriter._offset += pub.length;\n // end hack\n asnWriter.endSequence();\n asnWriter.endSequence();\n asnWriter.endSequence();\n return makePEM('EC PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPubFromPriv(curveName, priv) {\n const tempECDH = createECDH(curveName);\n tempECDH.setPrivateKey(priv);\n return tempECDH.getPublicKey();\n}\n\nconst BaseKey = {\n sign: (() => {\n if (typeof sign_ === 'function') {\n return function sign(data, algo) {\n const pem = this[SYM_PRIV_PEM];\n if (pem === null)\n return new Error('No private key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n try {\n return sign_(algo, data, pem);\n } catch (ex) {\n return ex;\n }\n };\n }\n return function sign(data, algo) {\n const pem = this[SYM_PRIV_PEM];\n if (pem === null)\n return new Error('No private key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n const signature = createSign(algo);\n signature.update(data);\n try {\n return signature.sign(pem);\n } catch (ex) {\n return ex;\n }\n };\n })(),\n verify: (() => {\n if (typeof verify_ === 'function') {\n return function verify(data, signature, algo) {\n const pem = this[SYM_PUB_PEM];\n if (pem === null)\n return new Error('No public key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n try {\n return verify_(algo, data, pem, signature);\n } catch (ex) {\n return ex;\n }\n };\n }\n return function verify(data, signature, algo) {\n const pem = this[SYM_PUB_PEM];\n if (pem === null)\n return new Error('No public key available');\n if (!algo || typeof algo !== 'string')\n algo = this[SYM_HASH_ALGO];\n const verifier = createVerify(algo);\n verifier.update(data);\n try {\n return verifier.verify(pem, signature);\n } catch (ex) {\n return ex;\n }\n };\n })(),\n isPrivateKey: function isPrivateKey() {\n return (this[SYM_PRIV_PEM] !== null);\n },\n getPrivatePEM: function getPrivatePEM() {\n return this[SYM_PRIV_PEM];\n },\n getPublicPEM: function getPublicPEM() {\n return this[SYM_PUB_PEM];\n },\n getPublicSSH: function getPublicSSH() {\n return this[SYM_PUB_SSH];\n },\n equals: function equals(key) {\n const parsed = parseKey(key);\n if (parsed instanceof Error)\n return false;\n return (\n this.type === parsed.type\n && this[SYM_PRIV_PEM] === parsed[SYM_PRIV_PEM]\n && this[SYM_PUB_PEM] === parsed[SYM_PUB_PEM]\n && this[SYM_PUB_SSH].equals(parsed[SYM_PUB_SSH])\n );\n },\n};\n\n\nfunction OpenSSH_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n decrypted) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = privPEM;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Private.prototype = BaseKey;\n{\n const regexp = /^-----BEGIN OPENSSH PRIVATE KEY-----(?:\\r\\n|\\n)([\\s\\S]+)(?:\\r\\n|\\n)-----END OPENSSH PRIVATE KEY-----$/;\n OpenSSH_Private.parse = (str, passphrase) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n let ret;\n const data = Buffer.from(m[1], 'base64');\n if (data.length < 31) // magic (+ magic null term.) + minimum field lengths\n return new Error('Malformed OpenSSH private key');\n const magic = data.utf8Slice(0, 15);\n if (magic !== 'openssh-key-v1\\0')\n return new Error(`Unsupported OpenSSH key magic: ${magic}`);\n\n const cipherName = readString(data, 15, true);\n if (cipherName === undefined)\n return new Error('Malformed OpenSSH private key');\n if (cipherName !== 'none' && SUPPORTED_CIPHER.indexOf(cipherName) === -1)\n return new Error(`Unsupported cipher for OpenSSH key: ${cipherName}`);\n\n const kdfName = readString(data, data._pos, true);\n if (kdfName === undefined)\n return new Error('Malformed OpenSSH private key');\n if (kdfName !== 'none') {\n if (cipherName === 'none')\n return new Error('Malformed OpenSSH private key');\n if (kdfName !== 'bcrypt')\n return new Error(`Unsupported kdf name for OpenSSH key: ${kdfName}`);\n if (!passphrase) {\n return new Error(\n 'Encrypted private OpenSSH key detected, but no passphrase given'\n );\n }\n } else if (cipherName !== 'none') {\n return new Error('Malformed OpenSSH private key');\n }\n\n let encInfo;\n let cipherKey;\n let cipherIV;\n if (cipherName !== 'none')\n encInfo = CIPHER_INFO[cipherName];\n const kdfOptions = readString(data, data._pos);\n if (kdfOptions === undefined)\n return new Error('Malformed OpenSSH private key');\n if (kdfOptions.length) {\n switch (kdfName) {\n case 'none':\n return new Error('Malformed OpenSSH private key');\n case 'bcrypt': {\n /*\n string salt\n uint32 rounds\n */\n const salt = readString(kdfOptions, 0);\n if (salt === undefined || kdfOptions._pos + 4 > kdfOptions.length)\n return new Error('Malformed OpenSSH private key');\n const rounds = readUInt32BE(kdfOptions, kdfOptions._pos);\n const gen = Buffer.allocUnsafe(encInfo.keyLen + encInfo.ivLen);\n const r = bcrypt_pbkdf(passphrase,\n passphrase.length,\n salt,\n salt.length,\n gen,\n gen.length,\n rounds);\n if (r !== 0)\n return new Error('Failed to generate information to decrypt key');\n cipherKey = bufferSlice(gen, 0, encInfo.keyLen);\n cipherIV = bufferSlice(gen, encInfo.keyLen, gen.length);\n break;\n }\n }\n } else if (kdfName !== 'none') {\n return new Error('Malformed OpenSSH private key');\n }\n\n if (data._pos + 3 >= data.length)\n return new Error('Malformed OpenSSH private key');\n const keyCount = readUInt32BE(data, data._pos);\n data._pos += 4;\n\n if (keyCount > 0) {\n // TODO: place sensible limit on max `keyCount`\n\n // Read public keys first\n for (let i = 0; i < keyCount; ++i) {\n const pubData = readString(data, data._pos);\n if (pubData === undefined)\n return new Error('Malformed OpenSSH private key');\n const type = readString(pubData, 0, true);\n if (type === undefined)\n return new Error('Malformed OpenSSH private key');\n }\n\n let privBlob = readString(data, data._pos);\n if (privBlob === undefined)\n return new Error('Malformed OpenSSH private key');\n\n if (cipherKey !== undefined) {\n // Encrypted private key(s)\n if (privBlob.length < encInfo.blockLen\n || (privBlob.length % encInfo.blockLen) !== 0) {\n return new Error('Malformed OpenSSH private key');\n }\n try {\n const options = { authTagLength: encInfo.authLen };\n const decipher = createDecipheriv(encInfo.sslName,\n cipherKey,\n cipherIV,\n options);\n decipher.setAutoPadding(false);\n if (encInfo.authLen > 0) {\n if (data.length - data._pos < encInfo.authLen)\n return new Error('Malformed OpenSSH private key');\n decipher.setAuthTag(\n bufferSlice(data, data._pos, data._pos += encInfo.authLen)\n );\n }\n privBlob = combineBuffers(decipher.update(privBlob),\n decipher.final());\n } catch (ex) {\n return ex;\n }\n }\n // Nothing should we follow the private key(s), except a possible\n // authentication tag for relevant ciphers\n if (data._pos !== data.length)\n return new Error('Malformed OpenSSH private key');\n\n ret = parseOpenSSHPrivKeys(privBlob, keyCount, cipherKey !== undefined);\n } else {\n ret = [];\n }\n if (ret instanceof Error)\n return ret;\n // This will need to change if/when OpenSSH ever starts storing multiple\n // keys in their key files\n return ret[0];\n };\n\n function parseOpenSSHPrivKeys(data, nkeys, decrypted) {\n const keys = [];\n /*\n uint32 checkint\n uint32 checkint\n string privatekey1\n string comment1\n string privatekey2\n string comment2\n ...\n string privatekeyN\n string commentN\n char 1\n char 2\n char 3\n ...\n char padlen % 255\n */\n if (data.length < 8)\n return new Error('Malformed OpenSSH private key');\n const check1 = readUInt32BE(data, 0);\n const check2 = readUInt32BE(data, 4);\n if (check1 !== check2) {\n if (decrypted) {\n return new Error(\n 'OpenSSH key integrity check failed -- bad passphrase?'\n );\n }\n return new Error('OpenSSH key integrity check failed');\n }\n data._pos = 8;\n let i;\n let oid;\n for (i = 0; i < nkeys; ++i) {\n let algo;\n let privPEM;\n let pubPEM;\n let pubSSH;\n // The OpenSSH documentation for the key format actually lies, the\n // entirety of the private key content is not contained with a string\n // field, it's actually the literal contents of the private key, so to be\n // able to find the end of the key data you need to know the layout/format\n // of each key type ...\n const type = readString(data, data._pos, true);\n if (type === undefined)\n return new Error('Malformed OpenSSH private key');\n\n switch (type) {\n case 'ssh-rsa': {\n /*\n string n -- public\n string e -- public\n string d -- private\n string iqmp -- private\n string p -- private\n string q -- private\n */\n const n = readString(data, data._pos);\n if (n === undefined)\n return new Error('Malformed OpenSSH private key');\n const e = readString(data, data._pos);\n if (e === undefined)\n return new Error('Malformed OpenSSH private key');\n const d = readString(data, data._pos);\n if (d === undefined)\n return new Error('Malformed OpenSSH private key');\n const iqmp = readString(data, data._pos);\n if (iqmp === undefined)\n return new Error('Malformed OpenSSH private key');\n const p = readString(data, data._pos);\n if (p === undefined)\n return new Error('Malformed OpenSSH private key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n algo = 'sha1';\n break;\n }\n case 'ssh-dss': {\n /*\n string p -- public\n string q -- public\n string g -- public\n string y -- public\n string x -- private\n */\n const p = readString(data, data._pos);\n if (p === undefined)\n return new Error('Malformed OpenSSH private key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed OpenSSH private key');\n const g = readString(data, data._pos);\n if (g === undefined)\n return new Error('Malformed OpenSSH private key');\n const y = readString(data, data._pos);\n if (y === undefined)\n return new Error('Malformed OpenSSH private key');\n const x = readString(data, data._pos);\n if (x === undefined)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n algo = 'sha1';\n break;\n }\n case 'ssh-ed25519': {\n if (!eddsaSupported)\n return new Error(`Unsupported OpenSSH private key type: ${type}`);\n /*\n * string public key\n * string private key + public key\n */\n const edpub = readString(data, data._pos);\n if (edpub === undefined || edpub.length !== 32)\n return new Error('Malformed OpenSSH private key');\n const edpriv = readString(data, data._pos);\n if (edpriv === undefined || edpriv.length !== 64)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLEdPub(edpub);\n pubSSH = genOpenSSHEdPub(edpub);\n privPEM = genOpenSSLEdPriv(bufferSlice(edpriv, 0, 32));\n algo = null;\n break;\n }\n case 'ecdsa-sha2-nistp256':\n algo = 'sha256';\n oid = '1.2.840.10045.3.1.7';\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp384':\n if (algo === undefined) {\n algo = 'sha384';\n oid = '1.3.132.0.34';\n }\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp521': {\n if (algo === undefined) {\n algo = 'sha512';\n oid = '1.3.132.0.35';\n }\n /*\n string curve name\n string Q -- public\n string d -- private\n */\n // TODO: validate curve name against type\n if (!skipFields(data, 1)) // Skip curve name\n return new Error('Malformed OpenSSH private key');\n const ecpub = readString(data, data._pos);\n if (ecpub === undefined)\n return new Error('Malformed OpenSSH private key');\n const ecpriv = readString(data, data._pos);\n if (ecpriv === undefined)\n return new Error('Malformed OpenSSH private key');\n\n pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n privPEM = genOpenSSLECDSAPriv(oid, ecpub, ecpriv);\n break;\n }\n default:\n return new Error(`Unsupported OpenSSH private key type: ${type}`);\n }\n\n const privComment = readString(data, data._pos, true);\n if (privComment === undefined)\n return new Error('Malformed OpenSSH private key');\n\n keys.push(\n new OpenSSH_Private(type, privComment, privPEM, pubPEM, pubSSH, algo,\n decrypted)\n );\n }\n let cnt = 0;\n for (i = data._pos; i < data.length; ++i) {\n if (data[i] !== (++cnt % 255))\n return new Error('Malformed OpenSSH private key');\n }\n\n return keys;\n }\n}\n\n\nfunction OpenSSH_Old_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n decrypted) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = privPEM;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Old_Private.prototype = BaseKey;\n{\n const regexp = /^-----BEGIN (RSA|DSA|EC) PRIVATE KEY-----(?:\\r\\n|\\n)((?:[^:]+:\\s*[\\S].*(?:\\r\\n|\\n))*)([\\s\\S]+)(?:\\r\\n|\\n)-----END (RSA|DSA|EC) PRIVATE KEY-----$/;\n OpenSSH_Old_Private.parse = (str, passphrase) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n let privBlob = Buffer.from(m[3], 'base64');\n let headers = m[2];\n let decrypted = false;\n if (headers !== undefined) {\n // encrypted key\n headers = headers.split(/\\r\\n|\\n/g);\n for (let i = 0; i < headers.length; ++i) {\n const header = headers[i];\n let sepIdx = header.indexOf(':');\n if (header.slice(0, sepIdx) === 'DEK-Info') {\n const val = header.slice(sepIdx + 2);\n sepIdx = val.indexOf(',');\n if (sepIdx === -1)\n continue;\n const cipherName = val.slice(0, sepIdx).toLowerCase();\n if (supportedOpenSSLCiphers.indexOf(cipherName) === -1) {\n return new Error(\n `Cipher (${cipherName}) not supported `\n + 'for encrypted OpenSSH private key'\n );\n }\n const encInfo = CIPHER_INFO_OPENSSL[cipherName];\n if (!encInfo) {\n return new Error(\n `Cipher (${cipherName}) not supported `\n + 'for encrypted OpenSSH private key'\n );\n }\n const cipherIV = Buffer.from(val.slice(sepIdx + 1), 'hex');\n if (cipherIV.length !== encInfo.ivLen)\n return new Error('Malformed encrypted OpenSSH private key');\n if (!passphrase) {\n return new Error(\n 'Encrypted OpenSSH private key detected, but no passphrase given'\n );\n }\n const ivSlice = bufferSlice(cipherIV, 0, 8);\n let cipherKey = createHash('md5')\n .update(passphrase)\n .update(ivSlice)\n .digest();\n while (cipherKey.length < encInfo.keyLen) {\n cipherKey = combineBuffers(\n cipherKey,\n createHash('md5')\n .update(cipherKey)\n .update(passphrase)\n .update(ivSlice)\n .digest()\n );\n }\n if (cipherKey.length > encInfo.keyLen)\n cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n try {\n const decipher = createDecipheriv(cipherName, cipherKey, cipherIV);\n decipher.setAutoPadding(false);\n privBlob = combineBuffers(decipher.update(privBlob),\n decipher.final());\n decrypted = true;\n } catch (ex) {\n return ex;\n }\n }\n }\n }\n\n let type;\n let privPEM;\n let pubPEM;\n let pubSSH;\n let algo;\n let reader;\n let errMsg = 'Malformed OpenSSH private key';\n if (decrypted)\n errMsg += '. Bad passphrase?';\n switch (m[1]) {\n case 'RSA':\n type = 'ssh-rsa';\n privPEM = makePEM('RSA PRIVATE', privBlob);\n try {\n reader = new Ber.Reader(privBlob);\n reader.readSequence();\n reader.readInt(); // skip version\n const n = reader.readString(Ber.Integer, true);\n if (n === null)\n return new Error(errMsg);\n const e = reader.readString(Ber.Integer, true);\n if (e === null)\n return new Error(errMsg);\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n } catch {\n return new Error(errMsg);\n }\n algo = 'sha1';\n break;\n case 'DSA':\n type = 'ssh-dss';\n privPEM = makePEM('DSA PRIVATE', privBlob);\n try {\n reader = new Ber.Reader(privBlob);\n reader.readSequence();\n reader.readInt(); // skip version\n const p = reader.readString(Ber.Integer, true);\n if (p === null)\n return new Error(errMsg);\n const q = reader.readString(Ber.Integer, true);\n if (q === null)\n return new Error(errMsg);\n const g = reader.readString(Ber.Integer, true);\n if (g === null)\n return new Error(errMsg);\n const y = reader.readString(Ber.Integer, true);\n if (y === null)\n return new Error(errMsg);\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n } catch {\n return new Error(errMsg);\n }\n algo = 'sha1';\n break;\n case 'EC': {\n let ecSSLName;\n let ecPriv;\n let ecOID;\n try {\n reader = new Ber.Reader(privBlob);\n reader.readSequence();\n reader.readInt(); // skip version\n ecPriv = reader.readString(Ber.OctetString, true);\n reader.readByte(); // Skip \"complex\" context type byte\n const offset = reader.readLength(); // Skip context length\n if (offset !== null) {\n reader._offset = offset;\n ecOID = reader.readOID();\n if (ecOID === null)\n return new Error(errMsg);\n switch (ecOID) {\n case '1.2.840.10045.3.1.7':\n // prime256v1/secp256r1\n ecSSLName = 'prime256v1';\n type = 'ecdsa-sha2-nistp256';\n algo = 'sha256';\n break;\n case '1.3.132.0.34':\n // secp384r1\n ecSSLName = 'secp384r1';\n type = 'ecdsa-sha2-nistp384';\n algo = 'sha384';\n break;\n case '1.3.132.0.35':\n // secp521r1\n ecSSLName = 'secp521r1';\n type = 'ecdsa-sha2-nistp521';\n algo = 'sha512';\n break;\n default:\n return new Error(`Unsupported private key EC OID: ${ecOID}`);\n }\n } else {\n return new Error(errMsg);\n }\n } catch {\n return new Error(errMsg);\n }\n privPEM = makePEM('EC PRIVATE', privBlob);\n const pubBlob = genOpenSSLECDSAPubFromPriv(ecSSLName, ecPriv);\n pubPEM = genOpenSSLECDSAPub(ecOID, pubBlob);\n pubSSH = genOpenSSHECDSAPub(ecOID, pubBlob);\n break;\n }\n }\n\n return new OpenSSH_Old_Private(type, '', privPEM, pubPEM, pubSSH, algo,\n decrypted);\n };\n}\n\n\nfunction PPK_Private(type, comment, privPEM, pubPEM, pubSSH, algo, decrypted) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = privPEM;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = decrypted;\n}\nPPK_Private.prototype = BaseKey;\n{\n const EMPTY_PASSPHRASE = Buffer.alloc(0);\n const PPK_IV = Buffer.from([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);\n const PPK_PP1 = Buffer.from([0, 0, 0, 0]);\n const PPK_PP2 = Buffer.from([0, 0, 0, 1]);\n const regexp = /^PuTTY-User-Key-File-2: (ssh-(?:rsa|dss))\\r?\\nEncryption: (aes256-cbc|none)\\r?\\nComment: ([^\\r\\n]*)\\r?\\nPublic-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-MAC: ([^\\r\\n]+)/;\n PPK_Private.parse = (str, passphrase) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n // m[1] = key type\n // m[2] = encryption type\n // m[3] = comment\n // m[4] = base64-encoded public key data:\n // for \"ssh-rsa\":\n // string \"ssh-rsa\"\n // mpint e (public exponent)\n // mpint n (modulus)\n // for \"ssh-dss\":\n // string \"ssh-dss\"\n // mpint p (modulus)\n // mpint q (prime)\n // mpint g (base number)\n // mpint y (public key parameter: g^x mod p)\n // m[5] = base64-encoded private key data:\n // for \"ssh-rsa\":\n // mpint d (private exponent)\n // mpint p (prime 1)\n // mpint q (prime 2)\n // mpint iqmp ([inverse of q] mod p)\n // for \"ssh-dss\":\n // mpint x (private key parameter)\n // m[6] = SHA1 HMAC over:\n // string name of algorithm (\"ssh-dss\", \"ssh-rsa\")\n // string encryption type\n // string comment\n // string public key data\n // string private-plaintext (including the final padding)\n const cipherName = m[2];\n const encrypted = (cipherName !== 'none');\n if (encrypted && !passphrase) {\n return new Error(\n 'Encrypted PPK private key detected, but no passphrase given'\n );\n }\n\n let privBlob = Buffer.from(m[5], 'base64');\n\n if (encrypted) {\n const encInfo = CIPHER_INFO[cipherName];\n let cipherKey = combineBuffers(\n createHash('sha1').update(PPK_PP1).update(passphrase).digest(),\n createHash('sha1').update(PPK_PP2).update(passphrase).digest()\n );\n if (cipherKey.length > encInfo.keyLen)\n cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n try {\n const decipher = createDecipheriv(encInfo.sslName, cipherKey, PPK_IV);\n decipher.setAutoPadding(false);\n privBlob = combineBuffers(decipher.update(privBlob),\n decipher.final());\n } catch (ex) {\n return ex;\n }\n }\n\n const type = m[1];\n const comment = m[3];\n const pubBlob = Buffer.from(m[4], 'base64');\n\n const mac = m[6];\n const typeLen = type.length;\n const cipherNameLen = cipherName.length;\n const commentLen = Buffer.byteLength(comment);\n const pubLen = pubBlob.length;\n const privLen = privBlob.length;\n const macData = Buffer.allocUnsafe(4 + typeLen\n + 4 + cipherNameLen\n + 4 + commentLen\n + 4 + pubLen\n + 4 + privLen);\n let p = 0;\n\n writeUInt32BE(macData, typeLen, p);\n macData.utf8Write(type, p += 4, typeLen);\n writeUInt32BE(macData, cipherNameLen, p += typeLen);\n macData.utf8Write(cipherName, p += 4, cipherNameLen);\n writeUInt32BE(macData, commentLen, p += cipherNameLen);\n macData.utf8Write(comment, p += 4, commentLen);\n writeUInt32BE(macData, pubLen, p += commentLen);\n macData.set(pubBlob, p += 4);\n writeUInt32BE(macData, privLen, p += pubLen);\n macData.set(privBlob, p + 4);\n\n if (!passphrase)\n passphrase = EMPTY_PASSPHRASE;\n\n const calcMAC = createHmac(\n 'sha1',\n createHash('sha1')\n .update('putty-private-key-file-mac-key')\n .update(passphrase)\n .digest()\n ).update(macData).digest('hex');\n\n if (calcMAC !== mac) {\n if (encrypted) {\n return new Error(\n 'PPK private key integrity check failed -- bad passphrase?'\n );\n }\n return new Error('PPK private key integrity check failed');\n }\n\n let pubPEM;\n let pubSSH;\n let privPEM;\n pubBlob._pos = 0;\n skipFields(pubBlob, 1); // skip (duplicate) key type\n switch (type) {\n case 'ssh-rsa': {\n const e = readString(pubBlob, pubBlob._pos);\n if (e === undefined)\n return new Error('Malformed PPK public key');\n const n = readString(pubBlob, pubBlob._pos);\n if (n === undefined)\n return new Error('Malformed PPK public key');\n const d = readString(privBlob, 0);\n if (d === undefined)\n return new Error('Malformed PPK private key');\n const p = readString(privBlob, privBlob._pos);\n if (p === undefined)\n return new Error('Malformed PPK private key');\n const q = readString(privBlob, privBlob._pos);\n if (q === undefined)\n return new Error('Malformed PPK private key');\n const iqmp = readString(privBlob, privBlob._pos);\n if (iqmp === undefined)\n return new Error('Malformed PPK private key');\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n break;\n }\n case 'ssh-dss': {\n const p = readString(pubBlob, pubBlob._pos);\n if (p === undefined)\n return new Error('Malformed PPK public key');\n const q = readString(pubBlob, pubBlob._pos);\n if (q === undefined)\n return new Error('Malformed PPK public key');\n const g = readString(pubBlob, pubBlob._pos);\n if (g === undefined)\n return new Error('Malformed PPK public key');\n const y = readString(pubBlob, pubBlob._pos);\n if (y === undefined)\n return new Error('Malformed PPK public key');\n const x = readString(privBlob, 0);\n if (x === undefined)\n return new Error('Malformed PPK private key');\n\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n break;\n }\n }\n\n return new PPK_Private(type, comment, privPEM, pubPEM, pubSSH, 'sha1',\n encrypted);\n };\n}\n\n\nfunction OpenSSH_Public(type, comment, pubPEM, pubSSH, algo) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = null;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = false;\n}\nOpenSSH_Public.prototype = BaseKey;\n{\n let regexp;\n if (eddsaSupported)\n regexp = /^(((?:ssh-(?:rsa|dss|ed25519))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n else\n regexp = /^(((?:ssh-(?:rsa|dss))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n OpenSSH_Public.parse = (str) => {\n const m = regexp.exec(str);\n if (m === null)\n return null;\n // m[1] = full type\n // m[2] = base type\n // m[3] = base64-encoded public key\n // m[4] = comment\n\n const fullType = m[1];\n const baseType = m[2];\n const data = Buffer.from(m[3], 'base64');\n const comment = (m[4] || '');\n\n const type = readString(data, data._pos, true);\n if (type === undefined || type.indexOf(baseType) !== 0)\n return new Error('Malformed OpenSSH public key');\n\n return parseDER(data, baseType, comment, fullType);\n };\n}\n\n\nfunction RFC4716_Public(type, comment, pubPEM, pubSSH, algo) {\n this.type = type;\n this.comment = comment;\n this[SYM_PRIV_PEM] = null;\n this[SYM_PUB_PEM] = pubPEM;\n this[SYM_PUB_SSH] = pubSSH;\n this[SYM_HASH_ALGO] = algo;\n this[SYM_DECRYPTED] = false;\n}\nRFC4716_Public.prototype = BaseKey;\n{\n const regexp = /^---- BEGIN SSH2 PUBLIC KEY ----(?:\\r?\\n)((?:.{0,72}\\r?\\n)+)---- END SSH2 PUBLIC KEY ----$/;\n const RE_DATA = /^[A-Z0-9a-z/+=\\r\\n]+$/;\n const RE_HEADER = /^([\\x21-\\x39\\x3B-\\x7E]{1,64}): ((?:[^\\\\]*\\\\\\r?\\n)*[^\\r\\n]+)\\r?\\n/gm;\n const RE_HEADER_ENDS = /\\\\\\r?\\n/g;\n RFC4716_Public.parse = (str) => {\n let m = regexp.exec(str);\n if (m === null)\n return null;\n\n const body = m[1];\n let dataStart = 0;\n let comment = '';\n\n while (m = RE_HEADER.exec(body)) {\n const headerName = m[1];\n const headerValue = m[2].replace(RE_HEADER_ENDS, '');\n if (headerValue.length > 1024) {\n RE_HEADER.lastIndex = 0;\n return new Error('Malformed RFC4716 public key');\n }\n\n dataStart = RE_HEADER.lastIndex;\n\n if (headerName.toLowerCase() === 'comment') {\n comment = headerValue;\n if (comment.length > 1\n && comment.charCodeAt(0) === 34/* '\"' */\n && comment.charCodeAt(comment.length - 1) === 34/* '\"' */) {\n comment = comment.slice(1, -1);\n }\n }\n }\n\n let data = body.slice(dataStart);\n if (!RE_DATA.test(data))\n return new Error('Malformed RFC4716 public key');\n\n data = Buffer.from(data, 'base64');\n\n const type = readString(data, 0, true);\n if (type === undefined)\n return new Error('Malformed RFC4716 public key');\n\n let pubPEM = null;\n let pubSSH = null;\n switch (type) {\n case 'ssh-rsa': {\n const e = readString(data, data._pos);\n if (e === undefined)\n return new Error('Malformed RFC4716 public key');\n const n = readString(data, data._pos);\n if (n === undefined)\n return new Error('Malformed RFC4716 public key');\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n break;\n }\n case 'ssh-dss': {\n const p = readString(data, data._pos);\n if (p === undefined)\n return new Error('Malformed RFC4716 public key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed RFC4716 public key');\n const g = readString(data, data._pos);\n if (g === undefined)\n return new Error('Malformed RFC4716 public key');\n const y = readString(data, data._pos);\n if (y === undefined)\n return new Error('Malformed RFC4716 public key');\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n break;\n }\n default:\n return new Error('Malformed RFC4716 public key');\n }\n\n return new RFC4716_Public(type, comment, pubPEM, pubSSH, 'sha1');\n };\n}\n\n\nfunction parseDER(data, baseType, comment, fullType) {\n if (!isSupportedKeyType(baseType))\n return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n\n let algo;\n let oid;\n let pubPEM = null;\n let pubSSH = null;\n\n switch (baseType) {\n case 'ssh-rsa': {\n const e = readString(data, data._pos || 0);\n if (e === undefined)\n return new Error('Malformed OpenSSH public key');\n const n = readString(data, data._pos);\n if (n === undefined)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLRSAPub(n, e);\n pubSSH = genOpenSSHRSAPub(n, e);\n algo = 'sha1';\n break;\n }\n case 'ssh-dss': {\n const p = readString(data, data._pos || 0);\n if (p === undefined)\n return new Error('Malformed OpenSSH public key');\n const q = readString(data, data._pos);\n if (q === undefined)\n return new Error('Malformed OpenSSH public key');\n const g = readString(data, data._pos);\n if (g === undefined)\n return new Error('Malformed OpenSSH public key');\n const y = readString(data, data._pos);\n if (y === undefined)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLDSAPub(p, q, g, y);\n pubSSH = genOpenSSHDSAPub(p, q, g, y);\n algo = 'sha1';\n break;\n }\n case 'ssh-ed25519': {\n const edpub = readString(data, data._pos || 0);\n if (edpub === undefined || edpub.length !== 32)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLEdPub(edpub);\n pubSSH = genOpenSSHEdPub(edpub);\n algo = null;\n break;\n }\n case 'ecdsa-sha2-nistp256':\n algo = 'sha256';\n oid = '1.2.840.10045.3.1.7';\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp384':\n if (algo === undefined) {\n algo = 'sha384';\n oid = '1.3.132.0.34';\n }\n // FALLTHROUGH\n case 'ecdsa-sha2-nistp521': {\n if (algo === undefined) {\n algo = 'sha512';\n oid = '1.3.132.0.35';\n }\n // TODO: validate curve name against type\n if (!skipFields(data, 1)) // Skip curve name\n return new Error('Malformed OpenSSH public key');\n const ecpub = readString(data, data._pos || 0);\n if (ecpub === undefined)\n return new Error('Malformed OpenSSH public key');\n pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n break;\n }\n default:\n return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n }\n\n return new OpenSSH_Public(fullType, comment, pubPEM, pubSSH, algo);\n}\n\nfunction isSupportedKeyType(type) {\n switch (type) {\n case 'ssh-rsa':\n case 'ssh-dss':\n case 'ecdsa-sha2-nistp256':\n case 'ecdsa-sha2-nistp384':\n case 'ecdsa-sha2-nistp521':\n return true;\n case 'ssh-ed25519':\n if (eddsaSupported)\n return true;\n // FALLTHROUGH\n default:\n return false;\n }\n}\n\nfunction isParsedKey(val) {\n if (!val)\n return false;\n return (typeof val[SYM_DECRYPTED] === 'boolean');\n}\n\nfunction parseKey(data, passphrase) {\n if (isParsedKey(data))\n return data;\n\n let origBuffer;\n if (Buffer.isBuffer(data)) {\n origBuffer = data;\n data = data.utf8Slice(0, data.length).trim();\n } else if (typeof data === 'string') {\n data = data.trim();\n } else {\n return new Error('Key data must be a Buffer or string');\n }\n\n // eslint-disable-next-line eqeqeq\n if (passphrase != undefined) {\n if (typeof passphrase === 'string')\n passphrase = Buffer.from(passphrase);\n else if (!Buffer.isBuffer(passphrase))\n return new Error('Passphrase must be a string or Buffer when supplied');\n }\n\n let ret;\n\n // First try as printable string format (e.g. PEM)\n\n // Private keys\n if ((ret = OpenSSH_Private.parse(data, passphrase)) !== null)\n return ret;\n if ((ret = OpenSSH_Old_Private.parse(data, passphrase)) !== null)\n return ret;\n if ((ret = PPK_Private.parse(data, passphrase)) !== null)\n return ret;\n\n // Public keys\n if ((ret = OpenSSH_Public.parse(data)) !== null)\n return ret;\n if ((ret = RFC4716_Public.parse(data)) !== null)\n return ret;\n\n // Finally try as a binary format if we were originally passed binary data\n if (origBuffer) {\n binaryKeyParser.init(origBuffer, 0);\n const type = binaryKeyParser.readString(true);\n if (type !== undefined) {\n data = binaryKeyParser.readRaw();\n if (data !== undefined) {\n ret = parseDER(data, type, '', type);\n // Ignore potentially useless errors in case the data was not actually\n // in the binary format\n if (ret instanceof Error)\n ret = null;\n }\n }\n binaryKeyParser.clear();\n }\n\n if (ret)\n return ret;\n\n return new Error('Unsupported key format');\n}\n\nmodule.exports = {\n isParsedKey,\n isSupportedKeyType,\n parseDERKey: (data, type) => parseDER(data, type, '', type),\n parseKey,\n};\n","'use strict';\n\nconst assert = require('assert');\nconst { inspect } = require('util');\n\n// Only use this for integers! Decimal numbers do not work with this function.\nfunction addNumericalSeparator(val) {\n let res = '';\n let i = val.length;\n const start = val[0] === '-' ? 1 : 0;\n for (; i >= start + 4; i -= 3)\n res = `_${val.slice(i - 3, i)}${res}`;\n return `${val.slice(0, i)}${res}`;\n}\n\nfunction oneOf(expected, thing) {\n assert(typeof thing === 'string', '`thing` has to be of type string');\n if (Array.isArray(expected)) {\n const len = expected.length;\n assert(len > 0, 'At least one expected value needs to be specified');\n expected = expected.map((i) => String(i));\n if (len > 2) {\n return `one of ${thing} ${expected.slice(0, len - 1).join(', ')}, or `\n + expected[len - 1];\n } else if (len === 2) {\n return `one of ${thing} ${expected[0]} or ${expected[1]}`;\n }\n return `of ${thing} ${expected[0]}`;\n }\n return `of ${thing} ${String(expected)}`;\n}\n\n\nexports.ERR_INTERNAL_ASSERTION = class ERR_INTERNAL_ASSERTION extends Error {\n constructor(message) {\n super();\n Error.captureStackTrace(this, ERR_INTERNAL_ASSERTION);\n\n const suffix = 'This is caused by either a bug in ssh2 '\n + 'or incorrect usage of ssh2 internals.\\n'\n + 'Please open an issue with this stack trace at '\n + 'https://github.com/mscdex/ssh2/issues\\n';\n\n this.message = (message === undefined ? suffix : `${message}\\n${suffix}`);\n }\n};\n\nconst MAX_32BIT_INT = 2 ** 32;\nconst MAX_32BIT_BIGINT = (() => {\n try {\n return new Function('return 2n ** 32n')();\n } catch {}\n})();\nexports.ERR_OUT_OF_RANGE = class ERR_OUT_OF_RANGE extends RangeError {\n constructor(str, range, input, replaceDefaultBoolean) {\n super();\n Error.captureStackTrace(this, ERR_OUT_OF_RANGE);\n\n assert(range, 'Missing \"range\" argument');\n let msg = (replaceDefaultBoolean\n ? str\n : `The value of \"${str}\" is out of range.`);\n let received;\n if (Number.isInteger(input) && Math.abs(input) > MAX_32BIT_INT) {\n received = addNumericalSeparator(String(input));\n } else if (typeof input === 'bigint') {\n received = String(input);\n if (input > MAX_32BIT_BIGINT || input < -MAX_32BIT_BIGINT)\n received = addNumericalSeparator(received);\n received += 'n';\n } else {\n received = inspect(input);\n }\n msg += ` It must be ${range}. Received ${received}`;\n\n this.message = msg;\n }\n};\n\nclass ERR_INVALID_ARG_TYPE extends TypeError {\n constructor(name, expected, actual) {\n super();\n Error.captureStackTrace(this, ERR_INVALID_ARG_TYPE);\n\n assert(typeof name === 'string', `'name' must be a string`);\n\n // determiner: 'must be' or 'must not be'\n let determiner;\n if (typeof expected === 'string' && expected.startsWith('not ')) {\n determiner = 'must not be';\n expected = expected.replace(/^not /, '');\n } else {\n determiner = 'must be';\n }\n\n let msg;\n if (name.endsWith(' argument')) {\n // For cases like 'first argument'\n msg = `The ${name} ${determiner} ${oneOf(expected, 'type')}`;\n } else {\n const type = (name.includes('.') ? 'property' : 'argument');\n msg = `The \"${name}\" ${type} ${determiner} ${oneOf(expected, 'type')}`;\n }\n\n msg += `. Received type ${typeof actual}`;\n\n this.message = msg;\n }\n}\nexports.ERR_INVALID_ARG_TYPE = ERR_INVALID_ARG_TYPE;\n\nexports.validateNumber = function validateNumber(value, name) {\n if (typeof value !== 'number')\n throw new ERR_INVALID_ARG_TYPE(name, 'number', value);\n};\n","'use strict';\n\nconst Ber = require('asn1').Ber;\n\nlet DISCONNECT_REASON;\n\nconst FastBuffer = Buffer[Symbol.species];\nconst TypedArrayFill = Object.getPrototypeOf(Uint8Array.prototype).fill;\n\nfunction readUInt32BE(buf, offset) {\n return (buf[offset++] * 16777216)\n + (buf[offset++] * 65536)\n + (buf[offset++] * 256)\n + buf[offset];\n}\n\nfunction bufferCopy(src, dest, srcStart, srcEnd, destStart) {\n if (!destStart)\n destStart = 0;\n if (srcEnd > src.length)\n srcEnd = src.length;\n let nb = srcEnd - srcStart;\n const destLeft = (dest.length - destStart);\n if (nb > destLeft)\n nb = destLeft;\n dest.set(new Uint8Array(src.buffer, src.byteOffset + srcStart, nb),\n destStart);\n return nb;\n}\n\nfunction bufferSlice(buf, start, end) {\n if (end === undefined)\n end = buf.length;\n return new FastBuffer(buf.buffer, buf.byteOffset + start, end - start);\n}\n\nfunction makeBufferParser() {\n let pos = 0;\n let buffer;\n\n const self = {\n init: (buf, start) => {\n buffer = buf;\n pos = (typeof start === 'number' ? start : 0);\n },\n pos: () => pos,\n length: () => (buffer ? buffer.length : 0),\n avail: () => (buffer && pos < buffer.length ? buffer.length - pos : 0),\n clear: () => {\n buffer = undefined;\n },\n readUInt32BE: () => {\n if (!buffer || pos + 3 >= buffer.length)\n return;\n return (buffer[pos++] * 16777216)\n + (buffer[pos++] * 65536)\n + (buffer[pos++] * 256)\n + buffer[pos++];\n },\n readUInt64BE: (behavior) => {\n if (!buffer || pos + 7 >= buffer.length)\n return;\n switch (behavior) {\n case 'always':\n return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n case 'maybe':\n if (buffer[pos] > 0x1F)\n return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n // FALLTHROUGH\n default:\n return (buffer[pos++] * 72057594037927940)\n + (buffer[pos++] * 281474976710656)\n + (buffer[pos++] * 1099511627776)\n + (buffer[pos++] * 4294967296)\n + (buffer[pos++] * 16777216)\n + (buffer[pos++] * 65536)\n + (buffer[pos++] * 256)\n + buffer[pos++];\n }\n },\n skip: (n) => {\n if (buffer && n > 0)\n pos += n;\n },\n skipString: () => {\n const len = self.readUInt32BE();\n if (len === undefined)\n return;\n pos += len;\n return (pos <= buffer.length ? len : undefined);\n },\n readByte: () => {\n if (buffer && pos < buffer.length)\n return buffer[pos++];\n },\n readBool: () => {\n if (buffer && pos < buffer.length)\n return !!buffer[pos++];\n },\n readList: () => {\n const list = self.readString(true);\n if (list === undefined)\n return;\n return (list ? list.split(',') : []);\n },\n readString: (dest, maxLen) => {\n if (typeof dest === 'number') {\n maxLen = dest;\n dest = undefined;\n }\n\n const len = self.readUInt32BE();\n if (len === undefined)\n return;\n\n if ((buffer.length - pos) < len\n || (typeof maxLen === 'number' && len > maxLen)) {\n return;\n }\n\n if (dest) {\n if (Buffer.isBuffer(dest))\n return bufferCopy(buffer, dest, pos, pos += len);\n return buffer.utf8Slice(pos, pos += len);\n }\n return bufferSlice(buffer, pos, pos += len);\n },\n readRaw: (len) => {\n if (!buffer)\n return;\n if (typeof len !== 'number')\n return bufferSlice(buffer, pos, pos += (buffer.length - pos));\n if ((buffer.length - pos) >= len)\n return bufferSlice(buffer, pos, pos += len);\n },\n };\n\n return self;\n}\n\nfunction makeError(msg, level, fatal) {\n const err = new Error(msg);\n if (typeof level === 'boolean') {\n fatal = level;\n err.level = 'protocol';\n } else {\n err.level = level || 'protocol';\n }\n err.fatal = !!fatal;\n return err;\n}\n\nfunction writeUInt32BE(buf, value, offset) {\n buf[offset++] = (value >>> 24);\n buf[offset++] = (value >>> 16);\n buf[offset++] = (value >>> 8);\n buf[offset++] = value;\n return offset;\n}\n\nconst utilBufferParser = makeBufferParser();\n\nmodule.exports = {\n bufferCopy,\n bufferSlice,\n FastBuffer,\n bufferFill: (buf, value, start, end) => {\n return TypedArrayFill.call(buf, value, start, end);\n },\n makeError,\n doFatalError: (protocol, msg, level, reason) => {\n let err;\n if (DISCONNECT_REASON === undefined)\n ({ DISCONNECT_REASON } = require('./constants.js'));\n if (msg instanceof Error) {\n // doFatalError(protocol, err[, reason])\n err = msg;\n if (typeof level !== 'number')\n reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n else\n reason = level;\n } else {\n // doFatalError(protocol, msg[, level[, reason]])\n err = makeError(msg, level, true);\n }\n if (typeof reason !== 'number')\n reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n protocol.disconnect(reason);\n protocol._destruct();\n protocol._onError(err);\n return Infinity;\n },\n readUInt32BE,\n writeUInt32BE,\n writeUInt32LE: (buf, value, offset) => {\n buf[offset++] = value;\n buf[offset++] = (value >>> 8);\n buf[offset++] = (value >>> 16);\n buf[offset++] = (value >>> 24);\n return offset;\n },\n makeBufferParser,\n bufferParser: makeBufferParser(),\n readString: (buffer, start, dest, maxLen) => {\n if (typeof dest === 'number') {\n maxLen = dest;\n dest = undefined;\n }\n\n if (start === undefined)\n start = 0;\n\n const left = (buffer.length - start);\n if (start < 0 || start >= buffer.length || left < 4)\n return;\n\n const len = readUInt32BE(buffer, start);\n if (left < (4 + len) || (typeof maxLen === 'number' && len > maxLen))\n return;\n\n start += 4;\n const end = start + len;\n buffer._pos = end;\n\n if (dest) {\n if (Buffer.isBuffer(dest))\n return bufferCopy(buffer, dest, start, end);\n return buffer.utf8Slice(start, end);\n }\n return bufferSlice(buffer, start, end);\n },\n sigSSHToASN1: (sig, type) => {\n switch (type) {\n case 'ssh-dss': {\n if (sig.length > 40)\n return sig;\n // Change bare signature r and s values to ASN.1 BER values for OpenSSL\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n let r = sig.slice(0, 20);\n let s = sig.slice(20);\n if (r[0] & 0x80) {\n const rNew = Buffer.allocUnsafe(21);\n rNew[0] = 0x00;\n r.copy(rNew, 1);\n r = rNew;\n } else if (r[0] === 0x00 && !(r[1] & 0x80)) {\n r = r.slice(1);\n }\n if (s[0] & 0x80) {\n const sNew = Buffer.allocUnsafe(21);\n sNew[0] = 0x00;\n s.copy(sNew, 1);\n s = sNew;\n } else if (s[0] === 0x00 && !(s[1] & 0x80)) {\n s = s.slice(1);\n }\n asnWriter.writeBuffer(r, Ber.Integer);\n asnWriter.writeBuffer(s, Ber.Integer);\n asnWriter.endSequence();\n return asnWriter.buffer;\n }\n case 'ecdsa-sha2-nistp256':\n case 'ecdsa-sha2-nistp384':\n case 'ecdsa-sha2-nistp521': {\n utilBufferParser.init(sig, 0);\n const r = utilBufferParser.readString();\n const s = utilBufferParser.readString();\n utilBufferParser.clear();\n if (r === undefined || s === undefined)\n return;\n\n const asnWriter = new Ber.Writer();\n asnWriter.startSequence();\n asnWriter.writeBuffer(r, Ber.Integer);\n asnWriter.writeBuffer(s, Ber.Integer);\n asnWriter.endSequence();\n return asnWriter.buffer;\n }\n default:\n return sig;\n }\n },\n convertSignature: (signature, keyType) => {\n switch (keyType) {\n case 'ssh-dss': {\n if (signature.length <= 40)\n return signature;\n // This is a quick and dirty way to get from BER encoded r and s that\n // OpenSSL gives us, to just the bare values back to back (40 bytes\n // total) like OpenSSH (and possibly others) are expecting\n const asnReader = new Ber.Reader(signature);\n asnReader.readSequence();\n let r = asnReader.readString(Ber.Integer, true);\n let s = asnReader.readString(Ber.Integer, true);\n let rOffset = 0;\n let sOffset = 0;\n if (r.length < 20) {\n const rNew = Buffer.allocUnsafe(20);\n rNew.set(r, 1);\n r = rNew;\n r[0] = 0;\n }\n if (s.length < 20) {\n const sNew = Buffer.allocUnsafe(20);\n sNew.set(s, 1);\n s = sNew;\n s[0] = 0;\n }\n if (r.length > 20 && r[0] === 0)\n rOffset = 1;\n if (s.length > 20 && s[0] === 0)\n sOffset = 1;\n const newSig =\n Buffer.allocUnsafe((r.length - rOffset) + (s.length - sOffset));\n bufferCopy(r, newSig, rOffset, r.length, 0);\n bufferCopy(s, newSig, sOffset, s.length, r.length - rOffset);\n return newSig;\n }\n case 'ecdsa-sha2-nistp256':\n case 'ecdsa-sha2-nistp384':\n case 'ecdsa-sha2-nistp521': {\n if (signature[0] === 0)\n return signature;\n // Convert SSH signature parameters to ASN.1 BER values for OpenSSL\n const asnReader = new Ber.Reader(signature);\n asnReader.readSequence();\n const r = asnReader.readString(Ber.Integer, true);\n const s = asnReader.readString(Ber.Integer, true);\n if (r === null || s === null)\n return;\n const newSig = Buffer.allocUnsafe(4 + r.length + 4 + s.length);\n writeUInt32BE(newSig, r.length, 0);\n newSig.set(r, 4);\n writeUInt32BE(newSig, s.length, 4 + r.length);\n newSig.set(s, 4 + 4 + r.length);\n return newSig;\n }\n }\n\n return signature;\n },\n sendPacket: (proto, packet, bypass) => {\n if (!bypass && proto._kexinit !== undefined) {\n // We're currently in the middle of a handshake\n\n if (proto._queue === undefined)\n proto._queue = [];\n proto._queue.push(packet);\n proto._debug && proto._debug('Outbound: ... packet queued');\n return false;\n }\n proto._cipher.encrypt(packet);\n return true;\n },\n};\n","'use strict';\n\nconst { kMaxLength } = require('buffer');\nconst {\n createInflate,\n constants: {\n DEFLATE,\n INFLATE,\n Z_DEFAULT_CHUNK,\n Z_DEFAULT_COMPRESSION,\n Z_DEFAULT_MEMLEVEL,\n Z_DEFAULT_STRATEGY,\n Z_DEFAULT_WINDOWBITS,\n Z_PARTIAL_FLUSH,\n }\n} = require('zlib');\nconst ZlibHandle = createInflate()._handle.constructor;\n\nfunction processCallback() {\n throw new Error('Should not get here');\n}\n\nfunction zlibOnError(message, errno, code) {\n const self = this._owner;\n // There is no way to cleanly recover.\n // Continuing only obscures problems.\n\n const error = new Error(message);\n error.errno = errno;\n error.code = code;\n self._err = error;\n}\n\nfunction _close(engine) {\n // Caller may invoke .close after a zlib error (which will null _handle).\n if (!engine._handle)\n return;\n\n engine._handle.close();\n engine._handle = null;\n}\n\nclass Zlib {\n constructor(mode) {\n const windowBits = Z_DEFAULT_WINDOWBITS;\n const level = Z_DEFAULT_COMPRESSION;\n const memLevel = Z_DEFAULT_MEMLEVEL;\n const strategy = Z_DEFAULT_STRATEGY;\n const dictionary = undefined;\n\n this._err = undefined;\n this._writeState = new Uint32Array(2);\n this._chunkSize = Z_DEFAULT_CHUNK;\n this._maxOutputLength = kMaxLength;\n this._outBuffer = Buffer.allocUnsafe(this._chunkSize);\n this._outOffset = 0;\n\n this._handle = new ZlibHandle(mode);\n this._handle._owner = this;\n this._handle.onerror = zlibOnError;\n this._handle.init(windowBits,\n level,\n memLevel,\n strategy,\n this._writeState,\n processCallback,\n dictionary);\n }\n\n writeSync(chunk, retChunks) {\n const handle = this._handle;\n if (!handle)\n throw new Error('Invalid Zlib instance');\n\n let availInBefore = chunk.length;\n let availOutBefore = this._chunkSize - this._outOffset;\n let inOff = 0;\n let availOutAfter;\n let availInAfter;\n\n let buffers;\n let nread = 0;\n const state = this._writeState;\n let buffer = this._outBuffer;\n let offset = this._outOffset;\n const chunkSize = this._chunkSize;\n\n while (true) {\n handle.writeSync(Z_PARTIAL_FLUSH,\n chunk, // in\n inOff, // in_off\n availInBefore, // in_len\n buffer, // out\n offset, // out_off\n availOutBefore); // out_len\n if (this._err)\n throw this._err;\n\n availOutAfter = state[0];\n availInAfter = state[1];\n\n const inDelta = availInBefore - availInAfter;\n const have = availOutBefore - availOutAfter;\n\n if (have > 0) {\n const out = (offset === 0 && have === buffer.length\n ? buffer\n : buffer.slice(offset, offset + have));\n offset += have;\n if (!buffers)\n buffers = out;\n else if (buffers.push === undefined)\n buffers = [buffers, out];\n else\n buffers.push(out);\n nread += out.byteLength;\n\n if (nread > this._maxOutputLength) {\n _close(this);\n throw new Error(\n `Output length exceeded maximum of ${this._maxOutputLength}`\n );\n }\n } else if (have !== 0) {\n throw new Error('have should not go down');\n }\n\n // Exhausted the output buffer, or used all the input create a new one.\n if (availOutAfter === 0 || offset >= chunkSize) {\n availOutBefore = chunkSize;\n offset = 0;\n buffer = Buffer.allocUnsafe(chunkSize);\n }\n\n if (availOutAfter === 0) {\n // Not actually done. Need to reprocess.\n // Also, update the availInBefore to the availInAfter value,\n // so that if we have to hit it a third (fourth, etc.) time,\n // it'll have the correct byte counts.\n inOff += inDelta;\n availInBefore = availInAfter;\n } else {\n break;\n }\n }\n\n this._outBuffer = buffer;\n this._outOffset = offset;\n\n if (nread === 0)\n buffers = Buffer.alloc(0);\n\n if (retChunks) {\n buffers.totalLen = nread;\n return buffers;\n }\n\n if (buffers.push === undefined)\n return buffers;\n\n const output = Buffer.allocUnsafe(nread);\n for (let i = 0, p = 0; i < buffers.length; ++i) {\n const buf = buffers[i];\n output.set(buf, p);\n p += buf.length;\n }\n return output;\n }\n}\n\nclass ZlibPacketWriter {\n constructor(protocol) {\n this.allocStart = 0;\n this.allocStartKEX = 0;\n this._protocol = protocol;\n this._zlib = new Zlib(DEFLATE);\n }\n\n cleanup() {\n if (this._zlib)\n _close(this._zlib);\n }\n\n alloc(payloadSize, force) {\n return Buffer.allocUnsafe(payloadSize);\n }\n\n finalize(payload, force) {\n if (this._protocol._kexinit === undefined || force) {\n const output = this._zlib.writeSync(payload, true);\n const packet = this._protocol._cipher.allocPacket(output.totalLen);\n if (output.push === undefined) {\n packet.set(output, 5);\n } else {\n for (let i = 0, p = 5; i < output.length; ++i) {\n const chunk = output[i];\n packet.set(chunk, p);\n p += chunk.length;\n }\n }\n return packet;\n }\n return payload;\n }\n}\n\nclass PacketWriter {\n constructor(protocol) {\n this.allocStart = 5;\n this.allocStartKEX = 5;\n this._protocol = protocol;\n }\n\n cleanup() {}\n\n alloc(payloadSize, force) {\n if (this._protocol._kexinit === undefined || force)\n return this._protocol._cipher.allocPacket(payloadSize);\n return Buffer.allocUnsafe(payloadSize);\n }\n\n finalize(packet, force) {\n return packet;\n }\n}\n\nclass ZlibPacketReader {\n constructor() {\n this._zlib = new Zlib(INFLATE);\n }\n\n cleanup() {\n if (this._zlib)\n _close(this._zlib);\n }\n\n read(data) {\n return this._zlib.writeSync(data, false);\n }\n}\n\nclass PacketReader {\n cleanup() {}\n\n read(data) {\n return data;\n }\n}\n\nmodule.exports = {\n PacketReader,\n PacketWriter,\n ZlibPacketReader,\n ZlibPacketWriter,\n};\n","// TODO:\n// * convert listenerCount() usage to emit() return value checking?\n// * emit error when connection severed early (e.g. before handshake)\n// * add '.connected' or similar property to connection objects to allow\n// immediate connection status checking\n'use strict';\n\nconst { Server: netServer } = require('net');\nconst EventEmitter = require('events');\nconst { listenerCount } = EventEmitter;\n\nconst {\n CHANNEL_OPEN_FAILURE,\n DEFAULT_CIPHER,\n DEFAULT_COMPRESSION,\n DEFAULT_KEX,\n DEFAULT_MAC,\n DEFAULT_SERVER_HOST_KEY,\n DISCONNECT_REASON,\n DISCONNECT_REASON_BY_VALUE,\n SUPPORTED_CIPHER,\n SUPPORTED_COMPRESSION,\n SUPPORTED_KEX,\n SUPPORTED_MAC,\n SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst { KexInit } = require('./protocol/kex.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst { writeUInt32BE } = require('./protocol/utils.js');\n\nconst {\n Channel,\n MAX_WINDOW,\n PACKET_SIZE,\n windowAdjust,\n WINDOW_THRESHOLD,\n} = require('./Channel.js');\n\nconst {\n ChannelManager,\n generateAlgorithmList,\n isWritable,\n onChannelOpenFailure,\n onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst MAX_PENDING_AUTHS = 10;\n\nclass AuthContext extends EventEmitter {\n constructor(protocol, username, service, method, cb) {\n super();\n\n this.username = this.user = username;\n this.service = service;\n this.method = method;\n this._initialResponse = false;\n this._finalResponse = false;\n this._multistep = false;\n this._cbfinal = (allowed, methodsLeft, isPartial) => {\n if (!this._finalResponse) {\n this._finalResponse = true;\n cb(this, allowed, methodsLeft, isPartial);\n }\n };\n this._protocol = protocol;\n }\n\n accept() {\n this._cleanup && this._cleanup();\n this._initialResponse = true;\n this._cbfinal(true);\n }\n reject(methodsLeft, isPartial) {\n this._cleanup && this._cleanup();\n this._initialResponse = true;\n this._cbfinal(false, methodsLeft, isPartial);\n }\n}\n\n\nclass KeyboardAuthContext extends AuthContext {\n constructor(protocol, username, service, method, submethods, cb) {\n super(protocol, username, service, method, cb);\n\n this._multistep = true;\n\n this._cb = undefined;\n this._onInfoResponse = (responses) => {\n const callback = this._cb;\n if (callback) {\n this._cb = undefined;\n callback(responses);\n }\n };\n this.submethods = submethods;\n this.on('abort', () => {\n this._cb && this._cb(new Error('Authentication request aborted'));\n });\n }\n\n prompt(prompts, title, instructions, cb) {\n if (!Array.isArray(prompts))\n prompts = [ prompts ];\n\n if (typeof title === 'function') {\n cb = title;\n title = instructions = undefined;\n } else if (typeof instructions === 'function') {\n cb = instructions;\n instructions = undefined;\n } else if (typeof cb !== 'function') {\n cb = undefined;\n }\n\n for (let i = 0; i < prompts.length; ++i) {\n if (typeof prompts[i] === 'string') {\n prompts[i] = {\n prompt: prompts[i],\n echo: true\n };\n }\n }\n\n this._cb = cb;\n this._initialResponse = true;\n\n this._protocol.authInfoReq(title, instructions, prompts);\n }\n}\n\nclass PKAuthContext extends AuthContext {\n constructor(protocol, username, service, method, pkInfo, cb) {\n super(protocol, username, service, method, cb);\n\n this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n this.hashAlgo = pkInfo.hashAlgo;\n this.signature = pkInfo.signature;\n this.blob = pkInfo.blob;\n }\n\n accept() {\n if (!this.signature) {\n this._initialResponse = true;\n this._protocol.authPKOK(this.key.algo, this.key.data);\n } else {\n AuthContext.prototype.accept.call(this);\n }\n }\n}\n\nclass HostbasedAuthContext extends AuthContext {\n constructor(protocol, username, service, method, pkInfo, cb) {\n super(protocol, username, service, method, cb);\n\n this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n this.hashAlgo = pkInfo.hashAlgo;\n this.signature = pkInfo.signature;\n this.blob = pkInfo.blob;\n this.localHostname = pkInfo.localHostname;\n this.localUsername = pkInfo.localUsername;\n }\n}\n\nclass PwdAuthContext extends AuthContext {\n constructor(protocol, username, service, method, password, cb) {\n super(protocol, username, service, method, cb);\n\n this.password = password;\n this._changeCb = undefined;\n }\n\n requestChange(prompt, cb) {\n if (this._changeCb)\n throw new Error('Change request already in progress');\n if (typeof prompt !== 'string')\n throw new Error('prompt argument must be a string');\n if (typeof cb !== 'function')\n throw new Error('Callback argument must be a function');\n this._changeCb = cb;\n this._protocol.authPasswdChg(prompt);\n }\n}\n\n\nclass Session extends EventEmitter {\n constructor(client, info, localChan) {\n super();\n\n this.type = 'session';\n this.subtype = undefined;\n this.server = true;\n this._ending = false;\n this._channel = undefined;\n this._chanInfo = {\n type: 'session',\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n }\n}\n\n\nclass Server extends EventEmitter {\n constructor(cfg, listener) {\n super();\n\n if (typeof cfg !== 'object' || cfg === null)\n throw new Error('Missing configuration object');\n\n const hostKeys = Object.create(null);\n const hostKeyAlgoOrder = [];\n\n const hostKeys_ = cfg.hostKeys;\n if (!Array.isArray(hostKeys_))\n throw new Error('hostKeys must be an array');\n\n const cfgAlgos = (\n typeof cfg.algorithms === 'object' && cfg.algorithms !== null\n ? cfg.algorithms\n : {}\n );\n\n const hostKeyAlgos = generateAlgorithmList(\n cfgAlgos.serverHostKey,\n DEFAULT_SERVER_HOST_KEY,\n SUPPORTED_SERVER_HOST_KEY\n );\n for (let i = 0; i < hostKeys_.length; ++i) {\n let privateKey;\n if (Buffer.isBuffer(hostKeys_[i]) || typeof hostKeys_[i] === 'string')\n privateKey = parseKey(hostKeys_[i]);\n else\n privateKey = parseKey(hostKeys_[i].key, hostKeys_[i].passphrase);\n\n if (privateKey instanceof Error)\n throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n\n if (Array.isArray(privateKey)) {\n // OpenSSH's newer format only stores 1 key for now\n privateKey = privateKey[0];\n }\n\n if (privateKey.getPrivatePEM() === null)\n throw new Error('privateKey value contains an invalid private key');\n\n // Discard key if we already found a key of the same type\n if (hostKeyAlgoOrder.includes(privateKey.type))\n continue;\n\n if (privateKey.type === 'ssh-rsa') {\n // SSH supports multiple signature hashing algorithms for RSA, so we add\n // the algorithms in the desired order\n let sha1Pos = hostKeyAlgos.indexOf('ssh-rsa');\n const sha256Pos = hostKeyAlgos.indexOf('rsa-sha2-256');\n const sha512Pos = hostKeyAlgos.indexOf('rsa-sha2-512');\n if (sha1Pos === -1) {\n // Fall back to giving SHA1 the lowest priority\n sha1Pos = Infinity;\n }\n [sha1Pos, sha256Pos, sha512Pos].sort(compareNumbers).forEach((pos) => {\n if (pos === -1)\n return;\n\n let type;\n switch (pos) {\n case sha1Pos: type = 'ssh-rsa'; break;\n case sha256Pos: type = 'rsa-sha2-256'; break;\n case sha512Pos: type = 'rsa-sha2-512'; break;\n default: return;\n }\n\n // Store same RSA key under each hash algorithm name for convenience\n hostKeys[type] = privateKey;\n\n hostKeyAlgoOrder.push(type);\n });\n } else {\n hostKeys[privateKey.type] = privateKey;\n hostKeyAlgoOrder.push(privateKey.type);\n }\n }\n\n const algorithms = {\n kex: generateAlgorithmList(\n cfgAlgos.kex,\n DEFAULT_KEX,\n SUPPORTED_KEX\n ).concat(['kex-strict-s-v00@openssh.com']),\n serverHostKey: hostKeyAlgoOrder,\n cs: {\n cipher: generateAlgorithmList(\n cfgAlgos.cipher,\n DEFAULT_CIPHER,\n SUPPORTED_CIPHER\n ),\n mac: generateAlgorithmList(cfgAlgos.hmac, DEFAULT_MAC, SUPPORTED_MAC),\n compress: generateAlgorithmList(\n cfgAlgos.compress,\n DEFAULT_COMPRESSION,\n SUPPORTED_COMPRESSION\n ),\n lang: [],\n },\n sc: undefined,\n };\n algorithms.sc = algorithms.cs;\n\n if (typeof listener === 'function')\n this.on('connection', listener);\n\n const origDebug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n const ident = (cfg.ident ? Buffer.from(cfg.ident) : undefined);\n const offer = new KexInit(algorithms);\n\n this._srv = new netServer((socket) => {\n if (this._connections >= this.maxConnections) {\n socket.destroy();\n return;\n }\n ++this._connections;\n socket.once('close', () => {\n --this._connections;\n });\n\n let debug;\n if (origDebug) {\n // Prepend debug output with a unique identifier in case there are\n // multiple clients connected at the same time\n const debugPrefix = `[${process.hrtime().join('.')}] `;\n debug = (msg) => {\n origDebug(`${debugPrefix}${msg}`);\n };\n }\n\n // eslint-disable-next-line no-use-before-define\n new Client(socket, hostKeys, ident, offer, debug, this, cfg);\n }).on('error', (err) => {\n this.emit('error', err);\n }).on('listening', () => {\n this.emit('listening');\n }).on('close', () => {\n this.emit('close');\n });\n this._connections = 0;\n this.maxConnections = Infinity;\n }\n\n injectSocket(socket) {\n this._srv.emit('connection', socket);\n }\n\n listen(...args) {\n this._srv.listen(...args);\n return this;\n }\n\n address() {\n return this._srv.address();\n }\n\n getConnections(cb) {\n this._srv.getConnections(cb);\n return this;\n }\n\n close(cb) {\n this._srv.close(cb);\n return this;\n }\n\n ref() {\n this._srv.ref();\n return this;\n }\n\n unref() {\n this._srv.unref();\n return this;\n }\n}\nServer.KEEPALIVE_CLIENT_INTERVAL = 15000;\nServer.KEEPALIVE_CLIENT_COUNT_MAX = 3;\n\n\nclass Client extends EventEmitter {\n constructor(socket, hostKeys, ident, offer, debug, server, srvCfg) {\n super();\n\n let exchanges = 0;\n let acceptedAuthSvc = false;\n let pendingAuths = [];\n let authCtx;\n let kaTimer;\n let onPacket;\n const unsentGlobalRequestsReplies = [];\n this._sock = socket;\n this._chanMgr = new ChannelManager(this);\n this._debug = debug;\n this.noMoreSessions = false;\n this.authenticated = false;\n\n // Silence pre-header errors\n function onClientPreHeaderError(err) {}\n this.on('error', onClientPreHeaderError);\n\n const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n debug(`Debug output from client: ${JSON.stringify(msg)}`);\n });\n\n const kaIntvl = (\n typeof srvCfg.keepaliveInterval === 'number'\n && isFinite(srvCfg.keepaliveInterval)\n && srvCfg.keepaliveInterval > 0\n ? srvCfg.keepaliveInterval\n : (\n typeof Server.KEEPALIVE_CLIENT_INTERVAL === 'number'\n && isFinite(Server.KEEPALIVE_CLIENT_INTERVAL)\n && Server.KEEPALIVE_CLIENT_INTERVAL > 0\n ? Server.KEEPALIVE_CLIENT_INTERVAL\n : -1\n )\n );\n const kaCountMax = (\n typeof srvCfg.keepaliveCountMax === 'number'\n && isFinite(srvCfg.keepaliveCountMax)\n && srvCfg.keepaliveCountMax >= 0\n ? srvCfg.keepaliveCountMax\n : (\n typeof Server.KEEPALIVE_CLIENT_COUNT_MAX === 'number'\n && isFinite(Server.KEEPALIVE_CLIENT_COUNT_MAX)\n && Server.KEEPALIVE_CLIENT_COUNT_MAX >= 0\n ? Server.KEEPALIVE_CLIENT_COUNT_MAX\n : -1\n )\n );\n let kaCurCount = 0;\n if (kaIntvl !== -1 && kaCountMax !== -1) {\n this.once('ready', () => {\n const onClose = () => {\n clearInterval(kaTimer);\n };\n this.on('close', onClose).on('end', onClose);\n kaTimer = setInterval(() => {\n if (++kaCurCount > kaCountMax) {\n clearInterval(kaTimer);\n const err = new Error('Keepalive timeout');\n err.level = 'client-timeout';\n this.emit('error', err);\n this.end();\n } else {\n // XXX: if the server ever starts sending real global requests to\n // the client, we will need to add a dummy callback here to\n // keep the correct reply order\n proto.ping();\n }\n }, kaIntvl);\n });\n // TODO: re-verify keepalive behavior with OpenSSH\n onPacket = () => {\n kaTimer && kaTimer.refresh();\n kaCurCount = 0;\n };\n }\n\n const proto = this._protocol = new Protocol({\n server: true,\n hostKeys,\n ident,\n offer,\n onPacket,\n greeting: srvCfg.greeting,\n banner: srvCfg.banner,\n onWrite: (data) => {\n if (isWritable(socket))\n socket.write(data);\n },\n onError: (err) => {\n if (!proto._destruct)\n socket.removeAllListeners('data');\n this.emit('error', err);\n try {\n socket.end();\n } catch {}\n },\n onHeader: (header) => {\n this.removeListener('error', onClientPreHeaderError);\n\n const info = {\n ip: socket.remoteAddress,\n family: socket.remoteFamily,\n port: socket.remotePort,\n header,\n };\n if (!server.emit('connection', this, info)) {\n // auto reject\n proto.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n socket.end();\n return;\n }\n\n if (header.greeting)\n this.emit('greeting', header.greeting);\n },\n onHandshakeComplete: (negotiated) => {\n if (++exchanges > 1)\n this.emit('rekey');\n this.emit('handshake', negotiated);\n },\n debug,\n messageHandlers: {\n DEBUG: DEBUG_HANDLER,\n DISCONNECT: (p, reason, desc) => {\n if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n if (!desc) {\n desc = DISCONNECT_REASON_BY_VALUE[reason];\n if (desc === undefined)\n desc = `Unexpected disconnection reason: ${reason}`;\n }\n const err = new Error(desc);\n err.code = reason;\n this.emit('error', err);\n }\n socket.end();\n },\n CHANNEL_OPEN: (p, info) => {\n // Handle incoming requests from client\n\n // Do early reject in some cases to prevent wasteful channel\n // allocation\n if ((info.type === 'session' && this.noMoreSessions)\n || !this.authenticated) {\n const reasonCode = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n return proto.channelOpenFail(info.sender, reasonCode);\n }\n\n let localChan = -1;\n let reason;\n let replied = false;\n\n let accept;\n const reject = () => {\n if (replied)\n return;\n replied = true;\n\n if (reason === undefined) {\n if (localChan === -1)\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n else\n reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n }\n\n if (localChan !== -1)\n this._chanMgr.remove(localChan);\n proto.channelOpenFail(info.sender, reason, '');\n };\n const reserveChannel = () => {\n localChan = this._chanMgr.add();\n\n if (localChan === -1) {\n reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n if (debug) {\n debug('Automatic rejection of incoming channel open: '\n + 'no channels available');\n }\n }\n\n return (localChan !== -1);\n };\n\n const data = info.data;\n switch (info.type) {\n case 'session':\n if (listenerCount(this, 'session') && reserveChannel()) {\n accept = () => {\n if (replied)\n return;\n replied = true;\n\n const instance = new Session(this, info, localChan);\n this._chanMgr.update(localChan, instance);\n\n proto.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n\n return instance;\n };\n\n this.emit('session', accept, reject);\n return;\n }\n break;\n case 'direct-tcpip':\n if (listenerCount(this, 'tcpip') && reserveChannel()) {\n accept = () => {\n if (replied)\n return;\n replied = true;\n\n const chanInfo = {\n type: undefined,\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n\n const stream = new Channel(this, chanInfo, { server: true });\n this._chanMgr.update(localChan, stream);\n\n proto.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n\n return stream;\n };\n\n this.emit('tcpip', accept, reject, data);\n return;\n }\n break;\n case 'direct-streamlocal@openssh.com':\n if (listenerCount(this, 'openssh.streamlocal')\n && reserveChannel()) {\n accept = () => {\n if (replied)\n return;\n replied = true;\n\n const chanInfo = {\n type: undefined,\n incoming: {\n id: localChan,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n\n const stream = new Channel(this, chanInfo, { server: true });\n this._chanMgr.update(localChan, stream);\n\n proto.channelOpenConfirm(info.sender,\n localChan,\n MAX_WINDOW,\n PACKET_SIZE);\n\n return stream;\n };\n\n this.emit('openssh.streamlocal', accept, reject, data);\n return;\n }\n break;\n default:\n // Automatically reject any unsupported channel open requests\n reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n if (debug) {\n debug('Automatic rejection of unsupported incoming channel open'\n + ` type: ${info.type}`);\n }\n }\n\n if (reason === undefined) {\n reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n if (debug) {\n debug('Automatic rejection of unexpected incoming channel open'\n + ` for: ${info.type}`);\n }\n }\n\n reject();\n },\n CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n const channel = this._chanMgr.get(info.recipient);\n if (typeof channel !== 'function')\n return;\n\n const chanInfo = {\n type: channel.type,\n incoming: {\n id: info.recipient,\n window: MAX_WINDOW,\n packetSize: PACKET_SIZE,\n state: 'open'\n },\n outgoing: {\n id: info.sender,\n window: info.window,\n packetSize: info.packetSize,\n state: 'open'\n }\n };\n\n const instance = new Channel(this, chanInfo, { server: true });\n this._chanMgr.update(info.recipient, instance);\n channel(undefined, instance);\n },\n CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n const channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'function')\n return;\n\n const info = { reason, description };\n onChannelOpenFailure(this, recipient, info, channel);\n },\n CHANNEL_DATA: (p, recipient, data) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n // The remote party should not be sending us data if there is no\n // window space available ...\n // TODO: raise error on data with not enough window?\n if (channel.incoming.window === 0)\n return;\n\n channel.incoming.window -= data.length;\n\n if (channel.push(data) === false) {\n channel._waitChanDrain = true;\n return;\n }\n\n if (channel.incoming.window <= WINDOW_THRESHOLD)\n windowAdjust(channel);\n },\n CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n // NOOP -- should not be sent by client\n },\n CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n // The other side is allowing us to send `amount` more bytes of data\n channel.outgoing.window += amount;\n\n if (channel._waitWindow) {\n channel._waitWindow = false;\n\n if (channel._chunk) {\n channel._write(channel._chunk, null, channel._chunkcb);\n } else if (channel._chunkcb) {\n channel._chunkcb();\n } else if (channel._chunkErr) {\n channel.stderr._write(channel._chunkErr,\n null,\n channel._chunkcbErr);\n } else if (channel._chunkcbErr) {\n channel._chunkcbErr();\n }\n }\n },\n CHANNEL_SUCCESS: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(false);\n },\n CHANNEL_FAILURE: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n if (channel._callbacks.length)\n channel._callbacks.shift()(true);\n },\n CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n const session = this._chanMgr.get(recipient);\n if (typeof session !== 'object' || session === null)\n return;\n\n let replied = false;\n let accept;\n let reject;\n\n if (session.constructor !== Session) {\n // normal Channel instance\n if (wantReply)\n proto.channelFailure(session.outgoing.id);\n return;\n }\n\n if (wantReply) {\n // \"real session\" requests will have custom accept behaviors\n if (type !== 'shell'\n && type !== 'exec'\n && type !== 'subsystem') {\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n proto.channelSuccess(session._chanInfo.outgoing.id);\n };\n }\n\n reject = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n proto.channelFailure(session._chanInfo.outgoing.id);\n };\n }\n\n if (session._ending) {\n reject && reject();\n return;\n }\n\n switch (type) {\n // \"pre-real session start\" requests\n case 'env':\n if (listenerCount(session, 'env')) {\n session.emit('env', accept, reject, {\n key: data.name,\n val: data.value\n });\n return;\n }\n break;\n case 'pty-req':\n if (listenerCount(session, 'pty')) {\n session.emit('pty', accept, reject, data);\n return;\n }\n break;\n case 'window-change':\n if (listenerCount(session, 'window-change'))\n session.emit('window-change', accept, reject, data);\n else\n reject && reject();\n break;\n case 'x11-req':\n if (listenerCount(session, 'x11')) {\n session.emit('x11', accept, reject, data);\n return;\n }\n break;\n // \"post-real session start\" requests\n case 'signal':\n if (listenerCount(session, 'signal')) {\n session.emit('signal', accept, reject, {\n name: data\n });\n return;\n }\n break;\n // XXX: is `auth-agent-req@openssh.com` really \"post-real session\n // start\"?\n case 'auth-agent-req@openssh.com':\n if (listenerCount(session, 'auth-agent')) {\n session.emit('auth-agent', accept, reject);\n return;\n }\n break;\n // \"real session start\" requests\n case 'shell':\n if (listenerCount(session, 'shell')) {\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n if (wantReply)\n proto.channelSuccess(session._chanInfo.outgoing.id);\n\n const channel = new Channel(\n this, session._chanInfo, { server: true }\n );\n\n channel.subtype = session.subtype = type;\n session._channel = channel;\n\n return channel;\n };\n\n session.emit('shell', accept, reject);\n return;\n }\n break;\n case 'exec':\n if (listenerCount(session, 'exec')) {\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n if (wantReply)\n proto.channelSuccess(session._chanInfo.outgoing.id);\n\n const channel = new Channel(\n this, session._chanInfo, { server: true }\n );\n\n channel.subtype = session.subtype = type;\n session._channel = channel;\n\n return channel;\n };\n\n session.emit('exec', accept, reject, {\n command: data\n });\n return;\n }\n break;\n case 'subsystem': {\n let useSFTP = (data === 'sftp');\n accept = () => {\n if (replied || session._ending || session._channel)\n return;\n replied = true;\n\n if (wantReply)\n proto.channelSuccess(session._chanInfo.outgoing.id);\n\n let instance;\n if (useSFTP) {\n instance = new SFTP(this, session._chanInfo, {\n server: true,\n debug,\n });\n } else {\n instance = new Channel(\n this, session._chanInfo, { server: true }\n );\n instance.subtype =\n session.subtype = `${type}:${data}`;\n }\n session._channel = instance;\n\n return instance;\n };\n\n if (data === 'sftp') {\n if (listenerCount(session, 'sftp')) {\n session.emit('sftp', accept, reject);\n return;\n }\n useSFTP = false;\n }\n if (listenerCount(session, 'subsystem')) {\n session.emit('subsystem', accept, reject, {\n name: data\n });\n return;\n }\n break;\n }\n }\n debug && debug(\n `Automatic rejection of incoming channel request: ${type}`\n );\n reject && reject();\n },\n CHANNEL_EOF: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n if (!channel._ending) {\n channel._ending = true;\n channel.emit('eof');\n channel.emit('end');\n }\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n if (channel.incoming.state !== 'open')\n return;\n channel.incoming.state = 'eof';\n\n if (channel.readable)\n channel.push(null);\n },\n CHANNEL_CLOSE: (p, recipient) => {\n let channel = this._chanMgr.get(recipient);\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.constructor === Session) {\n channel._ending = true;\n channel.emit('close');\n channel = channel._channel;\n if (!channel)\n return;\n }\n\n onCHANNEL_CLOSE(this, recipient, channel);\n },\n // Begin service/auth-related ==========================================\n SERVICE_REQUEST: (p, service) => {\n if (exchanges === 0\n || acceptedAuthSvc\n || this.authenticated\n || service !== 'ssh-userauth') {\n proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n socket.end();\n return;\n }\n\n acceptedAuthSvc = true;\n proto.serviceAccept(service);\n },\n USERAUTH_REQUEST: (p, username, service, method, methodData) => {\n if (exchanges === 0\n || this.authenticated\n || (authCtx\n && (authCtx.username !== username\n || authCtx.service !== service))\n // TODO: support hostbased auth\n || (method !== 'password'\n && method !== 'publickey'\n && method !== 'hostbased'\n && method !== 'keyboard-interactive'\n && method !== 'none')\n || pendingAuths.length === MAX_PENDING_AUTHS) {\n proto.disconnect(DISCONNECT_REASON.PROTOCOL_ERROR);\n socket.end();\n return;\n } else if (service !== 'ssh-connection') {\n proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n socket.end();\n return;\n }\n\n let ctx;\n switch (method) {\n case 'keyboard-interactive':\n ctx = new KeyboardAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'publickey':\n ctx = new PKAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'hostbased':\n ctx = new HostbasedAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'password':\n if (authCtx\n && authCtx instanceof PwdAuthContext\n && authCtx._changeCb) {\n const cb = authCtx._changeCb;\n authCtx._changeCb = undefined;\n cb(methodData.newPassword);\n return;\n }\n ctx = new PwdAuthContext(proto, username, service, method,\n methodData, onAuthDecide);\n break;\n case 'none':\n ctx = new AuthContext(proto, username, service, method,\n onAuthDecide);\n break;\n }\n\n if (authCtx) {\n if (!authCtx._initialResponse) {\n return pendingAuths.push(ctx);\n } else if (authCtx._multistep && !authCtx._finalResponse) {\n // RFC 4252 says to silently abort the current auth request if a\n // new auth request comes in before the final response from an\n // auth method that requires additional request/response exchanges\n // -- this means keyboard-interactive for now ...\n authCtx._cleanup && authCtx._cleanup();\n authCtx.emit('abort');\n }\n }\n\n authCtx = ctx;\n\n if (listenerCount(this, 'authentication'))\n this.emit('authentication', authCtx);\n else\n authCtx.reject();\n },\n USERAUTH_INFO_RESPONSE: (p, responses) => {\n if (authCtx && authCtx instanceof KeyboardAuthContext)\n authCtx._onInfoResponse(responses);\n },\n // End service/auth-related ============================================\n GLOBAL_REQUEST: (p, name, wantReply, data) => {\n const reply = {\n type: null,\n buf: null\n };\n\n function setReply(type, buf) {\n reply.type = type;\n reply.buf = buf;\n sendReplies();\n }\n\n if (wantReply)\n unsentGlobalRequestsReplies.push(reply);\n\n if ((name === 'tcpip-forward'\n || name === 'cancel-tcpip-forward'\n || name === 'no-more-sessions@openssh.com'\n || name === 'streamlocal-forward@openssh.com'\n || name === 'cancel-streamlocal-forward@openssh.com')\n && listenerCount(this, 'request')\n && this.authenticated) {\n let accept;\n let reject;\n\n if (wantReply) {\n let replied = false;\n accept = (chosenPort) => {\n if (replied)\n return;\n replied = true;\n let bufPort;\n if (name === 'tcpip-forward'\n && data.bindPort === 0\n && typeof chosenPort === 'number') {\n bufPort = Buffer.allocUnsafe(4);\n writeUInt32BE(bufPort, chosenPort, 0);\n }\n setReply('SUCCESS', bufPort);\n };\n reject = () => {\n if (replied)\n return;\n replied = true;\n setReply('FAILURE');\n };\n }\n\n if (name === 'no-more-sessions@openssh.com') {\n this.noMoreSessions = true;\n accept && accept();\n return;\n }\n\n this.emit('request', accept, reject, name, data);\n } else if (wantReply) {\n setReply('FAILURE');\n }\n },\n },\n });\n\n socket.pause();\n cryptoInit.then(() => {\n proto.start();\n socket.on('data', (data) => {\n try {\n proto.parse(data, 0, data.length);\n } catch (ex) {\n this.emit('error', ex);\n try {\n if (isWritable(socket))\n socket.end();\n } catch {}\n }\n });\n socket.resume();\n }).catch((err) => {\n this.emit('error', err);\n try {\n if (isWritable(socket))\n socket.end();\n } catch {}\n });\n socket.on('error', (err) => {\n err.level = 'socket';\n this.emit('error', err);\n }).once('end', () => {\n debug && debug('Socket ended');\n proto.cleanup();\n this.emit('end');\n }).once('close', () => {\n debug && debug('Socket closed');\n proto.cleanup();\n this.emit('close');\n\n const err = new Error('No response from server');\n\n // Simulate error for pending channels and close any open channels\n this._chanMgr.cleanup(err);\n });\n\n const onAuthDecide = (ctx, allowed, methodsLeft, isPartial) => {\n if (authCtx === ctx && !this.authenticated) {\n if (allowed) {\n authCtx = undefined;\n this.authenticated = true;\n proto.authSuccess();\n pendingAuths = [];\n this.emit('ready');\n } else {\n proto.authFailure(methodsLeft, isPartial);\n if (pendingAuths.length) {\n authCtx = pendingAuths.pop();\n if (listenerCount(this, 'authentication'))\n this.emit('authentication', authCtx);\n else\n authCtx.reject();\n }\n }\n }\n };\n\n function sendReplies() {\n while (unsentGlobalRequestsReplies.length > 0\n && unsentGlobalRequestsReplies[0].type) {\n const reply = unsentGlobalRequestsReplies.shift();\n if (reply.type === 'SUCCESS')\n proto.requestSuccess(reply.buf);\n if (reply.type === 'FAILURE')\n proto.requestFailure();\n }\n }\n }\n\n end() {\n if (this._sock && isWritable(this._sock)) {\n this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n this._sock.end();\n }\n return this;\n }\n\n x11(originAddr, originPort, cb) {\n const opts = { originAddr, originPort };\n openChannel(this, 'x11', opts, cb);\n return this;\n }\n\n forwardOut(boundAddr, boundPort, remoteAddr, remotePort, cb) {\n const opts = { boundAddr, boundPort, remoteAddr, remotePort };\n openChannel(this, 'forwarded-tcpip', opts, cb);\n return this;\n }\n\n openssh_forwardOutStreamLocal(socketPath, cb) {\n const opts = { socketPath };\n openChannel(this, 'forwarded-streamlocal@openssh.com', opts, cb);\n return this;\n }\n\n rekey(cb) {\n let error;\n\n try {\n this._protocol.rekey();\n } catch (ex) {\n error = ex;\n }\n\n // TODO: re-throw error if no callback?\n\n if (typeof cb === 'function') {\n if (error)\n process.nextTick(cb, error);\n else\n this.once('rekey', cb);\n }\n }\n\n setNoDelay(noDelay) {\n if (this._sock && typeof this._sock.setNoDelay === 'function')\n this._sock.setNoDelay(noDelay);\n\n return this;\n }\n}\n\n\nfunction openChannel(self, type, opts, cb) {\n // Ask the client to open a channel for some purpose (e.g. a forwarded TCP\n // connection)\n const initWindow = MAX_WINDOW;\n const maxPacket = PACKET_SIZE;\n\n if (typeof opts === 'function') {\n cb = opts;\n opts = {};\n }\n\n const wrapper = (err, stream) => {\n cb(err, stream);\n };\n wrapper.type = type;\n\n const localChan = self._chanMgr.add(wrapper);\n\n if (localChan === -1) {\n cb(new Error('No free channels available'));\n return;\n }\n\n switch (type) {\n case 'forwarded-tcpip':\n self._protocol.forwardedTcpip(localChan, initWindow, maxPacket, opts);\n break;\n case 'x11':\n self._protocol.x11(localChan, initWindow, maxPacket, opts);\n break;\n case 'forwarded-streamlocal@openssh.com':\n self._protocol.openssh_forwardedStreamLocal(\n localChan, initWindow, maxPacket, opts\n );\n break;\n default:\n throw new Error(`Unsupported channel type: ${type}`);\n }\n}\n\nfunction compareNumbers(a, b) {\n return a - b;\n}\n\nmodule.exports = Server;\nmodule.exports.IncomingClient = Client;\n","'use strict';\n\nconst { SFTP } = require('./protocol/SFTP.js');\n\nconst MAX_CHANNEL = 2 ** 32 - 1;\n\nfunction onChannelOpenFailure(self, recipient, info, cb) {\n self._chanMgr.remove(recipient);\n if (typeof cb !== 'function')\n return;\n\n let err;\n if (info instanceof Error) {\n err = info;\n } else if (typeof info === 'object' && info !== null) {\n err = new Error(`(SSH) Channel open failure: ${info.description}`);\n err.reason = info.reason;\n } else {\n err = new Error(\n '(SSH) Channel open failure: server closed channel unexpectedly'\n );\n err.reason = '';\n }\n\n cb(err);\n}\n\nfunction onCHANNEL_CLOSE(self, recipient, channel, err, dead) {\n if (typeof channel === 'function') {\n // We got CHANNEL_CLOSE instead of CHANNEL_OPEN_FAILURE when\n // requesting to open a channel\n onChannelOpenFailure(self, recipient, err, channel);\n return;\n }\n\n if (typeof channel !== 'object' || channel === null)\n return;\n\n if (channel.incoming && channel.incoming.state === 'closed')\n return;\n\n self._chanMgr.remove(recipient);\n\n if (channel.server && channel.constructor.name === 'Session')\n return;\n\n channel.incoming.state = 'closed';\n\n if (channel.readable)\n channel.push(null);\n if (channel.server) {\n if (channel.stderr.writable)\n channel.stderr.end();\n } else if (channel.stderr.readable) {\n channel.stderr.push(null);\n }\n\n if (channel.constructor !== SFTP\n && (channel.outgoing.state === 'open'\n || channel.outgoing.state === 'eof')\n && !dead) {\n channel.close();\n }\n if (channel.outgoing.state === 'closing')\n channel.outgoing.state = 'closed';\n\n const readState = channel._readableState;\n const writeState = channel._writableState;\n if (writeState && !writeState.ending && !writeState.finished && !dead)\n channel.end();\n\n // Take care of any outstanding channel requests\n const chanCallbacks = channel._callbacks;\n channel._callbacks = [];\n for (let i = 0; i < chanCallbacks.length; ++i)\n chanCallbacks[i](true);\n\n if (channel.server) {\n if (!channel.readable\n || channel.destroyed\n || (readState && readState.endEmitted)) {\n channel.emit('close');\n } else {\n channel.once('end', () => channel.emit('close'));\n }\n } else {\n let doClose;\n switch (channel.type) {\n case 'direct-streamlocal@openssh.com':\n case 'direct-tcpip':\n doClose = () => channel.emit('close');\n break;\n default: {\n // Align more with node child processes, where the close event gets\n // the same arguments as the exit event\n const exit = channel._exit;\n doClose = () => {\n if (exit.code === null)\n channel.emit('close', exit.code, exit.signal, exit.dump, exit.desc);\n else\n channel.emit('close', exit.code);\n };\n }\n }\n if (!channel.readable\n || channel.destroyed\n || (readState && readState.endEmitted)) {\n doClose();\n } else {\n channel.once('end', doClose);\n }\n\n const errReadState = channel.stderr._readableState;\n if (!channel.stderr.readable\n || channel.stderr.destroyed\n || (errReadState && errReadState.endEmitted)) {\n channel.stderr.emit('close');\n } else {\n channel.stderr.once('end', () => channel.stderr.emit('close'));\n }\n }\n}\n\nclass ChannelManager {\n constructor(client) {\n this._client = client;\n this._channels = {};\n this._cur = -1;\n this._count = 0;\n }\n add(val) {\n // Attempt to reserve an id\n\n let id;\n // Optimized paths\n if (this._cur < MAX_CHANNEL) {\n id = ++this._cur;\n } else if (this._count === 0) {\n // Revert and reset back to fast path once we no longer have any channels\n // open\n this._cur = 0;\n id = 0;\n } else {\n // Slower lookup path\n\n // This path is triggered we have opened at least MAX_CHANNEL channels\n // while having at least one channel open at any given time, so we have\n // to search for a free id.\n const channels = this._channels;\n for (let i = 0; i < MAX_CHANNEL; ++i) {\n if (channels[i] === undefined) {\n id = i;\n break;\n }\n }\n }\n\n if (id === undefined)\n return -1;\n\n this._channels[id] = (val || true);\n ++this._count;\n\n return id;\n }\n update(id, val) {\n if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n throw new Error(`Invalid channel id: ${id}`);\n\n if (val && this._channels[id])\n this._channels[id] = val;\n }\n get(id) {\n if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n throw new Error(`Invalid channel id: ${id}`);\n\n return this._channels[id];\n }\n remove(id) {\n if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n throw new Error(`Invalid channel id: ${id}`);\n\n if (this._channels[id]) {\n delete this._channels[id];\n if (this._count)\n --this._count;\n }\n }\n cleanup(err) {\n const channels = this._channels;\n this._channels = {};\n this._cur = -1;\n this._count = 0;\n\n const chanIDs = Object.keys(channels);\n const client = this._client;\n for (let i = 0; i < chanIDs.length; ++i) {\n const id = +chanIDs[i];\n const channel = channels[id];\n onCHANNEL_CLOSE(client, id, channel._channel || channel, err, true);\n }\n }\n}\n\nconst isRegExp = (() => {\n const toString = Object.prototype.toString;\n return (val) => toString.call(val) === '[object RegExp]';\n})();\n\nfunction generateAlgorithmList(algoList, defaultList, supportedList) {\n if (Array.isArray(algoList) && algoList.length > 0) {\n // Exact list\n for (let i = 0; i < algoList.length; ++i) {\n if (supportedList.indexOf(algoList[i]) === -1)\n throw new Error(`Unsupported algorithm: ${algoList[i]}`);\n }\n return algoList;\n }\n\n if (typeof algoList === 'object' && algoList !== null) {\n // Operations based on the default list\n const keys = Object.keys(algoList);\n let list = defaultList;\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i];\n let val = algoList[key];\n switch (key) {\n case 'append':\n if (!Array.isArray(val))\n val = [val];\n if (Array.isArray(val)) {\n for (let j = 0; j < val.length; ++j) {\n const append = val[j];\n if (typeof append === 'string') {\n if (!append || list.indexOf(append) !== -1)\n continue;\n if (supportedList.indexOf(append) === -1)\n throw new Error(`Unsupported algorithm: ${append}`);\n if (list === defaultList)\n list = list.slice();\n list.push(append);\n } else if (isRegExp(append)) {\n for (let k = 0; k < supportedList.length; ++k) {\n const algo = supportedList[k];\n if (append.test(algo)) {\n if (list.indexOf(algo) !== -1)\n continue;\n if (list === defaultList)\n list = list.slice();\n list.push(algo);\n }\n }\n }\n }\n }\n break;\n case 'prepend':\n if (!Array.isArray(val))\n val = [val];\n if (Array.isArray(val)) {\n for (let j = val.length; j >= 0; --j) {\n const prepend = val[j];\n if (typeof prepend === 'string') {\n if (!prepend || list.indexOf(prepend) !== -1)\n continue;\n if (supportedList.indexOf(prepend) === -1)\n throw new Error(`Unsupported algorithm: ${prepend}`);\n if (list === defaultList)\n list = list.slice();\n list.unshift(prepend);\n } else if (isRegExp(prepend)) {\n for (let k = supportedList.length; k >= 0; --k) {\n const algo = supportedList[k];\n if (prepend.test(algo)) {\n if (list.indexOf(algo) !== -1)\n continue;\n if (list === defaultList)\n list = list.slice();\n list.unshift(algo);\n }\n }\n }\n }\n }\n break;\n case 'remove':\n if (!Array.isArray(val))\n val = [val];\n if (Array.isArray(val)) {\n for (let j = 0; j < val.length; ++j) {\n const search = val[j];\n if (typeof search === 'string') {\n if (!search)\n continue;\n const idx = list.indexOf(search);\n if (idx === -1)\n continue;\n if (list === defaultList)\n list = list.slice();\n list.splice(idx, 1);\n } else if (isRegExp(search)) {\n for (let k = 0; k < list.length; ++k) {\n if (search.test(list[k])) {\n if (list === defaultList)\n list = list.slice();\n list.splice(k, 1);\n --k;\n }\n }\n }\n }\n }\n break;\n }\n }\n\n return list;\n }\n\n return defaultList;\n}\n\nmodule.exports = {\n ChannelManager,\n generateAlgorithmList,\n onChannelOpenFailure,\n onCHANNEL_CLOSE,\n isWritable: (stream) => {\n // XXX: hack to workaround regression in node\n // See: https://github.com/nodejs/node/issues/36029\n return (stream\n && stream.writable\n && stream._readableState\n && stream._readableState.ended === false);\n },\n};\n","module.exports = require('./lib/tunnel');\n","'use strict';\n\nvar net = require('net');\nvar tls = require('tls');\nvar http = require('http');\nvar https = require('https');\nvar events = require('events');\nvar assert = require('assert');\nvar util = require('util');\n\n\nexports.httpOverHttp = httpOverHttp;\nexports.httpsOverHttp = httpsOverHttp;\nexports.httpOverHttps = httpOverHttps;\nexports.httpsOverHttps = httpsOverHttps;\n\n\nfunction httpOverHttp(options) {\n var agent = new TunnelingAgent(options);\n agent.request = http.request;\n return agent;\n}\n\nfunction httpsOverHttp(options) {\n var agent = new TunnelingAgent(options);\n agent.request = http.request;\n agent.createSocket = createSecureSocket;\n agent.defaultPort = 443;\n return agent;\n}\n\nfunction httpOverHttps(options) {\n var agent = new TunnelingAgent(options);\n agent.request = https.request;\n return agent;\n}\n\nfunction httpsOverHttps(options) {\n var agent = new TunnelingAgent(options);\n agent.request = https.request;\n agent.createSocket = createSecureSocket;\n agent.defaultPort = 443;\n return agent;\n}\n\n\nfunction TunnelingAgent(options) {\n var self = this;\n self.options = options || {};\n self.proxyOptions = self.options.proxy || {};\n self.maxSockets = self.options.maxSockets || http.Agent.defaultMaxSockets;\n self.requests = [];\n self.sockets = [];\n\n self.on('free', function onFree(socket, host, port, localAddress) {\n var options = toOptions(host, port, localAddress);\n for (var i = 0, len = self.requests.length; i < len; ++i) {\n var pending = self.requests[i];\n if (pending.host === options.host && pending.port === options.port) {\n // Detect the request to connect same origin server,\n // reuse the connection.\n self.requests.splice(i, 1);\n pending.request.onSocket(socket);\n return;\n }\n }\n socket.destroy();\n self.removeSocket(socket);\n });\n}\nutil.inherits(TunnelingAgent, events.EventEmitter);\n\nTunnelingAgent.prototype.addRequest = function addRequest(req, host, port, localAddress) {\n var self = this;\n var options = mergeOptions({request: req}, self.options, toOptions(host, port, localAddress));\n\n if (self.sockets.length >= this.maxSockets) {\n // We are over limit so we'll add it to the queue.\n self.requests.push(options);\n return;\n }\n\n // If we are under maxSockets create a new one.\n self.createSocket(options, function(socket) {\n socket.on('free', onFree);\n socket.on('close', onCloseOrRemove);\n socket.on('agentRemove', onCloseOrRemove);\n req.onSocket(socket);\n\n function onFree() {\n self.emit('free', socket, options);\n }\n\n function onCloseOrRemove(err) {\n self.removeSocket(socket);\n socket.removeListener('free', onFree);\n socket.removeListener('close', onCloseOrRemove);\n socket.removeListener('agentRemove', onCloseOrRemove);\n }\n });\n};\n\nTunnelingAgent.prototype.createSocket = function createSocket(options, cb) {\n var self = this;\n var placeholder = {};\n self.sockets.push(placeholder);\n\n var connectOptions = mergeOptions({}, self.proxyOptions, {\n method: 'CONNECT',\n path: options.host + ':' + options.port,\n agent: false,\n headers: {\n host: options.host + ':' + options.port\n }\n });\n if (options.localAddress) {\n connectOptions.localAddress = options.localAddress;\n }\n if (connectOptions.proxyAuth) {\n connectOptions.headers = connectOptions.headers || {};\n connectOptions.headers['Proxy-Authorization'] = 'Basic ' +\n new Buffer(connectOptions.proxyAuth).toString('base64');\n }\n\n debug('making CONNECT request');\n var connectReq = self.request(connectOptions);\n connectReq.useChunkedEncodingByDefault = false; // for v0.6\n connectReq.once('response', onResponse); // for v0.6\n connectReq.once('upgrade', onUpgrade); // for v0.6\n connectReq.once('connect', onConnect); // for v0.7 or later\n connectReq.once('error', onError);\n connectReq.end();\n\n function onResponse(res) {\n // Very hacky. This is necessary to avoid http-parser leaks.\n res.upgrade = true;\n }\n\n function onUpgrade(res, socket, head) {\n // Hacky.\n process.nextTick(function() {\n onConnect(res, socket, head);\n });\n }\n\n function onConnect(res, socket, head) {\n connectReq.removeAllListeners();\n socket.removeAllListeners();\n\n if (res.statusCode !== 200) {\n debug('tunneling socket could not be established, statusCode=%d',\n res.statusCode);\n socket.destroy();\n var error = new Error('tunneling socket could not be established, ' +\n 'statusCode=' + res.statusCode);\n error.code = 'ECONNRESET';\n options.request.emit('error', error);\n self.removeSocket(placeholder);\n return;\n }\n if (head.length > 0) {\n debug('got illegal response body from proxy');\n socket.destroy();\n var error = new Error('got illegal response body from proxy');\n error.code = 'ECONNRESET';\n options.request.emit('error', error);\n self.removeSocket(placeholder);\n return;\n }\n debug('tunneling connection has established');\n self.sockets[self.sockets.indexOf(placeholder)] = socket;\n return cb(socket);\n }\n\n function onError(cause) {\n connectReq.removeAllListeners();\n\n debug('tunneling socket could not be established, cause=%s\\n',\n cause.message, cause.stack);\n var error = new Error('tunneling socket could not be established, ' +\n 'cause=' + cause.message);\n error.code = 'ECONNRESET';\n options.request.emit('error', error);\n self.removeSocket(placeholder);\n }\n};\n\nTunnelingAgent.prototype.removeSocket = function removeSocket(socket) {\n var pos = this.sockets.indexOf(socket)\n if (pos === -1) {\n return;\n }\n this.sockets.splice(pos, 1);\n\n var pending = this.requests.shift();\n if (pending) {\n // If we have pending requests and a socket gets closed a new one\n // needs to be created to take over in the pool for the one that closed.\n this.createSocket(pending, function(socket) {\n pending.request.onSocket(socket);\n });\n }\n};\n\nfunction createSecureSocket(options, cb) {\n var self = this;\n TunnelingAgent.prototype.createSocket.call(self, options, function(socket) {\n var hostHeader = options.request.getHeader('host');\n var tlsOptions = mergeOptions({}, self.options, {\n socket: socket,\n servername: hostHeader ? hostHeader.replace(/:.*$/, '') : options.host\n });\n\n // 0 is dummy port for v0.6\n var secureSocket = tls.connect(0, tlsOptions);\n self.sockets[self.sockets.indexOf(socket)] = secureSocket;\n cb(secureSocket);\n });\n}\n\n\nfunction toOptions(host, port, localAddress) {\n if (typeof host === 'string') { // since v0.10\n return {\n host: host,\n port: port,\n localAddress: localAddress\n };\n }\n return host; // for v0.11 or later\n}\n\nfunction mergeOptions(target) {\n for (var i = 1, len = arguments.length; i < len; ++i) {\n var overrides = arguments[i];\n if (typeof overrides === 'object') {\n var keys = Object.keys(overrides);\n for (var j = 0, keyLen = keys.length; j < keyLen; ++j) {\n var k = keys[j];\n if (overrides[k] !== undefined) {\n target[k] = overrides[k];\n }\n }\n }\n }\n return target;\n}\n\n\nvar debug;\nif (process.env.NODE_DEBUG && /\\btunnel\\b/.test(process.env.NODE_DEBUG)) {\n debug = function() {\n var args = Array.prototype.slice.call(arguments);\n if (typeof args[0] === 'string') {\n args[0] = 'TUNNEL: ' + args[0];\n } else {\n args.unshift('TUNNEL:');\n }\n console.error.apply(console, args);\n }\n} else {\n debug = function() {};\n}\nexports.debug = debug; // for test\n","(function(nacl) {\n'use strict';\n\n// Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.\n// Public domain.\n//\n// Implementation derived from TweetNaCl version 20140427.\n// See for details: http://tweetnacl.cr.yp.to/\n\nvar gf = function(init) {\n var i, r = new Float64Array(16);\n if (init) for (i = 0; i < init.length; i++) r[i] = init[i];\n return r;\n};\n\n// Pluggable, initialized in high-level API below.\nvar randombytes = function(/* x, n */) { throw new Error('no PRNG'); };\n\nvar _0 = new Uint8Array(16);\nvar _9 = new Uint8Array(32); _9[0] = 9;\n\nvar gf0 = gf(),\n gf1 = gf([1]),\n _121665 = gf([0xdb41, 1]),\n D = gf([0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203]),\n D2 = gf([0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406]),\n X = gf([0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169]),\n Y = gf([0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666]),\n I = gf([0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83]);\n\nfunction ts64(x, i, h, l) {\n x[i] = (h >> 24) & 0xff;\n x[i+1] = (h >> 16) & 0xff;\n x[i+2] = (h >> 8) & 0xff;\n x[i+3] = h & 0xff;\n x[i+4] = (l >> 24) & 0xff;\n x[i+5] = (l >> 16) & 0xff;\n x[i+6] = (l >> 8) & 0xff;\n x[i+7] = l & 0xff;\n}\n\nfunction vn(x, xi, y, yi, n) {\n var i,d = 0;\n for (i = 0; i < n; i++) d |= x[xi+i]^y[yi+i];\n return (1 & ((d - 1) >>> 8)) - 1;\n}\n\nfunction crypto_verify_16(x, xi, y, yi) {\n return vn(x,xi,y,yi,16);\n}\n\nfunction crypto_verify_32(x, xi, y, yi) {\n return vn(x,xi,y,yi,32);\n}\n\nfunction core_salsa20(o, p, k, c) {\n var j0 = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n j1 = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n j2 = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n j3 = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n j4 = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n j5 = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n j6 = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n j7 = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n j8 = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n j9 = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n x15 = j15, u;\n\n for (var i = 0; i < 20; i += 2) {\n u = x0 + x12 | 0;\n x4 ^= u<<7 | u>>>(32-7);\n u = x4 + x0 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x4 | 0;\n x12 ^= u<<13 | u>>>(32-13);\n u = x12 + x8 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x1 | 0;\n x9 ^= u<<7 | u>>>(32-7);\n u = x9 + x5 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x9 | 0;\n x1 ^= u<<13 | u>>>(32-13);\n u = x1 + x13 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x6 | 0;\n x14 ^= u<<7 | u>>>(32-7);\n u = x14 + x10 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x14 | 0;\n x6 ^= u<<13 | u>>>(32-13);\n u = x6 + x2 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x11 | 0;\n x3 ^= u<<7 | u>>>(32-7);\n u = x3 + x15 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x3 | 0;\n x11 ^= u<<13 | u>>>(32-13);\n u = x11 + x7 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n\n u = x0 + x3 | 0;\n x1 ^= u<<7 | u>>>(32-7);\n u = x1 + x0 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x1 | 0;\n x3 ^= u<<13 | u>>>(32-13);\n u = x3 + x2 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x4 | 0;\n x6 ^= u<<7 | u>>>(32-7);\n u = x6 + x5 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x6 | 0;\n x4 ^= u<<13 | u>>>(32-13);\n u = x4 + x7 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x9 | 0;\n x11 ^= u<<7 | u>>>(32-7);\n u = x11 + x10 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x11 | 0;\n x9 ^= u<<13 | u>>>(32-13);\n u = x9 + x8 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x14 | 0;\n x12 ^= u<<7 | u>>>(32-7);\n u = x12 + x15 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x12 | 0;\n x14 ^= u<<13 | u>>>(32-13);\n u = x14 + x13 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n }\n x0 = x0 + j0 | 0;\n x1 = x1 + j1 | 0;\n x2 = x2 + j2 | 0;\n x3 = x3 + j3 | 0;\n x4 = x4 + j4 | 0;\n x5 = x5 + j5 | 0;\n x6 = x6 + j6 | 0;\n x7 = x7 + j7 | 0;\n x8 = x8 + j8 | 0;\n x9 = x9 + j9 | 0;\n x10 = x10 + j10 | 0;\n x11 = x11 + j11 | 0;\n x12 = x12 + j12 | 0;\n x13 = x13 + j13 | 0;\n x14 = x14 + j14 | 0;\n x15 = x15 + j15 | 0;\n\n o[ 0] = x0 >>> 0 & 0xff;\n o[ 1] = x0 >>> 8 & 0xff;\n o[ 2] = x0 >>> 16 & 0xff;\n o[ 3] = x0 >>> 24 & 0xff;\n\n o[ 4] = x1 >>> 0 & 0xff;\n o[ 5] = x1 >>> 8 & 0xff;\n o[ 6] = x1 >>> 16 & 0xff;\n o[ 7] = x1 >>> 24 & 0xff;\n\n o[ 8] = x2 >>> 0 & 0xff;\n o[ 9] = x2 >>> 8 & 0xff;\n o[10] = x2 >>> 16 & 0xff;\n o[11] = x2 >>> 24 & 0xff;\n\n o[12] = x3 >>> 0 & 0xff;\n o[13] = x3 >>> 8 & 0xff;\n o[14] = x3 >>> 16 & 0xff;\n o[15] = x3 >>> 24 & 0xff;\n\n o[16] = x4 >>> 0 & 0xff;\n o[17] = x4 >>> 8 & 0xff;\n o[18] = x4 >>> 16 & 0xff;\n o[19] = x4 >>> 24 & 0xff;\n\n o[20] = x5 >>> 0 & 0xff;\n o[21] = x5 >>> 8 & 0xff;\n o[22] = x5 >>> 16 & 0xff;\n o[23] = x5 >>> 24 & 0xff;\n\n o[24] = x6 >>> 0 & 0xff;\n o[25] = x6 >>> 8 & 0xff;\n o[26] = x6 >>> 16 & 0xff;\n o[27] = x6 >>> 24 & 0xff;\n\n o[28] = x7 >>> 0 & 0xff;\n o[29] = x7 >>> 8 & 0xff;\n o[30] = x7 >>> 16 & 0xff;\n o[31] = x7 >>> 24 & 0xff;\n\n o[32] = x8 >>> 0 & 0xff;\n o[33] = x8 >>> 8 & 0xff;\n o[34] = x8 >>> 16 & 0xff;\n o[35] = x8 >>> 24 & 0xff;\n\n o[36] = x9 >>> 0 & 0xff;\n o[37] = x9 >>> 8 & 0xff;\n o[38] = x9 >>> 16 & 0xff;\n o[39] = x9 >>> 24 & 0xff;\n\n o[40] = x10 >>> 0 & 0xff;\n o[41] = x10 >>> 8 & 0xff;\n o[42] = x10 >>> 16 & 0xff;\n o[43] = x10 >>> 24 & 0xff;\n\n o[44] = x11 >>> 0 & 0xff;\n o[45] = x11 >>> 8 & 0xff;\n o[46] = x11 >>> 16 & 0xff;\n o[47] = x11 >>> 24 & 0xff;\n\n o[48] = x12 >>> 0 & 0xff;\n o[49] = x12 >>> 8 & 0xff;\n o[50] = x12 >>> 16 & 0xff;\n o[51] = x12 >>> 24 & 0xff;\n\n o[52] = x13 >>> 0 & 0xff;\n o[53] = x13 >>> 8 & 0xff;\n o[54] = x13 >>> 16 & 0xff;\n o[55] = x13 >>> 24 & 0xff;\n\n o[56] = x14 >>> 0 & 0xff;\n o[57] = x14 >>> 8 & 0xff;\n o[58] = x14 >>> 16 & 0xff;\n o[59] = x14 >>> 24 & 0xff;\n\n o[60] = x15 >>> 0 & 0xff;\n o[61] = x15 >>> 8 & 0xff;\n o[62] = x15 >>> 16 & 0xff;\n o[63] = x15 >>> 24 & 0xff;\n}\n\nfunction core_hsalsa20(o,p,k,c) {\n var j0 = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n j1 = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n j2 = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n j3 = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n j4 = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n j5 = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n j6 = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n j7 = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n j8 = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n j9 = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n x15 = j15, u;\n\n for (var i = 0; i < 20; i += 2) {\n u = x0 + x12 | 0;\n x4 ^= u<<7 | u>>>(32-7);\n u = x4 + x0 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x4 | 0;\n x12 ^= u<<13 | u>>>(32-13);\n u = x12 + x8 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x1 | 0;\n x9 ^= u<<7 | u>>>(32-7);\n u = x9 + x5 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x9 | 0;\n x1 ^= u<<13 | u>>>(32-13);\n u = x1 + x13 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x6 | 0;\n x14 ^= u<<7 | u>>>(32-7);\n u = x14 + x10 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x14 | 0;\n x6 ^= u<<13 | u>>>(32-13);\n u = x6 + x2 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x11 | 0;\n x3 ^= u<<7 | u>>>(32-7);\n u = x3 + x15 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x3 | 0;\n x11 ^= u<<13 | u>>>(32-13);\n u = x11 + x7 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n\n u = x0 + x3 | 0;\n x1 ^= u<<7 | u>>>(32-7);\n u = x1 + x0 | 0;\n x2 ^= u<<9 | u>>>(32-9);\n u = x2 + x1 | 0;\n x3 ^= u<<13 | u>>>(32-13);\n u = x3 + x2 | 0;\n x0 ^= u<<18 | u>>>(32-18);\n\n u = x5 + x4 | 0;\n x6 ^= u<<7 | u>>>(32-7);\n u = x6 + x5 | 0;\n x7 ^= u<<9 | u>>>(32-9);\n u = x7 + x6 | 0;\n x4 ^= u<<13 | u>>>(32-13);\n u = x4 + x7 | 0;\n x5 ^= u<<18 | u>>>(32-18);\n\n u = x10 + x9 | 0;\n x11 ^= u<<7 | u>>>(32-7);\n u = x11 + x10 | 0;\n x8 ^= u<<9 | u>>>(32-9);\n u = x8 + x11 | 0;\n x9 ^= u<<13 | u>>>(32-13);\n u = x9 + x8 | 0;\n x10 ^= u<<18 | u>>>(32-18);\n\n u = x15 + x14 | 0;\n x12 ^= u<<7 | u>>>(32-7);\n u = x12 + x15 | 0;\n x13 ^= u<<9 | u>>>(32-9);\n u = x13 + x12 | 0;\n x14 ^= u<<13 | u>>>(32-13);\n u = x14 + x13 | 0;\n x15 ^= u<<18 | u>>>(32-18);\n }\n\n o[ 0] = x0 >>> 0 & 0xff;\n o[ 1] = x0 >>> 8 & 0xff;\n o[ 2] = x0 >>> 16 & 0xff;\n o[ 3] = x0 >>> 24 & 0xff;\n\n o[ 4] = x5 >>> 0 & 0xff;\n o[ 5] = x5 >>> 8 & 0xff;\n o[ 6] = x5 >>> 16 & 0xff;\n o[ 7] = x5 >>> 24 & 0xff;\n\n o[ 8] = x10 >>> 0 & 0xff;\n o[ 9] = x10 >>> 8 & 0xff;\n o[10] = x10 >>> 16 & 0xff;\n o[11] = x10 >>> 24 & 0xff;\n\n o[12] = x15 >>> 0 & 0xff;\n o[13] = x15 >>> 8 & 0xff;\n o[14] = x15 >>> 16 & 0xff;\n o[15] = x15 >>> 24 & 0xff;\n\n o[16] = x6 >>> 0 & 0xff;\n o[17] = x6 >>> 8 & 0xff;\n o[18] = x6 >>> 16 & 0xff;\n o[19] = x6 >>> 24 & 0xff;\n\n o[20] = x7 >>> 0 & 0xff;\n o[21] = x7 >>> 8 & 0xff;\n o[22] = x7 >>> 16 & 0xff;\n o[23] = x7 >>> 24 & 0xff;\n\n o[24] = x8 >>> 0 & 0xff;\n o[25] = x8 >>> 8 & 0xff;\n o[26] = x8 >>> 16 & 0xff;\n o[27] = x8 >>> 24 & 0xff;\n\n o[28] = x9 >>> 0 & 0xff;\n o[29] = x9 >>> 8 & 0xff;\n o[30] = x9 >>> 16 & 0xff;\n o[31] = x9 >>> 24 & 0xff;\n}\n\nfunction crypto_core_salsa20(out,inp,k,c) {\n core_salsa20(out,inp,k,c);\n}\n\nfunction crypto_core_hsalsa20(out,inp,k,c) {\n core_hsalsa20(out,inp,k,c);\n}\n\nvar sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]);\n // \"expand 32-byte k\"\n\nfunction crypto_stream_salsa20_xor(c,cpos,m,mpos,b,n,k) {\n var z = new Uint8Array(16), x = new Uint8Array(64);\n var u, i;\n for (i = 0; i < 16; i++) z[i] = 0;\n for (i = 0; i < 8; i++) z[i] = n[i];\n while (b >= 64) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < 64; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n u = 1;\n for (i = 8; i < 16; i++) {\n u = u + (z[i] & 0xff) | 0;\n z[i] = u & 0xff;\n u >>>= 8;\n }\n b -= 64;\n cpos += 64;\n mpos += 64;\n }\n if (b > 0) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < b; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n }\n return 0;\n}\n\nfunction crypto_stream_salsa20(c,cpos,b,n,k) {\n var z = new Uint8Array(16), x = new Uint8Array(64);\n var u, i;\n for (i = 0; i < 16; i++) z[i] = 0;\n for (i = 0; i < 8; i++) z[i] = n[i];\n while (b >= 64) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < 64; i++) c[cpos+i] = x[i];\n u = 1;\n for (i = 8; i < 16; i++) {\n u = u + (z[i] & 0xff) | 0;\n z[i] = u & 0xff;\n u >>>= 8;\n }\n b -= 64;\n cpos += 64;\n }\n if (b > 0) {\n crypto_core_salsa20(x,z,k,sigma);\n for (i = 0; i < b; i++) c[cpos+i] = x[i];\n }\n return 0;\n}\n\nfunction crypto_stream(c,cpos,d,n,k) {\n var s = new Uint8Array(32);\n crypto_core_hsalsa20(s,n,k,sigma);\n var sn = new Uint8Array(8);\n for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n return crypto_stream_salsa20(c,cpos,d,sn,s);\n}\n\nfunction crypto_stream_xor(c,cpos,m,mpos,d,n,k) {\n var s = new Uint8Array(32);\n crypto_core_hsalsa20(s,n,k,sigma);\n var sn = new Uint8Array(8);\n for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n return crypto_stream_salsa20_xor(c,cpos,m,mpos,d,sn,s);\n}\n\n/*\n* Port of Andrew Moon's Poly1305-donna-16. Public domain.\n* https://github.com/floodyberry/poly1305-donna\n*/\n\nvar poly1305 = function(key) {\n this.buffer = new Uint8Array(16);\n this.r = new Uint16Array(10);\n this.h = new Uint16Array(10);\n this.pad = new Uint16Array(8);\n this.leftover = 0;\n this.fin = 0;\n\n var t0, t1, t2, t3, t4, t5, t6, t7;\n\n t0 = key[ 0] & 0xff | (key[ 1] & 0xff) << 8; this.r[0] = ( t0 ) & 0x1fff;\n t1 = key[ 2] & 0xff | (key[ 3] & 0xff) << 8; this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff;\n t2 = key[ 4] & 0xff | (key[ 5] & 0xff) << 8; this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03;\n t3 = key[ 6] & 0xff | (key[ 7] & 0xff) << 8; this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff;\n t4 = key[ 8] & 0xff | (key[ 9] & 0xff) << 8; this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff;\n this.r[5] = ((t4 >>> 1)) & 0x1ffe;\n t5 = key[10] & 0xff | (key[11] & 0xff) << 8; this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff;\n t6 = key[12] & 0xff | (key[13] & 0xff) << 8; this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81;\n t7 = key[14] & 0xff | (key[15] & 0xff) << 8; this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff;\n this.r[9] = ((t7 >>> 5)) & 0x007f;\n\n this.pad[0] = key[16] & 0xff | (key[17] & 0xff) << 8;\n this.pad[1] = key[18] & 0xff | (key[19] & 0xff) << 8;\n this.pad[2] = key[20] & 0xff | (key[21] & 0xff) << 8;\n this.pad[3] = key[22] & 0xff | (key[23] & 0xff) << 8;\n this.pad[4] = key[24] & 0xff | (key[25] & 0xff) << 8;\n this.pad[5] = key[26] & 0xff | (key[27] & 0xff) << 8;\n this.pad[6] = key[28] & 0xff | (key[29] & 0xff) << 8;\n this.pad[7] = key[30] & 0xff | (key[31] & 0xff) << 8;\n};\n\npoly1305.prototype.blocks = function(m, mpos, bytes) {\n var hibit = this.fin ? 0 : (1 << 11);\n var t0, t1, t2, t3, t4, t5, t6, t7, c;\n var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9;\n\n var h0 = this.h[0],\n h1 = this.h[1],\n h2 = this.h[2],\n h3 = this.h[3],\n h4 = this.h[4],\n h5 = this.h[5],\n h6 = this.h[6],\n h7 = this.h[7],\n h8 = this.h[8],\n h9 = this.h[9];\n\n var r0 = this.r[0],\n r1 = this.r[1],\n r2 = this.r[2],\n r3 = this.r[3],\n r4 = this.r[4],\n r5 = this.r[5],\n r6 = this.r[6],\n r7 = this.r[7],\n r8 = this.r[8],\n r9 = this.r[9];\n\n while (bytes >= 16) {\n t0 = m[mpos+ 0] & 0xff | (m[mpos+ 1] & 0xff) << 8; h0 += ( t0 ) & 0x1fff;\n t1 = m[mpos+ 2] & 0xff | (m[mpos+ 3] & 0xff) << 8; h1 += ((t0 >>> 13) | (t1 << 3)) & 0x1fff;\n t2 = m[mpos+ 4] & 0xff | (m[mpos+ 5] & 0xff) << 8; h2 += ((t1 >>> 10) | (t2 << 6)) & 0x1fff;\n t3 = m[mpos+ 6] & 0xff | (m[mpos+ 7] & 0xff) << 8; h3 += ((t2 >>> 7) | (t3 << 9)) & 0x1fff;\n t4 = m[mpos+ 8] & 0xff | (m[mpos+ 9] & 0xff) << 8; h4 += ((t3 >>> 4) | (t4 << 12)) & 0x1fff;\n h5 += ((t4 >>> 1)) & 0x1fff;\n t5 = m[mpos+10] & 0xff | (m[mpos+11] & 0xff) << 8; h6 += ((t4 >>> 14) | (t5 << 2)) & 0x1fff;\n t6 = m[mpos+12] & 0xff | (m[mpos+13] & 0xff) << 8; h7 += ((t5 >>> 11) | (t6 << 5)) & 0x1fff;\n t7 = m[mpos+14] & 0xff | (m[mpos+15] & 0xff) << 8; h8 += ((t6 >>> 8) | (t7 << 8)) & 0x1fff;\n h9 += ((t7 >>> 5)) | hibit;\n\n c = 0;\n\n d0 = c;\n d0 += h0 * r0;\n d0 += h1 * (5 * r9);\n d0 += h2 * (5 * r8);\n d0 += h3 * (5 * r7);\n d0 += h4 * (5 * r6);\n c = (d0 >>> 13); d0 &= 0x1fff;\n d0 += h5 * (5 * r5);\n d0 += h6 * (5 * r4);\n d0 += h7 * (5 * r3);\n d0 += h8 * (5 * r2);\n d0 += h9 * (5 * r1);\n c += (d0 >>> 13); d0 &= 0x1fff;\n\n d1 = c;\n d1 += h0 * r1;\n d1 += h1 * r0;\n d1 += h2 * (5 * r9);\n d1 += h3 * (5 * r8);\n d1 += h4 * (5 * r7);\n c = (d1 >>> 13); d1 &= 0x1fff;\n d1 += h5 * (5 * r6);\n d1 += h6 * (5 * r5);\n d1 += h7 * (5 * r4);\n d1 += h8 * (5 * r3);\n d1 += h9 * (5 * r2);\n c += (d1 >>> 13); d1 &= 0x1fff;\n\n d2 = c;\n d2 += h0 * r2;\n d2 += h1 * r1;\n d2 += h2 * r0;\n d2 += h3 * (5 * r9);\n d2 += h4 * (5 * r8);\n c = (d2 >>> 13); d2 &= 0x1fff;\n d2 += h5 * (5 * r7);\n d2 += h6 * (5 * r6);\n d2 += h7 * (5 * r5);\n d2 += h8 * (5 * r4);\n d2 += h9 * (5 * r3);\n c += (d2 >>> 13); d2 &= 0x1fff;\n\n d3 = c;\n d3 += h0 * r3;\n d3 += h1 * r2;\n d3 += h2 * r1;\n d3 += h3 * r0;\n d3 += h4 * (5 * r9);\n c = (d3 >>> 13); d3 &= 0x1fff;\n d3 += h5 * (5 * r8);\n d3 += h6 * (5 * r7);\n d3 += h7 * (5 * r6);\n d3 += h8 * (5 * r5);\n d3 += h9 * (5 * r4);\n c += (d3 >>> 13); d3 &= 0x1fff;\n\n d4 = c;\n d4 += h0 * r4;\n d4 += h1 * r3;\n d4 += h2 * r2;\n d4 += h3 * r1;\n d4 += h4 * r0;\n c = (d4 >>> 13); d4 &= 0x1fff;\n d4 += h5 * (5 * r9);\n d4 += h6 * (5 * r8);\n d4 += h7 * (5 * r7);\n d4 += h8 * (5 * r6);\n d4 += h9 * (5 * r5);\n c += (d4 >>> 13); d4 &= 0x1fff;\n\n d5 = c;\n d5 += h0 * r5;\n d5 += h1 * r4;\n d5 += h2 * r3;\n d5 += h3 * r2;\n d5 += h4 * r1;\n c = (d5 >>> 13); d5 &= 0x1fff;\n d5 += h5 * r0;\n d5 += h6 * (5 * r9);\n d5 += h7 * (5 * r8);\n d5 += h8 * (5 * r7);\n d5 += h9 * (5 * r6);\n c += (d5 >>> 13); d5 &= 0x1fff;\n\n d6 = c;\n d6 += h0 * r6;\n d6 += h1 * r5;\n d6 += h2 * r4;\n d6 += h3 * r3;\n d6 += h4 * r2;\n c = (d6 >>> 13); d6 &= 0x1fff;\n d6 += h5 * r1;\n d6 += h6 * r0;\n d6 += h7 * (5 * r9);\n d6 += h8 * (5 * r8);\n d6 += h9 * (5 * r7);\n c += (d6 >>> 13); d6 &= 0x1fff;\n\n d7 = c;\n d7 += h0 * r7;\n d7 += h1 * r6;\n d7 += h2 * r5;\n d7 += h3 * r4;\n d7 += h4 * r3;\n c = (d7 >>> 13); d7 &= 0x1fff;\n d7 += h5 * r2;\n d7 += h6 * r1;\n d7 += h7 * r0;\n d7 += h8 * (5 * r9);\n d7 += h9 * (5 * r8);\n c += (d7 >>> 13); d7 &= 0x1fff;\n\n d8 = c;\n d8 += h0 * r8;\n d8 += h1 * r7;\n d8 += h2 * r6;\n d8 += h3 * r5;\n d8 += h4 * r4;\n c = (d8 >>> 13); d8 &= 0x1fff;\n d8 += h5 * r3;\n d8 += h6 * r2;\n d8 += h7 * r1;\n d8 += h8 * r0;\n d8 += h9 * (5 * r9);\n c += (d8 >>> 13); d8 &= 0x1fff;\n\n d9 = c;\n d9 += h0 * r9;\n d9 += h1 * r8;\n d9 += h2 * r7;\n d9 += h3 * r6;\n d9 += h4 * r5;\n c = (d9 >>> 13); d9 &= 0x1fff;\n d9 += h5 * r4;\n d9 += h6 * r3;\n d9 += h7 * r2;\n d9 += h8 * r1;\n d9 += h9 * r0;\n c += (d9 >>> 13); d9 &= 0x1fff;\n\n c = (((c << 2) + c)) | 0;\n c = (c + d0) | 0;\n d0 = c & 0x1fff;\n c = (c >>> 13);\n d1 += c;\n\n h0 = d0;\n h1 = d1;\n h2 = d2;\n h3 = d3;\n h4 = d4;\n h5 = d5;\n h6 = d6;\n h7 = d7;\n h8 = d8;\n h9 = d9;\n\n mpos += 16;\n bytes -= 16;\n }\n this.h[0] = h0;\n this.h[1] = h1;\n this.h[2] = h2;\n this.h[3] = h3;\n this.h[4] = h4;\n this.h[5] = h5;\n this.h[6] = h6;\n this.h[7] = h7;\n this.h[8] = h8;\n this.h[9] = h9;\n};\n\npoly1305.prototype.finish = function(mac, macpos) {\n var g = new Uint16Array(10);\n var c, mask, f, i;\n\n if (this.leftover) {\n i = this.leftover;\n this.buffer[i++] = 1;\n for (; i < 16; i++) this.buffer[i] = 0;\n this.fin = 1;\n this.blocks(this.buffer, 0, 16);\n }\n\n c = this.h[1] >>> 13;\n this.h[1] &= 0x1fff;\n for (i = 2; i < 10; i++) {\n this.h[i] += c;\n c = this.h[i] >>> 13;\n this.h[i] &= 0x1fff;\n }\n this.h[0] += (c * 5);\n c = this.h[0] >>> 13;\n this.h[0] &= 0x1fff;\n this.h[1] += c;\n c = this.h[1] >>> 13;\n this.h[1] &= 0x1fff;\n this.h[2] += c;\n\n g[0] = this.h[0] + 5;\n c = g[0] >>> 13;\n g[0] &= 0x1fff;\n for (i = 1; i < 10; i++) {\n g[i] = this.h[i] + c;\n c = g[i] >>> 13;\n g[i] &= 0x1fff;\n }\n g[9] -= (1 << 13);\n\n mask = (c ^ 1) - 1;\n for (i = 0; i < 10; i++) g[i] &= mask;\n mask = ~mask;\n for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i];\n\n this.h[0] = ((this.h[0] ) | (this.h[1] << 13) ) & 0xffff;\n this.h[1] = ((this.h[1] >>> 3) | (this.h[2] << 10) ) & 0xffff;\n this.h[2] = ((this.h[2] >>> 6) | (this.h[3] << 7) ) & 0xffff;\n this.h[3] = ((this.h[3] >>> 9) | (this.h[4] << 4) ) & 0xffff;\n this.h[4] = ((this.h[4] >>> 12) | (this.h[5] << 1) | (this.h[6] << 14)) & 0xffff;\n this.h[5] = ((this.h[6] >>> 2) | (this.h[7] << 11) ) & 0xffff;\n this.h[6] = ((this.h[7] >>> 5) | (this.h[8] << 8) ) & 0xffff;\n this.h[7] = ((this.h[8] >>> 8) | (this.h[9] << 5) ) & 0xffff;\n\n f = this.h[0] + this.pad[0];\n this.h[0] = f & 0xffff;\n for (i = 1; i < 8; i++) {\n f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0;\n this.h[i] = f & 0xffff;\n }\n\n mac[macpos+ 0] = (this.h[0] >>> 0) & 0xff;\n mac[macpos+ 1] = (this.h[0] >>> 8) & 0xff;\n mac[macpos+ 2] = (this.h[1] >>> 0) & 0xff;\n mac[macpos+ 3] = (this.h[1] >>> 8) & 0xff;\n mac[macpos+ 4] = (this.h[2] >>> 0) & 0xff;\n mac[macpos+ 5] = (this.h[2] >>> 8) & 0xff;\n mac[macpos+ 6] = (this.h[3] >>> 0) & 0xff;\n mac[macpos+ 7] = (this.h[3] >>> 8) & 0xff;\n mac[macpos+ 8] = (this.h[4] >>> 0) & 0xff;\n mac[macpos+ 9] = (this.h[4] >>> 8) & 0xff;\n mac[macpos+10] = (this.h[5] >>> 0) & 0xff;\n mac[macpos+11] = (this.h[5] >>> 8) & 0xff;\n mac[macpos+12] = (this.h[6] >>> 0) & 0xff;\n mac[macpos+13] = (this.h[6] >>> 8) & 0xff;\n mac[macpos+14] = (this.h[7] >>> 0) & 0xff;\n mac[macpos+15] = (this.h[7] >>> 8) & 0xff;\n};\n\npoly1305.prototype.update = function(m, mpos, bytes) {\n var i, want;\n\n if (this.leftover) {\n want = (16 - this.leftover);\n if (want > bytes)\n want = bytes;\n for (i = 0; i < want; i++)\n this.buffer[this.leftover + i] = m[mpos+i];\n bytes -= want;\n mpos += want;\n this.leftover += want;\n if (this.leftover < 16)\n return;\n this.blocks(this.buffer, 0, 16);\n this.leftover = 0;\n }\n\n if (bytes >= 16) {\n want = bytes - (bytes % 16);\n this.blocks(m, mpos, want);\n mpos += want;\n bytes -= want;\n }\n\n if (bytes) {\n for (i = 0; i < bytes; i++)\n this.buffer[this.leftover + i] = m[mpos+i];\n this.leftover += bytes;\n }\n};\n\nfunction crypto_onetimeauth(out, outpos, m, mpos, n, k) {\n var s = new poly1305(k);\n s.update(m, mpos, n);\n s.finish(out, outpos);\n return 0;\n}\n\nfunction crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {\n var x = new Uint8Array(16);\n crypto_onetimeauth(x,0,m,mpos,n,k);\n return crypto_verify_16(h,hpos,x,0);\n}\n\nfunction crypto_secretbox(c,m,d,n,k) {\n var i;\n if (d < 32) return -1;\n crypto_stream_xor(c,0,m,0,d,n,k);\n crypto_onetimeauth(c, 16, c, 32, d - 32, c);\n for (i = 0; i < 16; i++) c[i] = 0;\n return 0;\n}\n\nfunction crypto_secretbox_open(m,c,d,n,k) {\n var i;\n var x = new Uint8Array(32);\n if (d < 32) return -1;\n crypto_stream(x,0,32,n,k);\n if (crypto_onetimeauth_verify(c, 16,c, 32,d - 32,x) !== 0) return -1;\n crypto_stream_xor(m,0,c,0,d,n,k);\n for (i = 0; i < 32; i++) m[i] = 0;\n return 0;\n}\n\nfunction set25519(r, a) {\n var i;\n for (i = 0; i < 16; i++) r[i] = a[i]|0;\n}\n\nfunction car25519(o) {\n var i, v, c = 1;\n for (i = 0; i < 16; i++) {\n v = o[i] + c + 65535;\n c = Math.floor(v / 65536);\n o[i] = v - c * 65536;\n }\n o[0] += c-1 + 37 * (c-1);\n}\n\nfunction sel25519(p, q, b) {\n var t, c = ~(b-1);\n for (var i = 0; i < 16; i++) {\n t = c & (p[i] ^ q[i]);\n p[i] ^= t;\n q[i] ^= t;\n }\n}\n\nfunction pack25519(o, n) {\n var i, j, b;\n var m = gf(), t = gf();\n for (i = 0; i < 16; i++) t[i] = n[i];\n car25519(t);\n car25519(t);\n car25519(t);\n for (j = 0; j < 2; j++) {\n m[0] = t[0] - 0xffed;\n for (i = 1; i < 15; i++) {\n m[i] = t[i] - 0xffff - ((m[i-1]>>16) & 1);\n m[i-1] &= 0xffff;\n }\n m[15] = t[15] - 0x7fff - ((m[14]>>16) & 1);\n b = (m[15]>>16) & 1;\n m[14] &= 0xffff;\n sel25519(t, m, 1-b);\n }\n for (i = 0; i < 16; i++) {\n o[2*i] = t[i] & 0xff;\n o[2*i+1] = t[i]>>8;\n }\n}\n\nfunction neq25519(a, b) {\n var c = new Uint8Array(32), d = new Uint8Array(32);\n pack25519(c, a);\n pack25519(d, b);\n return crypto_verify_32(c, 0, d, 0);\n}\n\nfunction par25519(a) {\n var d = new Uint8Array(32);\n pack25519(d, a);\n return d[0] & 1;\n}\n\nfunction unpack25519(o, n) {\n var i;\n for (i = 0; i < 16; i++) o[i] = n[2*i] + (n[2*i+1] << 8);\n o[15] &= 0x7fff;\n}\n\nfunction A(o, a, b) {\n for (var i = 0; i < 16; i++) o[i] = a[i] + b[i];\n}\n\nfunction Z(o, a, b) {\n for (var i = 0; i < 16; i++) o[i] = a[i] - b[i];\n}\n\nfunction M(o, a, b) {\n var v, c,\n t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0, t5 = 0, t6 = 0, t7 = 0,\n t8 = 0, t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,\n t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,\n t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0,\n b0 = b[0],\n b1 = b[1],\n b2 = b[2],\n b3 = b[3],\n b4 = b[4],\n b5 = b[5],\n b6 = b[6],\n b7 = b[7],\n b8 = b[8],\n b9 = b[9],\n b10 = b[10],\n b11 = b[11],\n b12 = b[12],\n b13 = b[13],\n b14 = b[14],\n b15 = b[15];\n\n v = a[0];\n t0 += v * b0;\n t1 += v * b1;\n t2 += v * b2;\n t3 += v * b3;\n t4 += v * b4;\n t5 += v * b5;\n t6 += v * b6;\n t7 += v * b7;\n t8 += v * b8;\n t9 += v * b9;\n t10 += v * b10;\n t11 += v * b11;\n t12 += v * b12;\n t13 += v * b13;\n t14 += v * b14;\n t15 += v * b15;\n v = a[1];\n t1 += v * b0;\n t2 += v * b1;\n t3 += v * b2;\n t4 += v * b3;\n t5 += v * b4;\n t6 += v * b5;\n t7 += v * b6;\n t8 += v * b7;\n t9 += v * b8;\n t10 += v * b9;\n t11 += v * b10;\n t12 += v * b11;\n t13 += v * b12;\n t14 += v * b13;\n t15 += v * b14;\n t16 += v * b15;\n v = a[2];\n t2 += v * b0;\n t3 += v * b1;\n t4 += v * b2;\n t5 += v * b3;\n t6 += v * b4;\n t7 += v * b5;\n t8 += v * b6;\n t9 += v * b7;\n t10 += v * b8;\n t11 += v * b9;\n t12 += v * b10;\n t13 += v * b11;\n t14 += v * b12;\n t15 += v * b13;\n t16 += v * b14;\n t17 += v * b15;\n v = a[3];\n t3 += v * b0;\n t4 += v * b1;\n t5 += v * b2;\n t6 += v * b3;\n t7 += v * b4;\n t8 += v * b5;\n t9 += v * b6;\n t10 += v * b7;\n t11 += v * b8;\n t12 += v * b9;\n t13 += v * b10;\n t14 += v * b11;\n t15 += v * b12;\n t16 += v * b13;\n t17 += v * b14;\n t18 += v * b15;\n v = a[4];\n t4 += v * b0;\n t5 += v * b1;\n t6 += v * b2;\n t7 += v * b3;\n t8 += v * b4;\n t9 += v * b5;\n t10 += v * b6;\n t11 += v * b7;\n t12 += v * b8;\n t13 += v * b9;\n t14 += v * b10;\n t15 += v * b11;\n t16 += v * b12;\n t17 += v * b13;\n t18 += v * b14;\n t19 += v * b15;\n v = a[5];\n t5 += v * b0;\n t6 += v * b1;\n t7 += v * b2;\n t8 += v * b3;\n t9 += v * b4;\n t10 += v * b5;\n t11 += v * b6;\n t12 += v * b7;\n t13 += v * b8;\n t14 += v * b9;\n t15 += v * b10;\n t16 += v * b11;\n t17 += v * b12;\n t18 += v * b13;\n t19 += v * b14;\n t20 += v * b15;\n v = a[6];\n t6 += v * b0;\n t7 += v * b1;\n t8 += v * b2;\n t9 += v * b3;\n t10 += v * b4;\n t11 += v * b5;\n t12 += v * b6;\n t13 += v * b7;\n t14 += v * b8;\n t15 += v * b9;\n t16 += v * b10;\n t17 += v * b11;\n t18 += v * b12;\n t19 += v * b13;\n t20 += v * b14;\n t21 += v * b15;\n v = a[7];\n t7 += v * b0;\n t8 += v * b1;\n t9 += v * b2;\n t10 += v * b3;\n t11 += v * b4;\n t12 += v * b5;\n t13 += v * b6;\n t14 += v * b7;\n t15 += v * b8;\n t16 += v * b9;\n t17 += v * b10;\n t18 += v * b11;\n t19 += v * b12;\n t20 += v * b13;\n t21 += v * b14;\n t22 += v * b15;\n v = a[8];\n t8 += v * b0;\n t9 += v * b1;\n t10 += v * b2;\n t11 += v * b3;\n t12 += v * b4;\n t13 += v * b5;\n t14 += v * b6;\n t15 += v * b7;\n t16 += v * b8;\n t17 += v * b9;\n t18 += v * b10;\n t19 += v * b11;\n t20 += v * b12;\n t21 += v * b13;\n t22 += v * b14;\n t23 += v * b15;\n v = a[9];\n t9 += v * b0;\n t10 += v * b1;\n t11 += v * b2;\n t12 += v * b3;\n t13 += v * b4;\n t14 += v * b5;\n t15 += v * b6;\n t16 += v * b7;\n t17 += v * b8;\n t18 += v * b9;\n t19 += v * b10;\n t20 += v * b11;\n t21 += v * b12;\n t22 += v * b13;\n t23 += v * b14;\n t24 += v * b15;\n v = a[10];\n t10 += v * b0;\n t11 += v * b1;\n t12 += v * b2;\n t13 += v * b3;\n t14 += v * b4;\n t15 += v * b5;\n t16 += v * b6;\n t17 += v * b7;\n t18 += v * b8;\n t19 += v * b9;\n t20 += v * b10;\n t21 += v * b11;\n t22 += v * b12;\n t23 += v * b13;\n t24 += v * b14;\n t25 += v * b15;\n v = a[11];\n t11 += v * b0;\n t12 += v * b1;\n t13 += v * b2;\n t14 += v * b3;\n t15 += v * b4;\n t16 += v * b5;\n t17 += v * b6;\n t18 += v * b7;\n t19 += v * b8;\n t20 += v * b9;\n t21 += v * b10;\n t22 += v * b11;\n t23 += v * b12;\n t24 += v * b13;\n t25 += v * b14;\n t26 += v * b15;\n v = a[12];\n t12 += v * b0;\n t13 += v * b1;\n t14 += v * b2;\n t15 += v * b3;\n t16 += v * b4;\n t17 += v * b5;\n t18 += v * b6;\n t19 += v * b7;\n t20 += v * b8;\n t21 += v * b9;\n t22 += v * b10;\n t23 += v * b11;\n t24 += v * b12;\n t25 += v * b13;\n t26 += v * b14;\n t27 += v * b15;\n v = a[13];\n t13 += v * b0;\n t14 += v * b1;\n t15 += v * b2;\n t16 += v * b3;\n t17 += v * b4;\n t18 += v * b5;\n t19 += v * b6;\n t20 += v * b7;\n t21 += v * b8;\n t22 += v * b9;\n t23 += v * b10;\n t24 += v * b11;\n t25 += v * b12;\n t26 += v * b13;\n t27 += v * b14;\n t28 += v * b15;\n v = a[14];\n t14 += v * b0;\n t15 += v * b1;\n t16 += v * b2;\n t17 += v * b3;\n t18 += v * b4;\n t19 += v * b5;\n t20 += v * b6;\n t21 += v * b7;\n t22 += v * b8;\n t23 += v * b9;\n t24 += v * b10;\n t25 += v * b11;\n t26 += v * b12;\n t27 += v * b13;\n t28 += v * b14;\n t29 += v * b15;\n v = a[15];\n t15 += v * b0;\n t16 += v * b1;\n t17 += v * b2;\n t18 += v * b3;\n t19 += v * b4;\n t20 += v * b5;\n t21 += v * b6;\n t22 += v * b7;\n t23 += v * b8;\n t24 += v * b9;\n t25 += v * b10;\n t26 += v * b11;\n t27 += v * b12;\n t28 += v * b13;\n t29 += v * b14;\n t30 += v * b15;\n\n t0 += 38 * t16;\n t1 += 38 * t17;\n t2 += 38 * t18;\n t3 += 38 * t19;\n t4 += 38 * t20;\n t5 += 38 * t21;\n t6 += 38 * t22;\n t7 += 38 * t23;\n t8 += 38 * t24;\n t9 += 38 * t25;\n t10 += 38 * t26;\n t11 += 38 * t27;\n t12 += 38 * t28;\n t13 += 38 * t29;\n t14 += 38 * t30;\n // t15 left as is\n\n // first car\n c = 1;\n v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;\n v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;\n v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;\n v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;\n v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;\n v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;\n v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;\n v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;\n v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;\n v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;\n v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n t0 += c-1 + 37 * (c-1);\n\n // second car\n c = 1;\n v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;\n v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;\n v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;\n v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;\n v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;\n v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;\n v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;\n v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;\n v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;\n v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;\n v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n t0 += c-1 + 37 * (c-1);\n\n o[ 0] = t0;\n o[ 1] = t1;\n o[ 2] = t2;\n o[ 3] = t3;\n o[ 4] = t4;\n o[ 5] = t5;\n o[ 6] = t6;\n o[ 7] = t7;\n o[ 8] = t8;\n o[ 9] = t9;\n o[10] = t10;\n o[11] = t11;\n o[12] = t12;\n o[13] = t13;\n o[14] = t14;\n o[15] = t15;\n}\n\nfunction S(o, a) {\n M(o, a, a);\n}\n\nfunction inv25519(o, i) {\n var c = gf();\n var a;\n for (a = 0; a < 16; a++) c[a] = i[a];\n for (a = 253; a >= 0; a--) {\n S(c, c);\n if(a !== 2 && a !== 4) M(c, c, i);\n }\n for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction pow2523(o, i) {\n var c = gf();\n var a;\n for (a = 0; a < 16; a++) c[a] = i[a];\n for (a = 250; a >= 0; a--) {\n S(c, c);\n if(a !== 1) M(c, c, i);\n }\n for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction crypto_scalarmult(q, n, p) {\n var z = new Uint8Array(32);\n var x = new Float64Array(80), r, i;\n var a = gf(), b = gf(), c = gf(),\n d = gf(), e = gf(), f = gf();\n for (i = 0; i < 31; i++) z[i] = n[i];\n z[31]=(n[31]&127)|64;\n z[0]&=248;\n unpack25519(x,p);\n for (i = 0; i < 16; i++) {\n b[i]=x[i];\n d[i]=a[i]=c[i]=0;\n }\n a[0]=d[0]=1;\n for (i=254; i>=0; --i) {\n r=(z[i>>>3]>>>(i&7))&1;\n sel25519(a,b,r);\n sel25519(c,d,r);\n A(e,a,c);\n Z(a,a,c);\n A(c,b,d);\n Z(b,b,d);\n S(d,e);\n S(f,a);\n M(a,c,a);\n M(c,b,e);\n A(e,a,c);\n Z(a,a,c);\n S(b,a);\n Z(c,d,f);\n M(a,c,_121665);\n A(a,a,d);\n M(c,c,a);\n M(a,d,f);\n M(d,b,x);\n S(b,e);\n sel25519(a,b,r);\n sel25519(c,d,r);\n }\n for (i = 0; i < 16; i++) {\n x[i+16]=a[i];\n x[i+32]=c[i];\n x[i+48]=b[i];\n x[i+64]=d[i];\n }\n var x32 = x.subarray(32);\n var x16 = x.subarray(16);\n inv25519(x32,x32);\n M(x16,x16,x32);\n pack25519(q,x16);\n return 0;\n}\n\nfunction crypto_scalarmult_base(q, n) {\n return crypto_scalarmult(q, n, _9);\n}\n\nfunction crypto_box_keypair(y, x) {\n randombytes(x, 32);\n return crypto_scalarmult_base(y, x);\n}\n\nfunction crypto_box_beforenm(k, y, x) {\n var s = new Uint8Array(32);\n crypto_scalarmult(s, x, y);\n return crypto_core_hsalsa20(k, _0, s, sigma);\n}\n\nvar crypto_box_afternm = crypto_secretbox;\nvar crypto_box_open_afternm = crypto_secretbox_open;\n\nfunction crypto_box(c, m, d, n, y, x) {\n var k = new Uint8Array(32);\n crypto_box_beforenm(k, y, x);\n return crypto_box_afternm(c, m, d, n, k);\n}\n\nfunction crypto_box_open(m, c, d, n, y, x) {\n var k = new Uint8Array(32);\n crypto_box_beforenm(k, y, x);\n return crypto_box_open_afternm(m, c, d, n, k);\n}\n\nvar K = [\n 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,\n 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,\n 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,\n 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,\n 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,\n 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,\n 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,\n 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,\n 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,\n 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,\n 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,\n 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,\n 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,\n 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,\n 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,\n 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,\n 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,\n 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,\n 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,\n 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,\n 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,\n 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,\n 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,\n 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,\n 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,\n 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,\n 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,\n 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,\n 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,\n 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,\n 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,\n 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,\n 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,\n 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,\n 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,\n 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,\n 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,\n 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,\n 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,\n 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817\n];\n\nfunction crypto_hashblocks_hl(hh, hl, m, n) {\n var wh = new Int32Array(16), wl = new Int32Array(16),\n bh0, bh1, bh2, bh3, bh4, bh5, bh6, bh7,\n bl0, bl1, bl2, bl3, bl4, bl5, bl6, bl7,\n th, tl, i, j, h, l, a, b, c, d;\n\n var ah0 = hh[0],\n ah1 = hh[1],\n ah2 = hh[2],\n ah3 = hh[3],\n ah4 = hh[4],\n ah5 = hh[5],\n ah6 = hh[6],\n ah7 = hh[7],\n\n al0 = hl[0],\n al1 = hl[1],\n al2 = hl[2],\n al3 = hl[3],\n al4 = hl[4],\n al5 = hl[5],\n al6 = hl[6],\n al7 = hl[7];\n\n var pos = 0;\n while (n >= 128) {\n for (i = 0; i < 16; i++) {\n j = 8 * i + pos;\n wh[i] = (m[j+0] << 24) | (m[j+1] << 16) | (m[j+2] << 8) | m[j+3];\n wl[i] = (m[j+4] << 24) | (m[j+5] << 16) | (m[j+6] << 8) | m[j+7];\n }\n for (i = 0; i < 80; i++) {\n bh0 = ah0;\n bh1 = ah1;\n bh2 = ah2;\n bh3 = ah3;\n bh4 = ah4;\n bh5 = ah5;\n bh6 = ah6;\n bh7 = ah7;\n\n bl0 = al0;\n bl1 = al1;\n bl2 = al2;\n bl3 = al3;\n bl4 = al4;\n bl5 = al5;\n bl6 = al6;\n bl7 = al7;\n\n // add\n h = ah7;\n l = al7;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n // Sigma1\n h = ((ah4 >>> 14) | (al4 << (32-14))) ^ ((ah4 >>> 18) | (al4 << (32-18))) ^ ((al4 >>> (41-32)) | (ah4 << (32-(41-32))));\n l = ((al4 >>> 14) | (ah4 << (32-14))) ^ ((al4 >>> 18) | (ah4 << (32-18))) ^ ((ah4 >>> (41-32)) | (al4 << (32-(41-32))));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // Ch\n h = (ah4 & ah5) ^ (~ah4 & ah6);\n l = (al4 & al5) ^ (~al4 & al6);\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // K\n h = K[i*2];\n l = K[i*2+1];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // w\n h = wh[i%16];\n l = wl[i%16];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n th = c & 0xffff | d << 16;\n tl = a & 0xffff | b << 16;\n\n // add\n h = th;\n l = tl;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n // Sigma0\n h = ((ah0 >>> 28) | (al0 << (32-28))) ^ ((al0 >>> (34-32)) | (ah0 << (32-(34-32)))) ^ ((al0 >>> (39-32)) | (ah0 << (32-(39-32))));\n l = ((al0 >>> 28) | (ah0 << (32-28))) ^ ((ah0 >>> (34-32)) | (al0 << (32-(34-32)))) ^ ((ah0 >>> (39-32)) | (al0 << (32-(39-32))));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // Maj\n h = (ah0 & ah1) ^ (ah0 & ah2) ^ (ah1 & ah2);\n l = (al0 & al1) ^ (al0 & al2) ^ (al1 & al2);\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n bh7 = (c & 0xffff) | (d << 16);\n bl7 = (a & 0xffff) | (b << 16);\n\n // add\n h = bh3;\n l = bl3;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = th;\n l = tl;\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n bh3 = (c & 0xffff) | (d << 16);\n bl3 = (a & 0xffff) | (b << 16);\n\n ah1 = bh0;\n ah2 = bh1;\n ah3 = bh2;\n ah4 = bh3;\n ah5 = bh4;\n ah6 = bh5;\n ah7 = bh6;\n ah0 = bh7;\n\n al1 = bl0;\n al2 = bl1;\n al3 = bl2;\n al4 = bl3;\n al5 = bl4;\n al6 = bl5;\n al7 = bl6;\n al0 = bl7;\n\n if (i%16 === 15) {\n for (j = 0; j < 16; j++) {\n // add\n h = wh[j];\n l = wl[j];\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = wh[(j+9)%16];\n l = wl[(j+9)%16];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // sigma0\n th = wh[(j+1)%16];\n tl = wl[(j+1)%16];\n h = ((th >>> 1) | (tl << (32-1))) ^ ((th >>> 8) | (tl << (32-8))) ^ (th >>> 7);\n l = ((tl >>> 1) | (th << (32-1))) ^ ((tl >>> 8) | (th << (32-8))) ^ ((tl >>> 7) | (th << (32-7)));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n // sigma1\n th = wh[(j+14)%16];\n tl = wl[(j+14)%16];\n h = ((th >>> 19) | (tl << (32-19))) ^ ((tl >>> (61-32)) | (th << (32-(61-32)))) ^ (th >>> 6);\n l = ((tl >>> 19) | (th << (32-19))) ^ ((th >>> (61-32)) | (tl << (32-(61-32)))) ^ ((tl >>> 6) | (th << (32-6)));\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n wh[j] = (c & 0xffff) | (d << 16);\n wl[j] = (a & 0xffff) | (b << 16);\n }\n }\n }\n\n // add\n h = ah0;\n l = al0;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[0];\n l = hl[0];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[0] = ah0 = (c & 0xffff) | (d << 16);\n hl[0] = al0 = (a & 0xffff) | (b << 16);\n\n h = ah1;\n l = al1;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[1];\n l = hl[1];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[1] = ah1 = (c & 0xffff) | (d << 16);\n hl[1] = al1 = (a & 0xffff) | (b << 16);\n\n h = ah2;\n l = al2;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[2];\n l = hl[2];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[2] = ah2 = (c & 0xffff) | (d << 16);\n hl[2] = al2 = (a & 0xffff) | (b << 16);\n\n h = ah3;\n l = al3;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[3];\n l = hl[3];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[3] = ah3 = (c & 0xffff) | (d << 16);\n hl[3] = al3 = (a & 0xffff) | (b << 16);\n\n h = ah4;\n l = al4;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[4];\n l = hl[4];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[4] = ah4 = (c & 0xffff) | (d << 16);\n hl[4] = al4 = (a & 0xffff) | (b << 16);\n\n h = ah5;\n l = al5;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[5];\n l = hl[5];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[5] = ah5 = (c & 0xffff) | (d << 16);\n hl[5] = al5 = (a & 0xffff) | (b << 16);\n\n h = ah6;\n l = al6;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[6];\n l = hl[6];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[6] = ah6 = (c & 0xffff) | (d << 16);\n hl[6] = al6 = (a & 0xffff) | (b << 16);\n\n h = ah7;\n l = al7;\n\n a = l & 0xffff; b = l >>> 16;\n c = h & 0xffff; d = h >>> 16;\n\n h = hh[7];\n l = hl[7];\n\n a += l & 0xffff; b += l >>> 16;\n c += h & 0xffff; d += h >>> 16;\n\n b += a >>> 16;\n c += b >>> 16;\n d += c >>> 16;\n\n hh[7] = ah7 = (c & 0xffff) | (d << 16);\n hl[7] = al7 = (a & 0xffff) | (b << 16);\n\n pos += 128;\n n -= 128;\n }\n\n return n;\n}\n\nfunction crypto_hash(out, m, n) {\n var hh = new Int32Array(8),\n hl = new Int32Array(8),\n x = new Uint8Array(256),\n i, b = n;\n\n hh[0] = 0x6a09e667;\n hh[1] = 0xbb67ae85;\n hh[2] = 0x3c6ef372;\n hh[3] = 0xa54ff53a;\n hh[4] = 0x510e527f;\n hh[5] = 0x9b05688c;\n hh[6] = 0x1f83d9ab;\n hh[7] = 0x5be0cd19;\n\n hl[0] = 0xf3bcc908;\n hl[1] = 0x84caa73b;\n hl[2] = 0xfe94f82b;\n hl[3] = 0x5f1d36f1;\n hl[4] = 0xade682d1;\n hl[5] = 0x2b3e6c1f;\n hl[6] = 0xfb41bd6b;\n hl[7] = 0x137e2179;\n\n crypto_hashblocks_hl(hh, hl, m, n);\n n %= 128;\n\n for (i = 0; i < n; i++) x[i] = m[b-n+i];\n x[n] = 128;\n\n n = 256-128*(n<112?1:0);\n x[n-9] = 0;\n ts64(x, n-8, (b / 0x20000000) | 0, b << 3);\n crypto_hashblocks_hl(hh, hl, x, n);\n\n for (i = 0; i < 8; i++) ts64(out, 8*i, hh[i], hl[i]);\n\n return 0;\n}\n\nfunction add(p, q) {\n var a = gf(), b = gf(), c = gf(),\n d = gf(), e = gf(), f = gf(),\n g = gf(), h = gf(), t = gf();\n\n Z(a, p[1], p[0]);\n Z(t, q[1], q[0]);\n M(a, a, t);\n A(b, p[0], p[1]);\n A(t, q[0], q[1]);\n M(b, b, t);\n M(c, p[3], q[3]);\n M(c, c, D2);\n M(d, p[2], q[2]);\n A(d, d, d);\n Z(e, b, a);\n Z(f, d, c);\n A(g, d, c);\n A(h, b, a);\n\n M(p[0], e, f);\n M(p[1], h, g);\n M(p[2], g, f);\n M(p[3], e, h);\n}\n\nfunction cswap(p, q, b) {\n var i;\n for (i = 0; i < 4; i++) {\n sel25519(p[i], q[i], b);\n }\n}\n\nfunction pack(r, p) {\n var tx = gf(), ty = gf(), zi = gf();\n inv25519(zi, p[2]);\n M(tx, p[0], zi);\n M(ty, p[1], zi);\n pack25519(r, ty);\n r[31] ^= par25519(tx) << 7;\n}\n\nfunction scalarmult(p, q, s) {\n var b, i;\n set25519(p[0], gf0);\n set25519(p[1], gf1);\n set25519(p[2], gf1);\n set25519(p[3], gf0);\n for (i = 255; i >= 0; --i) {\n b = (s[(i/8)|0] >> (i&7)) & 1;\n cswap(p, q, b);\n add(q, p);\n add(p, p);\n cswap(p, q, b);\n }\n}\n\nfunction scalarbase(p, s) {\n var q = [gf(), gf(), gf(), gf()];\n set25519(q[0], X);\n set25519(q[1], Y);\n set25519(q[2], gf1);\n M(q[3], X, Y);\n scalarmult(p, q, s);\n}\n\nfunction crypto_sign_keypair(pk, sk, seeded) {\n var d = new Uint8Array(64);\n var p = [gf(), gf(), gf(), gf()];\n var i;\n\n if (!seeded) randombytes(sk, 32);\n crypto_hash(d, sk, 32);\n d[0] &= 248;\n d[31] &= 127;\n d[31] |= 64;\n\n scalarbase(p, d);\n pack(pk, p);\n\n for (i = 0; i < 32; i++) sk[i+32] = pk[i];\n return 0;\n}\n\nvar L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);\n\nfunction modL(r, x) {\n var carry, i, j, k;\n for (i = 63; i >= 32; --i) {\n carry = 0;\n for (j = i - 32, k = i - 12; j < k; ++j) {\n x[j] += carry - 16 * x[i] * L[j - (i - 32)];\n carry = (x[j] + 128) >> 8;\n x[j] -= carry * 256;\n }\n x[j] += carry;\n x[i] = 0;\n }\n carry = 0;\n for (j = 0; j < 32; j++) {\n x[j] += carry - (x[31] >> 4) * L[j];\n carry = x[j] >> 8;\n x[j] &= 255;\n }\n for (j = 0; j < 32; j++) x[j] -= carry * L[j];\n for (i = 0; i < 32; i++) {\n x[i+1] += x[i] >> 8;\n r[i] = x[i] & 255;\n }\n}\n\nfunction reduce(r) {\n var x = new Float64Array(64), i;\n for (i = 0; i < 64; i++) x[i] = r[i];\n for (i = 0; i < 64; i++) r[i] = 0;\n modL(r, x);\n}\n\n// Note: difference from C - smlen returned, not passed as argument.\nfunction crypto_sign(sm, m, n, sk) {\n var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);\n var i, j, x = new Float64Array(64);\n var p = [gf(), gf(), gf(), gf()];\n\n crypto_hash(d, sk, 32);\n d[0] &= 248;\n d[31] &= 127;\n d[31] |= 64;\n\n var smlen = n + 64;\n for (i = 0; i < n; i++) sm[64 + i] = m[i];\n for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];\n\n crypto_hash(r, sm.subarray(32), n+32);\n reduce(r);\n scalarbase(p, r);\n pack(sm, p);\n\n for (i = 32; i < 64; i++) sm[i] = sk[i];\n crypto_hash(h, sm, n + 64);\n reduce(h);\n\n for (i = 0; i < 64; i++) x[i] = 0;\n for (i = 0; i < 32; i++) x[i] = r[i];\n for (i = 0; i < 32; i++) {\n for (j = 0; j < 32; j++) {\n x[i+j] += h[i] * d[j];\n }\n }\n\n modL(sm.subarray(32), x);\n return smlen;\n}\n\nfunction unpackneg(r, p) {\n var t = gf(), chk = gf(), num = gf(),\n den = gf(), den2 = gf(), den4 = gf(),\n den6 = gf();\n\n set25519(r[2], gf1);\n unpack25519(r[1], p);\n S(num, r[1]);\n M(den, num, D);\n Z(num, num, r[2]);\n A(den, r[2], den);\n\n S(den2, den);\n S(den4, den2);\n M(den6, den4, den2);\n M(t, den6, num);\n M(t, t, den);\n\n pow2523(t, t);\n M(t, t, num);\n M(t, t, den);\n M(t, t, den);\n M(r[0], t, den);\n\n S(chk, r[0]);\n M(chk, chk, den);\n if (neq25519(chk, num)) M(r[0], r[0], I);\n\n S(chk, r[0]);\n M(chk, chk, den);\n if (neq25519(chk, num)) return -1;\n\n if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);\n\n M(r[3], r[0], r[1]);\n return 0;\n}\n\nfunction crypto_sign_open(m, sm, n, pk) {\n var i, mlen;\n var t = new Uint8Array(32), h = new Uint8Array(64);\n var p = [gf(), gf(), gf(), gf()],\n q = [gf(), gf(), gf(), gf()];\n\n mlen = -1;\n if (n < 64) return -1;\n\n if (unpackneg(q, pk)) return -1;\n\n for (i = 0; i < n; i++) m[i] = sm[i];\n for (i = 0; i < 32; i++) m[i+32] = pk[i];\n crypto_hash(h, m, n);\n reduce(h);\n scalarmult(p, q, h);\n\n scalarbase(q, sm.subarray(32));\n add(p, q);\n pack(t, p);\n\n n -= 64;\n if (crypto_verify_32(sm, 0, t, 0)) {\n for (i = 0; i < n; i++) m[i] = 0;\n return -1;\n }\n\n for (i = 0; i < n; i++) m[i] = sm[i + 64];\n mlen = n;\n return mlen;\n}\n\nvar crypto_secretbox_KEYBYTES = 32,\n crypto_secretbox_NONCEBYTES = 24,\n crypto_secretbox_ZEROBYTES = 32,\n crypto_secretbox_BOXZEROBYTES = 16,\n crypto_scalarmult_BYTES = 32,\n crypto_scalarmult_SCALARBYTES = 32,\n crypto_box_PUBLICKEYBYTES = 32,\n crypto_box_SECRETKEYBYTES = 32,\n crypto_box_BEFORENMBYTES = 32,\n crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES,\n crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES,\n crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES,\n crypto_sign_BYTES = 64,\n crypto_sign_PUBLICKEYBYTES = 32,\n crypto_sign_SECRETKEYBYTES = 64,\n crypto_sign_SEEDBYTES = 32,\n crypto_hash_BYTES = 64;\n\nnacl.lowlevel = {\n crypto_core_hsalsa20: crypto_core_hsalsa20,\n crypto_stream_xor: crypto_stream_xor,\n crypto_stream: crypto_stream,\n crypto_stream_salsa20_xor: crypto_stream_salsa20_xor,\n crypto_stream_salsa20: crypto_stream_salsa20,\n crypto_onetimeauth: crypto_onetimeauth,\n crypto_onetimeauth_verify: crypto_onetimeauth_verify,\n crypto_verify_16: crypto_verify_16,\n crypto_verify_32: crypto_verify_32,\n crypto_secretbox: crypto_secretbox,\n crypto_secretbox_open: crypto_secretbox_open,\n crypto_scalarmult: crypto_scalarmult,\n crypto_scalarmult_base: crypto_scalarmult_base,\n crypto_box_beforenm: crypto_box_beforenm,\n crypto_box_afternm: crypto_box_afternm,\n crypto_box: crypto_box,\n crypto_box_open: crypto_box_open,\n crypto_box_keypair: crypto_box_keypair,\n crypto_hash: crypto_hash,\n crypto_sign: crypto_sign,\n crypto_sign_keypair: crypto_sign_keypair,\n crypto_sign_open: crypto_sign_open,\n\n crypto_secretbox_KEYBYTES: crypto_secretbox_KEYBYTES,\n crypto_secretbox_NONCEBYTES: crypto_secretbox_NONCEBYTES,\n crypto_secretbox_ZEROBYTES: crypto_secretbox_ZEROBYTES,\n crypto_secretbox_BOXZEROBYTES: crypto_secretbox_BOXZEROBYTES,\n crypto_scalarmult_BYTES: crypto_scalarmult_BYTES,\n crypto_scalarmult_SCALARBYTES: crypto_scalarmult_SCALARBYTES,\n crypto_box_PUBLICKEYBYTES: crypto_box_PUBLICKEYBYTES,\n crypto_box_SECRETKEYBYTES: crypto_box_SECRETKEYBYTES,\n crypto_box_BEFORENMBYTES: crypto_box_BEFORENMBYTES,\n crypto_box_NONCEBYTES: crypto_box_NONCEBYTES,\n crypto_box_ZEROBYTES: crypto_box_ZEROBYTES,\n crypto_box_BOXZEROBYTES: crypto_box_BOXZEROBYTES,\n crypto_sign_BYTES: crypto_sign_BYTES,\n crypto_sign_PUBLICKEYBYTES: crypto_sign_PUBLICKEYBYTES,\n crypto_sign_SECRETKEYBYTES: crypto_sign_SECRETKEYBYTES,\n crypto_sign_SEEDBYTES: crypto_sign_SEEDBYTES,\n crypto_hash_BYTES: crypto_hash_BYTES\n};\n\n/* High-level API */\n\nfunction checkLengths(k, n) {\n if (k.length !== crypto_secretbox_KEYBYTES) throw new Error('bad key size');\n if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error('bad nonce size');\n}\n\nfunction checkBoxLengths(pk, sk) {\n if (pk.length !== crypto_box_PUBLICKEYBYTES) throw new Error('bad public key size');\n if (sk.length !== crypto_box_SECRETKEYBYTES) throw new Error('bad secret key size');\n}\n\nfunction checkArrayTypes() {\n var t, i;\n for (i = 0; i < arguments.length; i++) {\n if ((t = Object.prototype.toString.call(arguments[i])) !== '[object Uint8Array]')\n throw new TypeError('unexpected type ' + t + ', use Uint8Array');\n }\n}\n\nfunction cleanup(arr) {\n for (var i = 0; i < arr.length; i++) arr[i] = 0;\n}\n\n// TODO: Completely remove this in v0.15.\nif (!nacl.util) {\n nacl.util = {};\n nacl.util.decodeUTF8 = nacl.util.encodeUTF8 = nacl.util.encodeBase64 = nacl.util.decodeBase64 = function() {\n throw new Error('nacl.util moved into separate package: https://github.com/dchest/tweetnacl-util-js');\n };\n}\n\nnacl.randomBytes = function(n) {\n var b = new Uint8Array(n);\n randombytes(b, n);\n return b;\n};\n\nnacl.secretbox = function(msg, nonce, key) {\n checkArrayTypes(msg, nonce, key);\n checkLengths(key, nonce);\n var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length);\n var c = new Uint8Array(m.length);\n for (var i = 0; i < msg.length; i++) m[i+crypto_secretbox_ZEROBYTES] = msg[i];\n crypto_secretbox(c, m, m.length, nonce, key);\n return c.subarray(crypto_secretbox_BOXZEROBYTES);\n};\n\nnacl.secretbox.open = function(box, nonce, key) {\n checkArrayTypes(box, nonce, key);\n checkLengths(key, nonce);\n var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length);\n var m = new Uint8Array(c.length);\n for (var i = 0; i < box.length; i++) c[i+crypto_secretbox_BOXZEROBYTES] = box[i];\n if (c.length < 32) return false;\n if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return false;\n return m.subarray(crypto_secretbox_ZEROBYTES);\n};\n\nnacl.secretbox.keyLength = crypto_secretbox_KEYBYTES;\nnacl.secretbox.nonceLength = crypto_secretbox_NONCEBYTES;\nnacl.secretbox.overheadLength = crypto_secretbox_BOXZEROBYTES;\n\nnacl.scalarMult = function(n, p) {\n checkArrayTypes(n, p);\n if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n if (p.length !== crypto_scalarmult_BYTES) throw new Error('bad p size');\n var q = new Uint8Array(crypto_scalarmult_BYTES);\n crypto_scalarmult(q, n, p);\n return q;\n};\n\nnacl.scalarMult.base = function(n) {\n checkArrayTypes(n);\n if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n var q = new Uint8Array(crypto_scalarmult_BYTES);\n crypto_scalarmult_base(q, n);\n return q;\n};\n\nnacl.scalarMult.scalarLength = crypto_scalarmult_SCALARBYTES;\nnacl.scalarMult.groupElementLength = crypto_scalarmult_BYTES;\n\nnacl.box = function(msg, nonce, publicKey, secretKey) {\n var k = nacl.box.before(publicKey, secretKey);\n return nacl.secretbox(msg, nonce, k);\n};\n\nnacl.box.before = function(publicKey, secretKey) {\n checkArrayTypes(publicKey, secretKey);\n checkBoxLengths(publicKey, secretKey);\n var k = new Uint8Array(crypto_box_BEFORENMBYTES);\n crypto_box_beforenm(k, publicKey, secretKey);\n return k;\n};\n\nnacl.box.after = nacl.secretbox;\n\nnacl.box.open = function(msg, nonce, publicKey, secretKey) {\n var k = nacl.box.before(publicKey, secretKey);\n return nacl.secretbox.open(msg, nonce, k);\n};\n\nnacl.box.open.after = nacl.secretbox.open;\n\nnacl.box.keyPair = function() {\n var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);\n crypto_box_keypair(pk, sk);\n return {publicKey: pk, secretKey: sk};\n};\n\nnacl.box.keyPair.fromSecretKey = function(secretKey) {\n checkArrayTypes(secretKey);\n if (secretKey.length !== crypto_box_SECRETKEYBYTES)\n throw new Error('bad secret key size');\n var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n crypto_scalarmult_base(pk, secretKey);\n return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.box.publicKeyLength = crypto_box_PUBLICKEYBYTES;\nnacl.box.secretKeyLength = crypto_box_SECRETKEYBYTES;\nnacl.box.sharedKeyLength = crypto_box_BEFORENMBYTES;\nnacl.box.nonceLength = crypto_box_NONCEBYTES;\nnacl.box.overheadLength = nacl.secretbox.overheadLength;\n\nnacl.sign = function(msg, secretKey) {\n checkArrayTypes(msg, secretKey);\n if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n throw new Error('bad secret key size');\n var signedMsg = new Uint8Array(crypto_sign_BYTES+msg.length);\n crypto_sign(signedMsg, msg, msg.length, secretKey);\n return signedMsg;\n};\n\nnacl.sign.open = function(signedMsg, publicKey) {\n if (arguments.length !== 2)\n throw new Error('nacl.sign.open accepts 2 arguments; did you mean to use nacl.sign.detached.verify?');\n checkArrayTypes(signedMsg, publicKey);\n if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n throw new Error('bad public key size');\n var tmp = new Uint8Array(signedMsg.length);\n var mlen = crypto_sign_open(tmp, signedMsg, signedMsg.length, publicKey);\n if (mlen < 0) return null;\n var m = new Uint8Array(mlen);\n for (var i = 0; i < m.length; i++) m[i] = tmp[i];\n return m;\n};\n\nnacl.sign.detached = function(msg, secretKey) {\n var signedMsg = nacl.sign(msg, secretKey);\n var sig = new Uint8Array(crypto_sign_BYTES);\n for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];\n return sig;\n};\n\nnacl.sign.detached.verify = function(msg, sig, publicKey) {\n checkArrayTypes(msg, sig, publicKey);\n if (sig.length !== crypto_sign_BYTES)\n throw new Error('bad signature size');\n if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n throw new Error('bad public key size');\n var sm = new Uint8Array(crypto_sign_BYTES + msg.length);\n var m = new Uint8Array(crypto_sign_BYTES + msg.length);\n var i;\n for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];\n for (i = 0; i < msg.length; i++) sm[i+crypto_sign_BYTES] = msg[i];\n return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);\n};\n\nnacl.sign.keyPair = function() {\n var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n crypto_sign_keypair(pk, sk);\n return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.keyPair.fromSecretKey = function(secretKey) {\n checkArrayTypes(secretKey);\n if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n throw new Error('bad secret key size');\n var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32+i];\n return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.sign.keyPair.fromSeed = function(seed) {\n checkArrayTypes(seed);\n if (seed.length !== crypto_sign_SEEDBYTES)\n throw new Error('bad seed size');\n var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n for (var i = 0; i < 32; i++) sk[i] = seed[i];\n crypto_sign_keypair(pk, sk, true);\n return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.publicKeyLength = crypto_sign_PUBLICKEYBYTES;\nnacl.sign.secretKeyLength = crypto_sign_SECRETKEYBYTES;\nnacl.sign.seedLength = crypto_sign_SEEDBYTES;\nnacl.sign.signatureLength = crypto_sign_BYTES;\n\nnacl.hash = function(msg) {\n checkArrayTypes(msg);\n var h = new Uint8Array(crypto_hash_BYTES);\n crypto_hash(h, msg, msg.length);\n return h;\n};\n\nnacl.hash.hashLength = crypto_hash_BYTES;\n\nnacl.verify = function(x, y) {\n checkArrayTypes(x, y);\n // Zero length arguments are considered not equal.\n if (x.length === 0 || y.length === 0) return false;\n if (x.length !== y.length) return false;\n return (vn(x, 0, y, 0, x.length) === 0) ? true : false;\n};\n\nnacl.setPRNG = function(fn) {\n randombytes = fn;\n};\n\n(function() {\n // Initialize PRNG if environment provides CSPRNG.\n // If not, methods calling randombytes will throw.\n var crypto = typeof self !== 'undefined' ? (self.crypto || self.msCrypto) : null;\n if (crypto && crypto.getRandomValues) {\n // Browsers.\n var QUOTA = 65536;\n nacl.setPRNG(function(x, n) {\n var i, v = new Uint8Array(n);\n for (i = 0; i < n; i += QUOTA) {\n crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));\n }\n for (i = 0; i < n; i++) x[i] = v[i];\n cleanup(v);\n });\n } else if (typeof require !== 'undefined') {\n // Node.js.\n crypto = require('crypto');\n if (crypto && crypto.randomBytes) {\n nacl.setPRNG(function(x, n) {\n var i, v = crypto.randomBytes(n);\n for (i = 0; i < n; i++) x[i] = v[i];\n cleanup(v);\n });\n }\n }\n})();\n\n})(typeof module !== 'undefined' && module.exports ? module.exports : (self.nacl = self.nacl || {}));\n","'use strict'\n\nconst Client = require('./lib/dispatcher/client')\nconst Dispatcher = require('./lib/dispatcher/dispatcher')\nconst Pool = require('./lib/dispatcher/pool')\nconst BalancedPool = require('./lib/dispatcher/balanced-pool')\nconst Agent = require('./lib/dispatcher/agent')\nconst ProxyAgent = require('./lib/dispatcher/proxy-agent')\nconst EnvHttpProxyAgent = require('./lib/dispatcher/env-http-proxy-agent')\nconst RetryAgent = require('./lib/dispatcher/retry-agent')\nconst errors = require('./lib/core/errors')\nconst util = require('./lib/core/util')\nconst { InvalidArgumentError } = errors\nconst api = require('./lib/api')\nconst buildConnector = require('./lib/core/connect')\nconst MockClient = require('./lib/mock/mock-client')\nconst MockAgent = require('./lib/mock/mock-agent')\nconst MockPool = require('./lib/mock/mock-pool')\nconst mockErrors = require('./lib/mock/mock-errors')\nconst RetryHandler = require('./lib/handler/retry-handler')\nconst { getGlobalDispatcher, setGlobalDispatcher } = require('./lib/global')\nconst DecoratorHandler = require('./lib/handler/decorator-handler')\nconst RedirectHandler = require('./lib/handler/redirect-handler')\nconst createRedirectInterceptor = require('./lib/interceptor/redirect-interceptor')\n\nObject.assign(Dispatcher.prototype, api)\n\nmodule.exports.Dispatcher = Dispatcher\nmodule.exports.Client = Client\nmodule.exports.Pool = Pool\nmodule.exports.BalancedPool = BalancedPool\nmodule.exports.Agent = Agent\nmodule.exports.ProxyAgent = ProxyAgent\nmodule.exports.EnvHttpProxyAgent = EnvHttpProxyAgent\nmodule.exports.RetryAgent = RetryAgent\nmodule.exports.RetryHandler = RetryHandler\n\nmodule.exports.DecoratorHandler = DecoratorHandler\nmodule.exports.RedirectHandler = RedirectHandler\nmodule.exports.createRedirectInterceptor = createRedirectInterceptor\nmodule.exports.interceptors = {\n redirect: require('./lib/interceptor/redirect'),\n retry: require('./lib/interceptor/retry'),\n dump: require('./lib/interceptor/dump'),\n dns: require('./lib/interceptor/dns')\n}\n\nmodule.exports.buildConnector = buildConnector\nmodule.exports.errors = errors\nmodule.exports.util = {\n parseHeaders: util.parseHeaders,\n headerNameToString: util.headerNameToString\n}\n\nfunction makeDispatcher (fn) {\n return (url, opts, handler) => {\n if (typeof opts === 'function') {\n handler = opts\n opts = null\n }\n\n if (!url || (typeof url !== 'string' && typeof url !== 'object' && !(url instanceof URL))) {\n throw new InvalidArgumentError('invalid url')\n }\n\n if (opts != null && typeof opts !== 'object') {\n throw new InvalidArgumentError('invalid opts')\n }\n\n if (opts && opts.path != null) {\n if (typeof opts.path !== 'string') {\n throw new InvalidArgumentError('invalid opts.path')\n }\n\n let path = opts.path\n if (!opts.path.startsWith('/')) {\n path = `/${path}`\n }\n\n url = new URL(util.parseOrigin(url).origin + path)\n } else {\n if (!opts) {\n opts = typeof url === 'object' ? url : {}\n }\n\n url = util.parseURL(url)\n }\n\n const { agent, dispatcher = getGlobalDispatcher() } = opts\n\n if (agent) {\n throw new InvalidArgumentError('unsupported opts.agent. Did you mean opts.client?')\n }\n\n return fn.call(dispatcher, {\n ...opts,\n origin: url.origin,\n path: url.search ? `${url.pathname}${url.search}` : url.pathname,\n method: opts.method || (opts.body ? 'PUT' : 'GET')\n }, handler)\n }\n}\n\nmodule.exports.setGlobalDispatcher = setGlobalDispatcher\nmodule.exports.getGlobalDispatcher = getGlobalDispatcher\n\nconst fetchImpl = require('./lib/web/fetch').fetch\nmodule.exports.fetch = async function fetch (init, options = undefined) {\n try {\n return await fetchImpl(init, options)\n } catch (err) {\n if (err && typeof err === 'object') {\n Error.captureStackTrace(err)\n }\n\n throw err\n }\n}\nmodule.exports.Headers = require('./lib/web/fetch/headers').Headers\nmodule.exports.Response = require('./lib/web/fetch/response').Response\nmodule.exports.Request = require('./lib/web/fetch/request').Request\nmodule.exports.FormData = require('./lib/web/fetch/formdata').FormData\nmodule.exports.File = globalThis.File ?? require('node:buffer').File\nmodule.exports.FileReader = require('./lib/web/fileapi/filereader').FileReader\n\nconst { setGlobalOrigin, getGlobalOrigin } = require('./lib/web/fetch/global')\n\nmodule.exports.setGlobalOrigin = setGlobalOrigin\nmodule.exports.getGlobalOrigin = getGlobalOrigin\n\nconst { CacheStorage } = require('./lib/web/cache/cachestorage')\nconst { kConstruct } = require('./lib/web/cache/symbols')\n\n// Cache & CacheStorage are tightly coupled with fetch. Even if it may run\n// in an older version of Node, it doesn't have any use without fetch.\nmodule.exports.caches = new CacheStorage(kConstruct)\n\nconst { deleteCookie, getCookies, getSetCookies, setCookie } = require('./lib/web/cookies')\n\nmodule.exports.deleteCookie = deleteCookie\nmodule.exports.getCookies = getCookies\nmodule.exports.getSetCookies = getSetCookies\nmodule.exports.setCookie = setCookie\n\nconst { parseMIMEType, serializeAMimeType } = require('./lib/web/fetch/data-url')\n\nmodule.exports.parseMIMEType = parseMIMEType\nmodule.exports.serializeAMimeType = serializeAMimeType\n\nconst { CloseEvent, ErrorEvent, MessageEvent } = require('./lib/web/websocket/events')\nmodule.exports.WebSocket = require('./lib/web/websocket/websocket').WebSocket\nmodule.exports.CloseEvent = CloseEvent\nmodule.exports.ErrorEvent = ErrorEvent\nmodule.exports.MessageEvent = MessageEvent\n\nmodule.exports.request = makeDispatcher(api.request)\nmodule.exports.stream = makeDispatcher(api.stream)\nmodule.exports.pipeline = makeDispatcher(api.pipeline)\nmodule.exports.connect = makeDispatcher(api.connect)\nmodule.exports.upgrade = makeDispatcher(api.upgrade)\n\nmodule.exports.MockClient = MockClient\nmodule.exports.MockPool = MockPool\nmodule.exports.MockAgent = MockAgent\nmodule.exports.mockErrors = mockErrors\n\nconst { EventSource } = require('./lib/web/eventsource/eventsource')\n\nmodule.exports.EventSource = EventSource\n","const { addAbortListener } = require('../core/util')\nconst { RequestAbortedError } = require('../core/errors')\n\nconst kListener = Symbol('kListener')\nconst kSignal = Symbol('kSignal')\n\nfunction abort (self) {\n if (self.abort) {\n self.abort(self[kSignal]?.reason)\n } else {\n self.reason = self[kSignal]?.reason ?? new RequestAbortedError()\n }\n removeSignal(self)\n}\n\nfunction addSignal (self, signal) {\n self.reason = null\n\n self[kSignal] = null\n self[kListener] = null\n\n if (!signal) {\n return\n }\n\n if (signal.aborted) {\n abort(self)\n return\n }\n\n self[kSignal] = signal\n self[kListener] = () => {\n abort(self)\n }\n\n addAbortListener(self[kSignal], self[kListener])\n}\n\nfunction removeSignal (self) {\n if (!self[kSignal]) {\n return\n }\n\n if ('removeEventListener' in self[kSignal]) {\n self[kSignal].removeEventListener('abort', self[kListener])\n } else {\n self[kSignal].removeListener('abort', self[kListener])\n }\n\n self[kSignal] = null\n self[kListener] = null\n}\n\nmodule.exports = {\n addSignal,\n removeSignal\n}\n","'use strict'\n\nconst assert = require('node:assert')\nconst { AsyncResource } = require('node:async_hooks')\nconst { InvalidArgumentError, SocketError } = require('../core/errors')\nconst util = require('../core/util')\nconst { addSignal, removeSignal } = require('./abort-signal')\n\nclass ConnectHandler extends AsyncResource {\n constructor (opts, callback) {\n if (!opts || typeof opts !== 'object') {\n throw new InvalidArgumentError('invalid opts')\n }\n\n if (typeof callback !== 'function') {\n throw new InvalidArgumentError('invalid callback')\n }\n\n const { signal, opaque, responseHeaders } = opts\n\n if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') {\n throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget')\n }\n\n super('UNDICI_CONNECT')\n\n this.opaque = opaque || null\n this.responseHeaders = responseHeaders || null\n this.callback = callback\n this.abort = null\n\n addSignal(this, signal)\n }\n\n onConnect (abort, context) {\n if (this.reason) {\n abort(this.reason)\n return\n }\n\n assert(this.callback)\n\n this.abort = abort\n this.context = context\n }\n\n onHeaders () {\n throw new SocketError('bad connect', null)\n }\n\n onUpgrade (statusCode, rawHeaders, socket) {\n const { callback, opaque, context } = this\n\n removeSignal(this)\n\n this.callback = null\n\n let headers = rawHeaders\n // Indicates is an HTTP2Session\n if (headers != null) {\n headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders)\n }\n\n this.runInAsyncScope(callback, null, null, {\n statusCode,\n headers,\n socket,\n opaque,\n context\n })\n }\n\n onError (err) {\n const { callback, opaque } = this\n\n removeSignal(this)\n\n if (callback) {\n this.callback = null\n queueMicrotask(() => {\n this.runInAsyncScope(callback, null, err, { opaque })\n })\n }\n }\n}\n\nfunction connect (opts, callback) {\n if (callback === undefined) {\n return new Promise((resolve, reject) => {\n connect.call(this, opts, (err, data) => {\n return err ? reject(err) : resolve(data)\n })\n })\n }\n\n try {\n const connectHandler = new ConnectHandler(opts, callback)\n this.dispatch({ ...opts, method: 'CONNECT' }, connectHandler)\n } catch (err) {\n if (typeof callback !== 'function') {\n throw err\n }\n const opaque = opts?.opaque\n queueMicrotask(() => callback(err, { opaque }))\n }\n}\n\nmodule.exports = connect\n","'use strict'\n\nconst {\n Readable,\n Duplex,\n PassThrough\n} = require('node:stream')\nconst {\n InvalidArgumentError,\n InvalidReturnValueError,\n RequestAbortedError\n} = require('../core/errors')\nconst util = require('../core/util')\nconst { AsyncResource } = require('node:async_hooks')\nconst { addSignal, removeSignal } = require('./abort-signal')\nconst assert = require('node:assert')\n\nconst kResume = Symbol('resume')\n\nclass PipelineRequest extends Readable {\n constructor () {\n super({ autoDestroy: true })\n\n this[kResume] = null\n }\n\n _read () {\n const { [kResume]: resume } = this\n\n if (resume) {\n this[kResume] = null\n resume()\n }\n }\n\n _destroy (err, callback) {\n this._read()\n\n callback(err)\n }\n}\n\nclass PipelineResponse extends Readable {\n constructor (resume) {\n super({ autoDestroy: true })\n this[kResume] = resume\n }\n\n _read () {\n this[kResume]()\n }\n\n _destroy (err, callback) {\n if (!err && !this._readableState.endEmitted) {\n err = new RequestAbortedError()\n }\n\n callback(err)\n }\n}\n\nclass PipelineHandler extends AsyncResource {\n constructor (opts, handler) {\n if (!opts || typeof opts !== 'object') {\n throw new InvalidArgumentError('invalid opts')\n }\n\n if (typeof handler !== 'function') {\n throw new InvalidArgumentError('invalid handler')\n }\n\n const { signal, method, opaque, onInfo, responseHeaders } = opts\n\n if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') {\n throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget')\n }\n\n if (method === 'CONNECT') {\n throw new InvalidArgumentError('invalid method')\n }\n\n if (onInfo && typeof onInfo !== 'function') {\n throw new InvalidArgumentError('invalid onInfo callback')\n }\n\n super('UNDICI_PIPELINE')\n\n this.opaque = opaque || null\n this.responseHeaders = responseHeaders || null\n this.handler = handler\n this.abort = null\n this.context = null\n this.onInfo = onInfo || null\n\n this.req = new PipelineRequest().on('error', util.nop)\n\n this.ret = new Duplex({\n readableObjectMode: opts.objectMode,\n autoDestroy: true,\n read: () => {\n const { body } = this\n\n if (body?.resume) {\n body.resume()\n }\n },\n write: (chunk, encoding, callback) => {\n const { req } = this\n\n if (req.push(chunk, encoding) || req._readableState.destroyed) {\n callback()\n } else {\n req[kResume] = callback\n }\n },\n destroy: (err, callback) => {\n const { body, req, res, ret, abort } = this\n\n if (!err && !ret._readableState.endEmitted) {\n err = new RequestAbortedError()\n }\n\n if (abort && err) {\n abort()\n }\n\n util.destroy(body, err)\n util.destroy(req, err)\n util.destroy(res, err)\n\n removeSignal(this)\n\n callback(err)\n }\n }).on('prefinish', () => {\n const { req } = this\n\n // Node < 15 does not call _final in same tick.\n req.push(null)\n })\n\n this.res = null\n\n addSignal(this, signal)\n }\n\n onConnect (abort, context) {\n const { ret, res } = this\n\n if (this.reason) {\n abort(this.reason)\n return\n }\n\n assert(!res, 'pipeline cannot be retried')\n assert(!ret.destroyed)\n\n this.abort = abort\n this.context = context\n }\n\n onHeaders (statusCode, rawHeaders, resume) {\n const { opaque, handler, context } = this\n\n if (statusCode < 200) {\n if (this.onInfo) {\n const headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders)\n this.onInfo({ statusCode, headers })\n }\n return\n }\n\n this.res = new PipelineResponse(resume)\n\n let body\n try {\n this.handler = null\n const headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders)\n body = this.runInAsyncScope(handler, null, {\n statusCode,\n headers,\n opaque,\n body: this.res,\n context\n })\n } catch (err) {\n this.res.on('error', util.nop)\n throw err\n }\n\n if (!body || typeof body.on !== 'function') {\n throw new InvalidReturnValueError('expected Readable')\n }\n\n body\n .on('data', (chunk) => {\n const { ret, body } = this\n\n if (!ret.push(chunk) && body.pause) {\n body.pause()\n }\n })\n .on('error', (err) => {\n const { ret } = this\n\n util.destroy(ret, err)\n })\n .on('end', () => {\n const { ret } = this\n\n ret.push(null)\n })\n .on('close', () => {\n const { ret } = this\n\n if (!ret._readableState.ended) {\n util.destroy(ret, new RequestAbortedError())\n }\n })\n\n this.body = body\n }\n\n onData (chunk) {\n const { res } = this\n return res.push(chunk)\n }\n\n onComplete (trailers) {\n const { res } = this\n res.push(null)\n }\n\n onError (err) {\n const { ret } = this\n this.handler = null\n util.destroy(ret, err)\n }\n}\n\nfunction pipeline (opts, handler) {\n try {\n const pipelineHandler = new PipelineHandler(opts, handler)\n this.dispatch({ ...opts, body: pipelineHandler.req }, pipelineHandler)\n return pipelineHandler.ret\n } catch (err) {\n return new PassThrough().destroy(err)\n }\n}\n\nmodule.exports = pipeline\n","'use strict'\n\nconst assert = require('node:assert')\nconst { Readable } = require('./readable')\nconst { InvalidArgumentError, RequestAbortedError } = require('../core/errors')\nconst util = require('../core/util')\nconst { getResolveErrorBodyCallback } = require('./util')\nconst { AsyncResource } = require('node:async_hooks')\n\nclass RequestHandler extends AsyncResource {\n constructor (opts, callback) {\n if (!opts || typeof opts !== 'object') {\n throw new InvalidArgumentError('invalid opts')\n }\n\n const { signal, method, opaque, body, onInfo, responseHeaders, throwOnError, highWaterMark } = opts\n\n try {\n if (typeof callback !== 'function') {\n throw new InvalidArgumentError('invalid callback')\n }\n\n if (highWaterMark && (typeof highWaterMark !== 'number' || highWaterMark < 0)) {\n throw new InvalidArgumentError('invalid highWaterMark')\n }\n\n if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') {\n throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget')\n }\n\n if (method === 'CONNECT') {\n throw new InvalidArgumentError('invalid method')\n }\n\n if (onInfo && typeof onInfo !== 'function') {\n throw new InvalidArgumentError('invalid onInfo callback')\n }\n\n super('UNDICI_REQUEST')\n } catch (err) {\n if (util.isStream(body)) {\n util.destroy(body.on('error', util.nop), err)\n }\n throw err\n }\n\n this.method = method\n this.responseHeaders = responseHeaders || null\n this.opaque = opaque || null\n this.callback = callback\n this.res = null\n this.abort = null\n this.body = body\n this.trailers = {}\n this.context = null\n this.onInfo = onInfo || null\n this.throwOnError = throwOnError\n this.highWaterMark = highWaterMark\n this.signal = signal\n this.reason = null\n this.removeAbortListener = null\n\n if (util.isStream(body)) {\n body.on('error', (err) => {\n this.onError(err)\n })\n }\n\n if (this.signal) {\n if (this.signal.aborted) {\n this.reason = this.signal.reason ?? new RequestAbortedError()\n } else {\n this.removeAbortListener = util.addAbortListener(this.signal, () => {\n this.reason = this.signal.reason ?? new RequestAbortedError()\n if (this.res) {\n util.destroy(this.res.on('error', util.nop), this.reason)\n } else if (this.abort) {\n this.abort(this.reason)\n }\n\n if (this.removeAbortListener) {\n this.res?.off('close', this.removeAbortListener)\n this.removeAbortListener()\n this.removeAbortListener = null\n }\n })\n }\n }\n }\n\n onConnect (abort, context) {\n if (this.reason) {\n abort(this.reason)\n return\n }\n\n assert(this.callback)\n\n this.abort = abort\n this.context = context\n }\n\n onHeaders (statusCode, rawHeaders, resume, statusMessage) {\n const { callback, opaque, abort, context, responseHeaders, highWaterMark } = this\n\n const headers = responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders)\n\n if (statusCode < 200) {\n if (this.onInfo) {\n this.onInfo({ statusCode, headers })\n }\n return\n }\n\n const parsedHeaders = responseHeaders === 'raw' ? util.parseHeaders(rawHeaders) : headers\n const contentType = parsedHeaders['content-type']\n const contentLength = parsedHeaders['content-length']\n const res = new Readable({\n resume,\n abort,\n contentType,\n contentLength: this.method !== 'HEAD' && contentLength\n ? Number(contentLength)\n : null,\n highWaterMark\n })\n\n if (this.removeAbortListener) {\n res.on('close', this.removeAbortListener)\n }\n\n this.callback = null\n this.res = res\n if (callback !== null) {\n if (this.throwOnError && statusCode >= 400) {\n this.runInAsyncScope(getResolveErrorBodyCallback, null,\n { callback, body: res, contentType, statusCode, statusMessage, headers }\n )\n } else {\n this.runInAsyncScope(callback, null, null, {\n statusCode,\n headers,\n trailers: this.trailers,\n opaque,\n body: res,\n context\n })\n }\n }\n }\n\n onData (chunk) {\n return this.res.push(chunk)\n }\n\n onComplete (trailers) {\n util.parseHeaders(trailers, this.trailers)\n this.res.push(null)\n }\n\n onError (err) {\n const { res, callback, body, opaque } = this\n\n if (callback) {\n // TODO: Does this need queueMicrotask?\n this.callback = null\n queueMicrotask(() => {\n this.runInAsyncScope(callback, null, err, { opaque })\n })\n }\n\n if (res) {\n this.res = null\n // Ensure all queued handlers are invoked before destroying res.\n queueMicrotask(() => {\n util.destroy(res, err)\n })\n }\n\n if (body) {\n this.body = null\n util.destroy(body, err)\n }\n\n if (this.removeAbortListener) {\n res?.off('close', this.removeAbortListener)\n this.removeAbortListener()\n this.removeAbortListener = null\n }\n }\n}\n\nfunction request (opts, callback) {\n if (callback === undefined) {\n return new Promise((resolve, reject) => {\n request.call(this, opts, (err, data) => {\n return err ? reject(err) : resolve(data)\n })\n })\n }\n\n try {\n this.dispatch(opts, new RequestHandler(opts, callback))\n } catch (err) {\n if (typeof callback !== 'function') {\n throw err\n }\n const opaque = opts?.opaque\n queueMicrotask(() => callback(err, { opaque }))\n }\n}\n\nmodule.exports = request\nmodule.exports.RequestHandler = RequestHandler\n","'use strict'\n\nconst assert = require('node:assert')\nconst { finished, PassThrough } = require('node:stream')\nconst { InvalidArgumentError, InvalidReturnValueError } = require('../core/errors')\nconst util = require('../core/util')\nconst { getResolveErrorBodyCallback } = require('./util')\nconst { AsyncResource } = require('node:async_hooks')\nconst { addSignal, removeSignal } = require('./abort-signal')\n\nclass StreamHandler extends AsyncResource {\n constructor (opts, factory, callback) {\n if (!opts || typeof opts !== 'object') {\n throw new InvalidArgumentError('invalid opts')\n }\n\n const { signal, method, opaque, body, onInfo, responseHeaders, throwOnError } = opts\n\n try {\n if (typeof callback !== 'function') {\n throw new InvalidArgumentError('invalid callback')\n }\n\n if (typeof factory !== 'function') {\n throw new InvalidArgumentError('invalid factory')\n }\n\n if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') {\n throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget')\n }\n\n if (method === 'CONNECT') {\n throw new InvalidArgumentError('invalid method')\n }\n\n if (onInfo && typeof onInfo !== 'function') {\n throw new InvalidArgumentError('invalid onInfo callback')\n }\n\n super('UNDICI_STREAM')\n } catch (err) {\n if (util.isStream(body)) {\n util.destroy(body.on('error', util.nop), err)\n }\n throw err\n }\n\n this.responseHeaders = responseHeaders || null\n this.opaque = opaque || null\n this.factory = factory\n this.callback = callback\n this.res = null\n this.abort = null\n this.context = null\n this.trailers = null\n this.body = body\n this.onInfo = onInfo || null\n this.throwOnError = throwOnError || false\n\n if (util.isStream(body)) {\n body.on('error', (err) => {\n this.onError(err)\n })\n }\n\n addSignal(this, signal)\n }\n\n onConnect (abort, context) {\n if (this.reason) {\n abort(this.reason)\n return\n }\n\n assert(this.callback)\n\n this.abort = abort\n this.context = context\n }\n\n onHeaders (statusCode, rawHeaders, resume, statusMessage) {\n const { factory, opaque, context, callback, responseHeaders } = this\n\n const headers = responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders)\n\n if (statusCode < 200) {\n if (this.onInfo) {\n this.onInfo({ statusCode, headers })\n }\n return\n }\n\n this.factory = null\n\n let res\n\n if (this.throwOnError && statusCode >= 400) {\n const parsedHeaders = responseHeaders === 'raw' ? util.parseHeaders(rawHeaders) : headers\n const contentType = parsedHeaders['content-type']\n res = new PassThrough()\n\n this.callback = null\n this.runInAsyncScope(getResolveErrorBodyCallback, null,\n { callback, body: res, contentType, statusCode, statusMessage, headers }\n )\n } else {\n if (factory === null) {\n return\n }\n\n res = this.runInAsyncScope(factory, null, {\n statusCode,\n headers,\n opaque,\n context\n })\n\n if (\n !res ||\n typeof res.write !== 'function' ||\n typeof res.end !== 'function' ||\n typeof res.on !== 'function'\n ) {\n throw new InvalidReturnValueError('expected Writable')\n }\n\n // TODO: Avoid finished. It registers an unnecessary amount of listeners.\n finished(res, { readable: false }, (err) => {\n const { callback, res, opaque, trailers, abort } = this\n\n this.res = null\n if (err || !res.readable) {\n util.destroy(res, err)\n }\n\n this.callback = null\n this.runInAsyncScope(callback, null, err || null, { opaque, trailers })\n\n if (err) {\n abort()\n }\n })\n }\n\n res.on('drain', resume)\n\n this.res = res\n\n const needDrain = res.writableNeedDrain !== undefined\n ? res.writableNeedDrain\n : res._writableState?.needDrain\n\n return needDrain !== true\n }\n\n onData (chunk) {\n const { res } = this\n\n return res ? res.write(chunk) : true\n }\n\n onComplete (trailers) {\n const { res } = this\n\n removeSignal(this)\n\n if (!res) {\n return\n }\n\n this.trailers = util.parseHeaders(trailers)\n\n res.end()\n }\n\n onError (err) {\n const { res, callback, opaque, body } = this\n\n removeSignal(this)\n\n this.factory = null\n\n if (res) {\n this.res = null\n util.destroy(res, err)\n } else if (callback) {\n this.callback = null\n queueMicrotask(() => {\n this.runInAsyncScope(callback, null, err, { opaque })\n })\n }\n\n if (body) {\n this.body = null\n util.destroy(body, err)\n }\n }\n}\n\nfunction stream (opts, factory, callback) {\n if (callback === undefined) {\n return new Promise((resolve, reject) => {\n stream.call(this, opts, factory, (err, data) => {\n return err ? reject(err) : resolve(data)\n })\n })\n }\n\n try {\n this.dispatch(opts, new StreamHandler(opts, factory, callback))\n } catch (err) {\n if (typeof callback !== 'function') {\n throw err\n }\n const opaque = opts?.opaque\n queueMicrotask(() => callback(err, { opaque }))\n }\n}\n\nmodule.exports = stream\n","'use strict'\n\nconst { InvalidArgumentError, SocketError } = require('../core/errors')\nconst { AsyncResource } = require('node:async_hooks')\nconst util = require('../core/util')\nconst { addSignal, removeSignal } = require('./abort-signal')\nconst assert = require('node:assert')\n\nclass UpgradeHandler extends AsyncResource {\n constructor (opts, callback) {\n if (!opts || typeof opts !== 'object') {\n throw new InvalidArgumentError('invalid opts')\n }\n\n if (typeof callback !== 'function') {\n throw new InvalidArgumentError('invalid callback')\n }\n\n const { signal, opaque, responseHeaders } = opts\n\n if (signal && typeof signal.on !== 'function' && typeof signal.addEventListener !== 'function') {\n throw new InvalidArgumentError('signal must be an EventEmitter or EventTarget')\n }\n\n super('UNDICI_UPGRADE')\n\n this.responseHeaders = responseHeaders || null\n this.opaque = opaque || null\n this.callback = callback\n this.abort = null\n this.context = null\n\n addSignal(this, signal)\n }\n\n onConnect (abort, context) {\n if (this.reason) {\n abort(this.reason)\n return\n }\n\n assert(this.callback)\n\n this.abort = abort\n this.context = null\n }\n\n onHeaders () {\n throw new SocketError('bad upgrade', null)\n }\n\n onUpgrade (statusCode, rawHeaders, socket) {\n assert(statusCode === 101)\n\n const { callback, opaque, context } = this\n\n removeSignal(this)\n\n this.callback = null\n const headers = this.responseHeaders === 'raw' ? util.parseRawHeaders(rawHeaders) : util.parseHeaders(rawHeaders)\n this.runInAsyncScope(callback, null, null, {\n headers,\n socket,\n opaque,\n context\n })\n }\n\n onError (err) {\n const { callback, opaque } = this\n\n removeSignal(this)\n\n if (callback) {\n this.callback = null\n queueMicrotask(() => {\n this.runInAsyncScope(callback, null, err, { opaque })\n })\n }\n }\n}\n\nfunction upgrade (opts, callback) {\n if (callback === undefined) {\n return new Promise((resolve, reject) => {\n upgrade.call(this, opts, (err, data) => {\n return err ? reject(err) : resolve(data)\n })\n })\n }\n\n try {\n const upgradeHandler = new UpgradeHandler(opts, callback)\n this.dispatch({\n ...opts,\n method: opts.method || 'GET',\n upgrade: opts.protocol || 'Websocket'\n }, upgradeHandler)\n } catch (err) {\n if (typeof callback !== 'function') {\n throw err\n }\n const opaque = opts?.opaque\n queueMicrotask(() => callback(err, { opaque }))\n }\n}\n\nmodule.exports = upgrade\n","'use strict'\n\nmodule.exports.request = require('./api-request')\nmodule.exports.stream = require('./api-stream')\nmodule.exports.pipeline = require('./api-pipeline')\nmodule.exports.upgrade = require('./api-upgrade')\nmodule.exports.connect = require('./api-connect')\n","// Ported from https://github.com/nodejs/undici/pull/907\n\n'use strict'\n\nconst assert = require('node:assert')\nconst { Readable } = require('node:stream')\nconst { RequestAbortedError, NotSupportedError, InvalidArgumentError, AbortError } = require('../core/errors')\nconst util = require('../core/util')\nconst { ReadableStreamFrom } = require('../core/util')\n\nconst kConsume = Symbol('kConsume')\nconst kReading = Symbol('kReading')\nconst kBody = Symbol('kBody')\nconst kAbort = Symbol('kAbort')\nconst kContentType = Symbol('kContentType')\nconst kContentLength = Symbol('kContentLength')\n\nconst noop = () => {}\n\nclass BodyReadable extends Readable {\n constructor ({\n resume,\n abort,\n contentType = '',\n contentLength,\n highWaterMark = 64 * 1024 // Same as nodejs fs streams.\n }) {\n super({\n autoDestroy: true,\n read: resume,\n highWaterMark\n })\n\n this._readableState.dataEmitted = false\n\n this[kAbort] = abort\n this[kConsume] = null\n this[kBody] = null\n this[kContentType] = contentType\n this[kContentLength] = contentLength\n\n // Is stream being consumed through Readable API?\n // This is an optimization so that we avoid checking\n // for 'data' and 'readable' listeners in the hot path\n // inside push().\n this[kReading] = false\n }\n\n destroy (err) {\n if (!err && !this._readableState.endEmitted) {\n err = new RequestAbortedError()\n }\n\n if (err) {\n this[kAbort]()\n }\n\n return super.destroy(err)\n }\n\n _destroy (err, callback) {\n // Workaround for Node \"bug\". If the stream is destroyed in same\n // tick as it is created, then a user who is waiting for a\n // promise (i.e micro tick) for installing a 'error' listener will\n // never get a chance and will always encounter an unhandled exception.\n if (!this[kReading]) {\n setImmediate(() => {\n callback(err)\n })\n } else {\n callback(err)\n }\n }\n\n on (ev, ...args) {\n if (ev === 'data' || ev === 'readable') {\n this[kReading] = true\n }\n return super.on(ev, ...args)\n }\n\n addListener (ev, ...args) {\n return this.on(ev, ...args)\n }\n\n off (ev, ...args) {\n const ret = super.off(ev, ...args)\n if (ev === 'data' || ev === 'readable') {\n this[kReading] = (\n this.listenerCount('data') > 0 ||\n this.listenerCount('readable') > 0\n )\n }\n return ret\n }\n\n removeListener (ev, ...args) {\n return this.off(ev, ...args)\n }\n\n push (chunk) {\n if (this[kConsume] && chunk !== null) {\n consumePush(this[kConsume], chunk)\n return this[kReading] ? super.push(chunk) : true\n }\n return super.push(chunk)\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-text\n async text () {\n return consume(this, 'text')\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-json\n async json () {\n return consume(this, 'json')\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-blob\n async blob () {\n return consume(this, 'blob')\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-bytes\n async bytes () {\n return consume(this, 'bytes')\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-arraybuffer\n async arrayBuffer () {\n return consume(this, 'arrayBuffer')\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-formdata\n async formData () {\n // TODO: Implement.\n throw new NotSupportedError()\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-bodyused\n get bodyUsed () {\n return util.isDisturbed(this)\n }\n\n // https://fetch.spec.whatwg.org/#dom-body-body\n get body () {\n if (!this[kBody]) {\n this[kBody] = ReadableStreamFrom(this)\n if (this[kConsume]) {\n // TODO: Is this the best way to force a lock?\n this[kBody].getReader() // Ensure stream is locked.\n assert(this[kBody].locked)\n }\n }\n return this[kBody]\n }\n\n async dump (opts) {\n let limit = Number.isFinite(opts?.limit) ? opts.limit : 128 * 1024\n const signal = opts?.signal\n\n if (signal != null && (typeof signal !== 'object' || !('aborted' in signal))) {\n throw new InvalidArgumentError('signal must be an AbortSignal')\n }\n\n signal?.throwIfAborted()\n\n if (this._readableState.closeEmitted) {\n return null\n }\n\n return await new Promise((resolve, reject) => {\n if (this[kContentLength] > limit) {\n this.destroy(new AbortError())\n }\n\n const onAbort = () => {\n this.destroy(signal.reason ?? new AbortError())\n }\n signal?.addEventListener('abort', onAbort)\n\n this\n .on('close', function () {\n signal?.removeEventListener('abort', onAbort)\n if (signal?.aborted) {\n reject(signal.reason ?? new AbortError())\n } else {\n resolve(null)\n }\n })\n .on('error', noop)\n .on('data', function (chunk) {\n limit -= chunk.length\n if (limit <= 0) {\n this.destroy()\n }\n })\n .resume()\n })\n }\n}\n\n// https://streams.spec.whatwg.org/#readablestream-locked\nfunction isLocked (self) {\n // Consume is an implicit lock.\n return (self[kBody] && self[kBody].locked === true) || self[kConsume]\n}\n\n// https://fetch.spec.whatwg.org/#body-unusable\nfunction isUnusable (self) {\n return util.isDisturbed(self) || isLocked(self)\n}\n\nasync function consume (stream, type) {\n assert(!stream[kConsume])\n\n return new Promise((resolve, reject) => {\n if (isUnusable(stream)) {\n const rState = stream._readableState\n if (rState.destroyed && rState.closeEmitted === false) {\n stream\n .on('error', err => {\n reject(err)\n })\n .on('close', () => {\n reject(new TypeError('unusable'))\n })\n } else {\n reject(rState.errored ?? new TypeError('unusable'))\n }\n } else {\n queueMicrotask(() => {\n stream[kConsume] = {\n type,\n stream,\n resolve,\n reject,\n length: 0,\n body: []\n }\n\n stream\n .on('error', function (err) {\n consumeFinish(this[kConsume], err)\n })\n .on('close', function () {\n if (this[kConsume].body !== null) {\n consumeFinish(this[kConsume], new RequestAbortedError())\n }\n })\n\n consumeStart(stream[kConsume])\n })\n }\n })\n}\n\nfunction consumeStart (consume) {\n if (consume.body === null) {\n return\n }\n\n const { _readableState: state } = consume.stream\n\n if (state.bufferIndex) {\n const start = state.bufferIndex\n const end = state.buffer.length\n for (let n = start; n < end; n++) {\n consumePush(consume, state.buffer[n])\n }\n } else {\n for (const chunk of state.buffer) {\n consumePush(consume, chunk)\n }\n }\n\n if (state.endEmitted) {\n consumeEnd(this[kConsume])\n } else {\n consume.stream.on('end', function () {\n consumeEnd(this[kConsume])\n })\n }\n\n consume.stream.resume()\n\n while (consume.stream.read() != null) {\n // Loop\n }\n}\n\n/**\n * @param {Buffer[]} chunks\n * @param {number} length\n */\nfunction chunksDecode (chunks, length) {\n if (chunks.length === 0 || length === 0) {\n return ''\n }\n const buffer = chunks.length === 1 ? chunks[0] : Buffer.concat(chunks, length)\n const bufferLength = buffer.length\n\n // Skip BOM.\n const start =\n bufferLength > 2 &&\n buffer[0] === 0xef &&\n buffer[1] === 0xbb &&\n buffer[2] === 0xbf\n ? 3\n : 0\n return buffer.utf8Slice(start, bufferLength)\n}\n\n/**\n * @param {Buffer[]} chunks\n * @param {number} length\n * @returns {Uint8Array}\n */\nfunction chunksConcat (chunks, length) {\n if (chunks.length === 0 || length === 0) {\n return new Uint8Array(0)\n }\n if (chunks.length === 1) {\n // fast-path\n return new Uint8Array(chunks[0])\n }\n const buffer = new Uint8Array(Buffer.allocUnsafeSlow(length).buffer)\n\n let offset = 0\n for (let i = 0; i < chunks.length; ++i) {\n const chunk = chunks[i]\n buffer.set(chunk, offset)\n offset += chunk.length\n }\n\n return buffer\n}\n\nfunction consumeEnd (consume) {\n const { type, body, resolve, stream, length } = consume\n\n try {\n if (type === 'text') {\n resolve(chunksDecode(body, length))\n } else if (type === 'json') {\n resolve(JSON.parse(chunksDecode(body, length)))\n } else if (type === 'arrayBuffer') {\n resolve(chunksConcat(body, length).buffer)\n } else if (type === 'blob') {\n resolve(new Blob(body, { type: stream[kContentType] }))\n } else if (type === 'bytes') {\n resolve(chunksConcat(body, length))\n }\n\n consumeFinish(consume)\n } catch (err) {\n stream.destroy(err)\n }\n}\n\nfunction consumePush (consume, chunk) {\n consume.length += chunk.length\n consume.body.push(chunk)\n}\n\nfunction consumeFinish (consume, err) {\n if (consume.body === null) {\n return\n }\n\n if (err) {\n consume.reject(err)\n } else {\n consume.resolve()\n }\n\n consume.type = null\n consume.stream = null\n consume.resolve = null\n consume.reject = null\n consume.length = 0\n consume.body = null\n}\n\nmodule.exports = { Readable: BodyReadable, chunksDecode }\n","const assert = require('node:assert')\nconst {\n ResponseStatusCodeError\n} = require('../core/errors')\n\nconst { chunksDecode } = require('./readable')\nconst CHUNK_LIMIT = 128 * 1024\n\nasync function getResolveErrorBodyCallback ({ callback, body, contentType, statusCode, statusMessage, headers }) {\n assert(body)\n\n let chunks = []\n let length = 0\n\n try {\n for await (const chunk of body) {\n chunks.push(chunk)\n length += chunk.length\n if (length > CHUNK_LIMIT) {\n chunks = []\n length = 0\n break\n }\n }\n } catch {\n chunks = []\n length = 0\n // Do nothing....\n }\n\n const message = `Response status code ${statusCode}${statusMessage ? `: ${statusMessage}` : ''}`\n\n if (statusCode === 204 || !contentType || !length) {\n queueMicrotask(() => callback(new ResponseStatusCodeError(message, statusCode, headers)))\n return\n }\n\n const stackTraceLimit = Error.stackTraceLimit\n Error.stackTraceLimit = 0\n let payload\n\n try {\n if (isContentTypeApplicationJson(contentType)) {\n payload = JSON.parse(chunksDecode(chunks, length))\n } else if (isContentTypeText(contentType)) {\n payload = chunksDecode(chunks, length)\n }\n } catch {\n // process in a callback to avoid throwing in the microtask queue\n } finally {\n Error.stackTraceLimit = stackTraceLimit\n }\n queueMicrotask(() => callback(new ResponseStatusCodeError(message, statusCode, headers, payload)))\n}\n\nconst isContentTypeApplicationJson = (contentType) => {\n return (\n contentType.length > 15 &&\n contentType[11] === '/' &&\n contentType[0] === 'a' &&\n contentType[1] === 'p' &&\n contentType[2] === 'p' &&\n contentType[3] === 'l' &&\n contentType[4] === 'i' &&\n contentType[5] === 'c' &&\n contentType[6] === 'a' &&\n contentType[7] === 't' &&\n contentType[8] === 'i' &&\n contentType[9] === 'o' &&\n contentType[10] === 'n' &&\n contentType[12] === 'j' &&\n contentType[13] === 's' &&\n contentType[14] === 'o' &&\n contentType[15] === 'n'\n )\n}\n\nconst isContentTypeText = (contentType) => {\n return (\n contentType.length > 4 &&\n contentType[4] === '/' &&\n contentType[0] === 't' &&\n contentType[1] === 'e' &&\n contentType[2] === 'x' &&\n contentType[3] === 't'\n )\n}\n\nmodule.exports = {\n getResolveErrorBodyCallback,\n isContentTypeApplicationJson,\n isContentTypeText\n}\n","'use strict'\n\nconst net = require('node:net')\nconst assert = require('node:assert')\nconst util = require('./util')\nconst { InvalidArgumentError, ConnectTimeoutError } = require('./errors')\nconst timers = require('../util/timers')\n\nfunction noop () {}\n\nlet tls // include tls conditionally since it is not always available\n\n// TODO: session re-use does not wait for the first\n// connection to resolve the session and might therefore\n// resolve the same servername multiple times even when\n// re-use is enabled.\n\nlet SessionCache\n// FIXME: remove workaround when the Node bug is fixed\n// https://github.com/nodejs/node/issues/49344#issuecomment-1741776308\nif (global.FinalizationRegistry && !(process.env.NODE_V8_COVERAGE || process.env.UNDICI_NO_FG)) {\n SessionCache = class WeakSessionCache {\n constructor (maxCachedSessions) {\n this._maxCachedSessions = maxCachedSessions\n this._sessionCache = new Map()\n this._sessionRegistry = new global.FinalizationRegistry((key) => {\n if (this._sessionCache.size < this._maxCachedSessions) {\n return\n }\n\n const ref = this._sessionCache.get(key)\n if (ref !== undefined && ref.deref() === undefined) {\n this._sessionCache.delete(key)\n }\n })\n }\n\n get (sessionKey) {\n const ref = this._sessionCache.get(sessionKey)\n return ref ? ref.deref() : null\n }\n\n set (sessionKey, session) {\n if (this._maxCachedSessions === 0) {\n return\n }\n\n this._sessionCache.set(sessionKey, new WeakRef(session))\n this._sessionRegistry.register(session, sessionKey)\n }\n }\n} else {\n SessionCache = class SimpleSessionCache {\n constructor (maxCachedSessions) {\n this._maxCachedSessions = maxCachedSessions\n this._sessionCache = new Map()\n }\n\n get (sessionKey) {\n return this._sessionCache.get(sessionKey)\n }\n\n set (sessionKey, session) {\n if (this._maxCachedSessions === 0) {\n return\n }\n\n if (this._sessionCache.size >= this._maxCachedSessions) {\n // remove the oldest session\n const { value: oldestKey } = this._sessionCache.keys().next()\n this._sessionCache.delete(oldestKey)\n }\n\n this._sessionCache.set(sessionKey, session)\n }\n }\n}\n\nfunction buildConnector ({ allowH2, maxCachedSessions, socketPath, timeout, session: customSession, ...opts }) {\n if (maxCachedSessions != null && (!Number.isInteger(maxCachedSessions) || maxCachedSessions < 0)) {\n throw new InvalidArgumentError('maxCachedSessions must be a positive integer or zero')\n }\n\n const options = { path: socketPath, ...opts }\n const sessionCache = new SessionCache(maxCachedSessions == null ? 100 : maxCachedSessions)\n timeout = timeout == null ? 10e3 : timeout\n allowH2 = allowH2 != null ? allowH2 : false\n return function connect ({ hostname, host, protocol, port, servername, localAddress, httpSocket }, callback) {\n let socket\n if (protocol === 'https:') {\n if (!tls) {\n tls = require('node:tls')\n }\n servername = servername || options.servername || util.getServerName(host) || null\n\n const sessionKey = servername || hostname\n assert(sessionKey)\n\n const session = customSession || sessionCache.get(sessionKey) || null\n\n port = port || 443\n\n socket = tls.connect({\n highWaterMark: 16384, // TLS in node can't have bigger HWM anyway...\n ...options,\n servername,\n session,\n localAddress,\n // TODO(HTTP/2): Add support for h2c\n ALPNProtocols: allowH2 ? ['http/1.1', 'h2'] : ['http/1.1'],\n socket: httpSocket, // upgrade socket connection\n port,\n host: hostname\n })\n\n socket\n .on('session', function (session) {\n // TODO (fix): Can a session become invalid once established? Don't think so?\n sessionCache.set(sessionKey, session)\n })\n } else {\n assert(!httpSocket, 'httpSocket can only be sent on TLS update')\n\n port = port || 80\n\n socket = net.connect({\n highWaterMark: 64 * 1024, // Same as nodejs fs streams.\n ...options,\n localAddress,\n port,\n host: hostname\n })\n }\n\n // Set TCP keep alive options on the socket here instead of in connect() for the case of assigning the socket\n if (options.keepAlive == null || options.keepAlive) {\n const keepAliveInitialDelay = options.keepAliveInitialDelay === undefined ? 60e3 : options.keepAliveInitialDelay\n socket.setKeepAlive(true, keepAliveInitialDelay)\n }\n\n const clearConnectTimeout = setupConnectTimeout(new WeakRef(socket), { timeout, hostname, port })\n\n socket\n .setNoDelay(true)\n .once(protocol === 'https:' ? 'secureConnect' : 'connect', function () {\n queueMicrotask(clearConnectTimeout)\n\n if (callback) {\n const cb = callback\n callback = null\n cb(null, this)\n }\n })\n .on('error', function (err) {\n queueMicrotask(clearConnectTimeout)\n\n if (callback) {\n const cb = callback\n callback = null\n cb(err)\n }\n })\n\n return socket\n }\n}\n\n/**\n * @param {WeakRef} socketWeakRef\n * @param {object} opts\n * @param {number} opts.timeout\n * @param {string} opts.hostname\n * @param {number} opts.port\n * @returns {() => void}\n */\nconst setupConnectTimeout = process.platform === 'win32'\n ? (socketWeakRef, opts) => {\n if (!opts.timeout) {\n return noop\n }\n\n let s1 = null\n let s2 = null\n const fastTimer = timers.setFastTimeout(() => {\n // setImmediate is added to make sure that we prioritize socket error events over timeouts\n s1 = setImmediate(() => {\n // Windows needs an extra setImmediate probably due to implementation differences in the socket logic\n s2 = setImmediate(() => onConnectTimeout(socketWeakRef.deref(), opts))\n })\n }, opts.timeout)\n return () => {\n timers.clearFastTimeout(fastTimer)\n clearImmediate(s1)\n clearImmediate(s2)\n }\n }\n : (socketWeakRef, opts) => {\n if (!opts.timeout) {\n return noop\n }\n\n let s1 = null\n const fastTimer = timers.setFastTimeout(() => {\n // setImmediate is added to make sure that we prioritize socket error events over timeouts\n s1 = setImmediate(() => {\n onConnectTimeout(socketWeakRef.deref(), opts)\n })\n }, opts.timeout)\n return () => {\n timers.clearFastTimeout(fastTimer)\n clearImmediate(s1)\n }\n }\n\n/**\n * @param {net.Socket} socket\n * @param {object} opts\n * @param {number} opts.timeout\n * @param {string} opts.hostname\n * @param {number} opts.port\n */\nfunction onConnectTimeout (socket, opts) {\n // The socket could be already garbage collected\n if (socket == null) {\n return\n }\n\n let message = 'Connect Timeout Error'\n if (Array.isArray(socket.autoSelectFamilyAttemptedAddresses)) {\n message += ` (attempted addresses: ${socket.autoSelectFamilyAttemptedAddresses.join(', ')},`\n } else {\n message += ` (attempted address: ${opts.hostname}:${opts.port},`\n }\n\n message += ` timeout: ${opts.timeout}ms)`\n\n util.destroy(socket, new ConnectTimeoutError(message))\n}\n\nmodule.exports = buildConnector\n","'use strict'\n\n/** @type {Record} */\nconst headerNameLowerCasedRecord = {}\n\n// https://developer.mozilla.org/docs/Web/HTTP/Headers\nconst wellknownHeaderNames = [\n 'Accept',\n 'Accept-Encoding',\n 'Accept-Language',\n 'Accept-Ranges',\n 'Access-Control-Allow-Credentials',\n 'Access-Control-Allow-Headers',\n 'Access-Control-Allow-Methods',\n 'Access-Control-Allow-Origin',\n 'Access-Control-Expose-Headers',\n 'Access-Control-Max-Age',\n 'Access-Control-Request-Headers',\n 'Access-Control-Request-Method',\n 'Age',\n 'Allow',\n 'Alt-Svc',\n 'Alt-Used',\n 'Authorization',\n 'Cache-Control',\n 'Clear-Site-Data',\n 'Connection',\n 'Content-Disposition',\n 'Content-Encoding',\n 'Content-Language',\n 'Content-Length',\n 'Content-Location',\n 'Content-Range',\n 'Content-Security-Policy',\n 'Content-Security-Policy-Report-Only',\n 'Content-Type',\n 'Cookie',\n 'Cross-Origin-Embedder-Policy',\n 'Cross-Origin-Opener-Policy',\n 'Cross-Origin-Resource-Policy',\n 'Date',\n 'Device-Memory',\n 'Downlink',\n 'ECT',\n 'ETag',\n 'Expect',\n 'Expect-CT',\n 'Expires',\n 'Forwarded',\n 'From',\n 'Host',\n 'If-Match',\n 'If-Modified-Since',\n 'If-None-Match',\n 'If-Range',\n 'If-Unmodified-Since',\n 'Keep-Alive',\n 'Last-Modified',\n 'Link',\n 'Location',\n 'Max-Forwards',\n 'Origin',\n 'Permissions-Policy',\n 'Pragma',\n 'Proxy-Authenticate',\n 'Proxy-Authorization',\n 'RTT',\n 'Range',\n 'Referer',\n 'Referrer-Policy',\n 'Refresh',\n 'Retry-After',\n 'Sec-WebSocket-Accept',\n 'Sec-WebSocket-Extensions',\n 'Sec-WebSocket-Key',\n 'Sec-WebSocket-Protocol',\n 'Sec-WebSocket-Version',\n 'Server',\n 'Server-Timing',\n 'Service-Worker-Allowed',\n 'Service-Worker-Navigation-Preload',\n 'Set-Cookie',\n 'SourceMap',\n 'Strict-Transport-Security',\n 'Supports-Loading-Mode',\n 'TE',\n 'Timing-Allow-Origin',\n 'Trailer',\n 'Transfer-Encoding',\n 'Upgrade',\n 'Upgrade-Insecure-Requests',\n 'User-Agent',\n 'Vary',\n 'Via',\n 'WWW-Authenticate',\n 'X-Content-Type-Options',\n 'X-DNS-Prefetch-Control',\n 'X-Frame-Options',\n 'X-Permitted-Cross-Domain-Policies',\n 'X-Powered-By',\n 'X-Requested-With',\n 'X-XSS-Protection'\n]\n\nfor (let i = 0; i < wellknownHeaderNames.length; ++i) {\n const key = wellknownHeaderNames[i]\n const lowerCasedKey = key.toLowerCase()\n headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] =\n lowerCasedKey\n}\n\n// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`.\nObject.setPrototypeOf(headerNameLowerCasedRecord, null)\n\nmodule.exports = {\n wellknownHeaderNames,\n headerNameLowerCasedRecord\n}\n","'use strict'\nconst diagnosticsChannel = require('node:diagnostics_channel')\nconst util = require('node:util')\n\nconst undiciDebugLog = util.debuglog('undici')\nconst fetchDebuglog = util.debuglog('fetch')\nconst websocketDebuglog = util.debuglog('websocket')\nlet isClientSet = false\nconst channels = {\n // Client\n beforeConnect: diagnosticsChannel.channel('undici:client:beforeConnect'),\n connected: diagnosticsChannel.channel('undici:client:connected'),\n connectError: diagnosticsChannel.channel('undici:client:connectError'),\n sendHeaders: diagnosticsChannel.channel('undici:client:sendHeaders'),\n // Request\n create: diagnosticsChannel.channel('undici:request:create'),\n bodySent: diagnosticsChannel.channel('undici:request:bodySent'),\n headers: diagnosticsChannel.channel('undici:request:headers'),\n trailers: diagnosticsChannel.channel('undici:request:trailers'),\n error: diagnosticsChannel.channel('undici:request:error'),\n // WebSocket\n open: diagnosticsChannel.channel('undici:websocket:open'),\n close: diagnosticsChannel.channel('undici:websocket:close'),\n socketError: diagnosticsChannel.channel('undici:websocket:socket_error'),\n ping: diagnosticsChannel.channel('undici:websocket:ping'),\n pong: diagnosticsChannel.channel('undici:websocket:pong')\n}\n\nif (undiciDebugLog.enabled || fetchDebuglog.enabled) {\n const debuglog = fetchDebuglog.enabled ? fetchDebuglog : undiciDebugLog\n\n // Track all Client events\n diagnosticsChannel.channel('undici:client:beforeConnect').subscribe(evt => {\n const {\n connectParams: { version, protocol, port, host }\n } = evt\n debuglog(\n 'connecting to %s using %s%s',\n `${host}${port ? `:${port}` : ''}`,\n protocol,\n version\n )\n })\n\n diagnosticsChannel.channel('undici:client:connected').subscribe(evt => {\n const {\n connectParams: { version, protocol, port, host }\n } = evt\n debuglog(\n 'connected to %s using %s%s',\n `${host}${port ? `:${port}` : ''}`,\n protocol,\n version\n )\n })\n\n diagnosticsChannel.channel('undici:client:connectError').subscribe(evt => {\n const {\n connectParams: { version, protocol, port, host },\n error\n } = evt\n debuglog(\n 'connection to %s using %s%s errored - %s',\n `${host}${port ? `:${port}` : ''}`,\n protocol,\n version,\n error.message\n )\n })\n\n diagnosticsChannel.channel('undici:client:sendHeaders').subscribe(evt => {\n const {\n request: { method, path, origin }\n } = evt\n debuglog('sending request to %s %s/%s', method, origin, path)\n })\n\n // Track Request events\n diagnosticsChannel.channel('undici:request:headers').subscribe(evt => {\n const {\n request: { method, path, origin },\n response: { statusCode }\n } = evt\n debuglog(\n 'received response to %s %s/%s - HTTP %d',\n method,\n origin,\n path,\n statusCode\n )\n })\n\n diagnosticsChannel.channel('undici:request:trailers').subscribe(evt => {\n const {\n request: { method, path, origin }\n } = evt\n debuglog('trailers received from %s %s/%s', method, origin, path)\n })\n\n diagnosticsChannel.channel('undici:request:error').subscribe(evt => {\n const {\n request: { method, path, origin },\n error\n } = evt\n debuglog(\n 'request to %s %s/%s errored - %s',\n method,\n origin,\n path,\n error.message\n )\n })\n\n isClientSet = true\n}\n\nif (websocketDebuglog.enabled) {\n if (!isClientSet) {\n const debuglog = undiciDebugLog.enabled ? undiciDebugLog : websocketDebuglog\n diagnosticsChannel.channel('undici:client:beforeConnect').subscribe(evt => {\n const {\n connectParams: { version, protocol, port, host }\n } = evt\n debuglog(\n 'connecting to %s%s using %s%s',\n host,\n port ? `:${port}` : '',\n protocol,\n version\n )\n })\n\n diagnosticsChannel.channel('undici:client:connected').subscribe(evt => {\n const {\n connectParams: { version, protocol, port, host }\n } = evt\n debuglog(\n 'connected to %s%s using %s%s',\n host,\n port ? `:${port}` : '',\n protocol,\n version\n )\n })\n\n diagnosticsChannel.channel('undici:client:connectError').subscribe(evt => {\n const {\n connectParams: { version, protocol, port, host },\n error\n } = evt\n debuglog(\n 'connection to %s%s using %s%s errored - %s',\n host,\n port ? `:${port}` : '',\n protocol,\n version,\n error.message\n )\n })\n\n diagnosticsChannel.channel('undici:client:sendHeaders').subscribe(evt => {\n const {\n request: { method, path, origin }\n } = evt\n debuglog('sending request to %s %s/%s', method, origin, path)\n })\n }\n\n // Track all WebSocket events\n diagnosticsChannel.channel('undici:websocket:open').subscribe(evt => {\n const {\n address: { address, port }\n } = evt\n websocketDebuglog('connection opened %s%s', address, port ? `:${port}` : '')\n })\n\n diagnosticsChannel.channel('undici:websocket:close').subscribe(evt => {\n const { websocket, code, reason } = evt\n websocketDebuglog(\n 'closed connection to %s - %s %s',\n websocket.url,\n code,\n reason\n )\n })\n\n diagnosticsChannel.channel('undici:websocket:socket_error').subscribe(err => {\n websocketDebuglog('connection errored - %s', err.message)\n })\n\n diagnosticsChannel.channel('undici:websocket:ping').subscribe(evt => {\n websocketDebuglog('ping received')\n })\n\n diagnosticsChannel.channel('undici:websocket:pong').subscribe(evt => {\n websocketDebuglog('pong received')\n })\n}\n\nmodule.exports = {\n channels\n}\n","'use strict'\n\nconst kUndiciError = Symbol.for('undici.error.UND_ERR')\nclass UndiciError extends Error {\n constructor (message) {\n super(message)\n this.name = 'UndiciError'\n this.code = 'UND_ERR'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kUndiciError] === true\n }\n\n [kUndiciError] = true\n}\n\nconst kConnectTimeoutError = Symbol.for('undici.error.UND_ERR_CONNECT_TIMEOUT')\nclass ConnectTimeoutError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'ConnectTimeoutError'\n this.message = message || 'Connect Timeout Error'\n this.code = 'UND_ERR_CONNECT_TIMEOUT'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kConnectTimeoutError] === true\n }\n\n [kConnectTimeoutError] = true\n}\n\nconst kHeadersTimeoutError = Symbol.for('undici.error.UND_ERR_HEADERS_TIMEOUT')\nclass HeadersTimeoutError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'HeadersTimeoutError'\n this.message = message || 'Headers Timeout Error'\n this.code = 'UND_ERR_HEADERS_TIMEOUT'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kHeadersTimeoutError] === true\n }\n\n [kHeadersTimeoutError] = true\n}\n\nconst kHeadersOverflowError = Symbol.for('undici.error.UND_ERR_HEADERS_OVERFLOW')\nclass HeadersOverflowError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'HeadersOverflowError'\n this.message = message || 'Headers Overflow Error'\n this.code = 'UND_ERR_HEADERS_OVERFLOW'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kHeadersOverflowError] === true\n }\n\n [kHeadersOverflowError] = true\n}\n\nconst kBodyTimeoutError = Symbol.for('undici.error.UND_ERR_BODY_TIMEOUT')\nclass BodyTimeoutError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'BodyTimeoutError'\n this.message = message || 'Body Timeout Error'\n this.code = 'UND_ERR_BODY_TIMEOUT'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kBodyTimeoutError] === true\n }\n\n [kBodyTimeoutError] = true\n}\n\nconst kResponseStatusCodeError = Symbol.for('undici.error.UND_ERR_RESPONSE_STATUS_CODE')\nclass ResponseStatusCodeError extends UndiciError {\n constructor (message, statusCode, headers, body) {\n super(message)\n this.name = 'ResponseStatusCodeError'\n this.message = message || 'Response Status Code Error'\n this.code = 'UND_ERR_RESPONSE_STATUS_CODE'\n this.body = body\n this.status = statusCode\n this.statusCode = statusCode\n this.headers = headers\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kResponseStatusCodeError] === true\n }\n\n [kResponseStatusCodeError] = true\n}\n\nconst kInvalidArgumentError = Symbol.for('undici.error.UND_ERR_INVALID_ARG')\nclass InvalidArgumentError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'InvalidArgumentError'\n this.message = message || 'Invalid Argument Error'\n this.code = 'UND_ERR_INVALID_ARG'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kInvalidArgumentError] === true\n }\n\n [kInvalidArgumentError] = true\n}\n\nconst kInvalidReturnValueError = Symbol.for('undici.error.UND_ERR_INVALID_RETURN_VALUE')\nclass InvalidReturnValueError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'InvalidReturnValueError'\n this.message = message || 'Invalid Return Value Error'\n this.code = 'UND_ERR_INVALID_RETURN_VALUE'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kInvalidReturnValueError] === true\n }\n\n [kInvalidReturnValueError] = true\n}\n\nconst kAbortError = Symbol.for('undici.error.UND_ERR_ABORT')\nclass AbortError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'AbortError'\n this.message = message || 'The operation was aborted'\n this.code = 'UND_ERR_ABORT'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kAbortError] === true\n }\n\n [kAbortError] = true\n}\n\nconst kRequestAbortedError = Symbol.for('undici.error.UND_ERR_ABORTED')\nclass RequestAbortedError extends AbortError {\n constructor (message) {\n super(message)\n this.name = 'AbortError'\n this.message = message || 'Request aborted'\n this.code = 'UND_ERR_ABORTED'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kRequestAbortedError] === true\n }\n\n [kRequestAbortedError] = true\n}\n\nconst kInformationalError = Symbol.for('undici.error.UND_ERR_INFO')\nclass InformationalError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'InformationalError'\n this.message = message || 'Request information'\n this.code = 'UND_ERR_INFO'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kInformationalError] === true\n }\n\n [kInformationalError] = true\n}\n\nconst kRequestContentLengthMismatchError = Symbol.for('undici.error.UND_ERR_REQ_CONTENT_LENGTH_MISMATCH')\nclass RequestContentLengthMismatchError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'RequestContentLengthMismatchError'\n this.message = message || 'Request body length does not match content-length header'\n this.code = 'UND_ERR_REQ_CONTENT_LENGTH_MISMATCH'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kRequestContentLengthMismatchError] === true\n }\n\n [kRequestContentLengthMismatchError] = true\n}\n\nconst kResponseContentLengthMismatchError = Symbol.for('undici.error.UND_ERR_RES_CONTENT_LENGTH_MISMATCH')\nclass ResponseContentLengthMismatchError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'ResponseContentLengthMismatchError'\n this.message = message || 'Response body length does not match content-length header'\n this.code = 'UND_ERR_RES_CONTENT_LENGTH_MISMATCH'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kResponseContentLengthMismatchError] === true\n }\n\n [kResponseContentLengthMismatchError] = true\n}\n\nconst kClientDestroyedError = Symbol.for('undici.error.UND_ERR_DESTROYED')\nclass ClientDestroyedError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'ClientDestroyedError'\n this.message = message || 'The client is destroyed'\n this.code = 'UND_ERR_DESTROYED'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kClientDestroyedError] === true\n }\n\n [kClientDestroyedError] = true\n}\n\nconst kClientClosedError = Symbol.for('undici.error.UND_ERR_CLOSED')\nclass ClientClosedError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'ClientClosedError'\n this.message = message || 'The client is closed'\n this.code = 'UND_ERR_CLOSED'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kClientClosedError] === true\n }\n\n [kClientClosedError] = true\n}\n\nconst kSocketError = Symbol.for('undici.error.UND_ERR_SOCKET')\nclass SocketError extends UndiciError {\n constructor (message, socket) {\n super(message)\n this.name = 'SocketError'\n this.message = message || 'Socket error'\n this.code = 'UND_ERR_SOCKET'\n this.socket = socket\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kSocketError] === true\n }\n\n [kSocketError] = true\n}\n\nconst kNotSupportedError = Symbol.for('undici.error.UND_ERR_NOT_SUPPORTED')\nclass NotSupportedError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'NotSupportedError'\n this.message = message || 'Not supported error'\n this.code = 'UND_ERR_NOT_SUPPORTED'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kNotSupportedError] === true\n }\n\n [kNotSupportedError] = true\n}\n\nconst kBalancedPoolMissingUpstreamError = Symbol.for('undici.error.UND_ERR_BPL_MISSING_UPSTREAM')\nclass BalancedPoolMissingUpstreamError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'MissingUpstreamError'\n this.message = message || 'No upstream has been added to the BalancedPool'\n this.code = 'UND_ERR_BPL_MISSING_UPSTREAM'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kBalancedPoolMissingUpstreamError] === true\n }\n\n [kBalancedPoolMissingUpstreamError] = true\n}\n\nconst kHTTPParserError = Symbol.for('undici.error.UND_ERR_HTTP_PARSER')\nclass HTTPParserError extends Error {\n constructor (message, code, data) {\n super(message)\n this.name = 'HTTPParserError'\n this.code = code ? `HPE_${code}` : undefined\n this.data = data ? data.toString() : undefined\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kHTTPParserError] === true\n }\n\n [kHTTPParserError] = true\n}\n\nconst kResponseExceededMaxSizeError = Symbol.for('undici.error.UND_ERR_RES_EXCEEDED_MAX_SIZE')\nclass ResponseExceededMaxSizeError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'ResponseExceededMaxSizeError'\n this.message = message || 'Response content exceeded max size'\n this.code = 'UND_ERR_RES_EXCEEDED_MAX_SIZE'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kResponseExceededMaxSizeError] === true\n }\n\n [kResponseExceededMaxSizeError] = true\n}\n\nconst kRequestRetryError = Symbol.for('undici.error.UND_ERR_REQ_RETRY')\nclass RequestRetryError extends UndiciError {\n constructor (message, code, { headers, data }) {\n super(message)\n this.name = 'RequestRetryError'\n this.message = message || 'Request retry error'\n this.code = 'UND_ERR_REQ_RETRY'\n this.statusCode = code\n this.data = data\n this.headers = headers\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kRequestRetryError] === true\n }\n\n [kRequestRetryError] = true\n}\n\nconst kResponseError = Symbol.for('undici.error.UND_ERR_RESPONSE')\nclass ResponseError extends UndiciError {\n constructor (message, code, { headers, data }) {\n super(message)\n this.name = 'ResponseError'\n this.message = message || 'Response error'\n this.code = 'UND_ERR_RESPONSE'\n this.statusCode = code\n this.data = data\n this.headers = headers\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kResponseError] === true\n }\n\n [kResponseError] = true\n}\n\nconst kSecureProxyConnectionError = Symbol.for('undici.error.UND_ERR_PRX_TLS')\nclass SecureProxyConnectionError extends UndiciError {\n constructor (cause, message, options) {\n super(message, { cause, ...(options ?? {}) })\n this.name = 'SecureProxyConnectionError'\n this.message = message || 'Secure Proxy Connection failed'\n this.code = 'UND_ERR_PRX_TLS'\n this.cause = cause\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kSecureProxyConnectionError] === true\n }\n\n [kSecureProxyConnectionError] = true\n}\n\nconst kMessageSizeExceededError = Symbol.for('undici.error.UND_ERR_WS_MESSAGE_SIZE_EXCEEDED')\nclass MessageSizeExceededError extends UndiciError {\n constructor (message) {\n super(message)\n this.name = 'MessageSizeExceededError'\n this.message = message || 'Max decompressed message size exceeded'\n this.code = 'UND_ERR_WS_MESSAGE_SIZE_EXCEEDED'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kMessageSizeExceededError] === true\n }\n\n get [kMessageSizeExceededError] () {\n return true\n }\n}\n\nmodule.exports = {\n AbortError,\n HTTPParserError,\n UndiciError,\n HeadersTimeoutError,\n HeadersOverflowError,\n BodyTimeoutError,\n RequestContentLengthMismatchError,\n ConnectTimeoutError,\n ResponseStatusCodeError,\n InvalidArgumentError,\n InvalidReturnValueError,\n RequestAbortedError,\n ClientDestroyedError,\n ClientClosedError,\n InformationalError,\n SocketError,\n NotSupportedError,\n ResponseContentLengthMismatchError,\n BalancedPoolMissingUpstreamError,\n ResponseExceededMaxSizeError,\n RequestRetryError,\n ResponseError,\n SecureProxyConnectionError,\n MessageSizeExceededError\n}\n","'use strict'\n\nconst {\n InvalidArgumentError,\n NotSupportedError\n} = require('./errors')\nconst assert = require('node:assert')\nconst {\n isValidHTTPToken,\n isValidHeaderValue,\n isStream,\n destroy,\n isBuffer,\n isFormDataLike,\n isIterable,\n isBlobLike,\n buildURL,\n validateHandler,\n getServerName,\n normalizedMethodRecords\n} = require('./util')\nconst { channels } = require('./diagnostics.js')\nconst { headerNameLowerCasedRecord } = require('./constants')\n\n// Verifies that a given path is valid does not contain control chars \\x00 to \\x20\nconst invalidPathRegex = /[^\\u0021-\\u00ff]/\n\nconst kHandler = Symbol('handler')\n\nclass Request {\n constructor (origin, {\n path,\n method,\n body,\n headers,\n query,\n idempotent,\n blocking,\n upgrade,\n headersTimeout,\n bodyTimeout,\n reset,\n throwOnError,\n expectContinue,\n servername\n }, handler) {\n if (typeof path !== 'string') {\n throw new InvalidArgumentError('path must be a string')\n } else if (\n path[0] !== '/' &&\n !(path.startsWith('http://') || path.startsWith('https://')) &&\n method !== 'CONNECT'\n ) {\n throw new InvalidArgumentError('path must be an absolute URL or start with a slash')\n } else if (invalidPathRegex.test(path)) {\n throw new InvalidArgumentError('invalid request path')\n }\n\n if (typeof method !== 'string') {\n throw new InvalidArgumentError('method must be a string')\n } else if (normalizedMethodRecords[method] === undefined && !isValidHTTPToken(method)) {\n throw new InvalidArgumentError('invalid request method')\n }\n\n if (upgrade && typeof upgrade !== 'string') {\n throw new InvalidArgumentError('upgrade must be a string')\n }\n\n if (upgrade && !isValidHeaderValue(upgrade)) {\n throw new InvalidArgumentError('invalid upgrade header')\n }\n\n if (headersTimeout != null && (!Number.isFinite(headersTimeout) || headersTimeout < 0)) {\n throw new InvalidArgumentError('invalid headersTimeout')\n }\n\n if (bodyTimeout != null && (!Number.isFinite(bodyTimeout) || bodyTimeout < 0)) {\n throw new InvalidArgumentError('invalid bodyTimeout')\n }\n\n if (reset != null && typeof reset !== 'boolean') {\n throw new InvalidArgumentError('invalid reset')\n }\n\n if (expectContinue != null && typeof expectContinue !== 'boolean') {\n throw new InvalidArgumentError('invalid expectContinue')\n }\n\n this.headersTimeout = headersTimeout\n\n this.bodyTimeout = bodyTimeout\n\n this.throwOnError = throwOnError === true\n\n this.method = method\n\n this.abort = null\n\n if (body == null) {\n this.body = null\n } else if (isStream(body)) {\n this.body = body\n\n const rState = this.body._readableState\n if (!rState || !rState.autoDestroy) {\n this.endHandler = function autoDestroy () {\n destroy(this)\n }\n this.body.on('end', this.endHandler)\n }\n\n this.errorHandler = err => {\n if (this.abort) {\n this.abort(err)\n } else {\n this.error = err\n }\n }\n this.body.on('error', this.errorHandler)\n } else if (isBuffer(body)) {\n this.body = body.byteLength ? body : null\n } else if (ArrayBuffer.isView(body)) {\n this.body = body.buffer.byteLength ? Buffer.from(body.buffer, body.byteOffset, body.byteLength) : null\n } else if (body instanceof ArrayBuffer) {\n this.body = body.byteLength ? Buffer.from(body) : null\n } else if (typeof body === 'string') {\n this.body = body.length ? Buffer.from(body) : null\n } else if (isFormDataLike(body) || isIterable(body) || isBlobLike(body)) {\n this.body = body\n } else {\n throw new InvalidArgumentError('body must be a string, a Buffer, a Readable stream, an iterable, or an async iterable')\n }\n\n this.completed = false\n\n this.aborted = false\n\n this.upgrade = upgrade || null\n\n this.path = query ? buildURL(path, query) : path\n\n this.origin = origin\n\n this.idempotent = idempotent == null\n ? method === 'HEAD' || method === 'GET'\n : idempotent\n\n this.blocking = blocking == null ? false : blocking\n\n this.reset = reset == null ? null : reset\n\n this.host = null\n\n this.contentLength = null\n\n this.contentType = null\n\n this.headers = []\n\n // Only for H2\n this.expectContinue = expectContinue != null ? expectContinue : false\n\n if (Array.isArray(headers)) {\n if (headers.length % 2 !== 0) {\n throw new InvalidArgumentError('headers array must be even')\n }\n for (let i = 0; i < headers.length; i += 2) {\n processHeader(this, headers[i], headers[i + 1])\n }\n } else if (headers && typeof headers === 'object') {\n if (headers[Symbol.iterator]) {\n for (const header of headers) {\n if (!Array.isArray(header) || header.length !== 2) {\n throw new InvalidArgumentError('headers must be in key-value pair format')\n }\n processHeader(this, header[0], header[1])\n }\n } else {\n const keys = Object.keys(headers)\n for (let i = 0; i < keys.length; ++i) {\n processHeader(this, keys[i], headers[keys[i]])\n }\n }\n } else if (headers != null) {\n throw new InvalidArgumentError('headers must be an object or an array')\n }\n\n validateHandler(handler, method, upgrade)\n\n this.servername = servername || getServerName(this.host)\n\n this[kHandler] = handler\n\n if (channels.create.hasSubscribers) {\n channels.create.publish({ request: this })\n }\n }\n\n onBodySent (chunk) {\n if (this[kHandler].onBodySent) {\n try {\n return this[kHandler].onBodySent(chunk)\n } catch (err) {\n this.abort(err)\n }\n }\n }\n\n onRequestSent () {\n if (channels.bodySent.hasSubscribers) {\n channels.bodySent.publish({ request: this })\n }\n\n if (this[kHandler].onRequestSent) {\n try {\n return this[kHandler].onRequestSent()\n } catch (err) {\n this.abort(err)\n }\n }\n }\n\n onConnect (abort) {\n assert(!this.aborted)\n assert(!this.completed)\n\n if (this.error) {\n abort(this.error)\n } else {\n this.abort = abort\n return this[kHandler].onConnect(abort)\n }\n }\n\n onResponseStarted () {\n return this[kHandler].onResponseStarted?.()\n }\n\n onHeaders (statusCode, headers, resume, statusText) {\n assert(!this.aborted)\n assert(!this.completed)\n\n if (channels.headers.hasSubscribers) {\n channels.headers.publish({ request: this, response: { statusCode, headers, statusText } })\n }\n\n try {\n return this[kHandler].onHeaders(statusCode, headers, resume, statusText)\n } catch (err) {\n this.abort(err)\n }\n }\n\n onData (chunk) {\n assert(!this.aborted)\n assert(!this.completed)\n\n try {\n return this[kHandler].onData(chunk)\n } catch (err) {\n this.abort(err)\n return false\n }\n }\n\n onUpgrade (statusCode, headers, socket) {\n assert(!this.aborted)\n assert(!this.completed)\n\n return this[kHandler].onUpgrade(statusCode, headers, socket)\n }\n\n onComplete (trailers) {\n this.onFinally()\n\n assert(!this.aborted)\n\n this.completed = true\n if (channels.trailers.hasSubscribers) {\n channels.trailers.publish({ request: this, trailers })\n }\n\n try {\n return this[kHandler].onComplete(trailers)\n } catch (err) {\n // TODO (fix): This might be a bad idea?\n this.onError(err)\n }\n }\n\n onError (error) {\n this.onFinally()\n\n if (channels.error.hasSubscribers) {\n channels.error.publish({ request: this, error })\n }\n\n if (this.aborted) {\n return\n }\n this.aborted = true\n\n return this[kHandler].onError(error)\n }\n\n onFinally () {\n if (this.errorHandler) {\n this.body.off('error', this.errorHandler)\n this.errorHandler = null\n }\n\n if (this.endHandler) {\n this.body.off('end', this.endHandler)\n this.endHandler = null\n }\n }\n\n addHeader (key, value) {\n processHeader(this, key, value)\n return this\n }\n}\n\nfunction processHeader (request, key, val) {\n if (val && (typeof val === 'object' && !Array.isArray(val))) {\n throw new InvalidArgumentError(`invalid ${key} header`)\n } else if (val === undefined) {\n return\n }\n\n let headerName = headerNameLowerCasedRecord[key]\n\n if (headerName === undefined) {\n headerName = key.toLowerCase()\n if (headerNameLowerCasedRecord[headerName] === undefined && !isValidHTTPToken(headerName)) {\n throw new InvalidArgumentError('invalid header key')\n }\n }\n\n if (Array.isArray(val)) {\n const arr = []\n for (let i = 0; i < val.length; i++) {\n if (typeof val[i] === 'string') {\n if (!isValidHeaderValue(val[i])) {\n throw new InvalidArgumentError(`invalid ${key} header`)\n }\n arr.push(val[i])\n } else if (val[i] === null) {\n arr.push('')\n } else if (typeof val[i] === 'object') {\n throw new InvalidArgumentError(`invalid ${key} header`)\n } else {\n arr.push(`${val[i]}`)\n }\n }\n val = arr\n } else if (typeof val === 'string') {\n if (!isValidHeaderValue(val)) {\n throw new InvalidArgumentError(`invalid ${key} header`)\n }\n } else if (val === null) {\n val = ''\n } else {\n val = `${val}`\n }\n\n if (headerName === 'host') {\n if (request.host !== null) {\n throw new InvalidArgumentError('duplicate host header')\n }\n if (typeof val !== 'string') {\n throw new InvalidArgumentError('invalid host header')\n }\n // Consumed by Client\n request.host = val\n } else if (headerName === 'content-length') {\n if (request.contentLength !== null) {\n throw new InvalidArgumentError('duplicate content-length header')\n }\n request.contentLength = parseInt(val, 10)\n if (!Number.isFinite(request.contentLength)) {\n throw new InvalidArgumentError('invalid content-length header')\n }\n } else if (request.contentType === null && headerName === 'content-type') {\n request.contentType = val\n request.headers.push(key, val)\n } else if (headerName === 'transfer-encoding' || headerName === 'keep-alive' || headerName === 'upgrade') {\n throw new InvalidArgumentError(`invalid ${headerName} header`)\n } else if (headerName === 'connection') {\n const value = typeof val === 'string' ? val.toLowerCase() : null\n if (value !== 'close' && value !== 'keep-alive') {\n throw new InvalidArgumentError('invalid connection header')\n }\n\n if (value === 'close') {\n request.reset = true\n }\n } else if (headerName === 'expect') {\n throw new NotSupportedError('expect header not supported')\n } else {\n request.headers.push(key, val)\n }\n}\n\nmodule.exports = Request\n","module.exports = {\n kClose: Symbol('close'),\n kDestroy: Symbol('destroy'),\n kDispatch: Symbol('dispatch'),\n kUrl: Symbol('url'),\n kWriting: Symbol('writing'),\n kResuming: Symbol('resuming'),\n kQueue: Symbol('queue'),\n kConnect: Symbol('connect'),\n kConnecting: Symbol('connecting'),\n kKeepAliveDefaultTimeout: Symbol('default keep alive timeout'),\n kKeepAliveMaxTimeout: Symbol('max keep alive timeout'),\n kKeepAliveTimeoutThreshold: Symbol('keep alive timeout threshold'),\n kKeepAliveTimeoutValue: Symbol('keep alive timeout'),\n kKeepAlive: Symbol('keep alive'),\n kHeadersTimeout: Symbol('headers timeout'),\n kBodyTimeout: Symbol('body timeout'),\n kServerName: Symbol('server name'),\n kLocalAddress: Symbol('local address'),\n kHost: Symbol('host'),\n kNoRef: Symbol('no ref'),\n kBodyUsed: Symbol('used'),\n kBody: Symbol('abstracted request body'),\n kRunning: Symbol('running'),\n kBlocking: Symbol('blocking'),\n kPending: Symbol('pending'),\n kSize: Symbol('size'),\n kBusy: Symbol('busy'),\n kQueued: Symbol('queued'),\n kFree: Symbol('free'),\n kConnected: Symbol('connected'),\n kClosed: Symbol('closed'),\n kNeedDrain: Symbol('need drain'),\n kReset: Symbol('reset'),\n kDestroyed: Symbol.for('nodejs.stream.destroyed'),\n kResume: Symbol('resume'),\n kOnError: Symbol('on error'),\n kMaxHeadersSize: Symbol('max headers size'),\n kRunningIdx: Symbol('running index'),\n kPendingIdx: Symbol('pending index'),\n kError: Symbol('error'),\n kClients: Symbol('clients'),\n kClient: Symbol('client'),\n kParser: Symbol('parser'),\n kOnDestroyed: Symbol('destroy callbacks'),\n kPipelining: Symbol('pipelining'),\n kSocket: Symbol('socket'),\n kHostHeader: Symbol('host header'),\n kConnector: Symbol('connector'),\n kStrictContentLength: Symbol('strict content length'),\n kMaxRedirections: Symbol('maxRedirections'),\n kMaxRequests: Symbol('maxRequestsPerClient'),\n kProxy: Symbol('proxy agent options'),\n kCounter: Symbol('socket request counter'),\n kInterceptors: Symbol('dispatch interceptors'),\n kMaxResponseSize: Symbol('max response size'),\n kHTTP2Session: Symbol('http2Session'),\n kHTTP2SessionState: Symbol('http2Session state'),\n kRetryHandlerDefaultRetry: Symbol('retry agent default retry'),\n kConstruct: Symbol('constructable'),\n kListeners: Symbol('listeners'),\n kHTTPContext: Symbol('http context'),\n kMaxConcurrentStreams: Symbol('max concurrent streams'),\n kNoProxyAgent: Symbol('no proxy agent'),\n kHttpProxyAgent: Symbol('http proxy agent'),\n kHttpsProxyAgent: Symbol('https proxy agent')\n}\n","'use strict'\n\nconst {\n wellknownHeaderNames,\n headerNameLowerCasedRecord\n} = require('./constants')\n\nclass TstNode {\n /** @type {any} */\n value = null\n /** @type {null | TstNode} */\n left = null\n /** @type {null | TstNode} */\n middle = null\n /** @type {null | TstNode} */\n right = null\n /** @type {number} */\n code\n /**\n * @param {string} key\n * @param {any} value\n * @param {number} index\n */\n constructor (key, value, index) {\n if (index === undefined || index >= key.length) {\n throw new TypeError('Unreachable')\n }\n const code = this.code = key.charCodeAt(index)\n // check code is ascii string\n if (code > 0x7F) {\n throw new TypeError('key must be ascii string')\n }\n if (key.length !== ++index) {\n this.middle = new TstNode(key, value, index)\n } else {\n this.value = value\n }\n }\n\n /**\n * @param {string} key\n * @param {any} value\n */\n add (key, value) {\n const length = key.length\n if (length === 0) {\n throw new TypeError('Unreachable')\n }\n let index = 0\n let node = this\n while (true) {\n const code = key.charCodeAt(index)\n // check code is ascii string\n if (code > 0x7F) {\n throw new TypeError('key must be ascii string')\n }\n if (node.code === code) {\n if (length === ++index) {\n node.value = value\n break\n } else if (node.middle !== null) {\n node = node.middle\n } else {\n node.middle = new TstNode(key, value, index)\n break\n }\n } else if (node.code < code) {\n if (node.left !== null) {\n node = node.left\n } else {\n node.left = new TstNode(key, value, index)\n break\n }\n } else if (node.right !== null) {\n node = node.right\n } else {\n node.right = new TstNode(key, value, index)\n break\n }\n }\n }\n\n /**\n * @param {Uint8Array} key\n * @return {TstNode | null}\n */\n search (key) {\n const keylength = key.length\n let index = 0\n let node = this\n while (node !== null && index < keylength) {\n let code = key[index]\n // A-Z\n // First check if it is bigger than 0x5a.\n // Lowercase letters have higher char codes than uppercase ones.\n // Also we assume that headers will mostly contain lowercase characters.\n if (code <= 0x5a && code >= 0x41) {\n // Lowercase for uppercase.\n code |= 32\n }\n while (node !== null) {\n if (code === node.code) {\n if (keylength === ++index) {\n // Returns Node since it is the last key.\n return node\n }\n node = node.middle\n break\n }\n node = node.code < code ? node.left : node.right\n }\n }\n return null\n }\n}\n\nclass TernarySearchTree {\n /** @type {TstNode | null} */\n node = null\n\n /**\n * @param {string} key\n * @param {any} value\n * */\n insert (key, value) {\n if (this.node === null) {\n this.node = new TstNode(key, value, 0)\n } else {\n this.node.add(key, value)\n }\n }\n\n /**\n * @param {Uint8Array} key\n * @return {any}\n */\n lookup (key) {\n return this.node?.search(key)?.value ?? null\n }\n}\n\nconst tree = new TernarySearchTree()\n\nfor (let i = 0; i < wellknownHeaderNames.length; ++i) {\n const key = headerNameLowerCasedRecord[wellknownHeaderNames[i]]\n tree.insert(key, key)\n}\n\nmodule.exports = {\n TernarySearchTree,\n tree\n}\n","'use strict'\n\nconst assert = require('node:assert')\nconst { kDestroyed, kBodyUsed, kListeners, kBody } = require('./symbols')\nconst { IncomingMessage } = require('node:http')\nconst stream = require('node:stream')\nconst net = require('node:net')\nconst { Blob } = require('node:buffer')\nconst nodeUtil = require('node:util')\nconst { stringify } = require('node:querystring')\nconst { EventEmitter: EE } = require('node:events')\nconst { InvalidArgumentError } = require('./errors')\nconst { headerNameLowerCasedRecord } = require('./constants')\nconst { tree } = require('./tree')\n\nconst [nodeMajor, nodeMinor] = process.versions.node.split('.').map(v => Number(v))\n\nclass BodyAsyncIterable {\n constructor (body) {\n this[kBody] = body\n this[kBodyUsed] = false\n }\n\n async * [Symbol.asyncIterator] () {\n assert(!this[kBodyUsed], 'disturbed')\n this[kBodyUsed] = true\n yield * this[kBody]\n }\n}\n\nfunction wrapRequestBody (body) {\n if (isStream(body)) {\n // TODO (fix): Provide some way for the user to cache the file to e.g. /tmp\n // so that it can be dispatched again?\n // TODO (fix): Do we need 100-expect support to provide a way to do this properly?\n if (bodyLength(body) === 0) {\n body\n .on('data', function () {\n assert(false)\n })\n }\n\n if (typeof body.readableDidRead !== 'boolean') {\n body[kBodyUsed] = false\n EE.prototype.on.call(body, 'data', function () {\n this[kBodyUsed] = true\n })\n }\n\n return body\n } else if (body && typeof body.pipeTo === 'function') {\n // TODO (fix): We can't access ReadableStream internal state\n // to determine whether or not it has been disturbed. This is just\n // a workaround.\n return new BodyAsyncIterable(body)\n } else if (\n body &&\n typeof body !== 'string' &&\n !ArrayBuffer.isView(body) &&\n isIterable(body)\n ) {\n // TODO: Should we allow re-using iterable if !this.opts.idempotent\n // or through some other flag?\n return new BodyAsyncIterable(body)\n } else {\n return body\n }\n}\n\nfunction nop () {}\n\nfunction isStream (obj) {\n return obj && typeof obj === 'object' && typeof obj.pipe === 'function' && typeof obj.on === 'function'\n}\n\n// based on https://github.com/node-fetch/fetch-blob/blob/8ab587d34080de94140b54f07168451e7d0b655e/index.js#L229-L241 (MIT License)\nfunction isBlobLike (object) {\n if (object === null) {\n return false\n } else if (object instanceof Blob) {\n return true\n } else if (typeof object !== 'object') {\n return false\n } else {\n const sTag = object[Symbol.toStringTag]\n\n return (sTag === 'Blob' || sTag === 'File') && (\n ('stream' in object && typeof object.stream === 'function') ||\n ('arrayBuffer' in object && typeof object.arrayBuffer === 'function')\n )\n }\n}\n\nfunction buildURL (url, queryParams) {\n if (url.includes('?') || url.includes('#')) {\n throw new Error('Query params cannot be passed when url already contains \"?\" or \"#\".')\n }\n\n const stringified = stringify(queryParams)\n\n if (stringified) {\n url += '?' + stringified\n }\n\n return url\n}\n\nfunction isValidPort (port) {\n const value = parseInt(port, 10)\n return (\n value === Number(port) &&\n value >= 0 &&\n value <= 65535\n )\n}\n\nfunction isHttpOrHttpsPrefixed (value) {\n return (\n value != null &&\n value[0] === 'h' &&\n value[1] === 't' &&\n value[2] === 't' &&\n value[3] === 'p' &&\n (\n value[4] === ':' ||\n (\n value[4] === 's' &&\n value[5] === ':'\n )\n )\n )\n}\n\nfunction parseURL (url) {\n if (typeof url === 'string') {\n url = new URL(url)\n\n if (!isHttpOrHttpsPrefixed(url.origin || url.protocol)) {\n throw new InvalidArgumentError('Invalid URL protocol: the URL must start with `http:` or `https:`.')\n }\n\n return url\n }\n\n if (!url || typeof url !== 'object') {\n throw new InvalidArgumentError('Invalid URL: The URL argument must be a non-null object.')\n }\n\n if (!(url instanceof URL)) {\n if (url.port != null && url.port !== '' && isValidPort(url.port) === false) {\n throw new InvalidArgumentError('Invalid URL: port must be a valid integer or a string representation of an integer.')\n }\n\n if (url.path != null && typeof url.path !== 'string') {\n throw new InvalidArgumentError('Invalid URL path: the path must be a string or null/undefined.')\n }\n\n if (url.pathname != null && typeof url.pathname !== 'string') {\n throw new InvalidArgumentError('Invalid URL pathname: the pathname must be a string or null/undefined.')\n }\n\n if (url.hostname != null && typeof url.hostname !== 'string') {\n throw new InvalidArgumentError('Invalid URL hostname: the hostname must be a string or null/undefined.')\n }\n\n if (url.origin != null && typeof url.origin !== 'string') {\n throw new InvalidArgumentError('Invalid URL origin: the origin must be a string or null/undefined.')\n }\n\n if (!isHttpOrHttpsPrefixed(url.origin || url.protocol)) {\n throw new InvalidArgumentError('Invalid URL protocol: the URL must start with `http:` or `https:`.')\n }\n\n const port = url.port != null\n ? url.port\n : (url.protocol === 'https:' ? 443 : 80)\n let origin = url.origin != null\n ? url.origin\n : `${url.protocol || ''}//${url.hostname || ''}:${port}`\n let path = url.path != null\n ? url.path\n : `${url.pathname || ''}${url.search || ''}`\n\n if (origin[origin.length - 1] === '/') {\n origin = origin.slice(0, origin.length - 1)\n }\n\n if (path && path[0] !== '/') {\n path = `/${path}`\n }\n // new URL(path, origin) is unsafe when `path` contains an absolute URL\n // From https://developer.mozilla.org/en-US/docs/Web/API/URL/URL:\n // If first parameter is a relative URL, second param is required, and will be used as the base URL.\n // If first parameter is an absolute URL, a given second param will be ignored.\n return new URL(`${origin}${path}`)\n }\n\n if (!isHttpOrHttpsPrefixed(url.origin || url.protocol)) {\n throw new InvalidArgumentError('Invalid URL protocol: the URL must start with `http:` or `https:`.')\n }\n\n return url\n}\n\nfunction parseOrigin (url) {\n url = parseURL(url)\n\n if (url.pathname !== '/' || url.search || url.hash) {\n throw new InvalidArgumentError('invalid url')\n }\n\n return url\n}\n\nfunction getHostname (host) {\n if (host[0] === '[') {\n const idx = host.indexOf(']')\n\n assert(idx !== -1)\n return host.substring(1, idx)\n }\n\n const idx = host.indexOf(':')\n if (idx === -1) return host\n\n return host.substring(0, idx)\n}\n\n// IP addresses are not valid server names per RFC6066\n// > Currently, the only server names supported are DNS hostnames\nfunction getServerName (host) {\n if (!host) {\n return null\n }\n\n assert(typeof host === 'string')\n\n const servername = getHostname(host)\n if (net.isIP(servername)) {\n return ''\n }\n\n return servername\n}\n\nfunction deepClone (obj) {\n return JSON.parse(JSON.stringify(obj))\n}\n\nfunction isAsyncIterable (obj) {\n return !!(obj != null && typeof obj[Symbol.asyncIterator] === 'function')\n}\n\nfunction isIterable (obj) {\n return !!(obj != null && (typeof obj[Symbol.iterator] === 'function' || typeof obj[Symbol.asyncIterator] === 'function'))\n}\n\nfunction bodyLength (body) {\n if (body == null) {\n return 0\n } else if (isStream(body)) {\n const state = body._readableState\n return state && state.objectMode === false && state.ended === true && Number.isFinite(state.length)\n ? state.length\n : null\n } else if (isBlobLike(body)) {\n return body.size != null ? body.size : null\n } else if (isBuffer(body)) {\n return body.byteLength\n }\n\n return null\n}\n\nfunction isDestroyed (body) {\n return body && !!(body.destroyed || body[kDestroyed] || (stream.isDestroyed?.(body)))\n}\n\nfunction destroy (stream, err) {\n if (stream == null || !isStream(stream) || isDestroyed(stream)) {\n return\n }\n\n if (typeof stream.destroy === 'function') {\n if (Object.getPrototypeOf(stream).constructor === IncomingMessage) {\n // See: https://github.com/nodejs/node/pull/38505/files\n stream.socket = null\n }\n\n stream.destroy(err)\n } else if (err) {\n queueMicrotask(() => {\n stream.emit('error', err)\n })\n }\n\n if (stream.destroyed !== true) {\n stream[kDestroyed] = true\n }\n}\n\nconst KEEPALIVE_TIMEOUT_EXPR = /timeout=(\\d+)/\nfunction parseKeepAliveTimeout (val) {\n const m = val.toString().match(KEEPALIVE_TIMEOUT_EXPR)\n return m ? parseInt(m[1], 10) * 1000 : null\n}\n\n/**\n * Retrieves a header name and returns its lowercase value.\n * @param {string | Buffer} value Header name\n * @returns {string}\n */\nfunction headerNameToString (value) {\n return typeof value === 'string'\n ? headerNameLowerCasedRecord[value] ?? value.toLowerCase()\n : tree.lookup(value) ?? value.toString('latin1').toLowerCase()\n}\n\n/**\n * Receive the buffer as a string and return its lowercase value.\n * @param {Buffer} value Header name\n * @returns {string}\n */\nfunction bufferToLowerCasedHeaderName (value) {\n return tree.lookup(value) ?? value.toString('latin1').toLowerCase()\n}\n\n/**\n * @param {Record | (Buffer | string | (Buffer | string)[])[]} headers\n * @param {Record} [obj]\n * @returns {Record}\n */\nfunction parseHeaders (headers, obj) {\n if (obj === undefined) obj = {}\n for (let i = 0; i < headers.length; i += 2) {\n const key = headerNameToString(headers[i])\n let val = obj[key]\n\n if (val) {\n if (typeof val === 'string') {\n val = [val]\n obj[key] = val\n }\n val.push(headers[i + 1].toString('utf8'))\n } else {\n const headersValue = headers[i + 1]\n if (typeof headersValue === 'string') {\n obj[key] = headersValue\n } else {\n obj[key] = Array.isArray(headersValue) ? headersValue.map(x => x.toString('utf8')) : headersValue.toString('utf8')\n }\n }\n }\n\n // See https://github.com/nodejs/node/pull/46528\n if ('content-length' in obj && 'content-disposition' in obj) {\n obj['content-disposition'] = Buffer.from(obj['content-disposition']).toString('latin1')\n }\n\n return obj\n}\n\nfunction parseRawHeaders (headers) {\n const len = headers.length\n const ret = new Array(len)\n\n let hasContentLength = false\n let contentDispositionIdx = -1\n let key\n let val\n let kLen = 0\n\n for (let n = 0; n < headers.length; n += 2) {\n key = headers[n]\n val = headers[n + 1]\n\n typeof key !== 'string' && (key = key.toString())\n typeof val !== 'string' && (val = val.toString('utf8'))\n\n kLen = key.length\n if (kLen === 14 && key[7] === '-' && (key === 'content-length' || key.toLowerCase() === 'content-length')) {\n hasContentLength = true\n } else if (kLen === 19 && key[7] === '-' && (key === 'content-disposition' || key.toLowerCase() === 'content-disposition')) {\n contentDispositionIdx = n + 1\n }\n ret[n] = key\n ret[n + 1] = val\n }\n\n // See https://github.com/nodejs/node/pull/46528\n if (hasContentLength && contentDispositionIdx !== -1) {\n ret[contentDispositionIdx] = Buffer.from(ret[contentDispositionIdx]).toString('latin1')\n }\n\n return ret\n}\n\nfunction isBuffer (buffer) {\n // See, https://github.com/mcollina/undici/pull/319\n return buffer instanceof Uint8Array || Buffer.isBuffer(buffer)\n}\n\nfunction validateHandler (handler, method, upgrade) {\n if (!handler || typeof handler !== 'object') {\n throw new InvalidArgumentError('handler must be an object')\n }\n\n if (typeof handler.onConnect !== 'function') {\n throw new InvalidArgumentError('invalid onConnect method')\n }\n\n if (typeof handler.onError !== 'function') {\n throw new InvalidArgumentError('invalid onError method')\n }\n\n if (typeof handler.onBodySent !== 'function' && handler.onBodySent !== undefined) {\n throw new InvalidArgumentError('invalid onBodySent method')\n }\n\n if (upgrade || method === 'CONNECT') {\n if (typeof handler.onUpgrade !== 'function') {\n throw new InvalidArgumentError('invalid onUpgrade method')\n }\n } else {\n if (typeof handler.onHeaders !== 'function') {\n throw new InvalidArgumentError('invalid onHeaders method')\n }\n\n if (typeof handler.onData !== 'function') {\n throw new InvalidArgumentError('invalid onData method')\n }\n\n if (typeof handler.onComplete !== 'function') {\n throw new InvalidArgumentError('invalid onComplete method')\n }\n }\n}\n\n// A body is disturbed if it has been read from and it cannot\n// be re-used without losing state or data.\nfunction isDisturbed (body) {\n // TODO (fix): Why is body[kBodyUsed] needed?\n return !!(body && (stream.isDisturbed(body) || body[kBodyUsed]))\n}\n\nfunction isErrored (body) {\n return !!(body && stream.isErrored(body))\n}\n\nfunction isReadable (body) {\n return !!(body && stream.isReadable(body))\n}\n\nfunction getSocketInfo (socket) {\n return {\n localAddress: socket.localAddress,\n localPort: socket.localPort,\n remoteAddress: socket.remoteAddress,\n remotePort: socket.remotePort,\n remoteFamily: socket.remoteFamily,\n timeout: socket.timeout,\n bytesWritten: socket.bytesWritten,\n bytesRead: socket.bytesRead\n }\n}\n\n/** @type {globalThis['ReadableStream']} */\nfunction ReadableStreamFrom (iterable) {\n // We cannot use ReadableStream.from here because it does not return a byte stream.\n\n let iterator\n return new ReadableStream(\n {\n async start () {\n iterator = iterable[Symbol.asyncIterator]()\n },\n async pull (controller) {\n const { done, value } = await iterator.next()\n if (done) {\n queueMicrotask(() => {\n controller.close()\n controller.byobRequest?.respond(0)\n })\n } else {\n const buf = Buffer.isBuffer(value) ? value : Buffer.from(value)\n if (buf.byteLength) {\n controller.enqueue(new Uint8Array(buf))\n }\n }\n return controller.desiredSize > 0\n },\n async cancel (reason) {\n await iterator.return()\n },\n type: 'bytes'\n }\n )\n}\n\n// The chunk should be a FormData instance and contains\n// all the required methods.\nfunction isFormDataLike (object) {\n return (\n object &&\n typeof object === 'object' &&\n typeof object.append === 'function' &&\n typeof object.delete === 'function' &&\n typeof object.get === 'function' &&\n typeof object.getAll === 'function' &&\n typeof object.has === 'function' &&\n typeof object.set === 'function' &&\n object[Symbol.toStringTag] === 'FormData'\n )\n}\n\nfunction addAbortListener (signal, listener) {\n if ('addEventListener' in signal) {\n signal.addEventListener('abort', listener, { once: true })\n return () => signal.removeEventListener('abort', listener)\n }\n signal.addListener('abort', listener)\n return () => signal.removeListener('abort', listener)\n}\n\nconst hasToWellFormed = typeof String.prototype.toWellFormed === 'function'\nconst hasIsWellFormed = typeof String.prototype.isWellFormed === 'function'\n\n/**\n * @param {string} val\n */\nfunction toUSVString (val) {\n return hasToWellFormed ? `${val}`.toWellFormed() : nodeUtil.toUSVString(val)\n}\n\n/**\n * @param {string} val\n */\n// TODO: move this to webidl\nfunction isUSVString (val) {\n return hasIsWellFormed ? `${val}`.isWellFormed() : toUSVString(val) === `${val}`\n}\n\n/**\n * @see https://tools.ietf.org/html/rfc7230#section-3.2.6\n * @param {number} c\n */\nfunction isTokenCharCode (c) {\n switch (c) {\n case 0x22:\n case 0x28:\n case 0x29:\n case 0x2c:\n case 0x2f:\n case 0x3a:\n case 0x3b:\n case 0x3c:\n case 0x3d:\n case 0x3e:\n case 0x3f:\n case 0x40:\n case 0x5b:\n case 0x5c:\n case 0x5d:\n case 0x7b:\n case 0x7d:\n // DQUOTE and \"(),/:;<=>?@[\\]{}\"\n return false\n default:\n // VCHAR %x21-7E\n return c >= 0x21 && c <= 0x7e\n }\n}\n\n/**\n * @param {string} characters\n */\nfunction isValidHTTPToken (characters) {\n if (characters.length === 0) {\n return false\n }\n for (let i = 0; i < characters.length; ++i) {\n if (!isTokenCharCode(characters.charCodeAt(i))) {\n return false\n }\n }\n return true\n}\n\n// headerCharRegex have been lifted from\n// https://github.com/nodejs/node/blob/main/lib/_http_common.js\n\n/**\n * Matches if val contains an invalid field-vchar\n * field-value = *( field-content / obs-fold )\n * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]\n * field-vchar = VCHAR / obs-text\n */\nconst headerCharRegex = /[^\\t\\x20-\\x7e\\x80-\\xff]/\n\n/**\n * @param {string} characters\n */\nfunction isValidHeaderValue (characters) {\n return !headerCharRegex.test(characters)\n}\n\n// Parsed accordingly to RFC 9110\n// https://www.rfc-editor.org/rfc/rfc9110#field.content-range\nfunction parseRangeHeader (range) {\n if (range == null || range === '') return { start: 0, end: null, size: null }\n\n const m = range ? range.match(/^bytes (\\d+)-(\\d+)\\/(\\d+)?$/) : null\n return m\n ? {\n start: parseInt(m[1]),\n end: m[2] ? parseInt(m[2]) : null,\n size: m[3] ? parseInt(m[3]) : null\n }\n : null\n}\n\nfunction addListener (obj, name, listener) {\n const listeners = (obj[kListeners] ??= [])\n listeners.push([name, listener])\n obj.on(name, listener)\n return obj\n}\n\nfunction removeAllListeners (obj) {\n for (const [name, listener] of obj[kListeners] ?? []) {\n obj.removeListener(name, listener)\n }\n obj[kListeners] = null\n}\n\nfunction errorRequest (client, request, err) {\n try {\n request.onError(err)\n assert(request.aborted)\n } catch (err) {\n client.emit('error', err)\n }\n}\n\nconst kEnumerableProperty = Object.create(null)\nkEnumerableProperty.enumerable = true\n\nconst normalizedMethodRecordsBase = {\n delete: 'DELETE',\n DELETE: 'DELETE',\n get: 'GET',\n GET: 'GET',\n head: 'HEAD',\n HEAD: 'HEAD',\n options: 'OPTIONS',\n OPTIONS: 'OPTIONS',\n post: 'POST',\n POST: 'POST',\n put: 'PUT',\n PUT: 'PUT'\n}\n\nconst normalizedMethodRecords = {\n ...normalizedMethodRecordsBase,\n patch: 'patch',\n PATCH: 'PATCH'\n}\n\n// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`.\nObject.setPrototypeOf(normalizedMethodRecordsBase, null)\nObject.setPrototypeOf(normalizedMethodRecords, null)\n\nmodule.exports = {\n kEnumerableProperty,\n nop,\n isDisturbed,\n isErrored,\n isReadable,\n toUSVString,\n isUSVString,\n isBlobLike,\n parseOrigin,\n parseURL,\n getServerName,\n isStream,\n isIterable,\n isAsyncIterable,\n isDestroyed,\n headerNameToString,\n bufferToLowerCasedHeaderName,\n addListener,\n removeAllListeners,\n errorRequest,\n parseRawHeaders,\n parseHeaders,\n parseKeepAliveTimeout,\n destroy,\n bodyLength,\n deepClone,\n ReadableStreamFrom,\n isBuffer,\n validateHandler,\n getSocketInfo,\n isFormDataLike,\n buildURL,\n addAbortListener,\n isValidHTTPToken,\n isValidHeaderValue,\n isTokenCharCode,\n parseRangeHeader,\n normalizedMethodRecordsBase,\n normalizedMethodRecords,\n isValidPort,\n isHttpOrHttpsPrefixed,\n nodeMajor,\n nodeMinor,\n safeHTTPMethods: ['GET', 'HEAD', 'OPTIONS', 'TRACE'],\n wrapRequestBody\n}\n","'use strict'\n\nconst { InvalidArgumentError } = require('../core/errors')\nconst { kClients, kRunning, kClose, kDestroy, kDispatch, kInterceptors } = require('../core/symbols')\nconst DispatcherBase = require('./dispatcher-base')\nconst Pool = require('./pool')\nconst Client = require('./client')\nconst util = require('../core/util')\nconst createRedirectInterceptor = require('../interceptor/redirect-interceptor')\n\nconst kOnConnect = Symbol('onConnect')\nconst kOnDisconnect = Symbol('onDisconnect')\nconst kOnConnectionError = Symbol('onConnectionError')\nconst kMaxRedirections = Symbol('maxRedirections')\nconst kOnDrain = Symbol('onDrain')\nconst kFactory = Symbol('factory')\nconst kOptions = Symbol('options')\n\nfunction defaultFactory (origin, opts) {\n return opts && opts.connections === 1\n ? new Client(origin, opts)\n : new Pool(origin, opts)\n}\n\nclass Agent extends DispatcherBase {\n constructor ({ factory = defaultFactory, maxRedirections = 0, connect, ...options } = {}) {\n super()\n\n if (typeof factory !== 'function') {\n throw new InvalidArgumentError('factory must be a function.')\n }\n\n if (connect != null && typeof connect !== 'function' && typeof connect !== 'object') {\n throw new InvalidArgumentError('connect must be a function or an object')\n }\n\n if (!Number.isInteger(maxRedirections) || maxRedirections < 0) {\n throw new InvalidArgumentError('maxRedirections must be a positive number')\n }\n\n if (connect && typeof connect !== 'function') {\n connect = { ...connect }\n }\n\n this[kInterceptors] = options.interceptors?.Agent && Array.isArray(options.interceptors.Agent)\n ? options.interceptors.Agent\n : [createRedirectInterceptor({ maxRedirections })]\n\n this[kOptions] = { ...util.deepClone(options), connect }\n this[kOptions].interceptors = options.interceptors\n ? { ...options.interceptors }\n : undefined\n this[kMaxRedirections] = maxRedirections\n this[kFactory] = factory\n this[kClients] = new Map()\n\n this[kOnDrain] = (origin, targets) => {\n this.emit('drain', origin, [this, ...targets])\n }\n\n this[kOnConnect] = (origin, targets) => {\n this.emit('connect', origin, [this, ...targets])\n }\n\n this[kOnDisconnect] = (origin, targets, err) => {\n this.emit('disconnect', origin, [this, ...targets], err)\n }\n\n this[kOnConnectionError] = (origin, targets, err) => {\n this.emit('connectionError', origin, [this, ...targets], err)\n }\n }\n\n get [kRunning] () {\n let ret = 0\n for (const client of this[kClients].values()) {\n ret += client[kRunning]\n }\n return ret\n }\n\n [kDispatch] (opts, handler) {\n let key\n if (opts.origin && (typeof opts.origin === 'string' || opts.origin instanceof URL)) {\n key = String(opts.origin)\n } else {\n throw new InvalidArgumentError('opts.origin must be a non-empty string or URL.')\n }\n\n let dispatcher = this[kClients].get(key)\n\n if (!dispatcher) {\n dispatcher = this[kFactory](opts.origin, this[kOptions])\n .on('drain', this[kOnDrain])\n .on('connect', this[kOnConnect])\n .on('disconnect', this[kOnDisconnect])\n .on('connectionError', this[kOnConnectionError])\n\n // This introduces a tiny memory leak, as dispatchers are never removed from the map.\n // TODO(mcollina): remove te timer when the client/pool do not have any more\n // active connections.\n this[kClients].set(key, dispatcher)\n }\n\n return dispatcher.dispatch(opts, handler)\n }\n\n async [kClose] () {\n const closePromises = []\n for (const client of this[kClients].values()) {\n closePromises.push(client.close())\n }\n this[kClients].clear()\n\n await Promise.all(closePromises)\n }\n\n async [kDestroy] (err) {\n const destroyPromises = []\n for (const client of this[kClients].values()) {\n destroyPromises.push(client.destroy(err))\n }\n this[kClients].clear()\n\n await Promise.all(destroyPromises)\n }\n}\n\nmodule.exports = Agent\n","'use strict'\n\nconst {\n BalancedPoolMissingUpstreamError,\n InvalidArgumentError\n} = require('../core/errors')\nconst {\n PoolBase,\n kClients,\n kNeedDrain,\n kAddClient,\n kRemoveClient,\n kGetDispatcher\n} = require('./pool-base')\nconst Pool = require('./pool')\nconst { kUrl, kInterceptors } = require('../core/symbols')\nconst { parseOrigin } = require('../core/util')\nconst kFactory = Symbol('factory')\n\nconst kOptions = Symbol('options')\nconst kGreatestCommonDivisor = Symbol('kGreatestCommonDivisor')\nconst kCurrentWeight = Symbol('kCurrentWeight')\nconst kIndex = Symbol('kIndex')\nconst kWeight = Symbol('kWeight')\nconst kMaxWeightPerServer = Symbol('kMaxWeightPerServer')\nconst kErrorPenalty = Symbol('kErrorPenalty')\n\n/**\n * Calculate the greatest common divisor of two numbers by\n * using the Euclidean algorithm.\n *\n * @param {number} a\n * @param {number} b\n * @returns {number}\n */\nfunction getGreatestCommonDivisor (a, b) {\n if (a === 0) return b\n\n while (b !== 0) {\n const t = b\n b = a % b\n a = t\n }\n return a\n}\n\nfunction defaultFactory (origin, opts) {\n return new Pool(origin, opts)\n}\n\nclass BalancedPool extends PoolBase {\n constructor (upstreams = [], { factory = defaultFactory, ...opts } = {}) {\n super()\n\n this[kOptions] = opts\n this[kIndex] = -1\n this[kCurrentWeight] = 0\n\n this[kMaxWeightPerServer] = this[kOptions].maxWeightPerServer || 100\n this[kErrorPenalty] = this[kOptions].errorPenalty || 15\n\n if (!Array.isArray(upstreams)) {\n upstreams = [upstreams]\n }\n\n if (typeof factory !== 'function') {\n throw new InvalidArgumentError('factory must be a function.')\n }\n\n this[kInterceptors] = opts.interceptors?.BalancedPool && Array.isArray(opts.interceptors.BalancedPool)\n ? opts.interceptors.BalancedPool\n : []\n this[kFactory] = factory\n\n for (const upstream of upstreams) {\n this.addUpstream(upstream)\n }\n this._updateBalancedPoolStats()\n }\n\n addUpstream (upstream) {\n const upstreamOrigin = parseOrigin(upstream).origin\n\n if (this[kClients].find((pool) => (\n pool[kUrl].origin === upstreamOrigin &&\n pool.closed !== true &&\n pool.destroyed !== true\n ))) {\n return this\n }\n const pool = this[kFactory](upstreamOrigin, Object.assign({}, this[kOptions]))\n\n this[kAddClient](pool)\n pool.on('connect', () => {\n pool[kWeight] = Math.min(this[kMaxWeightPerServer], pool[kWeight] + this[kErrorPenalty])\n })\n\n pool.on('connectionError', () => {\n pool[kWeight] = Math.max(1, pool[kWeight] - this[kErrorPenalty])\n this._updateBalancedPoolStats()\n })\n\n pool.on('disconnect', (...args) => {\n const err = args[2]\n if (err && err.code === 'UND_ERR_SOCKET') {\n // decrease the weight of the pool.\n pool[kWeight] = Math.max(1, pool[kWeight] - this[kErrorPenalty])\n this._updateBalancedPoolStats()\n }\n })\n\n for (const client of this[kClients]) {\n client[kWeight] = this[kMaxWeightPerServer]\n }\n\n this._updateBalancedPoolStats()\n\n return this\n }\n\n _updateBalancedPoolStats () {\n let result = 0\n for (let i = 0; i < this[kClients].length; i++) {\n result = getGreatestCommonDivisor(this[kClients][i][kWeight], result)\n }\n\n this[kGreatestCommonDivisor] = result\n }\n\n removeUpstream (upstream) {\n const upstreamOrigin = parseOrigin(upstream).origin\n\n const pool = this[kClients].find((pool) => (\n pool[kUrl].origin === upstreamOrigin &&\n pool.closed !== true &&\n pool.destroyed !== true\n ))\n\n if (pool) {\n this[kRemoveClient](pool)\n }\n\n return this\n }\n\n get upstreams () {\n return this[kClients]\n .filter(dispatcher => dispatcher.closed !== true && dispatcher.destroyed !== true)\n .map((p) => p[kUrl].origin)\n }\n\n [kGetDispatcher] () {\n // We validate that pools is greater than 0,\n // otherwise we would have to wait until an upstream\n // is added, which might never happen.\n if (this[kClients].length === 0) {\n throw new BalancedPoolMissingUpstreamError()\n }\n\n const dispatcher = this[kClients].find(dispatcher => (\n !dispatcher[kNeedDrain] &&\n dispatcher.closed !== true &&\n dispatcher.destroyed !== true\n ))\n\n if (!dispatcher) {\n return\n }\n\n const allClientsBusy = this[kClients].map(pool => pool[kNeedDrain]).reduce((a, b) => a && b, true)\n\n if (allClientsBusy) {\n return\n }\n\n let counter = 0\n\n let maxWeightIndex = this[kClients].findIndex(pool => !pool[kNeedDrain])\n\n while (counter++ < this[kClients].length) {\n this[kIndex] = (this[kIndex] + 1) % this[kClients].length\n const pool = this[kClients][this[kIndex]]\n\n // find pool index with the largest weight\n if (pool[kWeight] > this[kClients][maxWeightIndex][kWeight] && !pool[kNeedDrain]) {\n maxWeightIndex = this[kIndex]\n }\n\n // decrease the current weight every `this[kClients].length`.\n if (this[kIndex] === 0) {\n // Set the current weight to the next lower weight.\n this[kCurrentWeight] = this[kCurrentWeight] - this[kGreatestCommonDivisor]\n\n if (this[kCurrentWeight] <= 0) {\n this[kCurrentWeight] = this[kMaxWeightPerServer]\n }\n }\n if (pool[kWeight] >= this[kCurrentWeight] && (!pool[kNeedDrain])) {\n return pool\n }\n }\n\n this[kCurrentWeight] = this[kClients][maxWeightIndex][kWeight]\n this[kIndex] = maxWeightIndex\n return this[kClients][maxWeightIndex]\n }\n}\n\nmodule.exports = BalancedPool\n","'use strict'\n\n/* global WebAssembly */\n\nconst assert = require('node:assert')\nconst util = require('../core/util.js')\nconst { channels } = require('../core/diagnostics.js')\nconst timers = require('../util/timers.js')\nconst {\n RequestContentLengthMismatchError,\n ResponseContentLengthMismatchError,\n RequestAbortedError,\n HeadersTimeoutError,\n HeadersOverflowError,\n SocketError,\n InformationalError,\n BodyTimeoutError,\n HTTPParserError,\n ResponseExceededMaxSizeError\n} = require('../core/errors.js')\nconst {\n kUrl,\n kReset,\n kClient,\n kParser,\n kBlocking,\n kRunning,\n kPending,\n kSize,\n kWriting,\n kQueue,\n kNoRef,\n kKeepAliveDefaultTimeout,\n kHostHeader,\n kPendingIdx,\n kRunningIdx,\n kError,\n kPipelining,\n kSocket,\n kKeepAliveTimeoutValue,\n kMaxHeadersSize,\n kKeepAliveMaxTimeout,\n kKeepAliveTimeoutThreshold,\n kHeadersTimeout,\n kBodyTimeout,\n kStrictContentLength,\n kMaxRequests,\n kCounter,\n kMaxResponseSize,\n kOnError,\n kResume,\n kHTTPContext\n} = require('../core/symbols.js')\n\nconst constants = require('../llhttp/constants.js')\nconst EMPTY_BUF = Buffer.alloc(0)\nconst FastBuffer = Buffer[Symbol.species]\nconst addListener = util.addListener\nconst removeAllListeners = util.removeAllListeners\n\nlet extractBody\n\nasync function lazyllhttp () {\n const llhttpWasmData = process.env.JEST_WORKER_ID ? require('../llhttp/llhttp-wasm.js') : undefined\n\n let mod\n try {\n mod = await WebAssembly.compile(require('../llhttp/llhttp_simd-wasm.js'))\n } catch (e) {\n /* istanbul ignore next */\n\n // We could check if the error was caused by the simd option not\n // being enabled, but the occurring of this other error\n // * https://github.com/emscripten-core/emscripten/issues/11495\n // got me to remove that check to avoid breaking Node 12.\n mod = await WebAssembly.compile(llhttpWasmData || require('../llhttp/llhttp-wasm.js'))\n }\n\n return await WebAssembly.instantiate(mod, {\n env: {\n /* eslint-disable camelcase */\n\n wasm_on_url: (p, at, len) => {\n /* istanbul ignore next */\n return 0\n },\n wasm_on_status: (p, at, len) => {\n assert(currentParser.ptr === p)\n const start = at - currentBufferPtr + currentBufferRef.byteOffset\n return currentParser.onStatus(new FastBuffer(currentBufferRef.buffer, start, len)) || 0\n },\n wasm_on_message_begin: (p) => {\n assert(currentParser.ptr === p)\n return currentParser.onMessageBegin() || 0\n },\n wasm_on_header_field: (p, at, len) => {\n assert(currentParser.ptr === p)\n const start = at - currentBufferPtr + currentBufferRef.byteOffset\n return currentParser.onHeaderField(new FastBuffer(currentBufferRef.buffer, start, len)) || 0\n },\n wasm_on_header_value: (p, at, len) => {\n assert(currentParser.ptr === p)\n const start = at - currentBufferPtr + currentBufferRef.byteOffset\n return currentParser.onHeaderValue(new FastBuffer(currentBufferRef.buffer, start, len)) || 0\n },\n wasm_on_headers_complete: (p, statusCode, upgrade, shouldKeepAlive) => {\n assert(currentParser.ptr === p)\n return currentParser.onHeadersComplete(statusCode, Boolean(upgrade), Boolean(shouldKeepAlive)) || 0\n },\n wasm_on_body: (p, at, len) => {\n assert(currentParser.ptr === p)\n const start = at - currentBufferPtr + currentBufferRef.byteOffset\n return currentParser.onBody(new FastBuffer(currentBufferRef.buffer, start, len)) || 0\n },\n wasm_on_message_complete: (p) => {\n assert(currentParser.ptr === p)\n return currentParser.onMessageComplete() || 0\n }\n\n /* eslint-enable camelcase */\n }\n })\n}\n\nlet llhttpInstance = null\nlet llhttpPromise = lazyllhttp()\nllhttpPromise.catch()\n\nlet currentParser = null\nlet currentBufferRef = null\nlet currentBufferSize = 0\nlet currentBufferPtr = null\n\nconst USE_NATIVE_TIMER = 0\nconst USE_FAST_TIMER = 1\n\n// Use fast timers for headers and body to take eventual event loop\n// latency into account.\nconst TIMEOUT_HEADERS = 2 | USE_FAST_TIMER\nconst TIMEOUT_BODY = 4 | USE_FAST_TIMER\n\n// Use native timers to ignore event loop latency for keep-alive\n// handling.\nconst TIMEOUT_KEEP_ALIVE = 8 | USE_NATIVE_TIMER\n\nclass Parser {\n constructor (client, socket, { exports }) {\n assert(Number.isFinite(client[kMaxHeadersSize]) && client[kMaxHeadersSize] > 0)\n\n this.llhttp = exports\n this.ptr = this.llhttp.llhttp_alloc(constants.TYPE.RESPONSE)\n this.client = client\n this.socket = socket\n this.timeout = null\n this.timeoutValue = null\n this.timeoutType = null\n this.statusCode = null\n this.statusText = ''\n this.upgrade = false\n this.headers = []\n this.headersSize = 0\n this.headersMaxSize = client[kMaxHeadersSize]\n this.shouldKeepAlive = false\n this.paused = false\n this.resume = this.resume.bind(this)\n\n this.bytesRead = 0\n\n this.keepAlive = ''\n this.contentLength = ''\n this.connection = ''\n this.maxResponseSize = client[kMaxResponseSize]\n }\n\n setTimeout (delay, type) {\n // If the existing timer and the new timer are of different timer type\n // (fast or native) or have different delay, we need to clear the existing\n // timer and set a new one.\n if (\n delay !== this.timeoutValue ||\n (type & USE_FAST_TIMER) ^ (this.timeoutType & USE_FAST_TIMER)\n ) {\n // If a timeout is already set, clear it with clearTimeout of the fast\n // timer implementation, as it can clear fast and native timers.\n if (this.timeout) {\n timers.clearTimeout(this.timeout)\n this.timeout = null\n }\n\n if (delay) {\n if (type & USE_FAST_TIMER) {\n this.timeout = timers.setFastTimeout(onParserTimeout, delay, new WeakRef(this))\n } else {\n this.timeout = setTimeout(onParserTimeout, delay, new WeakRef(this))\n this.timeout.unref()\n }\n }\n\n this.timeoutValue = delay\n } else if (this.timeout) {\n // istanbul ignore else: only for jest\n if (this.timeout.refresh) {\n this.timeout.refresh()\n }\n }\n\n this.timeoutType = type\n }\n\n resume () {\n if (this.socket.destroyed || !this.paused) {\n return\n }\n\n assert(this.ptr != null)\n assert(currentParser == null)\n\n this.llhttp.llhttp_resume(this.ptr)\n\n assert(this.timeoutType === TIMEOUT_BODY)\n if (this.timeout) {\n // istanbul ignore else: only for jest\n if (this.timeout.refresh) {\n this.timeout.refresh()\n }\n }\n\n this.paused = false\n this.execute(this.socket.read() || EMPTY_BUF) // Flush parser.\n this.readMore()\n }\n\n readMore () {\n while (!this.paused && this.ptr) {\n const chunk = this.socket.read()\n if (chunk === null) {\n break\n }\n this.execute(chunk)\n }\n }\n\n execute (data) {\n assert(this.ptr != null)\n assert(currentParser == null)\n assert(!this.paused)\n\n const { socket, llhttp } = this\n\n if (data.length > currentBufferSize) {\n if (currentBufferPtr) {\n llhttp.free(currentBufferPtr)\n }\n currentBufferSize = Math.ceil(data.length / 4096) * 4096\n currentBufferPtr = llhttp.malloc(currentBufferSize)\n }\n\n new Uint8Array(llhttp.memory.buffer, currentBufferPtr, currentBufferSize).set(data)\n\n // Call `execute` on the wasm parser.\n // We pass the `llhttp_parser` pointer address, the pointer address of buffer view data,\n // and finally the length of bytes to parse.\n // The return value is an error code or `constants.ERROR.OK`.\n try {\n let ret\n\n try {\n currentBufferRef = data\n currentParser = this\n ret = llhttp.llhttp_execute(this.ptr, currentBufferPtr, data.length)\n /* eslint-disable-next-line no-useless-catch */\n } catch (err) {\n /* istanbul ignore next: difficult to make a test case for */\n throw err\n } finally {\n currentParser = null\n currentBufferRef = null\n }\n\n const offset = llhttp.llhttp_get_error_pos(this.ptr) - currentBufferPtr\n\n if (ret === constants.ERROR.PAUSED_UPGRADE) {\n this.onUpgrade(data.slice(offset))\n } else if (ret === constants.ERROR.PAUSED) {\n this.paused = true\n socket.unshift(data.slice(offset))\n } else if (ret !== constants.ERROR.OK) {\n const ptr = llhttp.llhttp_get_error_reason(this.ptr)\n let message = ''\n /* istanbul ignore else: difficult to make a test case for */\n if (ptr) {\n const len = new Uint8Array(llhttp.memory.buffer, ptr).indexOf(0)\n message =\n 'Response does not match the HTTP/1.1 protocol (' +\n Buffer.from(llhttp.memory.buffer, ptr, len).toString() +\n ')'\n }\n throw new HTTPParserError(message, constants.ERROR[ret], data.slice(offset))\n }\n } catch (err) {\n util.destroy(socket, err)\n }\n }\n\n destroy () {\n assert(this.ptr != null)\n assert(currentParser == null)\n\n this.llhttp.llhttp_free(this.ptr)\n this.ptr = null\n\n this.timeout && timers.clearTimeout(this.timeout)\n this.timeout = null\n this.timeoutValue = null\n this.timeoutType = null\n\n this.paused = false\n }\n\n onStatus (buf) {\n this.statusText = buf.toString()\n }\n\n onMessageBegin () {\n const { socket, client } = this\n\n /* istanbul ignore next: difficult to make a test case for */\n if (socket.destroyed) {\n return -1\n }\n\n const request = client[kQueue][client[kRunningIdx]]\n if (!request) {\n return -1\n }\n request.onResponseStarted()\n }\n\n onHeaderField (buf) {\n const len = this.headers.length\n\n if ((len & 1) === 0) {\n this.headers.push(buf)\n } else {\n this.headers[len - 1] = Buffer.concat([this.headers[len - 1], buf])\n }\n\n this.trackHeader(buf.length)\n }\n\n onHeaderValue (buf) {\n let len = this.headers.length\n\n if ((len & 1) === 1) {\n this.headers.push(buf)\n len += 1\n } else {\n this.headers[len - 1] = Buffer.concat([this.headers[len - 1], buf])\n }\n\n const key = this.headers[len - 2]\n if (key.length === 10) {\n const headerName = util.bufferToLowerCasedHeaderName(key)\n if (headerName === 'keep-alive') {\n this.keepAlive += buf.toString()\n } else if (headerName === 'connection') {\n this.connection += buf.toString()\n }\n } else if (key.length === 14 && util.bufferToLowerCasedHeaderName(key) === 'content-length') {\n this.contentLength += buf.toString()\n }\n\n this.trackHeader(buf.length)\n }\n\n trackHeader (len) {\n this.headersSize += len\n if (this.headersSize >= this.headersMaxSize) {\n util.destroy(this.socket, new HeadersOverflowError())\n }\n }\n\n onUpgrade (head) {\n const { upgrade, client, socket, headers, statusCode } = this\n\n assert(upgrade)\n assert(client[kSocket] === socket)\n assert(!socket.destroyed)\n assert(!this.paused)\n assert((headers.length & 1) === 0)\n\n const request = client[kQueue][client[kRunningIdx]]\n assert(request)\n assert(request.upgrade || request.method === 'CONNECT')\n\n this.statusCode = null\n this.statusText = ''\n this.shouldKeepAlive = null\n\n this.headers = []\n this.headersSize = 0\n\n socket.unshift(head)\n\n socket[kParser].destroy()\n socket[kParser] = null\n\n socket[kClient] = null\n socket[kError] = null\n\n removeAllListeners(socket)\n\n client[kSocket] = null\n client[kHTTPContext] = null // TODO (fix): This is hacky...\n client[kQueue][client[kRunningIdx]++] = null\n client.emit('disconnect', client[kUrl], [client], new InformationalError('upgrade'))\n\n try {\n request.onUpgrade(statusCode, headers, socket)\n } catch (err) {\n util.destroy(socket, err)\n }\n\n client[kResume]()\n }\n\n onHeadersComplete (statusCode, upgrade, shouldKeepAlive) {\n const { client, socket, headers, statusText } = this\n\n /* istanbul ignore next: difficult to make a test case for */\n if (socket.destroyed) {\n return -1\n }\n\n const request = client[kQueue][client[kRunningIdx]]\n\n /* istanbul ignore next: difficult to make a test case for */\n if (!request) {\n return -1\n }\n\n assert(!this.upgrade)\n assert(this.statusCode < 200)\n\n if (statusCode === 100) {\n util.destroy(socket, new SocketError('bad response', util.getSocketInfo(socket)))\n return -1\n }\n\n /* this can only happen if server is misbehaving */\n if (upgrade && !request.upgrade) {\n util.destroy(socket, new SocketError('bad upgrade', util.getSocketInfo(socket)))\n return -1\n }\n\n assert(this.timeoutType === TIMEOUT_HEADERS)\n\n this.statusCode = statusCode\n this.shouldKeepAlive = (\n shouldKeepAlive ||\n // Override llhttp value which does not allow keepAlive for HEAD.\n (request.method === 'HEAD' && !socket[kReset] && this.connection.toLowerCase() === 'keep-alive')\n )\n\n if (this.statusCode >= 200) {\n const bodyTimeout = request.bodyTimeout != null\n ? request.bodyTimeout\n : client[kBodyTimeout]\n this.setTimeout(bodyTimeout, TIMEOUT_BODY)\n } else if (this.timeout) {\n // istanbul ignore else: only for jest\n if (this.timeout.refresh) {\n this.timeout.refresh()\n }\n }\n\n if (request.method === 'CONNECT') {\n assert(client[kRunning] === 1)\n this.upgrade = true\n return 2\n }\n\n if (upgrade) {\n assert(client[kRunning] === 1)\n this.upgrade = true\n return 2\n }\n\n assert((this.headers.length & 1) === 0)\n this.headers = []\n this.headersSize = 0\n\n if (this.shouldKeepAlive && client[kPipelining]) {\n const keepAliveTimeout = this.keepAlive ? util.parseKeepAliveTimeout(this.keepAlive) : null\n\n if (keepAliveTimeout != null) {\n const timeout = Math.min(\n keepAliveTimeout - client[kKeepAliveTimeoutThreshold],\n client[kKeepAliveMaxTimeout]\n )\n if (timeout <= 0) {\n socket[kReset] = true\n } else {\n client[kKeepAliveTimeoutValue] = timeout\n }\n } else {\n client[kKeepAliveTimeoutValue] = client[kKeepAliveDefaultTimeout]\n }\n } else {\n // Stop more requests from being dispatched.\n socket[kReset] = true\n }\n\n const pause = request.onHeaders(statusCode, headers, this.resume, statusText) === false\n\n if (request.aborted) {\n return -1\n }\n\n if (request.method === 'HEAD') {\n return 1\n }\n\n if (statusCode < 200) {\n return 1\n }\n\n if (socket[kBlocking]) {\n socket[kBlocking] = false\n client[kResume]()\n }\n\n return pause ? constants.ERROR.PAUSED : 0\n }\n\n onBody (buf) {\n const { client, socket, statusCode, maxResponseSize } = this\n\n if (socket.destroyed) {\n return -1\n }\n\n const request = client[kQueue][client[kRunningIdx]]\n assert(request)\n\n assert(this.timeoutType === TIMEOUT_BODY)\n if (this.timeout) {\n // istanbul ignore else: only for jest\n if (this.timeout.refresh) {\n this.timeout.refresh()\n }\n }\n\n assert(statusCode >= 200)\n\n if (maxResponseSize > -1 && this.bytesRead + buf.length > maxResponseSize) {\n util.destroy(socket, new ResponseExceededMaxSizeError())\n return -1\n }\n\n this.bytesRead += buf.length\n\n if (request.onData(buf) === false) {\n return constants.ERROR.PAUSED\n }\n }\n\n onMessageComplete () {\n const { client, socket, statusCode, upgrade, headers, contentLength, bytesRead, shouldKeepAlive } = this\n\n if (socket.destroyed && (!statusCode || shouldKeepAlive)) {\n return -1\n }\n\n if (upgrade) {\n return\n }\n\n assert(statusCode >= 100)\n assert((this.headers.length & 1) === 0)\n\n const request = client[kQueue][client[kRunningIdx]]\n assert(request)\n\n this.statusCode = null\n this.statusText = ''\n this.bytesRead = 0\n this.contentLength = ''\n this.keepAlive = ''\n this.connection = ''\n\n this.headers = []\n this.headersSize = 0\n\n if (statusCode < 200) {\n return\n }\n\n /* istanbul ignore next: should be handled by llhttp? */\n if (request.method !== 'HEAD' && contentLength && bytesRead !== parseInt(contentLength, 10)) {\n util.destroy(socket, new ResponseContentLengthMismatchError())\n return -1\n }\n\n request.onComplete(headers)\n\n client[kQueue][client[kRunningIdx]++] = null\n\n if (socket[kWriting]) {\n assert(client[kRunning] === 0)\n // Response completed before request.\n util.destroy(socket, new InformationalError('reset'))\n return constants.ERROR.PAUSED\n } else if (!shouldKeepAlive) {\n util.destroy(socket, new InformationalError('reset'))\n return constants.ERROR.PAUSED\n } else if (socket[kReset] && client[kRunning] === 0) {\n // Destroy socket once all requests have completed.\n // The request at the tail of the pipeline is the one\n // that requested reset and no further requests should\n // have been queued since then.\n util.destroy(socket, new InformationalError('reset'))\n return constants.ERROR.PAUSED\n } else if (client[kPipelining] == null || client[kPipelining] === 1) {\n // We must wait a full event loop cycle to reuse this socket to make sure\n // that non-spec compliant servers are not closing the connection even if they\n // said they won't.\n setImmediate(() => client[kResume]())\n } else {\n client[kResume]()\n }\n }\n}\n\nfunction onParserTimeout (parser) {\n const { socket, timeoutType, client, paused } = parser.deref()\n\n /* istanbul ignore else */\n if (timeoutType === TIMEOUT_HEADERS) {\n if (!socket[kWriting] || socket.writableNeedDrain || client[kRunning] > 1) {\n assert(!paused, 'cannot be paused while waiting for headers')\n util.destroy(socket, new HeadersTimeoutError())\n }\n } else if (timeoutType === TIMEOUT_BODY) {\n if (!paused) {\n util.destroy(socket, new BodyTimeoutError())\n }\n } else if (timeoutType === TIMEOUT_KEEP_ALIVE) {\n assert(client[kRunning] === 0 && client[kKeepAliveTimeoutValue])\n util.destroy(socket, new InformationalError('socket idle timeout'))\n }\n}\n\nasync function connectH1 (client, socket) {\n client[kSocket] = socket\n\n if (!llhttpInstance) {\n llhttpInstance = await llhttpPromise\n llhttpPromise = null\n }\n\n socket[kNoRef] = false\n socket[kWriting] = false\n socket[kReset] = false\n socket[kBlocking] = false\n socket[kParser] = new Parser(client, socket, llhttpInstance)\n\n addListener(socket, 'error', function (err) {\n assert(err.code !== 'ERR_TLS_CERT_ALTNAME_INVALID')\n\n const parser = this[kParser]\n\n // On Mac OS, we get an ECONNRESET even if there is a full body to be forwarded\n // to the user.\n if (err.code === 'ECONNRESET' && parser.statusCode && !parser.shouldKeepAlive) {\n // We treat all incoming data so for as a valid response.\n parser.onMessageComplete()\n return\n }\n\n this[kError] = err\n\n this[kClient][kOnError](err)\n })\n addListener(socket, 'readable', function () {\n const parser = this[kParser]\n\n if (parser) {\n parser.readMore()\n }\n })\n addListener(socket, 'end', function () {\n const parser = this[kParser]\n\n if (parser.statusCode && !parser.shouldKeepAlive) {\n // We treat all incoming data so far as a valid response.\n parser.onMessageComplete()\n return\n }\n\n util.destroy(this, new SocketError('other side closed', util.getSocketInfo(this)))\n })\n addListener(socket, 'close', function () {\n const client = this[kClient]\n const parser = this[kParser]\n\n if (parser) {\n if (!this[kError] && parser.statusCode && !parser.shouldKeepAlive) {\n // We treat all incoming data so far as a valid response.\n parser.onMessageComplete()\n }\n\n this[kParser].destroy()\n this[kParser] = null\n }\n\n const err = this[kError] || new SocketError('closed', util.getSocketInfo(this))\n\n client[kSocket] = null\n client[kHTTPContext] = null // TODO (fix): This is hacky...\n\n if (client.destroyed) {\n assert(client[kPending] === 0)\n\n // Fail entire queue.\n const requests = client[kQueue].splice(client[kRunningIdx])\n for (let i = 0; i < requests.length; i++) {\n const request = requests[i]\n util.errorRequest(client, request, err)\n }\n } else if (client[kRunning] > 0 && err.code !== 'UND_ERR_INFO') {\n // Fail head of pipeline.\n const request = client[kQueue][client[kRunningIdx]]\n client[kQueue][client[kRunningIdx]++] = null\n\n util.errorRequest(client, request, err)\n }\n\n client[kPendingIdx] = client[kRunningIdx]\n\n assert(client[kRunning] === 0)\n\n client.emit('disconnect', client[kUrl], [client], err)\n\n client[kResume]()\n })\n\n let closed = false\n socket.on('close', () => {\n closed = true\n })\n\n return {\n version: 'h1',\n defaultPipelining: 1,\n write (...args) {\n return writeH1(client, ...args)\n },\n resume () {\n resumeH1(client)\n },\n destroy (err, callback) {\n if (closed) {\n queueMicrotask(callback)\n } else {\n socket.destroy(err).on('close', callback)\n }\n },\n get destroyed () {\n return socket.destroyed\n },\n busy (request) {\n if (socket[kWriting] || socket[kReset] || socket[kBlocking]) {\n return true\n }\n\n if (request) {\n if (client[kRunning] > 0 && !request.idempotent) {\n // Non-idempotent request cannot be retried.\n // Ensure that no other requests are inflight and\n // could cause failure.\n return true\n }\n\n if (client[kRunning] > 0 && (request.upgrade || request.method === 'CONNECT')) {\n // Don't dispatch an upgrade until all preceding requests have completed.\n // A misbehaving server might upgrade the connection before all pipelined\n // request has completed.\n return true\n }\n\n if (client[kRunning] > 0 && util.bodyLength(request.body) !== 0 &&\n (util.isStream(request.body) || util.isAsyncIterable(request.body) || util.isFormDataLike(request.body))) {\n // Request with stream or iterator body can error while other requests\n // are inflight and indirectly error those as well.\n // Ensure this doesn't happen by waiting for inflight\n // to complete before dispatching.\n\n // Request with stream or iterator body cannot be retried.\n // Ensure that no other requests are inflight and\n // could cause failure.\n return true\n }\n }\n\n return false\n }\n }\n}\n\nfunction resumeH1 (client) {\n const socket = client[kSocket]\n\n if (socket && !socket.destroyed) {\n if (client[kSize] === 0) {\n if (!socket[kNoRef] && socket.unref) {\n socket.unref()\n socket[kNoRef] = true\n }\n } else if (socket[kNoRef] && socket.ref) {\n socket.ref()\n socket[kNoRef] = false\n }\n\n if (client[kSize] === 0) {\n if (socket[kParser].timeoutType !== TIMEOUT_KEEP_ALIVE) {\n socket[kParser].setTimeout(client[kKeepAliveTimeoutValue], TIMEOUT_KEEP_ALIVE)\n }\n } else if (client[kRunning] > 0 && socket[kParser].statusCode < 200) {\n if (socket[kParser].timeoutType !== TIMEOUT_HEADERS) {\n const request = client[kQueue][client[kRunningIdx]]\n const headersTimeout = request.headersTimeout != null\n ? request.headersTimeout\n : client[kHeadersTimeout]\n socket[kParser].setTimeout(headersTimeout, TIMEOUT_HEADERS)\n }\n }\n }\n}\n\n// https://www.rfc-editor.org/rfc/rfc7230#section-3.3.2\nfunction shouldSendContentLength (method) {\n return method !== 'GET' && method !== 'HEAD' && method !== 'OPTIONS' && method !== 'TRACE' && method !== 'CONNECT'\n}\n\nfunction writeH1 (client, request) {\n const { method, path, host, upgrade, blocking, reset } = request\n\n let { body, headers, contentLength } = request\n\n // https://tools.ietf.org/html/rfc7231#section-4.3.1\n // https://tools.ietf.org/html/rfc7231#section-4.3.2\n // https://tools.ietf.org/html/rfc7231#section-4.3.5\n\n // Sending a payload body on a request that does not\n // expect it can cause undefined behavior on some\n // servers and corrupt connection state. Do not\n // re-use the connection for further requests.\n\n const expectsPayload = (\n method === 'PUT' ||\n method === 'POST' ||\n method === 'PATCH' ||\n method === 'QUERY' ||\n method === 'PROPFIND' ||\n method === 'PROPPATCH'\n )\n\n if (util.isFormDataLike(body)) {\n if (!extractBody) {\n extractBody = require('../web/fetch/body.js').extractBody\n }\n\n const [bodyStream, contentType] = extractBody(body)\n if (request.contentType == null) {\n headers.push('content-type', contentType)\n }\n body = bodyStream.stream\n contentLength = bodyStream.length\n } else if (util.isBlobLike(body) && request.contentType == null && body.type) {\n headers.push('content-type', body.type)\n }\n\n if (body && typeof body.read === 'function') {\n // Try to read EOF in order to get length.\n body.read(0)\n }\n\n const bodyLength = util.bodyLength(body)\n\n contentLength = bodyLength ?? contentLength\n\n if (contentLength === null) {\n contentLength = request.contentLength\n }\n\n if (contentLength === 0 && !expectsPayload) {\n // https://tools.ietf.org/html/rfc7230#section-3.3.2\n // A user agent SHOULD NOT send a Content-Length header field when\n // the request message does not contain a payload body and the method\n // semantics do not anticipate such a body.\n\n contentLength = null\n }\n\n // https://github.com/nodejs/undici/issues/2046\n // A user agent may send a Content-Length header with 0 value, this should be allowed.\n if (shouldSendContentLength(method) && contentLength > 0 && request.contentLength !== null && request.contentLength !== contentLength) {\n if (client[kStrictContentLength]) {\n util.errorRequest(client, request, new RequestContentLengthMismatchError())\n return false\n }\n\n process.emitWarning(new RequestContentLengthMismatchError())\n }\n\n const socket = client[kSocket]\n\n const abort = (err) => {\n if (request.aborted || request.completed) {\n return\n }\n\n util.errorRequest(client, request, err || new RequestAbortedError())\n\n util.destroy(body)\n util.destroy(socket, new InformationalError('aborted'))\n }\n\n try {\n request.onConnect(abort)\n } catch (err) {\n util.errorRequest(client, request, err)\n }\n\n if (request.aborted) {\n return false\n }\n\n if (method === 'HEAD') {\n // https://github.com/mcollina/undici/issues/258\n // Close after a HEAD request to interop with misbehaving servers\n // that may send a body in the response.\n\n socket[kReset] = true\n }\n\n if (upgrade || method === 'CONNECT') {\n // On CONNECT or upgrade, block pipeline from dispatching further\n // requests on this connection.\n\n socket[kReset] = true\n }\n\n if (reset != null) {\n socket[kReset] = reset\n }\n\n if (client[kMaxRequests] && socket[kCounter]++ >= client[kMaxRequests]) {\n socket[kReset] = true\n }\n\n if (blocking) {\n socket[kBlocking] = true\n }\n\n let header = `${method} ${path} HTTP/1.1\\r\\n`\n\n if (typeof host === 'string') {\n header += `host: ${host}\\r\\n`\n } else {\n header += client[kHostHeader]\n }\n\n if (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n } else if (client[kPipelining] && !socket[kReset]) {\n header += 'connection: keep-alive\\r\\n'\n } else {\n header += 'connection: close\\r\\n'\n }\n\n if (Array.isArray(headers)) {\n for (let n = 0; n < headers.length; n += 2) {\n const key = headers[n + 0]\n const val = headers[n + 1]\n\n if (Array.isArray(val)) {\n for (let i = 0; i < val.length; i++) {\n header += `${key}: ${val[i]}\\r\\n`\n }\n } else {\n header += `${key}: ${val}\\r\\n`\n }\n }\n }\n\n if (channels.sendHeaders.hasSubscribers) {\n channels.sendHeaders.publish({ request, headers: header, socket })\n }\n\n /* istanbul ignore else: assertion */\n if (!body || bodyLength === 0) {\n writeBuffer(abort, null, client, request, socket, contentLength, header, expectsPayload)\n } else if (util.isBuffer(body)) {\n writeBuffer(abort, body, client, request, socket, contentLength, header, expectsPayload)\n } else if (util.isBlobLike(body)) {\n if (typeof body.stream === 'function') {\n writeIterable(abort, body.stream(), client, request, socket, contentLength, header, expectsPayload)\n } else {\n writeBlob(abort, body, client, request, socket, contentLength, header, expectsPayload)\n }\n } else if (util.isStream(body)) {\n writeStream(abort, body, client, request, socket, contentLength, header, expectsPayload)\n } else if (util.isIterable(body)) {\n writeIterable(abort, body, client, request, socket, contentLength, header, expectsPayload)\n } else {\n assert(false)\n }\n\n return true\n}\n\nfunction writeStream (abort, body, client, request, socket, contentLength, header, expectsPayload) {\n assert(contentLength !== 0 || client[kRunning] === 0, 'stream body cannot be pipelined')\n\n let finished = false\n\n const writer = new AsyncWriter({ abort, socket, request, contentLength, client, expectsPayload, header })\n\n const onData = function (chunk) {\n if (finished) {\n return\n }\n\n try {\n if (!writer.write(chunk) && this.pause) {\n this.pause()\n }\n } catch (err) {\n util.destroy(this, err)\n }\n }\n const onDrain = function () {\n if (finished) {\n return\n }\n\n if (body.resume) {\n body.resume()\n }\n }\n const onClose = function () {\n // 'close' might be emitted *before* 'error' for\n // broken streams. Wait a tick to avoid this case.\n queueMicrotask(() => {\n // It's only safe to remove 'error' listener after\n // 'close'.\n body.removeListener('error', onFinished)\n })\n\n if (!finished) {\n const err = new RequestAbortedError()\n queueMicrotask(() => onFinished(err))\n }\n }\n const onFinished = function (err) {\n if (finished) {\n return\n }\n\n finished = true\n\n assert(socket.destroyed || (socket[kWriting] && client[kRunning] <= 1))\n\n socket\n .off('drain', onDrain)\n .off('error', onFinished)\n\n body\n .removeListener('data', onData)\n .removeListener('end', onFinished)\n .removeListener('close', onClose)\n\n if (!err) {\n try {\n writer.end()\n } catch (er) {\n err = er\n }\n }\n\n writer.destroy(err)\n\n if (err && (err.code !== 'UND_ERR_INFO' || err.message !== 'reset')) {\n util.destroy(body, err)\n } else {\n util.destroy(body)\n }\n }\n\n body\n .on('data', onData)\n .on('end', onFinished)\n .on('error', onFinished)\n .on('close', onClose)\n\n if (body.resume) {\n body.resume()\n }\n\n socket\n .on('drain', onDrain)\n .on('error', onFinished)\n\n if (body.errorEmitted ?? body.errored) {\n setImmediate(() => onFinished(body.errored))\n } else if (body.endEmitted ?? body.readableEnded) {\n setImmediate(() => onFinished(null))\n }\n\n if (body.closeEmitted ?? body.closed) {\n setImmediate(onClose)\n }\n}\n\nfunction writeBuffer (abort, body, client, request, socket, contentLength, header, expectsPayload) {\n try {\n if (!body) {\n if (contentLength === 0) {\n socket.write(`${header}content-length: 0\\r\\n\\r\\n`, 'latin1')\n } else {\n assert(contentLength === null, 'no body must not have content length')\n socket.write(`${header}\\r\\n`, 'latin1')\n }\n } else if (util.isBuffer(body)) {\n assert(contentLength === body.byteLength, 'buffer body must have content length')\n\n socket.cork()\n socket.write(`${header}content-length: ${contentLength}\\r\\n\\r\\n`, 'latin1')\n socket.write(body)\n socket.uncork()\n request.onBodySent(body)\n\n if (!expectsPayload && request.reset !== false) {\n socket[kReset] = true\n }\n }\n request.onRequestSent()\n\n client[kResume]()\n } catch (err) {\n abort(err)\n }\n}\n\nasync function writeBlob (abort, body, client, request, socket, contentLength, header, expectsPayload) {\n assert(contentLength === body.size, 'blob body must have content length')\n\n try {\n if (contentLength != null && contentLength !== body.size) {\n throw new RequestContentLengthMismatchError()\n }\n\n const buffer = Buffer.from(await body.arrayBuffer())\n\n socket.cork()\n socket.write(`${header}content-length: ${contentLength}\\r\\n\\r\\n`, 'latin1')\n socket.write(buffer)\n socket.uncork()\n\n request.onBodySent(buffer)\n request.onRequestSent()\n\n if (!expectsPayload && request.reset !== false) {\n socket[kReset] = true\n }\n\n client[kResume]()\n } catch (err) {\n abort(err)\n }\n}\n\nasync function writeIterable (abort, body, client, request, socket, contentLength, header, expectsPayload) {\n assert(contentLength !== 0 || client[kRunning] === 0, 'iterator body cannot be pipelined')\n\n let callback = null\n function onDrain () {\n if (callback) {\n const cb = callback\n callback = null\n cb()\n }\n }\n\n const waitForDrain = () => new Promise((resolve, reject) => {\n assert(callback === null)\n\n if (socket[kError]) {\n reject(socket[kError])\n } else {\n callback = resolve\n }\n })\n\n socket\n .on('close', onDrain)\n .on('drain', onDrain)\n\n const writer = new AsyncWriter({ abort, socket, request, contentLength, client, expectsPayload, header })\n try {\n // It's up to the user to somehow abort the async iterable.\n for await (const chunk of body) {\n if (socket[kError]) {\n throw socket[kError]\n }\n\n if (!writer.write(chunk)) {\n await waitForDrain()\n }\n }\n\n writer.end()\n } catch (err) {\n writer.destroy(err)\n } finally {\n socket\n .off('close', onDrain)\n .off('drain', onDrain)\n }\n}\n\nclass AsyncWriter {\n constructor ({ abort, socket, request, contentLength, client, expectsPayload, header }) {\n this.socket = socket\n this.request = request\n this.contentLength = contentLength\n this.client = client\n this.bytesWritten = 0\n this.expectsPayload = expectsPayload\n this.header = header\n this.abort = abort\n\n socket[kWriting] = true\n }\n\n write (chunk) {\n const { socket, request, contentLength, client, bytesWritten, expectsPayload, header } = this\n\n if (socket[kError]) {\n throw socket[kError]\n }\n\n if (socket.destroyed) {\n return false\n }\n\n const len = Buffer.byteLength(chunk)\n if (!len) {\n return true\n }\n\n // We should defer writing chunks.\n if (contentLength !== null && bytesWritten + len > contentLength) {\n if (client[kStrictContentLength]) {\n throw new RequestContentLengthMismatchError()\n }\n\n process.emitWarning(new RequestContentLengthMismatchError())\n }\n\n socket.cork()\n\n if (bytesWritten === 0) {\n if (!expectsPayload && request.reset !== false) {\n socket[kReset] = true\n }\n\n if (contentLength === null) {\n socket.write(`${header}transfer-encoding: chunked\\r\\n`, 'latin1')\n } else {\n socket.write(`${header}content-length: ${contentLength}\\r\\n\\r\\n`, 'latin1')\n }\n }\n\n if (contentLength === null) {\n socket.write(`\\r\\n${len.toString(16)}\\r\\n`, 'latin1')\n }\n\n this.bytesWritten += len\n\n const ret = socket.write(chunk)\n\n socket.uncork()\n\n request.onBodySent(chunk)\n\n if (!ret) {\n if (socket[kParser].timeout && socket[kParser].timeoutType === TIMEOUT_HEADERS) {\n // istanbul ignore else: only for jest\n if (socket[kParser].timeout.refresh) {\n socket[kParser].timeout.refresh()\n }\n }\n }\n\n return ret\n }\n\n end () {\n const { socket, contentLength, client, bytesWritten, expectsPayload, header, request } = this\n request.onRequestSent()\n\n socket[kWriting] = false\n\n if (socket[kError]) {\n throw socket[kError]\n }\n\n if (socket.destroyed) {\n return\n }\n\n if (bytesWritten === 0) {\n if (expectsPayload) {\n // https://tools.ietf.org/html/rfc7230#section-3.3.2\n // A user agent SHOULD send a Content-Length in a request message when\n // no Transfer-Encoding is sent and the request method defines a meaning\n // for an enclosed payload body.\n\n socket.write(`${header}content-length: 0\\r\\n\\r\\n`, 'latin1')\n } else {\n socket.write(`${header}\\r\\n`, 'latin1')\n }\n } else if (contentLength === null) {\n socket.write('\\r\\n0\\r\\n\\r\\n', 'latin1')\n }\n\n if (contentLength !== null && bytesWritten !== contentLength) {\n if (client[kStrictContentLength]) {\n throw new RequestContentLengthMismatchError()\n } else {\n process.emitWarning(new RequestContentLengthMismatchError())\n }\n }\n\n if (socket[kParser].timeout && socket[kParser].timeoutType === TIMEOUT_HEADERS) {\n // istanbul ignore else: only for jest\n if (socket[kParser].timeout.refresh) {\n socket[kParser].timeout.refresh()\n }\n }\n\n client[kResume]()\n }\n\n destroy (err) {\n const { socket, client, abort } = this\n\n socket[kWriting] = false\n\n if (err) {\n assert(client[kRunning] <= 1, 'pipeline should only contain this request')\n abort(err)\n }\n }\n}\n\nmodule.exports = connectH1\n","'use strict'\n\nconst assert = require('node:assert')\nconst { pipeline } = require('node:stream')\nconst util = require('../core/util.js')\nconst {\n RequestContentLengthMismatchError,\n RequestAbortedError,\n SocketError,\n InformationalError\n} = require('../core/errors.js')\nconst {\n kUrl,\n kReset,\n kClient,\n kRunning,\n kPending,\n kQueue,\n kPendingIdx,\n kRunningIdx,\n kError,\n kSocket,\n kStrictContentLength,\n kOnError,\n kMaxConcurrentStreams,\n kHTTP2Session,\n kResume,\n kSize,\n kHTTPContext\n} = require('../core/symbols.js')\n\nconst kOpenStreams = Symbol('open streams')\n\nlet extractBody\n\n// Experimental\nlet h2ExperimentalWarned = false\n\n/** @type {import('http2')} */\nlet http2\ntry {\n http2 = require('node:http2')\n} catch {\n // @ts-ignore\n http2 = { constants: {} }\n}\n\nconst {\n constants: {\n HTTP2_HEADER_AUTHORITY,\n HTTP2_HEADER_METHOD,\n HTTP2_HEADER_PATH,\n HTTP2_HEADER_SCHEME,\n HTTP2_HEADER_CONTENT_LENGTH,\n HTTP2_HEADER_EXPECT,\n HTTP2_HEADER_STATUS\n }\n} = http2\n\nfunction parseH2Headers (headers) {\n const result = []\n\n for (const [name, value] of Object.entries(headers)) {\n // h2 may concat the header value by array\n // e.g. Set-Cookie\n if (Array.isArray(value)) {\n for (const subvalue of value) {\n // we need to provide each header value of header name\n // because the headers handler expect name-value pair\n result.push(Buffer.from(name), Buffer.from(subvalue))\n }\n } else {\n result.push(Buffer.from(name), Buffer.from(value))\n }\n }\n\n return result\n}\n\nasync function connectH2 (client, socket) {\n client[kSocket] = socket\n\n if (!h2ExperimentalWarned) {\n h2ExperimentalWarned = true\n process.emitWarning('H2 support is experimental, expect them to change at any time.', {\n code: 'UNDICI-H2'\n })\n }\n\n const session = http2.connect(client[kUrl], {\n createConnection: () => socket,\n peerMaxConcurrentStreams: client[kMaxConcurrentStreams]\n })\n\n session[kOpenStreams] = 0\n session[kClient] = client\n session[kSocket] = socket\n\n util.addListener(session, 'error', onHttp2SessionError)\n util.addListener(session, 'frameError', onHttp2FrameError)\n util.addListener(session, 'end', onHttp2SessionEnd)\n util.addListener(session, 'goaway', onHTTP2GoAway)\n util.addListener(session, 'close', function () {\n const { [kClient]: client } = this\n const { [kSocket]: socket } = client\n\n const err = this[kSocket][kError] || this[kError] || new SocketError('closed', util.getSocketInfo(socket))\n\n client[kHTTP2Session] = null\n\n if (client.destroyed) {\n assert(client[kPending] === 0)\n\n // Fail entire queue.\n const requests = client[kQueue].splice(client[kRunningIdx])\n for (let i = 0; i < requests.length; i++) {\n const request = requests[i]\n util.errorRequest(client, request, err)\n }\n }\n })\n\n session.unref()\n\n client[kHTTP2Session] = session\n socket[kHTTP2Session] = session\n\n util.addListener(socket, 'error', function (err) {\n assert(err.code !== 'ERR_TLS_CERT_ALTNAME_INVALID')\n\n this[kError] = err\n\n this[kClient][kOnError](err)\n })\n\n util.addListener(socket, 'end', function () {\n util.destroy(this, new SocketError('other side closed', util.getSocketInfo(this)))\n })\n\n util.addListener(socket, 'close', function () {\n const err = this[kError] || new SocketError('closed', util.getSocketInfo(this))\n\n client[kSocket] = null\n\n if (this[kHTTP2Session] != null) {\n this[kHTTP2Session].destroy(err)\n }\n\n client[kPendingIdx] = client[kRunningIdx]\n\n assert(client[kRunning] === 0)\n\n client.emit('disconnect', client[kUrl], [client], err)\n\n client[kResume]()\n })\n\n let closed = false\n socket.on('close', () => {\n closed = true\n })\n\n return {\n version: 'h2',\n defaultPipelining: Infinity,\n write (...args) {\n return writeH2(client, ...args)\n },\n resume () {\n resumeH2(client)\n },\n destroy (err, callback) {\n if (closed) {\n queueMicrotask(callback)\n } else {\n // Destroying the socket will trigger the session close\n socket.destroy(err).on('close', callback)\n }\n },\n get destroyed () {\n return socket.destroyed\n },\n busy () {\n return false\n }\n }\n}\n\nfunction resumeH2 (client) {\n const socket = client[kSocket]\n\n if (socket?.destroyed === false) {\n if (client[kSize] === 0 && client[kMaxConcurrentStreams] === 0) {\n socket.unref()\n client[kHTTP2Session].unref()\n } else {\n socket.ref()\n client[kHTTP2Session].ref()\n }\n }\n}\n\nfunction onHttp2SessionError (err) {\n assert(err.code !== 'ERR_TLS_CERT_ALTNAME_INVALID')\n\n this[kSocket][kError] = err\n this[kClient][kOnError](err)\n}\n\nfunction onHttp2FrameError (type, code, id) {\n if (id === 0) {\n const err = new InformationalError(`HTTP/2: \"frameError\" received - type ${type}, code ${code}`)\n this[kSocket][kError] = err\n this[kClient][kOnError](err)\n }\n}\n\nfunction onHttp2SessionEnd () {\n const err = new SocketError('other side closed', util.getSocketInfo(this[kSocket]))\n this.destroy(err)\n util.destroy(this[kSocket], err)\n}\n\n/**\n * This is the root cause of #3011\n * We need to handle GOAWAY frames properly, and trigger the session close\n * along with the socket right away\n */\nfunction onHTTP2GoAway (code) {\n // We cannot recover, so best to close the session and the socket\n const err = this[kError] || new SocketError(`HTTP/2: \"GOAWAY\" frame received with code ${code}`, util.getSocketInfo(this))\n const client = this[kClient]\n\n client[kSocket] = null\n client[kHTTPContext] = null\n\n if (this[kHTTP2Session] != null) {\n this[kHTTP2Session].destroy(err)\n this[kHTTP2Session] = null\n }\n\n util.destroy(this[kSocket], err)\n\n // Fail head of pipeline.\n if (client[kRunningIdx] < client[kQueue].length) {\n const request = client[kQueue][client[kRunningIdx]]\n client[kQueue][client[kRunningIdx]++] = null\n util.errorRequest(client, request, err)\n client[kPendingIdx] = client[kRunningIdx]\n }\n\n assert(client[kRunning] === 0)\n\n client.emit('disconnect', client[kUrl], [client], err)\n\n client[kResume]()\n}\n\n// https://www.rfc-editor.org/rfc/rfc7230#section-3.3.2\nfunction shouldSendContentLength (method) {\n return method !== 'GET' && method !== 'HEAD' && method !== 'OPTIONS' && method !== 'TRACE' && method !== 'CONNECT'\n}\n\nfunction writeH2 (client, request) {\n const session = client[kHTTP2Session]\n const { method, path, host, upgrade, expectContinue, signal, headers: reqHeaders } = request\n let { body } = request\n\n if (upgrade) {\n util.errorRequest(client, request, new Error('Upgrade not supported for H2'))\n return false\n }\n\n const headers = {}\n for (let n = 0; n < reqHeaders.length; n += 2) {\n const key = reqHeaders[n + 0]\n const val = reqHeaders[n + 1]\n\n if (Array.isArray(val)) {\n for (let i = 0; i < val.length; i++) {\n if (headers[key]) {\n headers[key] += `,${val[i]}`\n } else {\n headers[key] = val[i]\n }\n }\n } else {\n headers[key] = val\n }\n }\n\n /** @type {import('node:http2').ClientHttp2Stream} */\n let stream\n\n const { hostname, port } = client[kUrl]\n\n headers[HTTP2_HEADER_AUTHORITY] = host || `${hostname}${port ? `:${port}` : ''}`\n headers[HTTP2_HEADER_METHOD] = method\n\n const abort = (err) => {\n if (request.aborted || request.completed) {\n return\n }\n\n err = err || new RequestAbortedError()\n\n util.errorRequest(client, request, err)\n\n if (stream != null) {\n util.destroy(stream, err)\n }\n\n // We do not destroy the socket as we can continue using the session\n // the stream get's destroyed and the session remains to create new streams\n util.destroy(body, err)\n client[kQueue][client[kRunningIdx]++] = null\n client[kResume]()\n }\n\n try {\n // We are already connected, streams are pending.\n // We can call on connect, and wait for abort\n request.onConnect(abort)\n } catch (err) {\n util.errorRequest(client, request, err)\n }\n\n if (request.aborted) {\n return false\n }\n\n if (method === 'CONNECT') {\n session.ref()\n // We are already connected, streams are pending, first request\n // will create a new stream. We trigger a request to create the stream and wait until\n // `ready` event is triggered\n // We disabled endStream to allow the user to write to the stream\n stream = session.request(headers, { endStream: false, signal })\n\n if (stream.id && !stream.pending) {\n request.onUpgrade(null, null, stream)\n ++session[kOpenStreams]\n client[kQueue][client[kRunningIdx]++] = null\n } else {\n stream.once('ready', () => {\n request.onUpgrade(null, null, stream)\n ++session[kOpenStreams]\n client[kQueue][client[kRunningIdx]++] = null\n })\n }\n\n stream.once('close', () => {\n session[kOpenStreams] -= 1\n if (session[kOpenStreams] === 0) session.unref()\n })\n\n return true\n }\n\n // https://tools.ietf.org/html/rfc7540#section-8.3\n // :path and :scheme headers must be omitted when sending CONNECT\n\n headers[HTTP2_HEADER_PATH] = path\n headers[HTTP2_HEADER_SCHEME] = 'https'\n\n // https://tools.ietf.org/html/rfc7231#section-4.3.1\n // https://tools.ietf.org/html/rfc7231#section-4.3.2\n // https://tools.ietf.org/html/rfc7231#section-4.3.5\n\n // Sending a payload body on a request that does not\n // expect it can cause undefined behavior on some\n // servers and corrupt connection state. Do not\n // re-use the connection for further requests.\n\n const expectsPayload = (\n method === 'PUT' ||\n method === 'POST' ||\n method === 'PATCH'\n )\n\n if (body && typeof body.read === 'function') {\n // Try to read EOF in order to get length.\n body.read(0)\n }\n\n let contentLength = util.bodyLength(body)\n\n if (util.isFormDataLike(body)) {\n extractBody ??= require('../web/fetch/body.js').extractBody\n\n const [bodyStream, contentType] = extractBody(body)\n headers['content-type'] = contentType\n\n body = bodyStream.stream\n contentLength = bodyStream.length\n }\n\n if (contentLength == null) {\n contentLength = request.contentLength\n }\n\n if (contentLength === 0 || !expectsPayload) {\n // https://tools.ietf.org/html/rfc7230#section-3.3.2\n // A user agent SHOULD NOT send a Content-Length header field when\n // the request message does not contain a payload body and the method\n // semantics do not anticipate such a body.\n\n contentLength = null\n }\n\n // https://github.com/nodejs/undici/issues/2046\n // A user agent may send a Content-Length header with 0 value, this should be allowed.\n if (shouldSendContentLength(method) && contentLength > 0 && request.contentLength != null && request.contentLength !== contentLength) {\n if (client[kStrictContentLength]) {\n util.errorRequest(client, request, new RequestContentLengthMismatchError())\n return false\n }\n\n process.emitWarning(new RequestContentLengthMismatchError())\n }\n\n if (contentLength != null) {\n assert(body, 'no body must not have content length')\n headers[HTTP2_HEADER_CONTENT_LENGTH] = `${contentLength}`\n }\n\n session.ref()\n\n const shouldEndStream = method === 'GET' || method === 'HEAD' || body === null\n if (expectContinue) {\n headers[HTTP2_HEADER_EXPECT] = '100-continue'\n stream = session.request(headers, { endStream: shouldEndStream, signal })\n\n stream.once('continue', writeBodyH2)\n } else {\n stream = session.request(headers, {\n endStream: shouldEndStream,\n signal\n })\n writeBodyH2()\n }\n\n // Increment counter as we have new streams open\n ++session[kOpenStreams]\n\n stream.once('response', headers => {\n const { [HTTP2_HEADER_STATUS]: statusCode, ...realHeaders } = headers\n request.onResponseStarted()\n\n // Due to the stream nature, it is possible we face a race condition\n // where the stream has been assigned, but the request has been aborted\n // the request remains in-flight and headers hasn't been received yet\n // for those scenarios, best effort is to destroy the stream immediately\n // as there's no value to keep it open.\n if (request.aborted) {\n const err = new RequestAbortedError()\n util.errorRequest(client, request, err)\n util.destroy(stream, err)\n return\n }\n\n if (request.onHeaders(Number(statusCode), parseH2Headers(realHeaders), stream.resume.bind(stream), '') === false) {\n stream.pause()\n }\n\n stream.on('data', (chunk) => {\n if (request.onData(chunk) === false) {\n stream.pause()\n }\n })\n })\n\n stream.once('end', () => {\n // When state is null, it means we haven't consumed body and the stream still do not have\n // a state.\n // Present specially when using pipeline or stream\n if (stream.state?.state == null || stream.state.state < 6) {\n request.onComplete([])\n }\n\n if (session[kOpenStreams] === 0) {\n // Stream is closed or half-closed-remote (6), decrement counter and cleanup\n // It does not have sense to continue working with the stream as we do not\n // have yet RST_STREAM support on client-side\n\n session.unref()\n }\n\n abort(new InformationalError('HTTP/2: stream half-closed (remote)'))\n client[kQueue][client[kRunningIdx]++] = null\n client[kPendingIdx] = client[kRunningIdx]\n client[kResume]()\n })\n\n stream.once('close', () => {\n session[kOpenStreams] -= 1\n if (session[kOpenStreams] === 0) {\n session.unref()\n }\n })\n\n stream.once('error', function (err) {\n abort(err)\n })\n\n stream.once('frameError', (type, code) => {\n abort(new InformationalError(`HTTP/2: \"frameError\" received - type ${type}, code ${code}`))\n })\n\n // stream.on('aborted', () => {\n // // TODO(HTTP/2): Support aborted\n // })\n\n // stream.on('timeout', () => {\n // // TODO(HTTP/2): Support timeout\n // })\n\n // stream.on('push', headers => {\n // // TODO(HTTP/2): Support push\n // })\n\n // stream.on('trailers', headers => {\n // // TODO(HTTP/2): Support trailers\n // })\n\n return true\n\n function writeBodyH2 () {\n /* istanbul ignore else: assertion */\n if (!body || contentLength === 0) {\n writeBuffer(\n abort,\n stream,\n null,\n client,\n request,\n client[kSocket],\n contentLength,\n expectsPayload\n )\n } else if (util.isBuffer(body)) {\n writeBuffer(\n abort,\n stream,\n body,\n client,\n request,\n client[kSocket],\n contentLength,\n expectsPayload\n )\n } else if (util.isBlobLike(body)) {\n if (typeof body.stream === 'function') {\n writeIterable(\n abort,\n stream,\n body.stream(),\n client,\n request,\n client[kSocket],\n contentLength,\n expectsPayload\n )\n } else {\n writeBlob(\n abort,\n stream,\n body,\n client,\n request,\n client[kSocket],\n contentLength,\n expectsPayload\n )\n }\n } else if (util.isStream(body)) {\n writeStream(\n abort,\n client[kSocket],\n expectsPayload,\n stream,\n body,\n client,\n request,\n contentLength\n )\n } else if (util.isIterable(body)) {\n writeIterable(\n abort,\n stream,\n body,\n client,\n request,\n client[kSocket],\n contentLength,\n expectsPayload\n )\n } else {\n assert(false)\n }\n }\n}\n\nfunction writeBuffer (abort, h2stream, body, client, request, socket, contentLength, expectsPayload) {\n try {\n if (body != null && util.isBuffer(body)) {\n assert(contentLength === body.byteLength, 'buffer body must have content length')\n h2stream.cork()\n h2stream.write(body)\n h2stream.uncork()\n h2stream.end()\n\n request.onBodySent(body)\n }\n\n if (!expectsPayload) {\n socket[kReset] = true\n }\n\n request.onRequestSent()\n client[kResume]()\n } catch (error) {\n abort(error)\n }\n}\n\nfunction writeStream (abort, socket, expectsPayload, h2stream, body, client, request, contentLength) {\n assert(contentLength !== 0 || client[kRunning] === 0, 'stream body cannot be pipelined')\n\n // For HTTP/2, is enough to pipe the stream\n const pipe = pipeline(\n body,\n h2stream,\n (err) => {\n if (err) {\n util.destroy(pipe, err)\n abort(err)\n } else {\n util.removeAllListeners(pipe)\n request.onRequestSent()\n\n if (!expectsPayload) {\n socket[kReset] = true\n }\n\n client[kResume]()\n }\n }\n )\n\n util.addListener(pipe, 'data', onPipeData)\n\n function onPipeData (chunk) {\n request.onBodySent(chunk)\n }\n}\n\nasync function writeBlob (abort, h2stream, body, client, request, socket, contentLength, expectsPayload) {\n assert(contentLength === body.size, 'blob body must have content length')\n\n try {\n if (contentLength != null && contentLength !== body.size) {\n throw new RequestContentLengthMismatchError()\n }\n\n const buffer = Buffer.from(await body.arrayBuffer())\n\n h2stream.cork()\n h2stream.write(buffer)\n h2stream.uncork()\n h2stream.end()\n\n request.onBodySent(buffer)\n request.onRequestSent()\n\n if (!expectsPayload) {\n socket[kReset] = true\n }\n\n client[kResume]()\n } catch (err) {\n abort(err)\n }\n}\n\nasync function writeIterable (abort, h2stream, body, client, request, socket, contentLength, expectsPayload) {\n assert(contentLength !== 0 || client[kRunning] === 0, 'iterator body cannot be pipelined')\n\n let callback = null\n function onDrain () {\n if (callback) {\n const cb = callback\n callback = null\n cb()\n }\n }\n\n const waitForDrain = () => new Promise((resolve, reject) => {\n assert(callback === null)\n\n if (socket[kError]) {\n reject(socket[kError])\n } else {\n callback = resolve\n }\n })\n\n h2stream\n .on('close', onDrain)\n .on('drain', onDrain)\n\n try {\n // It's up to the user to somehow abort the async iterable.\n for await (const chunk of body) {\n if (socket[kError]) {\n throw socket[kError]\n }\n\n const res = h2stream.write(chunk)\n request.onBodySent(chunk)\n if (!res) {\n await waitForDrain()\n }\n }\n\n h2stream.end()\n\n request.onRequestSent()\n\n if (!expectsPayload) {\n socket[kReset] = true\n }\n\n client[kResume]()\n } catch (err) {\n abort(err)\n } finally {\n h2stream\n .off('close', onDrain)\n .off('drain', onDrain)\n }\n}\n\nmodule.exports = connectH2\n","// @ts-check\n\n'use strict'\n\nconst assert = require('node:assert')\nconst net = require('node:net')\nconst http = require('node:http')\nconst util = require('../core/util.js')\nconst { channels } = require('../core/diagnostics.js')\nconst Request = require('../core/request.js')\nconst DispatcherBase = require('./dispatcher-base')\nconst {\n InvalidArgumentError,\n InformationalError,\n ClientDestroyedError\n} = require('../core/errors.js')\nconst buildConnector = require('../core/connect.js')\nconst {\n kUrl,\n kServerName,\n kClient,\n kBusy,\n kConnect,\n kResuming,\n kRunning,\n kPending,\n kSize,\n kQueue,\n kConnected,\n kConnecting,\n kNeedDrain,\n kKeepAliveDefaultTimeout,\n kHostHeader,\n kPendingIdx,\n kRunningIdx,\n kError,\n kPipelining,\n kKeepAliveTimeoutValue,\n kMaxHeadersSize,\n kKeepAliveMaxTimeout,\n kKeepAliveTimeoutThreshold,\n kHeadersTimeout,\n kBodyTimeout,\n kStrictContentLength,\n kConnector,\n kMaxRedirections,\n kMaxRequests,\n kCounter,\n kClose,\n kDestroy,\n kDispatch,\n kInterceptors,\n kLocalAddress,\n kMaxResponseSize,\n kOnError,\n kHTTPContext,\n kMaxConcurrentStreams,\n kResume\n} = require('../core/symbols.js')\nconst connectH1 = require('./client-h1.js')\nconst connectH2 = require('./client-h2.js')\nlet deprecatedInterceptorWarned = false\n\nconst kClosedResolve = Symbol('kClosedResolve')\n\nconst noop = () => {}\n\nfunction getPipelining (client) {\n return client[kPipelining] ?? client[kHTTPContext]?.defaultPipelining ?? 1\n}\n\n/**\n * @type {import('../../types/client.js').default}\n */\nclass Client extends DispatcherBase {\n /**\n *\n * @param {string|URL} url\n * @param {import('../../types/client.js').Client.Options} options\n */\n constructor (url, {\n interceptors,\n maxHeaderSize,\n headersTimeout,\n socketTimeout,\n requestTimeout,\n connectTimeout,\n bodyTimeout,\n idleTimeout,\n keepAlive,\n keepAliveTimeout,\n maxKeepAliveTimeout,\n keepAliveMaxTimeout,\n keepAliveTimeoutThreshold,\n socketPath,\n pipelining,\n tls,\n strictContentLength,\n maxCachedSessions,\n maxRedirections,\n connect,\n maxRequestsPerClient,\n localAddress,\n maxResponseSize,\n autoSelectFamily,\n autoSelectFamilyAttemptTimeout,\n // h2\n maxConcurrentStreams,\n allowH2\n } = {}) {\n super()\n\n if (keepAlive !== undefined) {\n throw new InvalidArgumentError('unsupported keepAlive, use pipelining=0 instead')\n }\n\n if (socketTimeout !== undefined) {\n throw new InvalidArgumentError('unsupported socketTimeout, use headersTimeout & bodyTimeout instead')\n }\n\n if (requestTimeout !== undefined) {\n throw new InvalidArgumentError('unsupported requestTimeout, use headersTimeout & bodyTimeout instead')\n }\n\n if (idleTimeout !== undefined) {\n throw new InvalidArgumentError('unsupported idleTimeout, use keepAliveTimeout instead')\n }\n\n if (maxKeepAliveTimeout !== undefined) {\n throw new InvalidArgumentError('unsupported maxKeepAliveTimeout, use keepAliveMaxTimeout instead')\n }\n\n if (maxHeaderSize != null && !Number.isFinite(maxHeaderSize)) {\n throw new InvalidArgumentError('invalid maxHeaderSize')\n }\n\n if (socketPath != null && typeof socketPath !== 'string') {\n throw new InvalidArgumentError('invalid socketPath')\n }\n\n if (connectTimeout != null && (!Number.isFinite(connectTimeout) || connectTimeout < 0)) {\n throw new InvalidArgumentError('invalid connectTimeout')\n }\n\n if (keepAliveTimeout != null && (!Number.isFinite(keepAliveTimeout) || keepAliveTimeout <= 0)) {\n throw new InvalidArgumentError('invalid keepAliveTimeout')\n }\n\n if (keepAliveMaxTimeout != null && (!Number.isFinite(keepAliveMaxTimeout) || keepAliveMaxTimeout <= 0)) {\n throw new InvalidArgumentError('invalid keepAliveMaxTimeout')\n }\n\n if (keepAliveTimeoutThreshold != null && !Number.isFinite(keepAliveTimeoutThreshold)) {\n throw new InvalidArgumentError('invalid keepAliveTimeoutThreshold')\n }\n\n if (headersTimeout != null && (!Number.isInteger(headersTimeout) || headersTimeout < 0)) {\n throw new InvalidArgumentError('headersTimeout must be a positive integer or zero')\n }\n\n if (bodyTimeout != null && (!Number.isInteger(bodyTimeout) || bodyTimeout < 0)) {\n throw new InvalidArgumentError('bodyTimeout must be a positive integer or zero')\n }\n\n if (connect != null && typeof connect !== 'function' && typeof connect !== 'object') {\n throw new InvalidArgumentError('connect must be a function or an object')\n }\n\n if (maxRedirections != null && (!Number.isInteger(maxRedirections) || maxRedirections < 0)) {\n throw new InvalidArgumentError('maxRedirections must be a positive number')\n }\n\n if (maxRequestsPerClient != null && (!Number.isInteger(maxRequestsPerClient) || maxRequestsPerClient < 0)) {\n throw new InvalidArgumentError('maxRequestsPerClient must be a positive number')\n }\n\n if (localAddress != null && (typeof localAddress !== 'string' || net.isIP(localAddress) === 0)) {\n throw new InvalidArgumentError('localAddress must be valid string IP address')\n }\n\n if (maxResponseSize != null && (!Number.isInteger(maxResponseSize) || maxResponseSize < -1)) {\n throw new InvalidArgumentError('maxResponseSize must be a positive number')\n }\n\n if (\n autoSelectFamilyAttemptTimeout != null &&\n (!Number.isInteger(autoSelectFamilyAttemptTimeout) || autoSelectFamilyAttemptTimeout < -1)\n ) {\n throw new InvalidArgumentError('autoSelectFamilyAttemptTimeout must be a positive number')\n }\n\n // h2\n if (allowH2 != null && typeof allowH2 !== 'boolean') {\n throw new InvalidArgumentError('allowH2 must be a valid boolean value')\n }\n\n if (maxConcurrentStreams != null && (typeof maxConcurrentStreams !== 'number' || maxConcurrentStreams < 1)) {\n throw new InvalidArgumentError('maxConcurrentStreams must be a positive integer, greater than 0')\n }\n\n if (typeof connect !== 'function') {\n connect = buildConnector({\n ...tls,\n maxCachedSessions,\n allowH2,\n socketPath,\n timeout: connectTimeout,\n ...(autoSelectFamily ? { autoSelectFamily, autoSelectFamilyAttemptTimeout } : undefined),\n ...connect\n })\n }\n\n if (interceptors?.Client && Array.isArray(interceptors.Client)) {\n this[kInterceptors] = interceptors.Client\n if (!deprecatedInterceptorWarned) {\n deprecatedInterceptorWarned = true\n process.emitWarning('Client.Options#interceptor is deprecated. Use Dispatcher#compose instead.', {\n code: 'UNDICI-CLIENT-INTERCEPTOR-DEPRECATED'\n })\n }\n } else {\n this[kInterceptors] = [createRedirectInterceptor({ maxRedirections })]\n }\n\n this[kUrl] = util.parseOrigin(url)\n this[kConnector] = connect\n this[kPipelining] = pipelining != null ? pipelining : 1\n this[kMaxHeadersSize] = maxHeaderSize || http.maxHeaderSize\n this[kKeepAliveDefaultTimeout] = keepAliveTimeout == null ? 4e3 : keepAliveTimeout\n this[kKeepAliveMaxTimeout] = keepAliveMaxTimeout == null ? 600e3 : keepAliveMaxTimeout\n this[kKeepAliveTimeoutThreshold] = keepAliveTimeoutThreshold == null ? 2e3 : keepAliveTimeoutThreshold\n this[kKeepAliveTimeoutValue] = this[kKeepAliveDefaultTimeout]\n this[kServerName] = null\n this[kLocalAddress] = localAddress != null ? localAddress : null\n this[kResuming] = 0 // 0, idle, 1, scheduled, 2 resuming\n this[kNeedDrain] = 0 // 0, idle, 1, scheduled, 2 resuming\n this[kHostHeader] = `host: ${this[kUrl].hostname}${this[kUrl].port ? `:${this[kUrl].port}` : ''}\\r\\n`\n this[kBodyTimeout] = bodyTimeout != null ? bodyTimeout : 300e3\n this[kHeadersTimeout] = headersTimeout != null ? headersTimeout : 300e3\n this[kStrictContentLength] = strictContentLength == null ? true : strictContentLength\n this[kMaxRedirections] = maxRedirections\n this[kMaxRequests] = maxRequestsPerClient\n this[kClosedResolve] = null\n this[kMaxResponseSize] = maxResponseSize > -1 ? maxResponseSize : -1\n this[kMaxConcurrentStreams] = maxConcurrentStreams != null ? maxConcurrentStreams : 100 // Max peerConcurrentStreams for a Node h2 server\n this[kHTTPContext] = null\n\n // kQueue is built up of 3 sections separated by\n // the kRunningIdx and kPendingIdx indices.\n // | complete | running | pending |\n // ^ kRunningIdx ^ kPendingIdx ^ kQueue.length\n // kRunningIdx points to the first running element.\n // kPendingIdx points to the first pending element.\n // This implements a fast queue with an amortized\n // time of O(1).\n\n this[kQueue] = []\n this[kRunningIdx] = 0\n this[kPendingIdx] = 0\n\n this[kResume] = (sync) => resume(this, sync)\n this[kOnError] = (err) => onError(this, err)\n }\n\n get pipelining () {\n return this[kPipelining]\n }\n\n set pipelining (value) {\n this[kPipelining] = value\n this[kResume](true)\n }\n\n get [kPending] () {\n return this[kQueue].length - this[kPendingIdx]\n }\n\n get [kRunning] () {\n return this[kPendingIdx] - this[kRunningIdx]\n }\n\n get [kSize] () {\n return this[kQueue].length - this[kRunningIdx]\n }\n\n get [kConnected] () {\n return !!this[kHTTPContext] && !this[kConnecting] && !this[kHTTPContext].destroyed\n }\n\n get [kBusy] () {\n return Boolean(\n this[kHTTPContext]?.busy(null) ||\n (this[kSize] >= (getPipelining(this) || 1)) ||\n this[kPending] > 0\n )\n }\n\n /* istanbul ignore: only used for test */\n [kConnect] (cb) {\n connect(this)\n this.once('connect', cb)\n }\n\n [kDispatch] (opts, handler) {\n const origin = opts.origin || this[kUrl].origin\n const request = new Request(origin, opts, handler)\n\n this[kQueue].push(request)\n if (this[kResuming]) {\n // Do nothing.\n } else if (util.bodyLength(request.body) == null && util.isIterable(request.body)) {\n // Wait a tick in case stream/iterator is ended in the same tick.\n this[kResuming] = 1\n queueMicrotask(() => resume(this))\n } else {\n this[kResume](true)\n }\n\n if (this[kResuming] && this[kNeedDrain] !== 2 && this[kBusy]) {\n this[kNeedDrain] = 2\n }\n\n return this[kNeedDrain] < 2\n }\n\n async [kClose] () {\n // TODO: for H2 we need to gracefully flush the remaining enqueued\n // request and close each stream.\n return new Promise((resolve) => {\n if (this[kSize]) {\n this[kClosedResolve] = resolve\n } else {\n resolve(null)\n }\n })\n }\n\n async [kDestroy] (err) {\n return new Promise((resolve) => {\n const requests = this[kQueue].splice(this[kPendingIdx])\n for (let i = 0; i < requests.length; i++) {\n const request = requests[i]\n util.errorRequest(this, request, err)\n }\n\n const callback = () => {\n if (this[kClosedResolve]) {\n // TODO (fix): Should we error here with ClientDestroyedError?\n this[kClosedResolve]()\n this[kClosedResolve] = null\n }\n resolve(null)\n }\n\n if (this[kHTTPContext]) {\n this[kHTTPContext].destroy(err, callback)\n this[kHTTPContext] = null\n } else {\n queueMicrotask(callback)\n }\n\n this[kResume]()\n })\n }\n}\n\nconst createRedirectInterceptor = require('../interceptor/redirect-interceptor.js')\n\nfunction onError (client, err) {\n if (\n client[kRunning] === 0 &&\n err.code !== 'UND_ERR_INFO' &&\n err.code !== 'UND_ERR_SOCKET'\n ) {\n // Error is not caused by running request and not a recoverable\n // socket error.\n\n assert(client[kPendingIdx] === client[kRunningIdx])\n\n const requests = client[kQueue].splice(client[kRunningIdx])\n\n for (let i = 0; i < requests.length; i++) {\n const request = requests[i]\n util.errorRequest(client, request, err)\n }\n assert(client[kSize] === 0)\n }\n}\n\n/**\n * @param {Client} client\n * @returns\n */\nasync function connect (client) {\n assert(!client[kConnecting])\n assert(!client[kHTTPContext])\n\n let { host, hostname, protocol, port } = client[kUrl]\n\n // Resolve ipv6\n if (hostname[0] === '[') {\n const idx = hostname.indexOf(']')\n\n assert(idx !== -1)\n const ip = hostname.substring(1, idx)\n\n assert(net.isIP(ip))\n hostname = ip\n }\n\n client[kConnecting] = true\n\n if (channels.beforeConnect.hasSubscribers) {\n channels.beforeConnect.publish({\n connectParams: {\n host,\n hostname,\n protocol,\n port,\n version: client[kHTTPContext]?.version,\n servername: client[kServerName],\n localAddress: client[kLocalAddress]\n },\n connector: client[kConnector]\n })\n }\n\n try {\n const socket = await new Promise((resolve, reject) => {\n client[kConnector]({\n host,\n hostname,\n protocol,\n port,\n servername: client[kServerName],\n localAddress: client[kLocalAddress]\n }, (err, socket) => {\n if (err) {\n reject(err)\n } else {\n resolve(socket)\n }\n })\n })\n\n if (client.destroyed) {\n util.destroy(socket.on('error', noop), new ClientDestroyedError())\n return\n }\n\n assert(socket)\n\n try {\n client[kHTTPContext] = socket.alpnProtocol === 'h2'\n ? await connectH2(client, socket)\n : await connectH1(client, socket)\n } catch (err) {\n socket.destroy().on('error', noop)\n throw err\n }\n\n client[kConnecting] = false\n\n socket[kCounter] = 0\n socket[kMaxRequests] = client[kMaxRequests]\n socket[kClient] = client\n socket[kError] = null\n\n if (channels.connected.hasSubscribers) {\n channels.connected.publish({\n connectParams: {\n host,\n hostname,\n protocol,\n port,\n version: client[kHTTPContext]?.version,\n servername: client[kServerName],\n localAddress: client[kLocalAddress]\n },\n connector: client[kConnector],\n socket\n })\n }\n client.emit('connect', client[kUrl], [client])\n } catch (err) {\n if (client.destroyed) {\n return\n }\n\n client[kConnecting] = false\n\n if (channels.connectError.hasSubscribers) {\n channels.connectError.publish({\n connectParams: {\n host,\n hostname,\n protocol,\n port,\n version: client[kHTTPContext]?.version,\n servername: client[kServerName],\n localAddress: client[kLocalAddress]\n },\n connector: client[kConnector],\n error: err\n })\n }\n\n if (err.code === 'ERR_TLS_CERT_ALTNAME_INVALID') {\n assert(client[kRunning] === 0)\n while (client[kPending] > 0 && client[kQueue][client[kPendingIdx]].servername === client[kServerName]) {\n const request = client[kQueue][client[kPendingIdx]++]\n util.errorRequest(client, request, err)\n }\n } else {\n onError(client, err)\n }\n\n client.emit('connectionError', client[kUrl], [client], err)\n }\n\n client[kResume]()\n}\n\nfunction emitDrain (client) {\n client[kNeedDrain] = 0\n client.emit('drain', client[kUrl], [client])\n}\n\nfunction resume (client, sync) {\n if (client[kResuming] === 2) {\n return\n }\n\n client[kResuming] = 2\n\n _resume(client, sync)\n client[kResuming] = 0\n\n if (client[kRunningIdx] > 256) {\n client[kQueue].splice(0, client[kRunningIdx])\n client[kPendingIdx] -= client[kRunningIdx]\n client[kRunningIdx] = 0\n }\n}\n\nfunction _resume (client, sync) {\n while (true) {\n if (client.destroyed) {\n assert(client[kPending] === 0)\n return\n }\n\n if (client[kClosedResolve] && !client[kSize]) {\n client[kClosedResolve]()\n client[kClosedResolve] = null\n return\n }\n\n if (client[kHTTPContext]) {\n client[kHTTPContext].resume()\n }\n\n if (client[kBusy]) {\n client[kNeedDrain] = 2\n } else if (client[kNeedDrain] === 2) {\n if (sync) {\n client[kNeedDrain] = 1\n queueMicrotask(() => emitDrain(client))\n } else {\n emitDrain(client)\n }\n continue\n }\n\n if (client[kPending] === 0) {\n return\n }\n\n if (client[kRunning] >= (getPipelining(client) || 1)) {\n return\n }\n\n const request = client[kQueue][client[kPendingIdx]]\n\n if (client[kUrl].protocol === 'https:' && client[kServerName] !== request.servername) {\n if (client[kRunning] > 0) {\n return\n }\n\n client[kServerName] = request.servername\n client[kHTTPContext]?.destroy(new InformationalError('servername changed'), () => {\n client[kHTTPContext] = null\n resume(client)\n })\n }\n\n if (client[kConnecting]) {\n return\n }\n\n if (!client[kHTTPContext]) {\n connect(client)\n return\n }\n\n if (client[kHTTPContext].destroyed) {\n return\n }\n\n if (client[kHTTPContext].busy(request)) {\n return\n }\n\n if (!request.aborted && client[kHTTPContext].write(request)) {\n client[kPendingIdx]++\n } else {\n client[kQueue].splice(client[kPendingIdx], 1)\n }\n }\n}\n\nmodule.exports = Client\n","'use strict'\n\nconst Dispatcher = require('./dispatcher')\nconst {\n ClientDestroyedError,\n ClientClosedError,\n InvalidArgumentError\n} = require('../core/errors')\nconst { kDestroy, kClose, kClosed, kDestroyed, kDispatch, kInterceptors } = require('../core/symbols')\n\nconst kOnDestroyed = Symbol('onDestroyed')\nconst kOnClosed = Symbol('onClosed')\nconst kInterceptedDispatch = Symbol('Intercepted Dispatch')\n\nclass DispatcherBase extends Dispatcher {\n constructor () {\n super()\n\n this[kDestroyed] = false\n this[kOnDestroyed] = null\n this[kClosed] = false\n this[kOnClosed] = []\n }\n\n get destroyed () {\n return this[kDestroyed]\n }\n\n get closed () {\n return this[kClosed]\n }\n\n get interceptors () {\n return this[kInterceptors]\n }\n\n set interceptors (newInterceptors) {\n if (newInterceptors) {\n for (let i = newInterceptors.length - 1; i >= 0; i--) {\n const interceptor = this[kInterceptors][i]\n if (typeof interceptor !== 'function') {\n throw new InvalidArgumentError('interceptor must be an function')\n }\n }\n }\n\n this[kInterceptors] = newInterceptors\n }\n\n close (callback) {\n if (callback === undefined) {\n return new Promise((resolve, reject) => {\n this.close((err, data) => {\n return err ? reject(err) : resolve(data)\n })\n })\n }\n\n if (typeof callback !== 'function') {\n throw new InvalidArgumentError('invalid callback')\n }\n\n if (this[kDestroyed]) {\n queueMicrotask(() => callback(new ClientDestroyedError(), null))\n return\n }\n\n if (this[kClosed]) {\n if (this[kOnClosed]) {\n this[kOnClosed].push(callback)\n } else {\n queueMicrotask(() => callback(null, null))\n }\n return\n }\n\n this[kClosed] = true\n this[kOnClosed].push(callback)\n\n const onClosed = () => {\n const callbacks = this[kOnClosed]\n this[kOnClosed] = null\n for (let i = 0; i < callbacks.length; i++) {\n callbacks[i](null, null)\n }\n }\n\n // Should not error.\n this[kClose]()\n .then(() => this.destroy())\n .then(() => {\n queueMicrotask(onClosed)\n })\n }\n\n destroy (err, callback) {\n if (typeof err === 'function') {\n callback = err\n err = null\n }\n\n if (callback === undefined) {\n return new Promise((resolve, reject) => {\n this.destroy(err, (err, data) => {\n return err ? /* istanbul ignore next: should never error */ reject(err) : resolve(data)\n })\n })\n }\n\n if (typeof callback !== 'function') {\n throw new InvalidArgumentError('invalid callback')\n }\n\n if (this[kDestroyed]) {\n if (this[kOnDestroyed]) {\n this[kOnDestroyed].push(callback)\n } else {\n queueMicrotask(() => callback(null, null))\n }\n return\n }\n\n if (!err) {\n err = new ClientDestroyedError()\n }\n\n this[kDestroyed] = true\n this[kOnDestroyed] = this[kOnDestroyed] || []\n this[kOnDestroyed].push(callback)\n\n const onDestroyed = () => {\n const callbacks = this[kOnDestroyed]\n this[kOnDestroyed] = null\n for (let i = 0; i < callbacks.length; i++) {\n callbacks[i](null, null)\n }\n }\n\n // Should not error.\n this[kDestroy](err).then(() => {\n queueMicrotask(onDestroyed)\n })\n }\n\n [kInterceptedDispatch] (opts, handler) {\n if (!this[kInterceptors] || this[kInterceptors].length === 0) {\n this[kInterceptedDispatch] = this[kDispatch]\n return this[kDispatch](opts, handler)\n }\n\n let dispatch = this[kDispatch].bind(this)\n for (let i = this[kInterceptors].length - 1; i >= 0; i--) {\n dispatch = this[kInterceptors][i](dispatch)\n }\n this[kInterceptedDispatch] = dispatch\n return dispatch(opts, handler)\n }\n\n dispatch (opts, handler) {\n if (!handler || typeof handler !== 'object') {\n throw new InvalidArgumentError('handler must be an object')\n }\n\n try {\n if (!opts || typeof opts !== 'object') {\n throw new InvalidArgumentError('opts must be an object.')\n }\n\n if (this[kDestroyed] || this[kOnDestroyed]) {\n throw new ClientDestroyedError()\n }\n\n if (this[kClosed]) {\n throw new ClientClosedError()\n }\n\n return this[kInterceptedDispatch](opts, handler)\n } catch (err) {\n if (typeof handler.onError !== 'function') {\n throw new InvalidArgumentError('invalid onError method')\n }\n\n handler.onError(err)\n\n return false\n }\n }\n}\n\nmodule.exports = DispatcherBase\n","'use strict'\nconst EventEmitter = require('node:events')\n\nclass Dispatcher extends EventEmitter {\n dispatch () {\n throw new Error('not implemented')\n }\n\n close () {\n throw new Error('not implemented')\n }\n\n destroy () {\n throw new Error('not implemented')\n }\n\n compose (...args) {\n // So we handle [interceptor1, interceptor2] or interceptor1, interceptor2, ...\n const interceptors = Array.isArray(args[0]) ? args[0] : args\n let dispatch = this.dispatch.bind(this)\n\n for (const interceptor of interceptors) {\n if (interceptor == null) {\n continue\n }\n\n if (typeof interceptor !== 'function') {\n throw new TypeError(`invalid interceptor, expected function received ${typeof interceptor}`)\n }\n\n dispatch = interceptor(dispatch)\n\n if (dispatch == null || typeof dispatch !== 'function' || dispatch.length !== 2) {\n throw new TypeError('invalid interceptor')\n }\n }\n\n return new ComposedDispatcher(this, dispatch)\n }\n}\n\nclass ComposedDispatcher extends Dispatcher {\n #dispatcher = null\n #dispatch = null\n\n constructor (dispatcher, dispatch) {\n super()\n this.#dispatcher = dispatcher\n this.#dispatch = dispatch\n }\n\n dispatch (...args) {\n this.#dispatch(...args)\n }\n\n close (...args) {\n return this.#dispatcher.close(...args)\n }\n\n destroy (...args) {\n return this.#dispatcher.destroy(...args)\n }\n}\n\nmodule.exports = Dispatcher\n","'use strict'\n\nconst DispatcherBase = require('./dispatcher-base')\nconst { kClose, kDestroy, kClosed, kDestroyed, kDispatch, kNoProxyAgent, kHttpProxyAgent, kHttpsProxyAgent } = require('../core/symbols')\nconst ProxyAgent = require('./proxy-agent')\nconst Agent = require('./agent')\n\nconst DEFAULT_PORTS = {\n 'http:': 80,\n 'https:': 443\n}\n\nlet experimentalWarned = false\n\nclass EnvHttpProxyAgent extends DispatcherBase {\n #noProxyValue = null\n #noProxyEntries = null\n #opts = null\n\n constructor (opts = {}) {\n super()\n this.#opts = opts\n\n if (!experimentalWarned) {\n experimentalWarned = true\n process.emitWarning('EnvHttpProxyAgent is experimental, expect them to change at any time.', {\n code: 'UNDICI-EHPA'\n })\n }\n\n const { httpProxy, httpsProxy, noProxy, ...agentOpts } = opts\n\n this[kNoProxyAgent] = new Agent(agentOpts)\n\n const HTTP_PROXY = httpProxy ?? process.env.http_proxy ?? process.env.HTTP_PROXY\n if (HTTP_PROXY) {\n this[kHttpProxyAgent] = new ProxyAgent({ ...agentOpts, uri: HTTP_PROXY })\n } else {\n this[kHttpProxyAgent] = this[kNoProxyAgent]\n }\n\n const HTTPS_PROXY = httpsProxy ?? process.env.https_proxy ?? process.env.HTTPS_PROXY\n if (HTTPS_PROXY) {\n this[kHttpsProxyAgent] = new ProxyAgent({ ...agentOpts, uri: HTTPS_PROXY })\n } else {\n this[kHttpsProxyAgent] = this[kHttpProxyAgent]\n }\n\n this.#parseNoProxy()\n }\n\n [kDispatch] (opts, handler) {\n const url = new URL(opts.origin)\n const agent = this.#getProxyAgentForUrl(url)\n return agent.dispatch(opts, handler)\n }\n\n async [kClose] () {\n await this[kNoProxyAgent].close()\n if (!this[kHttpProxyAgent][kClosed]) {\n await this[kHttpProxyAgent].close()\n }\n if (!this[kHttpsProxyAgent][kClosed]) {\n await this[kHttpsProxyAgent].close()\n }\n }\n\n async [kDestroy] (err) {\n await this[kNoProxyAgent].destroy(err)\n if (!this[kHttpProxyAgent][kDestroyed]) {\n await this[kHttpProxyAgent].destroy(err)\n }\n if (!this[kHttpsProxyAgent][kDestroyed]) {\n await this[kHttpsProxyAgent].destroy(err)\n }\n }\n\n #getProxyAgentForUrl (url) {\n let { protocol, host: hostname, port } = url\n\n // Stripping ports in this way instead of using parsedUrl.hostname to make\n // sure that the brackets around IPv6 addresses are kept.\n hostname = hostname.replace(/:\\d*$/, '').toLowerCase()\n port = Number.parseInt(port, 10) || DEFAULT_PORTS[protocol] || 0\n if (!this.#shouldProxy(hostname, port)) {\n return this[kNoProxyAgent]\n }\n if (protocol === 'https:') {\n return this[kHttpsProxyAgent]\n }\n return this[kHttpProxyAgent]\n }\n\n #shouldProxy (hostname, port) {\n if (this.#noProxyChanged) {\n this.#parseNoProxy()\n }\n\n if (this.#noProxyEntries.length === 0) {\n return true // Always proxy if NO_PROXY is not set or empty.\n }\n if (this.#noProxyValue === '*') {\n return false // Never proxy if wildcard is set.\n }\n\n for (let i = 0; i < this.#noProxyEntries.length; i++) {\n const entry = this.#noProxyEntries[i]\n if (entry.port && entry.port !== port) {\n continue // Skip if ports don't match.\n }\n if (!/^[.*]/.test(entry.hostname)) {\n // No wildcards, so don't proxy only if there is not an exact match.\n if (hostname === entry.hostname) {\n return false\n }\n } else {\n // Don't proxy if the hostname ends with the no_proxy host.\n if (hostname.endsWith(entry.hostname.replace(/^\\*/, ''))) {\n return false\n }\n }\n }\n\n return true\n }\n\n #parseNoProxy () {\n const noProxyValue = this.#opts.noProxy ?? this.#noProxyEnv\n const noProxySplit = noProxyValue.split(/[,\\s]/)\n const noProxyEntries = []\n\n for (let i = 0; i < noProxySplit.length; i++) {\n const entry = noProxySplit[i]\n if (!entry) {\n continue\n }\n const parsed = entry.match(/^(.+):(\\d+)$/)\n noProxyEntries.push({\n hostname: (parsed ? parsed[1] : entry).toLowerCase(),\n port: parsed ? Number.parseInt(parsed[2], 10) : 0\n })\n }\n\n this.#noProxyValue = noProxyValue\n this.#noProxyEntries = noProxyEntries\n }\n\n get #noProxyChanged () {\n if (this.#opts.noProxy !== undefined) {\n return false\n }\n return this.#noProxyValue !== this.#noProxyEnv\n }\n\n get #noProxyEnv () {\n return process.env.no_proxy ?? process.env.NO_PROXY ?? ''\n }\n}\n\nmodule.exports = EnvHttpProxyAgent\n","/* eslint-disable */\n\n'use strict'\n\n// Extracted from node/lib/internal/fixed_queue.js\n\n// Currently optimal queue size, tested on V8 6.0 - 6.6. Must be power of two.\nconst kSize = 2048;\nconst kMask = kSize - 1;\n\n// The FixedQueue is implemented as a singly-linked list of fixed-size\n// circular buffers. It looks something like this:\n//\n// head tail\n// | |\n// v v\n// +-----------+ <-----\\ +-----------+ <------\\ +-----------+\n// | [null] | \\----- | next | \\------- | next |\n// +-----------+ +-----------+ +-----------+\n// | item | <-- bottom | item | <-- bottom | [empty] |\n// | item | | item | | [empty] |\n// | item | | item | | [empty] |\n// | item | | item | | [empty] |\n// | item | | item | bottom --> | item |\n// | item | | item | | item |\n// | ... | | ... | | ... |\n// | item | | item | | item |\n// | item | | item | | item |\n// | [empty] | <-- top | item | | item |\n// | [empty] | | item | | item |\n// | [empty] | | [empty] | <-- top top --> | [empty] |\n// +-----------+ +-----------+ +-----------+\n//\n// Or, if there is only one circular buffer, it looks something\n// like either of these:\n//\n// head tail head tail\n// | | | |\n// v v v v\n// +-----------+ +-----------+\n// | [null] | | [null] |\n// +-----------+ +-----------+\n// | [empty] | | item |\n// | [empty] | | item |\n// | item | <-- bottom top --> | [empty] |\n// | item | | [empty] |\n// | [empty] | <-- top bottom --> | item |\n// | [empty] | | item |\n// +-----------+ +-----------+\n//\n// Adding a value means moving `top` forward by one, removing means\n// moving `bottom` forward by one. After reaching the end, the queue\n// wraps around.\n//\n// When `top === bottom` the current queue is empty and when\n// `top + 1 === bottom` it's full. This wastes a single space of storage\n// but allows much quicker checks.\n\nclass FixedCircularBuffer {\n constructor() {\n this.bottom = 0;\n this.top = 0;\n this.list = new Array(kSize);\n this.next = null;\n }\n\n isEmpty() {\n return this.top === this.bottom;\n }\n\n isFull() {\n return ((this.top + 1) & kMask) === this.bottom;\n }\n\n push(data) {\n this.list[this.top] = data;\n this.top = (this.top + 1) & kMask;\n }\n\n shift() {\n const nextItem = this.list[this.bottom];\n if (nextItem === undefined)\n return null;\n this.list[this.bottom] = undefined;\n this.bottom = (this.bottom + 1) & kMask;\n return nextItem;\n }\n}\n\nmodule.exports = class FixedQueue {\n constructor() {\n this.head = this.tail = new FixedCircularBuffer();\n }\n\n isEmpty() {\n return this.head.isEmpty();\n }\n\n push(data) {\n if (this.head.isFull()) {\n // Head is full: Creates a new queue, sets the old queue's `.next` to it,\n // and sets it as the new main queue.\n this.head = this.head.next = new FixedCircularBuffer();\n }\n this.head.push(data);\n }\n\n shift() {\n const tail = this.tail;\n const next = tail.shift();\n if (tail.isEmpty() && tail.next !== null) {\n // If there is another queue, it forms the new tail.\n this.tail = tail.next;\n }\n return next;\n }\n};\n","'use strict'\n\nconst DispatcherBase = require('./dispatcher-base')\nconst FixedQueue = require('./fixed-queue')\nconst { kConnected, kSize, kRunning, kPending, kQueued, kBusy, kFree, kUrl, kClose, kDestroy, kDispatch } = require('../core/symbols')\nconst PoolStats = require('./pool-stats')\n\nconst kClients = Symbol('clients')\nconst kNeedDrain = Symbol('needDrain')\nconst kQueue = Symbol('queue')\nconst kClosedResolve = Symbol('closed resolve')\nconst kOnDrain = Symbol('onDrain')\nconst kOnConnect = Symbol('onConnect')\nconst kOnDisconnect = Symbol('onDisconnect')\nconst kOnConnectionError = Symbol('onConnectionError')\nconst kGetDispatcher = Symbol('get dispatcher')\nconst kAddClient = Symbol('add client')\nconst kRemoveClient = Symbol('remove client')\nconst kStats = Symbol('stats')\n\nclass PoolBase extends DispatcherBase {\n constructor () {\n super()\n\n this[kQueue] = new FixedQueue()\n this[kClients] = []\n this[kQueued] = 0\n\n const pool = this\n\n this[kOnDrain] = function onDrain (origin, targets) {\n const queue = pool[kQueue]\n\n let needDrain = false\n\n while (!needDrain) {\n const item = queue.shift()\n if (!item) {\n break\n }\n pool[kQueued]--\n needDrain = !this.dispatch(item.opts, item.handler)\n }\n\n this[kNeedDrain] = needDrain\n\n if (!this[kNeedDrain] && pool[kNeedDrain]) {\n pool[kNeedDrain] = false\n pool.emit('drain', origin, [pool, ...targets])\n }\n\n if (pool[kClosedResolve] && queue.isEmpty()) {\n Promise\n .all(pool[kClients].map(c => c.close()))\n .then(pool[kClosedResolve])\n }\n }\n\n this[kOnConnect] = (origin, targets) => {\n pool.emit('connect', origin, [pool, ...targets])\n }\n\n this[kOnDisconnect] = (origin, targets, err) => {\n pool.emit('disconnect', origin, [pool, ...targets], err)\n }\n\n this[kOnConnectionError] = (origin, targets, err) => {\n pool.emit('connectionError', origin, [pool, ...targets], err)\n }\n\n this[kStats] = new PoolStats(this)\n }\n\n get [kBusy] () {\n return this[kNeedDrain]\n }\n\n get [kConnected] () {\n return this[kClients].filter(client => client[kConnected]).length\n }\n\n get [kFree] () {\n return this[kClients].filter(client => client[kConnected] && !client[kNeedDrain]).length\n }\n\n get [kPending] () {\n let ret = this[kQueued]\n for (const { [kPending]: pending } of this[kClients]) {\n ret += pending\n }\n return ret\n }\n\n get [kRunning] () {\n let ret = 0\n for (const { [kRunning]: running } of this[kClients]) {\n ret += running\n }\n return ret\n }\n\n get [kSize] () {\n let ret = this[kQueued]\n for (const { [kSize]: size } of this[kClients]) {\n ret += size\n }\n return ret\n }\n\n get stats () {\n return this[kStats]\n }\n\n async [kClose] () {\n if (this[kQueue].isEmpty()) {\n await Promise.all(this[kClients].map(c => c.close()))\n } else {\n await new Promise((resolve) => {\n this[kClosedResolve] = resolve\n })\n }\n }\n\n async [kDestroy] (err) {\n while (true) {\n const item = this[kQueue].shift()\n if (!item) {\n break\n }\n item.handler.onError(err)\n }\n\n await Promise.all(this[kClients].map(c => c.destroy(err)))\n }\n\n [kDispatch] (opts, handler) {\n const dispatcher = this[kGetDispatcher]()\n\n if (!dispatcher) {\n this[kNeedDrain] = true\n this[kQueue].push({ opts, handler })\n this[kQueued]++\n } else if (!dispatcher.dispatch(opts, handler)) {\n dispatcher[kNeedDrain] = true\n this[kNeedDrain] = !this[kGetDispatcher]()\n }\n\n return !this[kNeedDrain]\n }\n\n [kAddClient] (client) {\n client\n .on('drain', this[kOnDrain])\n .on('connect', this[kOnConnect])\n .on('disconnect', this[kOnDisconnect])\n .on('connectionError', this[kOnConnectionError])\n\n this[kClients].push(client)\n\n if (this[kNeedDrain]) {\n queueMicrotask(() => {\n if (this[kNeedDrain]) {\n this[kOnDrain](client[kUrl], [this, client])\n }\n })\n }\n\n return this\n }\n\n [kRemoveClient] (client) {\n client.close(() => {\n const idx = this[kClients].indexOf(client)\n if (idx !== -1) {\n this[kClients].splice(idx, 1)\n }\n })\n\n this[kNeedDrain] = this[kClients].some(dispatcher => (\n !dispatcher[kNeedDrain] &&\n dispatcher.closed !== true &&\n dispatcher.destroyed !== true\n ))\n }\n}\n\nmodule.exports = {\n PoolBase,\n kClients,\n kNeedDrain,\n kAddClient,\n kRemoveClient,\n kGetDispatcher\n}\n","const { kFree, kConnected, kPending, kQueued, kRunning, kSize } = require('../core/symbols')\nconst kPool = Symbol('pool')\n\nclass PoolStats {\n constructor (pool) {\n this[kPool] = pool\n }\n\n get connected () {\n return this[kPool][kConnected]\n }\n\n get free () {\n return this[kPool][kFree]\n }\n\n get pending () {\n return this[kPool][kPending]\n }\n\n get queued () {\n return this[kPool][kQueued]\n }\n\n get running () {\n return this[kPool][kRunning]\n }\n\n get size () {\n return this[kPool][kSize]\n }\n}\n\nmodule.exports = PoolStats\n","'use strict'\n\nconst {\n PoolBase,\n kClients,\n kNeedDrain,\n kAddClient,\n kGetDispatcher\n} = require('./pool-base')\nconst Client = require('./client')\nconst {\n InvalidArgumentError\n} = require('../core/errors')\nconst util = require('../core/util')\nconst { kUrl, kInterceptors } = require('../core/symbols')\nconst buildConnector = require('../core/connect')\n\nconst kOptions = Symbol('options')\nconst kConnections = Symbol('connections')\nconst kFactory = Symbol('factory')\n\nfunction defaultFactory (origin, opts) {\n return new Client(origin, opts)\n}\n\nclass Pool extends PoolBase {\n constructor (origin, {\n connections,\n factory = defaultFactory,\n connect,\n connectTimeout,\n tls,\n maxCachedSessions,\n socketPath,\n autoSelectFamily,\n autoSelectFamilyAttemptTimeout,\n allowH2,\n ...options\n } = {}) {\n super()\n\n if (connections != null && (!Number.isFinite(connections) || connections < 0)) {\n throw new InvalidArgumentError('invalid connections')\n }\n\n if (typeof factory !== 'function') {\n throw new InvalidArgumentError('factory must be a function.')\n }\n\n if (connect != null && typeof connect !== 'function' && typeof connect !== 'object') {\n throw new InvalidArgumentError('connect must be a function or an object')\n }\n\n if (typeof connect !== 'function') {\n connect = buildConnector({\n ...tls,\n maxCachedSessions,\n allowH2,\n socketPath,\n timeout: connectTimeout,\n ...(autoSelectFamily ? { autoSelectFamily, autoSelectFamilyAttemptTimeout } : undefined),\n ...connect\n })\n }\n\n this[kInterceptors] = options.interceptors?.Pool && Array.isArray(options.interceptors.Pool)\n ? options.interceptors.Pool\n : []\n this[kConnections] = connections || null\n this[kUrl] = util.parseOrigin(origin)\n this[kOptions] = { ...util.deepClone(options), connect, allowH2 }\n this[kOptions].interceptors = options.interceptors\n ? { ...options.interceptors }\n : undefined\n this[kFactory] = factory\n\n this.on('connectionError', (origin, targets, error) => {\n // If a connection error occurs, we remove the client from the pool,\n // and emit a connectionError event. They will not be re-used.\n // Fixes https://github.com/nodejs/undici/issues/3895\n for (const target of targets) {\n // Do not use kRemoveClient here, as it will close the client,\n // but the client cannot be closed in this state.\n const idx = this[kClients].indexOf(target)\n if (idx !== -1) {\n this[kClients].splice(idx, 1)\n }\n }\n })\n }\n\n [kGetDispatcher] () {\n for (const client of this[kClients]) {\n if (!client[kNeedDrain]) {\n return client\n }\n }\n\n if (!this[kConnections] || this[kClients].length < this[kConnections]) {\n const dispatcher = this[kFactory](this[kUrl], this[kOptions])\n this[kAddClient](dispatcher)\n return dispatcher\n }\n }\n}\n\nmodule.exports = Pool\n","'use strict'\n\nconst { kProxy, kClose, kDestroy, kDispatch, kInterceptors } = require('../core/symbols')\nconst { URL } = require('node:url')\nconst Agent = require('./agent')\nconst Pool = require('./pool')\nconst DispatcherBase = require('./dispatcher-base')\nconst { InvalidArgumentError, RequestAbortedError, SecureProxyConnectionError } = require('../core/errors')\nconst buildConnector = require('../core/connect')\nconst Client = require('./client')\n\nconst kAgent = Symbol('proxy agent')\nconst kClient = Symbol('proxy client')\nconst kProxyHeaders = Symbol('proxy headers')\nconst kRequestTls = Symbol('request tls settings')\nconst kProxyTls = Symbol('proxy tls settings')\nconst kConnectEndpoint = Symbol('connect endpoint function')\nconst kTunnelProxy = Symbol('tunnel proxy')\n\nfunction defaultProtocolPort (protocol) {\n return protocol === 'https:' ? 443 : 80\n}\n\nfunction defaultFactory (origin, opts) {\n return new Pool(origin, opts)\n}\n\nconst noop = () => {}\n\nfunction defaultAgentFactory (origin, opts) {\n if (opts.connections === 1) {\n return new Client(origin, opts)\n }\n return new Pool(origin, opts)\n}\n\nclass Http1ProxyWrapper extends DispatcherBase {\n #client\n\n constructor (proxyUrl, { headers = {}, connect, factory }) {\n super()\n if (!proxyUrl) {\n throw new InvalidArgumentError('Proxy URL is mandatory')\n }\n\n this[kProxyHeaders] = headers\n if (factory) {\n this.#client = factory(proxyUrl, { connect })\n } else {\n this.#client = new Client(proxyUrl, { connect })\n }\n }\n\n [kDispatch] (opts, handler) {\n const onHeaders = handler.onHeaders\n handler.onHeaders = function (statusCode, data, resume) {\n if (statusCode === 407) {\n if (typeof handler.onError === 'function') {\n handler.onError(new InvalidArgumentError('Proxy Authentication Required (407)'))\n }\n return\n }\n if (onHeaders) onHeaders.call(this, statusCode, data, resume)\n }\n\n // Rewrite request as an HTTP1 Proxy request, without tunneling.\n const {\n origin,\n path = '/',\n headers = {}\n } = opts\n\n opts.path = origin + path\n\n if (!('host' in headers) && !('Host' in headers)) {\n const { host } = new URL(origin)\n headers.host = host\n }\n opts.headers = { ...this[kProxyHeaders], ...headers }\n\n return this.#client[kDispatch](opts, handler)\n }\n\n async [kClose] () {\n return this.#client.close()\n }\n\n async [kDestroy] (err) {\n return this.#client.destroy(err)\n }\n}\n\nclass ProxyAgent extends DispatcherBase {\n constructor (opts) {\n super()\n\n if (!opts || (typeof opts === 'object' && !(opts instanceof URL) && !opts.uri)) {\n throw new InvalidArgumentError('Proxy uri is mandatory')\n }\n\n const { clientFactory = defaultFactory } = opts\n if (typeof clientFactory !== 'function') {\n throw new InvalidArgumentError('Proxy opts.clientFactory must be a function.')\n }\n\n const { proxyTunnel = true } = opts\n\n const url = this.#getUrl(opts)\n const { href, origin, port, protocol, username, password, hostname: proxyHostname } = url\n\n this[kProxy] = { uri: href, protocol }\n this[kInterceptors] = opts.interceptors?.ProxyAgent && Array.isArray(opts.interceptors.ProxyAgent)\n ? opts.interceptors.ProxyAgent\n : []\n this[kRequestTls] = opts.requestTls\n this[kProxyTls] = opts.proxyTls\n this[kProxyHeaders] = opts.headers || {}\n this[kTunnelProxy] = proxyTunnel\n\n if (opts.auth && opts.token) {\n throw new InvalidArgumentError('opts.auth cannot be used in combination with opts.token')\n } else if (opts.auth) {\n /* @deprecated in favour of opts.token */\n this[kProxyHeaders]['proxy-authorization'] = `Basic ${opts.auth}`\n } else if (opts.token) {\n this[kProxyHeaders]['proxy-authorization'] = opts.token\n } else if (username && password) {\n this[kProxyHeaders]['proxy-authorization'] = `Basic ${Buffer.from(`${decodeURIComponent(username)}:${decodeURIComponent(password)}`).toString('base64')}`\n }\n\n const connect = buildConnector({ ...opts.proxyTls })\n this[kConnectEndpoint] = buildConnector({ ...opts.requestTls })\n\n const agentFactory = opts.factory || defaultAgentFactory\n const factory = (origin, options) => {\n const { protocol } = new URL(origin)\n if (!this[kTunnelProxy] && protocol === 'http:' && this[kProxy].protocol === 'http:') {\n return new Http1ProxyWrapper(this[kProxy].uri, {\n headers: this[kProxyHeaders],\n connect,\n factory: agentFactory\n })\n }\n return agentFactory(origin, options)\n }\n this[kClient] = clientFactory(url, { connect })\n this[kAgent] = new Agent({\n ...opts,\n factory,\n connect: async (opts, callback) => {\n let requestedPath = opts.host\n if (!opts.port) {\n requestedPath += `:${defaultProtocolPort(opts.protocol)}`\n }\n try {\n const { socket, statusCode } = await this[kClient].connect({\n origin,\n port,\n path: requestedPath,\n signal: opts.signal,\n headers: {\n ...this[kProxyHeaders],\n host: opts.host\n },\n servername: this[kProxyTls]?.servername || proxyHostname\n })\n if (statusCode !== 200) {\n socket.on('error', noop).destroy()\n callback(new RequestAbortedError(`Proxy response (${statusCode}) !== 200 when HTTP Tunneling`))\n }\n if (opts.protocol !== 'https:') {\n callback(null, socket)\n return\n }\n let servername\n if (this[kRequestTls]) {\n servername = this[kRequestTls].servername\n } else {\n servername = opts.servername\n }\n this[kConnectEndpoint]({ ...opts, servername, httpSocket: socket }, callback)\n } catch (err) {\n if (err.code === 'ERR_TLS_CERT_ALTNAME_INVALID') {\n // Throw a custom error to avoid loop in client.js#connect\n callback(new SecureProxyConnectionError(err))\n } else {\n callback(err)\n }\n }\n }\n })\n }\n\n dispatch (opts, handler) {\n const headers = buildHeaders(opts.headers)\n throwIfProxyAuthIsSent(headers)\n\n if (headers && !('host' in headers) && !('Host' in headers)) {\n const { host } = new URL(opts.origin)\n headers.host = host\n }\n\n return this[kAgent].dispatch(\n {\n ...opts,\n headers\n },\n handler\n )\n }\n\n /**\n * @param {import('../types/proxy-agent').ProxyAgent.Options | string | URL} opts\n * @returns {URL}\n */\n #getUrl (opts) {\n if (typeof opts === 'string') {\n return new URL(opts)\n } else if (opts instanceof URL) {\n return opts\n } else {\n return new URL(opts.uri)\n }\n }\n\n async [kClose] () {\n await this[kAgent].close()\n await this[kClient].close()\n }\n\n async [kDestroy] () {\n await this[kAgent].destroy()\n await this[kClient].destroy()\n }\n}\n\n/**\n * @param {string[] | Record} headers\n * @returns {Record}\n */\nfunction buildHeaders (headers) {\n // When using undici.fetch, the headers list is stored\n // as an array.\n if (Array.isArray(headers)) {\n /** @type {Record} */\n const headersPair = {}\n\n for (let i = 0; i < headers.length; i += 2) {\n headersPair[headers[i]] = headers[i + 1]\n }\n\n return headersPair\n }\n\n return headers\n}\n\n/**\n * @param {Record} headers\n *\n * Previous versions of ProxyAgent suggests the Proxy-Authorization in request headers\n * Nevertheless, it was changed and to avoid a security vulnerability by end users\n * this check was created.\n * It should be removed in the next major version for performance reasons\n */\nfunction throwIfProxyAuthIsSent (headers) {\n const existProxyAuth = headers && Object.keys(headers)\n .find((key) => key.toLowerCase() === 'proxy-authorization')\n if (existProxyAuth) {\n throw new InvalidArgumentError('Proxy-Authorization should be sent in ProxyAgent constructor')\n }\n}\n\nmodule.exports = ProxyAgent\n","'use strict'\n\nconst Dispatcher = require('./dispatcher')\nconst RetryHandler = require('../handler/retry-handler')\n\nclass RetryAgent extends Dispatcher {\n #agent = null\n #options = null\n constructor (agent, options = {}) {\n super(options)\n this.#agent = agent\n this.#options = options\n }\n\n dispatch (opts, handler) {\n const retry = new RetryHandler({\n ...opts,\n retryOptions: this.#options\n }, {\n dispatch: this.#agent.dispatch.bind(this.#agent),\n handler\n })\n return this.#agent.dispatch(opts, retry)\n }\n\n close () {\n return this.#agent.close()\n }\n\n destroy () {\n return this.#agent.destroy()\n }\n}\n\nmodule.exports = RetryAgent\n","'use strict'\n\n// We include a version number for the Dispatcher API. In case of breaking changes,\n// this version number must be increased to avoid conflicts.\nconst globalDispatcher = Symbol.for('undici.globalDispatcher.1')\nconst { InvalidArgumentError } = require('./core/errors')\nconst Agent = require('./dispatcher/agent')\n\nif (getGlobalDispatcher() === undefined) {\n setGlobalDispatcher(new Agent())\n}\n\nfunction setGlobalDispatcher (agent) {\n if (!agent || typeof agent.dispatch !== 'function') {\n throw new InvalidArgumentError('Argument agent must implement Agent')\n }\n Object.defineProperty(globalThis, globalDispatcher, {\n value: agent,\n writable: true,\n enumerable: false,\n configurable: false\n })\n}\n\nfunction getGlobalDispatcher () {\n return globalThis[globalDispatcher]\n}\n\nmodule.exports = {\n setGlobalDispatcher,\n getGlobalDispatcher\n}\n","'use strict'\n\nmodule.exports = class DecoratorHandler {\n #handler\n\n constructor (handler) {\n if (typeof handler !== 'object' || handler === null) {\n throw new TypeError('handler must be an object')\n }\n this.#handler = handler\n }\n\n onConnect (...args) {\n return this.#handler.onConnect?.(...args)\n }\n\n onError (...args) {\n return this.#handler.onError?.(...args)\n }\n\n onUpgrade (...args) {\n return this.#handler.onUpgrade?.(...args)\n }\n\n onResponseStarted (...args) {\n return this.#handler.onResponseStarted?.(...args)\n }\n\n onHeaders (...args) {\n return this.#handler.onHeaders?.(...args)\n }\n\n onData (...args) {\n return this.#handler.onData?.(...args)\n }\n\n onComplete (...args) {\n return this.#handler.onComplete?.(...args)\n }\n\n onBodySent (...args) {\n return this.#handler.onBodySent?.(...args)\n }\n}\n","'use strict'\n\nconst util = require('../core/util')\nconst { kBodyUsed } = require('../core/symbols')\nconst assert = require('node:assert')\nconst { InvalidArgumentError } = require('../core/errors')\nconst EE = require('node:events')\n\nconst redirectableStatusCodes = [300, 301, 302, 303, 307, 308]\n\nconst kBody = Symbol('body')\n\nclass BodyAsyncIterable {\n constructor (body) {\n this[kBody] = body\n this[kBodyUsed] = false\n }\n\n async * [Symbol.asyncIterator] () {\n assert(!this[kBodyUsed], 'disturbed')\n this[kBodyUsed] = true\n yield * this[kBody]\n }\n}\n\nclass RedirectHandler {\n constructor (dispatch, maxRedirections, opts, handler) {\n if (maxRedirections != null && (!Number.isInteger(maxRedirections) || maxRedirections < 0)) {\n throw new InvalidArgumentError('maxRedirections must be a positive number')\n }\n\n util.validateHandler(handler, opts.method, opts.upgrade)\n\n this.dispatch = dispatch\n this.location = null\n this.abort = null\n this.opts = { ...opts, maxRedirections: 0 } // opts must be a copy\n this.maxRedirections = maxRedirections\n this.handler = handler\n this.history = []\n this.redirectionLimitReached = false\n\n if (util.isStream(this.opts.body)) {\n // TODO (fix): Provide some way for the user to cache the file to e.g. /tmp\n // so that it can be dispatched again?\n // TODO (fix): Do we need 100-expect support to provide a way to do this properly?\n if (util.bodyLength(this.opts.body) === 0) {\n this.opts.body\n .on('data', function () {\n assert(false)\n })\n }\n\n if (typeof this.opts.body.readableDidRead !== 'boolean') {\n this.opts.body[kBodyUsed] = false\n EE.prototype.on.call(this.opts.body, 'data', function () {\n this[kBodyUsed] = true\n })\n }\n } else if (this.opts.body && typeof this.opts.body.pipeTo === 'function') {\n // TODO (fix): We can't access ReadableStream internal state\n // to determine whether or not it has been disturbed. This is just\n // a workaround.\n this.opts.body = new BodyAsyncIterable(this.opts.body)\n } else if (\n this.opts.body &&\n typeof this.opts.body !== 'string' &&\n !ArrayBuffer.isView(this.opts.body) &&\n util.isIterable(this.opts.body)\n ) {\n // TODO: Should we allow re-using iterable if !this.opts.idempotent\n // or through some other flag?\n this.opts.body = new BodyAsyncIterable(this.opts.body)\n }\n }\n\n onConnect (abort) {\n this.abort = abort\n this.handler.onConnect(abort, { history: this.history })\n }\n\n onUpgrade (statusCode, headers, socket) {\n this.handler.onUpgrade(statusCode, headers, socket)\n }\n\n onError (error) {\n this.handler.onError(error)\n }\n\n onHeaders (statusCode, headers, resume, statusText) {\n this.location = this.history.length >= this.maxRedirections || util.isDisturbed(this.opts.body)\n ? null\n : parseLocation(statusCode, headers)\n\n if (this.opts.throwOnMaxRedirect && this.history.length >= this.maxRedirections) {\n if (this.request) {\n this.request.abort(new Error('max redirects'))\n }\n\n this.redirectionLimitReached = true\n this.abort(new Error('max redirects'))\n return\n }\n\n if (this.opts.origin) {\n this.history.push(new URL(this.opts.path, this.opts.origin))\n }\n\n if (!this.location) {\n return this.handler.onHeaders(statusCode, headers, resume, statusText)\n }\n\n const { origin, pathname, search } = util.parseURL(new URL(this.location, this.opts.origin && new URL(this.opts.path, this.opts.origin)))\n const path = search ? `${pathname}${search}` : pathname\n\n // Remove headers referring to the original URL.\n // By default it is Host only, unless it's a 303 (see below), which removes also all Content-* headers.\n // https://tools.ietf.org/html/rfc7231#section-6.4\n this.opts.headers = cleanRequestHeaders(this.opts.headers, statusCode === 303, this.opts.origin !== origin)\n this.opts.path = path\n this.opts.origin = origin\n this.opts.maxRedirections = 0\n this.opts.query = null\n\n // https://tools.ietf.org/html/rfc7231#section-6.4.4\n // In case of HTTP 303, always replace method to be either HEAD or GET\n if (statusCode === 303 && this.opts.method !== 'HEAD') {\n this.opts.method = 'GET'\n this.opts.body = null\n }\n }\n\n onData (chunk) {\n if (this.location) {\n /*\n https://tools.ietf.org/html/rfc7231#section-6.4\n\n TLDR: undici always ignores 3xx response bodies.\n\n Redirection is used to serve the requested resource from another URL, so it is assumes that\n no body is generated (and thus can be ignored). Even though generating a body is not prohibited.\n\n For status 301, 302, 303, 307 and 308 (the latter from RFC 7238), the specs mention that the body usually\n (which means it's optional and not mandated) contain just an hyperlink to the value of\n the Location response header, so the body can be ignored safely.\n\n For status 300, which is \"Multiple Choices\", the spec mentions both generating a Location\n response header AND a response body with the other possible location to follow.\n Since the spec explicitly chooses not to specify a format for such body and leave it to\n servers and browsers implementors, we ignore the body as there is no specified way to eventually parse it.\n */\n } else {\n return this.handler.onData(chunk)\n }\n }\n\n onComplete (trailers) {\n if (this.location) {\n /*\n https://tools.ietf.org/html/rfc7231#section-6.4\n\n TLDR: undici always ignores 3xx response trailers as they are not expected in case of redirections\n and neither are useful if present.\n\n See comment on onData method above for more detailed information.\n */\n\n this.location = null\n this.abort = null\n\n this.dispatch(this.opts, this)\n } else {\n this.handler.onComplete(trailers)\n }\n }\n\n onBodySent (chunk) {\n if (this.handler.onBodySent) {\n this.handler.onBodySent(chunk)\n }\n }\n}\n\nfunction parseLocation (statusCode, headers) {\n if (redirectableStatusCodes.indexOf(statusCode) === -1) {\n return null\n }\n\n for (let i = 0; i < headers.length; i += 2) {\n if (headers[i].length === 8 && util.headerNameToString(headers[i]) === 'location') {\n return headers[i + 1]\n }\n }\n}\n\n// https://tools.ietf.org/html/rfc7231#section-6.4.4\nfunction shouldRemoveHeader (header, removeContent, unknownOrigin) {\n if (header.length === 4) {\n return util.headerNameToString(header) === 'host'\n }\n if (removeContent && util.headerNameToString(header).startsWith('content-')) {\n return true\n }\n if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) {\n const name = util.headerNameToString(header)\n return name === 'authorization' || name === 'cookie' || name === 'proxy-authorization'\n }\n return false\n}\n\n// https://tools.ietf.org/html/rfc7231#section-6.4\nfunction cleanRequestHeaders (headers, removeContent, unknownOrigin) {\n const ret = []\n if (Array.isArray(headers)) {\n for (let i = 0; i < headers.length; i += 2) {\n if (!shouldRemoveHeader(headers[i], removeContent, unknownOrigin)) {\n ret.push(headers[i], headers[i + 1])\n }\n }\n } else if (headers && typeof headers === 'object') {\n for (const key of Object.keys(headers)) {\n if (!shouldRemoveHeader(key, removeContent, unknownOrigin)) {\n ret.push(key, headers[key])\n }\n }\n } else {\n assert(headers == null, 'headers must be an object or an array')\n }\n return ret\n}\n\nmodule.exports = RedirectHandler\n","'use strict'\nconst assert = require('node:assert')\n\nconst { kRetryHandlerDefaultRetry } = require('../core/symbols')\nconst { RequestRetryError } = require('../core/errors')\nconst {\n isDisturbed,\n parseHeaders,\n parseRangeHeader,\n wrapRequestBody\n} = require('../core/util')\n\nfunction calculateRetryAfterHeader (retryAfter) {\n const current = Date.now()\n return new Date(retryAfter).getTime() - current\n}\n\nclass RetryHandler {\n constructor (opts, handlers) {\n const { retryOptions, ...dispatchOpts } = opts\n const {\n // Retry scoped\n retry: retryFn,\n maxRetries,\n maxTimeout,\n minTimeout,\n timeoutFactor,\n // Response scoped\n methods,\n errorCodes,\n retryAfter,\n statusCodes\n } = retryOptions ?? {}\n\n this.dispatch = handlers.dispatch\n this.handler = handlers.handler\n this.opts = { ...dispatchOpts, body: wrapRequestBody(opts.body) }\n this.abort = null\n this.aborted = false\n this.retryOpts = {\n retry: retryFn ?? RetryHandler[kRetryHandlerDefaultRetry],\n retryAfter: retryAfter ?? true,\n maxTimeout: maxTimeout ?? 30 * 1000, // 30s,\n minTimeout: minTimeout ?? 500, // .5s\n timeoutFactor: timeoutFactor ?? 2,\n maxRetries: maxRetries ?? 5,\n // What errors we should retry\n methods: methods ?? ['GET', 'HEAD', 'OPTIONS', 'PUT', 'DELETE', 'TRACE'],\n // Indicates which errors to retry\n statusCodes: statusCodes ?? [500, 502, 503, 504, 429],\n // List of errors to retry\n errorCodes: errorCodes ?? [\n 'ECONNRESET',\n 'ECONNREFUSED',\n 'ENOTFOUND',\n 'ENETDOWN',\n 'ENETUNREACH',\n 'EHOSTDOWN',\n 'EHOSTUNREACH',\n 'EPIPE',\n 'UND_ERR_SOCKET'\n ]\n }\n\n this.retryCount = 0\n this.retryCountCheckpoint = 0\n this.start = 0\n this.end = null\n this.etag = null\n this.resume = null\n\n // Handle possible onConnect duplication\n this.handler.onConnect(reason => {\n this.aborted = true\n if (this.abort) {\n this.abort(reason)\n } else {\n this.reason = reason\n }\n })\n }\n\n onRequestSent () {\n if (this.handler.onRequestSent) {\n this.handler.onRequestSent()\n }\n }\n\n onUpgrade (statusCode, headers, socket) {\n if (this.handler.onUpgrade) {\n this.handler.onUpgrade(statusCode, headers, socket)\n }\n }\n\n onConnect (abort) {\n if (this.aborted) {\n abort(this.reason)\n } else {\n this.abort = abort\n }\n }\n\n onBodySent (chunk) {\n if (this.handler.onBodySent) return this.handler.onBodySent(chunk)\n }\n\n static [kRetryHandlerDefaultRetry] (err, { state, opts }, cb) {\n const { statusCode, code, headers } = err\n const { method, retryOptions } = opts\n const {\n maxRetries,\n minTimeout,\n maxTimeout,\n timeoutFactor,\n statusCodes,\n errorCodes,\n methods\n } = retryOptions\n const { counter } = state\n\n // Any code that is not a Undici's originated and allowed to retry\n if (code && code !== 'UND_ERR_REQ_RETRY' && !errorCodes.includes(code)) {\n cb(err)\n return\n }\n\n // If a set of method are provided and the current method is not in the list\n if (Array.isArray(methods) && !methods.includes(method)) {\n cb(err)\n return\n }\n\n // If a set of status code are provided and the current status code is not in the list\n if (\n statusCode != null &&\n Array.isArray(statusCodes) &&\n !statusCodes.includes(statusCode)\n ) {\n cb(err)\n return\n }\n\n // If we reached the max number of retries\n if (counter > maxRetries) {\n cb(err)\n return\n }\n\n let retryAfterHeader = headers?.['retry-after']\n if (retryAfterHeader) {\n retryAfterHeader = Number(retryAfterHeader)\n retryAfterHeader = Number.isNaN(retryAfterHeader)\n ? calculateRetryAfterHeader(retryAfterHeader)\n : retryAfterHeader * 1e3 // Retry-After is in seconds\n }\n\n const retryTimeout =\n retryAfterHeader > 0\n ? Math.min(retryAfterHeader, maxTimeout)\n : Math.min(minTimeout * timeoutFactor ** (counter - 1), maxTimeout)\n\n setTimeout(() => cb(null), retryTimeout)\n }\n\n onHeaders (statusCode, rawHeaders, resume, statusMessage) {\n const headers = parseHeaders(rawHeaders)\n\n this.retryCount += 1\n\n if (statusCode >= 300) {\n if (this.retryOpts.statusCodes.includes(statusCode) === false) {\n return this.handler.onHeaders(\n statusCode,\n rawHeaders,\n resume,\n statusMessage\n )\n } else {\n this.abort(\n new RequestRetryError('Request failed', statusCode, {\n headers,\n data: {\n count: this.retryCount\n }\n })\n )\n return false\n }\n }\n\n // Checkpoint for resume from where we left it\n if (this.resume != null) {\n this.resume = null\n\n // Only Partial Content 206 supposed to provide Content-Range,\n // any other status code that partially consumed the payload\n // should not be retry because it would result in downstream\n // wrongly concatanete multiple responses.\n if (statusCode !== 206 && (this.start > 0 || statusCode !== 200)) {\n this.abort(\n new RequestRetryError('server does not support the range header and the payload was partially consumed', statusCode, {\n headers,\n data: { count: this.retryCount }\n })\n )\n return false\n }\n\n const contentRange = parseRangeHeader(headers['content-range'])\n // If no content range\n if (!contentRange) {\n this.abort(\n new RequestRetryError('Content-Range mismatch', statusCode, {\n headers,\n data: { count: this.retryCount }\n })\n )\n return false\n }\n\n // Let's start with a weak etag check\n if (this.etag != null && this.etag !== headers.etag) {\n this.abort(\n new RequestRetryError('ETag mismatch', statusCode, {\n headers,\n data: { count: this.retryCount }\n })\n )\n return false\n }\n\n const { start, size, end = size - 1 } = contentRange\n\n assert(this.start === start, 'content-range mismatch')\n assert(this.end == null || this.end === end, 'content-range mismatch')\n\n this.resume = resume\n return true\n }\n\n if (this.end == null) {\n if (statusCode === 206) {\n // First time we receive 206\n const range = parseRangeHeader(headers['content-range'])\n\n if (range == null) {\n return this.handler.onHeaders(\n statusCode,\n rawHeaders,\n resume,\n statusMessage\n )\n }\n\n const { start, size, end = size - 1 } = range\n assert(\n start != null && Number.isFinite(start),\n 'content-range mismatch'\n )\n assert(end != null && Number.isFinite(end), 'invalid content-length')\n\n this.start = start\n this.end = end\n }\n\n // We make our best to checkpoint the body for further range headers\n if (this.end == null) {\n const contentLength = headers['content-length']\n this.end = contentLength != null ? Number(contentLength) - 1 : null\n }\n\n assert(Number.isFinite(this.start))\n assert(\n this.end == null || Number.isFinite(this.end),\n 'invalid content-length'\n )\n\n this.resume = resume\n this.etag = headers.etag != null ? headers.etag : null\n\n // Weak etags are not useful for comparison nor cache\n // for instance not safe to assume if the response is byte-per-byte\n // equal\n if (this.etag != null && this.etag.startsWith('W/')) {\n this.etag = null\n }\n\n return this.handler.onHeaders(\n statusCode,\n rawHeaders,\n resume,\n statusMessage\n )\n }\n\n const err = new RequestRetryError('Request failed', statusCode, {\n headers,\n data: { count: this.retryCount }\n })\n\n this.abort(err)\n\n return false\n }\n\n onData (chunk) {\n this.start += chunk.length\n\n return this.handler.onData(chunk)\n }\n\n onComplete (rawTrailers) {\n this.retryCount = 0\n return this.handler.onComplete(rawTrailers)\n }\n\n onError (err) {\n if (this.aborted || isDisturbed(this.opts.body)) {\n return this.handler.onError(err)\n }\n\n // We reconcile in case of a mix between network errors\n // and server error response\n if (this.retryCount - this.retryCountCheckpoint > 0) {\n // We count the difference between the last checkpoint and the current retry count\n this.retryCount =\n this.retryCountCheckpoint +\n (this.retryCount - this.retryCountCheckpoint)\n } else {\n this.retryCount += 1\n }\n\n this.retryOpts.retry(\n err,\n {\n state: { counter: this.retryCount },\n opts: { retryOptions: this.retryOpts, ...this.opts }\n },\n onRetry.bind(this)\n )\n\n function onRetry (err) {\n if (err != null || this.aborted || isDisturbed(this.opts.body)) {\n return this.handler.onError(err)\n }\n\n if (this.start !== 0) {\n const headers = { range: `bytes=${this.start}-${this.end ?? ''}` }\n\n // Weak etag check - weak etags will make comparison algorithms never match\n if (this.etag != null) {\n headers['if-match'] = this.etag\n }\n\n this.opts = {\n ...this.opts,\n headers: {\n ...this.opts.headers,\n ...headers\n }\n }\n }\n\n try {\n this.retryCountCheckpoint = this.retryCount\n this.dispatch(this.opts, this)\n } catch (err) {\n this.handler.onError(err)\n }\n }\n }\n}\n\nmodule.exports = RetryHandler\n","'use strict'\nconst { isIP } = require('node:net')\nconst { lookup } = require('node:dns')\nconst DecoratorHandler = require('../handler/decorator-handler')\nconst { InvalidArgumentError, InformationalError } = require('../core/errors')\nconst maxInt = Math.pow(2, 31) - 1\n\nclass DNSInstance {\n #maxTTL = 0\n #maxItems = 0\n #records = new Map()\n dualStack = true\n affinity = null\n lookup = null\n pick = null\n\n constructor (opts) {\n this.#maxTTL = opts.maxTTL\n this.#maxItems = opts.maxItems\n this.dualStack = opts.dualStack\n this.affinity = opts.affinity\n this.lookup = opts.lookup ?? this.#defaultLookup\n this.pick = opts.pick ?? this.#defaultPick\n }\n\n get full () {\n return this.#records.size === this.#maxItems\n }\n\n runLookup (origin, opts, cb) {\n const ips = this.#records.get(origin.hostname)\n\n // If full, we just return the origin\n if (ips == null && this.full) {\n cb(null, origin.origin)\n return\n }\n\n const newOpts = {\n affinity: this.affinity,\n dualStack: this.dualStack,\n lookup: this.lookup,\n pick: this.pick,\n ...opts.dns,\n maxTTL: this.#maxTTL,\n maxItems: this.#maxItems\n }\n\n // If no IPs we lookup\n if (ips == null) {\n this.lookup(origin, newOpts, (err, addresses) => {\n if (err || addresses == null || addresses.length === 0) {\n cb(err ?? new InformationalError('No DNS entries found'))\n return\n }\n\n this.setRecords(origin, addresses)\n const records = this.#records.get(origin.hostname)\n\n const ip = this.pick(\n origin,\n records,\n newOpts.affinity\n )\n\n let port\n if (typeof ip.port === 'number') {\n port = `:${ip.port}`\n } else if (origin.port !== '') {\n port = `:${origin.port}`\n } else {\n port = ''\n }\n\n cb(\n null,\n `${origin.protocol}//${\n ip.family === 6 ? `[${ip.address}]` : ip.address\n }${port}`\n )\n })\n } else {\n // If there's IPs we pick\n const ip = this.pick(\n origin,\n ips,\n newOpts.affinity\n )\n\n // If no IPs we lookup - deleting old records\n if (ip == null) {\n this.#records.delete(origin.hostname)\n this.runLookup(origin, opts, cb)\n return\n }\n\n let port\n if (typeof ip.port === 'number') {\n port = `:${ip.port}`\n } else if (origin.port !== '') {\n port = `:${origin.port}`\n } else {\n port = ''\n }\n\n cb(\n null,\n `${origin.protocol}//${\n ip.family === 6 ? `[${ip.address}]` : ip.address\n }${port}`\n )\n }\n }\n\n #defaultLookup (origin, opts, cb) {\n lookup(\n origin.hostname,\n {\n all: true,\n family: this.dualStack === false ? this.affinity : 0,\n order: 'ipv4first'\n },\n (err, addresses) => {\n if (err) {\n return cb(err)\n }\n\n const results = new Map()\n\n for (const addr of addresses) {\n // On linux we found duplicates, we attempt to remove them with\n // the latest record\n results.set(`${addr.address}:${addr.family}`, addr)\n }\n\n cb(null, results.values())\n }\n )\n }\n\n #defaultPick (origin, hostnameRecords, affinity) {\n let ip = null\n const { records, offset } = hostnameRecords\n\n let family\n if (this.dualStack) {\n if (affinity == null) {\n // Balance between ip families\n if (offset == null || offset === maxInt) {\n hostnameRecords.offset = 0\n affinity = 4\n } else {\n hostnameRecords.offset++\n affinity = (hostnameRecords.offset & 1) === 1 ? 6 : 4\n }\n }\n\n if (records[affinity] != null && records[affinity].ips.length > 0) {\n family = records[affinity]\n } else {\n family = records[affinity === 4 ? 6 : 4]\n }\n } else {\n family = records[affinity]\n }\n\n // If no IPs we return null\n if (family == null || family.ips.length === 0) {\n return ip\n }\n\n if (family.offset == null || family.offset === maxInt) {\n family.offset = 0\n } else {\n family.offset++\n }\n\n const position = family.offset % family.ips.length\n ip = family.ips[position] ?? null\n\n if (ip == null) {\n return ip\n }\n\n if (Date.now() - ip.timestamp > ip.ttl) { // record TTL is already in ms\n // We delete expired records\n // It is possible that they have different TTL, so we manage them individually\n family.ips.splice(position, 1)\n return this.pick(origin, hostnameRecords, affinity)\n }\n\n return ip\n }\n\n setRecords (origin, addresses) {\n const timestamp = Date.now()\n const records = { records: { 4: null, 6: null } }\n for (const record of addresses) {\n record.timestamp = timestamp\n if (typeof record.ttl === 'number') {\n // The record TTL is expected to be in ms\n record.ttl = Math.min(record.ttl, this.#maxTTL)\n } else {\n record.ttl = this.#maxTTL\n }\n\n const familyRecords = records.records[record.family] ?? { ips: [] }\n\n familyRecords.ips.push(record)\n records.records[record.family] = familyRecords\n }\n\n this.#records.set(origin.hostname, records)\n }\n\n getHandler (meta, opts) {\n return new DNSDispatchHandler(this, meta, opts)\n }\n}\n\nclass DNSDispatchHandler extends DecoratorHandler {\n #state = null\n #opts = null\n #dispatch = null\n #handler = null\n #origin = null\n\n constructor (state, { origin, handler, dispatch }, opts) {\n super(handler)\n this.#origin = origin\n this.#handler = handler\n this.#opts = { ...opts }\n this.#state = state\n this.#dispatch = dispatch\n }\n\n onError (err) {\n switch (err.code) {\n case 'ETIMEDOUT':\n case 'ECONNREFUSED': {\n if (this.#state.dualStack) {\n // We delete the record and retry\n this.#state.runLookup(this.#origin, this.#opts, (err, newOrigin) => {\n if (err) {\n return this.#handler.onError(err)\n }\n\n const dispatchOpts = {\n ...this.#opts,\n origin: newOrigin\n }\n\n this.#dispatch(dispatchOpts, this)\n })\n\n // if dual-stack disabled, we error out\n return\n }\n\n this.#handler.onError(err)\n return\n }\n case 'ENOTFOUND':\n this.#state.deleteRecord(this.#origin)\n // eslint-disable-next-line no-fallthrough\n default:\n this.#handler.onError(err)\n break\n }\n }\n}\n\nmodule.exports = interceptorOpts => {\n if (\n interceptorOpts?.maxTTL != null &&\n (typeof interceptorOpts?.maxTTL !== 'number' || interceptorOpts?.maxTTL < 0)\n ) {\n throw new InvalidArgumentError('Invalid maxTTL. Must be a positive number')\n }\n\n if (\n interceptorOpts?.maxItems != null &&\n (typeof interceptorOpts?.maxItems !== 'number' ||\n interceptorOpts?.maxItems < 1)\n ) {\n throw new InvalidArgumentError(\n 'Invalid maxItems. Must be a positive number and greater than zero'\n )\n }\n\n if (\n interceptorOpts?.affinity != null &&\n interceptorOpts?.affinity !== 4 &&\n interceptorOpts?.affinity !== 6\n ) {\n throw new InvalidArgumentError('Invalid affinity. Must be either 4 or 6')\n }\n\n if (\n interceptorOpts?.dualStack != null &&\n typeof interceptorOpts?.dualStack !== 'boolean'\n ) {\n throw new InvalidArgumentError('Invalid dualStack. Must be a boolean')\n }\n\n if (\n interceptorOpts?.lookup != null &&\n typeof interceptorOpts?.lookup !== 'function'\n ) {\n throw new InvalidArgumentError('Invalid lookup. Must be a function')\n }\n\n if (\n interceptorOpts?.pick != null &&\n typeof interceptorOpts?.pick !== 'function'\n ) {\n throw new InvalidArgumentError('Invalid pick. Must be a function')\n }\n\n const dualStack = interceptorOpts?.dualStack ?? true\n let affinity\n if (dualStack) {\n affinity = interceptorOpts?.affinity ?? null\n } else {\n affinity = interceptorOpts?.affinity ?? 4\n }\n\n const opts = {\n maxTTL: interceptorOpts?.maxTTL ?? 10e3, // Expressed in ms\n lookup: interceptorOpts?.lookup ?? null,\n pick: interceptorOpts?.pick ?? null,\n dualStack,\n affinity,\n maxItems: interceptorOpts?.maxItems ?? Infinity\n }\n\n const instance = new DNSInstance(opts)\n\n return dispatch => {\n return function dnsInterceptor (origDispatchOpts, handler) {\n const origin =\n origDispatchOpts.origin.constructor === URL\n ? origDispatchOpts.origin\n : new URL(origDispatchOpts.origin)\n\n if (isIP(origin.hostname) !== 0) {\n return dispatch(origDispatchOpts, handler)\n }\n\n instance.runLookup(origin, origDispatchOpts, (err, newOrigin) => {\n if (err) {\n return handler.onError(err)\n }\n\n let dispatchOpts = null\n dispatchOpts = {\n ...origDispatchOpts,\n servername: origin.hostname, // For SNI on TLS\n origin: newOrigin,\n headers: {\n host: origin.hostname,\n ...origDispatchOpts.headers\n }\n }\n\n dispatch(\n dispatchOpts,\n instance.getHandler({ origin, dispatch, handler }, origDispatchOpts)\n )\n })\n\n return true\n }\n }\n}\n","'use strict'\n\nconst util = require('../core/util')\nconst { InvalidArgumentError, RequestAbortedError } = require('../core/errors')\nconst DecoratorHandler = require('../handler/decorator-handler')\n\nclass DumpHandler extends DecoratorHandler {\n #maxSize = 1024 * 1024\n #abort = null\n #dumped = false\n #aborted = false\n #size = 0\n #reason = null\n #handler = null\n\n constructor ({ maxSize }, handler) {\n super(handler)\n\n if (maxSize != null && (!Number.isFinite(maxSize) || maxSize < 1)) {\n throw new InvalidArgumentError('maxSize must be a number greater than 0')\n }\n\n this.#maxSize = maxSize ?? this.#maxSize\n this.#handler = handler\n }\n\n onConnect (abort) {\n this.#abort = abort\n\n this.#handler.onConnect(this.#customAbort.bind(this))\n }\n\n #customAbort (reason) {\n this.#aborted = true\n this.#reason = reason\n }\n\n // TODO: will require adjustment after new hooks are out\n onHeaders (statusCode, rawHeaders, resume, statusMessage) {\n const headers = util.parseHeaders(rawHeaders)\n const contentLength = headers['content-length']\n\n if (contentLength != null && contentLength > this.#maxSize) {\n throw new RequestAbortedError(\n `Response size (${contentLength}) larger than maxSize (${\n this.#maxSize\n })`\n )\n }\n\n if (this.#aborted) {\n return true\n }\n\n return this.#handler.onHeaders(\n statusCode,\n rawHeaders,\n resume,\n statusMessage\n )\n }\n\n onError (err) {\n if (this.#dumped) {\n return\n }\n\n err = this.#reason ?? err\n\n this.#handler.onError(err)\n }\n\n onData (chunk) {\n this.#size = this.#size + chunk.length\n\n if (this.#size >= this.#maxSize) {\n this.#dumped = true\n\n if (this.#aborted) {\n this.#handler.onError(this.#reason)\n } else {\n this.#handler.onComplete([])\n }\n }\n\n return true\n }\n\n onComplete (trailers) {\n if (this.#dumped) {\n return\n }\n\n if (this.#aborted) {\n this.#handler.onError(this.reason)\n return\n }\n\n this.#handler.onComplete(trailers)\n }\n}\n\nfunction createDumpInterceptor (\n { maxSize: defaultMaxSize } = {\n maxSize: 1024 * 1024\n }\n) {\n return dispatch => {\n return function Intercept (opts, handler) {\n const { dumpMaxSize = defaultMaxSize } =\n opts\n\n const dumpHandler = new DumpHandler(\n { maxSize: dumpMaxSize },\n handler\n )\n\n return dispatch(opts, dumpHandler)\n }\n }\n}\n\nmodule.exports = createDumpInterceptor\n","'use strict'\n\nconst RedirectHandler = require('../handler/redirect-handler')\n\nfunction createRedirectInterceptor ({ maxRedirections: defaultMaxRedirections }) {\n return (dispatch) => {\n return function Intercept (opts, handler) {\n const { maxRedirections = defaultMaxRedirections } = opts\n\n if (!maxRedirections) {\n return dispatch(opts, handler)\n }\n\n const redirectHandler = new RedirectHandler(dispatch, maxRedirections, opts, handler)\n opts = { ...opts, maxRedirections: 0 } // Stop sub dispatcher from also redirecting.\n return dispatch(opts, redirectHandler)\n }\n }\n}\n\nmodule.exports = createRedirectInterceptor\n","'use strict'\nconst RedirectHandler = require('../handler/redirect-handler')\n\nmodule.exports = opts => {\n const globalMaxRedirections = opts?.maxRedirections\n return dispatch => {\n return function redirectInterceptor (opts, handler) {\n const { maxRedirections = globalMaxRedirections, ...baseOpts } = opts\n\n if (!maxRedirections) {\n return dispatch(opts, handler)\n }\n\n const redirectHandler = new RedirectHandler(\n dispatch,\n maxRedirections,\n opts,\n handler\n )\n\n return dispatch(baseOpts, redirectHandler)\n }\n }\n}\n","'use strict'\nconst RetryHandler = require('../handler/retry-handler')\n\nmodule.exports = globalOpts => {\n return dispatch => {\n return function retryInterceptor (opts, handler) {\n return dispatch(\n opts,\n new RetryHandler(\n { ...opts, retryOptions: { ...globalOpts, ...opts.retryOptions } },\n {\n handler,\n dispatch\n }\n )\n )\n }\n }\n}\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.SPECIAL_HEADERS = exports.HEADER_STATE = exports.MINOR = exports.MAJOR = exports.CONNECTION_TOKEN_CHARS = exports.HEADER_CHARS = exports.TOKEN = exports.STRICT_TOKEN = exports.HEX = exports.URL_CHAR = exports.STRICT_URL_CHAR = exports.USERINFO_CHARS = exports.MARK = exports.ALPHANUM = exports.NUM = exports.HEX_MAP = exports.NUM_MAP = exports.ALPHA = exports.FINISH = exports.H_METHOD_MAP = exports.METHOD_MAP = exports.METHODS_RTSP = exports.METHODS_ICE = exports.METHODS_HTTP = exports.METHODS = exports.LENIENT_FLAGS = exports.FLAGS = exports.TYPE = exports.ERROR = void 0;\nconst utils_1 = require(\"./utils\");\n// C headers\nvar ERROR;\n(function (ERROR) {\n ERROR[ERROR[\"OK\"] = 0] = \"OK\";\n ERROR[ERROR[\"INTERNAL\"] = 1] = \"INTERNAL\";\n ERROR[ERROR[\"STRICT\"] = 2] = \"STRICT\";\n ERROR[ERROR[\"LF_EXPECTED\"] = 3] = \"LF_EXPECTED\";\n ERROR[ERROR[\"UNEXPECTED_CONTENT_LENGTH\"] = 4] = \"UNEXPECTED_CONTENT_LENGTH\";\n ERROR[ERROR[\"CLOSED_CONNECTION\"] = 5] = \"CLOSED_CONNECTION\";\n ERROR[ERROR[\"INVALID_METHOD\"] = 6] = \"INVALID_METHOD\";\n ERROR[ERROR[\"INVALID_URL\"] = 7] = \"INVALID_URL\";\n ERROR[ERROR[\"INVALID_CONSTANT\"] = 8] = \"INVALID_CONSTANT\";\n ERROR[ERROR[\"INVALID_VERSION\"] = 9] = \"INVALID_VERSION\";\n ERROR[ERROR[\"INVALID_HEADER_TOKEN\"] = 10] = \"INVALID_HEADER_TOKEN\";\n ERROR[ERROR[\"INVALID_CONTENT_LENGTH\"] = 11] = \"INVALID_CONTENT_LENGTH\";\n ERROR[ERROR[\"INVALID_CHUNK_SIZE\"] = 12] = \"INVALID_CHUNK_SIZE\";\n ERROR[ERROR[\"INVALID_STATUS\"] = 13] = \"INVALID_STATUS\";\n ERROR[ERROR[\"INVALID_EOF_STATE\"] = 14] = \"INVALID_EOF_STATE\";\n ERROR[ERROR[\"INVALID_TRANSFER_ENCODING\"] = 15] = \"INVALID_TRANSFER_ENCODING\";\n ERROR[ERROR[\"CB_MESSAGE_BEGIN\"] = 16] = \"CB_MESSAGE_BEGIN\";\n ERROR[ERROR[\"CB_HEADERS_COMPLETE\"] = 17] = \"CB_HEADERS_COMPLETE\";\n ERROR[ERROR[\"CB_MESSAGE_COMPLETE\"] = 18] = \"CB_MESSAGE_COMPLETE\";\n ERROR[ERROR[\"CB_CHUNK_HEADER\"] = 19] = \"CB_CHUNK_HEADER\";\n ERROR[ERROR[\"CB_CHUNK_COMPLETE\"] = 20] = \"CB_CHUNK_COMPLETE\";\n ERROR[ERROR[\"PAUSED\"] = 21] = \"PAUSED\";\n ERROR[ERROR[\"PAUSED_UPGRADE\"] = 22] = \"PAUSED_UPGRADE\";\n ERROR[ERROR[\"PAUSED_H2_UPGRADE\"] = 23] = \"PAUSED_H2_UPGRADE\";\n ERROR[ERROR[\"USER\"] = 24] = \"USER\";\n})(ERROR = exports.ERROR || (exports.ERROR = {}));\nvar TYPE;\n(function (TYPE) {\n TYPE[TYPE[\"BOTH\"] = 0] = \"BOTH\";\n TYPE[TYPE[\"REQUEST\"] = 1] = \"REQUEST\";\n TYPE[TYPE[\"RESPONSE\"] = 2] = \"RESPONSE\";\n})(TYPE = exports.TYPE || (exports.TYPE = {}));\nvar FLAGS;\n(function (FLAGS) {\n FLAGS[FLAGS[\"CONNECTION_KEEP_ALIVE\"] = 1] = \"CONNECTION_KEEP_ALIVE\";\n FLAGS[FLAGS[\"CONNECTION_CLOSE\"] = 2] = \"CONNECTION_CLOSE\";\n FLAGS[FLAGS[\"CONNECTION_UPGRADE\"] = 4] = \"CONNECTION_UPGRADE\";\n FLAGS[FLAGS[\"CHUNKED\"] = 8] = \"CHUNKED\";\n FLAGS[FLAGS[\"UPGRADE\"] = 16] = \"UPGRADE\";\n FLAGS[FLAGS[\"CONTENT_LENGTH\"] = 32] = \"CONTENT_LENGTH\";\n FLAGS[FLAGS[\"SKIPBODY\"] = 64] = \"SKIPBODY\";\n FLAGS[FLAGS[\"TRAILING\"] = 128] = \"TRAILING\";\n // 1 << 8 is unused\n FLAGS[FLAGS[\"TRANSFER_ENCODING\"] = 512] = \"TRANSFER_ENCODING\";\n})(FLAGS = exports.FLAGS || (exports.FLAGS = {}));\nvar LENIENT_FLAGS;\n(function (LENIENT_FLAGS) {\n LENIENT_FLAGS[LENIENT_FLAGS[\"HEADERS\"] = 1] = \"HEADERS\";\n LENIENT_FLAGS[LENIENT_FLAGS[\"CHUNKED_LENGTH\"] = 2] = \"CHUNKED_LENGTH\";\n LENIENT_FLAGS[LENIENT_FLAGS[\"KEEP_ALIVE\"] = 4] = \"KEEP_ALIVE\";\n})(LENIENT_FLAGS = exports.LENIENT_FLAGS || (exports.LENIENT_FLAGS = {}));\nvar METHODS;\n(function (METHODS) {\n METHODS[METHODS[\"DELETE\"] = 0] = \"DELETE\";\n METHODS[METHODS[\"GET\"] = 1] = \"GET\";\n METHODS[METHODS[\"HEAD\"] = 2] = \"HEAD\";\n METHODS[METHODS[\"POST\"] = 3] = \"POST\";\n METHODS[METHODS[\"PUT\"] = 4] = \"PUT\";\n /* pathological */\n METHODS[METHODS[\"CONNECT\"] = 5] = \"CONNECT\";\n METHODS[METHODS[\"OPTIONS\"] = 6] = \"OPTIONS\";\n METHODS[METHODS[\"TRACE\"] = 7] = \"TRACE\";\n /* WebDAV */\n METHODS[METHODS[\"COPY\"] = 8] = \"COPY\";\n METHODS[METHODS[\"LOCK\"] = 9] = \"LOCK\";\n METHODS[METHODS[\"MKCOL\"] = 10] = \"MKCOL\";\n METHODS[METHODS[\"MOVE\"] = 11] = \"MOVE\";\n METHODS[METHODS[\"PROPFIND\"] = 12] = \"PROPFIND\";\n METHODS[METHODS[\"PROPPATCH\"] = 13] = \"PROPPATCH\";\n METHODS[METHODS[\"SEARCH\"] = 14] = \"SEARCH\";\n METHODS[METHODS[\"UNLOCK\"] = 15] = \"UNLOCK\";\n METHODS[METHODS[\"BIND\"] = 16] = \"BIND\";\n METHODS[METHODS[\"REBIND\"] = 17] = \"REBIND\";\n METHODS[METHODS[\"UNBIND\"] = 18] = \"UNBIND\";\n METHODS[METHODS[\"ACL\"] = 19] = \"ACL\";\n /* subversion */\n METHODS[METHODS[\"REPORT\"] = 20] = \"REPORT\";\n METHODS[METHODS[\"MKACTIVITY\"] = 21] = \"MKACTIVITY\";\n METHODS[METHODS[\"CHECKOUT\"] = 22] = \"CHECKOUT\";\n METHODS[METHODS[\"MERGE\"] = 23] = \"MERGE\";\n /* upnp */\n METHODS[METHODS[\"M-SEARCH\"] = 24] = \"M-SEARCH\";\n METHODS[METHODS[\"NOTIFY\"] = 25] = \"NOTIFY\";\n METHODS[METHODS[\"SUBSCRIBE\"] = 26] = \"SUBSCRIBE\";\n METHODS[METHODS[\"UNSUBSCRIBE\"] = 27] = \"UNSUBSCRIBE\";\n /* RFC-5789 */\n METHODS[METHODS[\"PATCH\"] = 28] = \"PATCH\";\n METHODS[METHODS[\"PURGE\"] = 29] = \"PURGE\";\n /* CalDAV */\n METHODS[METHODS[\"MKCALENDAR\"] = 30] = \"MKCALENDAR\";\n /* RFC-2068, section 19.6.1.2 */\n METHODS[METHODS[\"LINK\"] = 31] = \"LINK\";\n METHODS[METHODS[\"UNLINK\"] = 32] = \"UNLINK\";\n /* icecast */\n METHODS[METHODS[\"SOURCE\"] = 33] = \"SOURCE\";\n /* RFC-7540, section 11.6 */\n METHODS[METHODS[\"PRI\"] = 34] = \"PRI\";\n /* RFC-2326 RTSP */\n METHODS[METHODS[\"DESCRIBE\"] = 35] = \"DESCRIBE\";\n METHODS[METHODS[\"ANNOUNCE\"] = 36] = \"ANNOUNCE\";\n METHODS[METHODS[\"SETUP\"] = 37] = \"SETUP\";\n METHODS[METHODS[\"PLAY\"] = 38] = \"PLAY\";\n METHODS[METHODS[\"PAUSE\"] = 39] = \"PAUSE\";\n METHODS[METHODS[\"TEARDOWN\"] = 40] = \"TEARDOWN\";\n METHODS[METHODS[\"GET_PARAMETER\"] = 41] = \"GET_PARAMETER\";\n METHODS[METHODS[\"SET_PARAMETER\"] = 42] = \"SET_PARAMETER\";\n METHODS[METHODS[\"REDIRECT\"] = 43] = \"REDIRECT\";\n METHODS[METHODS[\"RECORD\"] = 44] = \"RECORD\";\n /* RAOP */\n METHODS[METHODS[\"FLUSH\"] = 45] = \"FLUSH\";\n})(METHODS = exports.METHODS || (exports.METHODS = {}));\nexports.METHODS_HTTP = [\n METHODS.DELETE,\n METHODS.GET,\n METHODS.HEAD,\n METHODS.POST,\n METHODS.PUT,\n METHODS.CONNECT,\n METHODS.OPTIONS,\n METHODS.TRACE,\n METHODS.COPY,\n METHODS.LOCK,\n METHODS.MKCOL,\n METHODS.MOVE,\n METHODS.PROPFIND,\n METHODS.PROPPATCH,\n METHODS.SEARCH,\n METHODS.UNLOCK,\n METHODS.BIND,\n METHODS.REBIND,\n METHODS.UNBIND,\n METHODS.ACL,\n METHODS.REPORT,\n METHODS.MKACTIVITY,\n METHODS.CHECKOUT,\n METHODS.MERGE,\n METHODS['M-SEARCH'],\n METHODS.NOTIFY,\n METHODS.SUBSCRIBE,\n METHODS.UNSUBSCRIBE,\n METHODS.PATCH,\n METHODS.PURGE,\n METHODS.MKCALENDAR,\n METHODS.LINK,\n METHODS.UNLINK,\n METHODS.PRI,\n // TODO(indutny): should we allow it with HTTP?\n METHODS.SOURCE,\n];\nexports.METHODS_ICE = [\n METHODS.SOURCE,\n];\nexports.METHODS_RTSP = [\n METHODS.OPTIONS,\n METHODS.DESCRIBE,\n METHODS.ANNOUNCE,\n METHODS.SETUP,\n METHODS.PLAY,\n METHODS.PAUSE,\n METHODS.TEARDOWN,\n METHODS.GET_PARAMETER,\n METHODS.SET_PARAMETER,\n METHODS.REDIRECT,\n METHODS.RECORD,\n METHODS.FLUSH,\n // For AirPlay\n METHODS.GET,\n METHODS.POST,\n];\nexports.METHOD_MAP = utils_1.enumToMap(METHODS);\nexports.H_METHOD_MAP = {};\nObject.keys(exports.METHOD_MAP).forEach((key) => {\n if (/^H/.test(key)) {\n exports.H_METHOD_MAP[key] = exports.METHOD_MAP[key];\n }\n});\nvar FINISH;\n(function (FINISH) {\n FINISH[FINISH[\"SAFE\"] = 0] = \"SAFE\";\n FINISH[FINISH[\"SAFE_WITH_CB\"] = 1] = \"SAFE_WITH_CB\";\n FINISH[FINISH[\"UNSAFE\"] = 2] = \"UNSAFE\";\n})(FINISH = exports.FINISH || (exports.FINISH = {}));\nexports.ALPHA = [];\nfor (let i = 'A'.charCodeAt(0); i <= 'Z'.charCodeAt(0); i++) {\n // Upper case\n exports.ALPHA.push(String.fromCharCode(i));\n // Lower case\n exports.ALPHA.push(String.fromCharCode(i + 0x20));\n}\nexports.NUM_MAP = {\n 0: 0, 1: 1, 2: 2, 3: 3, 4: 4,\n 5: 5, 6: 6, 7: 7, 8: 8, 9: 9,\n};\nexports.HEX_MAP = {\n 0: 0, 1: 1, 2: 2, 3: 3, 4: 4,\n 5: 5, 6: 6, 7: 7, 8: 8, 9: 9,\n A: 0XA, B: 0XB, C: 0XC, D: 0XD, E: 0XE, F: 0XF,\n a: 0xa, b: 0xb, c: 0xc, d: 0xd, e: 0xe, f: 0xf,\n};\nexports.NUM = [\n '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',\n];\nexports.ALPHANUM = exports.ALPHA.concat(exports.NUM);\nexports.MARK = ['-', '_', '.', '!', '~', '*', '\\'', '(', ')'];\nexports.USERINFO_CHARS = exports.ALPHANUM\n .concat(exports.MARK)\n .concat(['%', ';', ':', '&', '=', '+', '$', ',']);\n// TODO(indutny): use RFC\nexports.STRICT_URL_CHAR = [\n '!', '\"', '$', '%', '&', '\\'',\n '(', ')', '*', '+', ',', '-', '.', '/',\n ':', ';', '<', '=', '>',\n '@', '[', '\\\\', ']', '^', '_',\n '`',\n '{', '|', '}', '~',\n].concat(exports.ALPHANUM);\nexports.URL_CHAR = exports.STRICT_URL_CHAR\n .concat(['\\t', '\\f']);\n// All characters with 0x80 bit set to 1\nfor (let i = 0x80; i <= 0xff; i++) {\n exports.URL_CHAR.push(i);\n}\nexports.HEX = exports.NUM.concat(['a', 'b', 'c', 'd', 'e', 'f', 'A', 'B', 'C', 'D', 'E', 'F']);\n/* Tokens as defined by rfc 2616. Also lowercases them.\n * token = 1*\n * separators = \"(\" | \")\" | \"<\" | \">\" | \"@\"\n * | \",\" | \";\" | \":\" | \"\\\" | <\">\n * | \"/\" | \"[\" | \"]\" | \"?\" | \"=\"\n * | \"{\" | \"}\" | SP | HT\n */\nexports.STRICT_TOKEN = [\n '!', '#', '$', '%', '&', '\\'',\n '*', '+', '-', '.',\n '^', '_', '`',\n '|', '~',\n].concat(exports.ALPHANUM);\nexports.TOKEN = exports.STRICT_TOKEN.concat([' ']);\n/*\n * Verify that a char is a valid visible (printable) US-ASCII\n * character or %x80-FF\n */\nexports.HEADER_CHARS = ['\\t'];\nfor (let i = 32; i <= 255; i++) {\n if (i !== 127) {\n exports.HEADER_CHARS.push(i);\n }\n}\n// ',' = \\x44\nexports.CONNECTION_TOKEN_CHARS = exports.HEADER_CHARS.filter((c) => c !== 44);\nexports.MAJOR = exports.NUM_MAP;\nexports.MINOR = exports.MAJOR;\nvar HEADER_STATE;\n(function (HEADER_STATE) {\n HEADER_STATE[HEADER_STATE[\"GENERAL\"] = 0] = \"GENERAL\";\n HEADER_STATE[HEADER_STATE[\"CONNECTION\"] = 1] = \"CONNECTION\";\n HEADER_STATE[HEADER_STATE[\"CONTENT_LENGTH\"] = 2] = \"CONTENT_LENGTH\";\n HEADER_STATE[HEADER_STATE[\"TRANSFER_ENCODING\"] = 3] = \"TRANSFER_ENCODING\";\n HEADER_STATE[HEADER_STATE[\"UPGRADE\"] = 4] = \"UPGRADE\";\n HEADER_STATE[HEADER_STATE[\"CONNECTION_KEEP_ALIVE\"] = 5] = \"CONNECTION_KEEP_ALIVE\";\n HEADER_STATE[HEADER_STATE[\"CONNECTION_CLOSE\"] = 6] = \"CONNECTION_CLOSE\";\n HEADER_STATE[HEADER_STATE[\"CONNECTION_UPGRADE\"] = 7] = \"CONNECTION_UPGRADE\";\n HEADER_STATE[HEADER_STATE[\"TRANSFER_ENCODING_CHUNKED\"] = 8] = \"TRANSFER_ENCODING_CHUNKED\";\n})(HEADER_STATE = exports.HEADER_STATE || (exports.HEADER_STATE = {}));\nexports.SPECIAL_HEADERS = {\n 'connection': HEADER_STATE.CONNECTION,\n 'content-length': HEADER_STATE.CONTENT_LENGTH,\n 'proxy-connection': HEADER_STATE.CONNECTION,\n 'transfer-encoding': HEADER_STATE.TRANSFER_ENCODING,\n 'upgrade': HEADER_STATE.UPGRADE,\n};\n//# sourceMappingURL=constants.js.map","'use strict'\n\nconst { Buffer } = require('node:buffer')\n\nmodule.exports = Buffer.from('AGFzbQEAAAABJwdgAX8Bf2ADf39/AX9gAX8AYAJ/fwBgBH9/f38Bf2AAAGADf39/AALLAQgDZW52GHdhc21fb25faGVhZGVyc19jb21wbGV0ZQAEA2VudhV3YXNtX29uX21lc3NhZ2VfYmVnaW4AAANlbnYLd2FzbV9vbl91cmwAAQNlbnYOd2FzbV9vbl9zdGF0dXMAAQNlbnYUd2FzbV9vbl9oZWFkZXJfZmllbGQAAQNlbnYUd2FzbV9vbl9oZWFkZXJfdmFsdWUAAQNlbnYMd2FzbV9vbl9ib2R5AAEDZW52GHdhc21fb25fbWVzc2FnZV9jb21wbGV0ZQAAAy0sBQYAAAIAAAAAAAACAQIAAgICAAADAAAAAAMDAwMBAQEBAQEBAQEAAAIAAAAEBQFwARISBQMBAAIGCAF/AUGA1AQLB9EFIgZtZW1vcnkCAAtfaW5pdGlhbGl6ZQAIGV9faW5kaXJlY3RfZnVuY3Rpb25fdGFibGUBAAtsbGh0dHBfaW5pdAAJGGxsaHR0cF9zaG91bGRfa2VlcF9hbGl2ZQAvDGxsaHR0cF9hbGxvYwALBm1hbGxvYwAxC2xsaHR0cF9mcmVlAAwEZnJlZQAMD2xsaHR0cF9nZXRfdHlwZQANFWxsaHR0cF9nZXRfaHR0cF9tYWpvcgAOFWxsaHR0cF9nZXRfaHR0cF9taW5vcgAPEWxsaHR0cF9nZXRfbWV0aG9kABAWbGxodHRwX2dldF9zdGF0dXNfY29kZQAREmxsaHR0cF9nZXRfdXBncmFkZQASDGxsaHR0cF9yZXNldAATDmxsaHR0cF9leGVjdXRlABQUbGxodHRwX3NldHRpbmdzX2luaXQAFQ1sbGh0dHBfZmluaXNoABYMbGxodHRwX3BhdXNlABcNbGxodHRwX3Jlc3VtZQAYG2xsaHR0cF9yZXN1bWVfYWZ0ZXJfdXBncmFkZQAZEGxsaHR0cF9nZXRfZXJybm8AGhdsbGh0dHBfZ2V0X2Vycm9yX3JlYXNvbgAbF2xsaHR0cF9zZXRfZXJyb3JfcmVhc29uABwUbGxodHRwX2dldF9lcnJvcl9wb3MAHRFsbGh0dHBfZXJybm9fbmFtZQAeEmxsaHR0cF9tZXRob2RfbmFtZQAfEmxsaHR0cF9zdGF0dXNfbmFtZQAgGmxsaHR0cF9zZXRfbGVuaWVudF9oZWFkZXJzACEhbGxodHRwX3NldF9sZW5pZW50X2NodW5rZWRfbGVuZ3RoACIdbGxodHRwX3NldF9sZW5pZW50X2tlZXBfYWxpdmUAIyRsbGh0dHBfc2V0X2xlbmllbnRfdHJhbnNmZXJfZW5jb2RpbmcAJBhsbGh0dHBfbWVzc2FnZV9uZWVkc19lb2YALgkXAQBBAQsRAQIDBAUKBgcrLSwqKSglJyYK07MCLBYAQYjQACgCAARAAAtBiNAAQQE2AgALFAAgABAwIAAgAjYCOCAAIAE6ACgLFAAgACAALwEyIAAtAC4gABAvEAALHgEBf0HAABAyIgEQMCABQYAINgI4IAEgADoAKCABC48MAQd/AkAgAEUNACAAQQhrIgEgAEEEaygCACIAQXhxIgRqIQUCQCAAQQFxDQAgAEEDcUUNASABIAEoAgAiAGsiAUGc0AAoAgBJDQEgACAEaiEEAkACQEGg0AAoAgAgAUcEQCAAQf8BTQRAIABBA3YhAyABKAIIIgAgASgCDCICRgRAQYzQAEGM0AAoAgBBfiADd3E2AgAMBQsgAiAANgIIIAAgAjYCDAwECyABKAIYIQYgASABKAIMIgBHBEAgACABKAIIIgI2AgggAiAANgIMDAMLIAFBFGoiAygCACICRQRAIAEoAhAiAkUNAiABQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFKAIEIgBBA3FBA0cNAiAFIABBfnE2AgRBlNAAIAQ2AgAgBSAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCABKAIcIgJBAnRBvNIAaiIDKAIAIAFGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgAUYbaiAANgIAIABFDQELIAAgBjYCGCABKAIQIgIEQCAAIAI2AhAgAiAANgIYCyABQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAFTw0AIAUoAgQiAEEBcUUNAAJAAkACQAJAIABBAnFFBEBBpNAAKAIAIAVGBEBBpNAAIAE2AgBBmNAAQZjQACgCACAEaiIANgIAIAEgAEEBcjYCBCABQaDQACgCAEcNBkGU0ABBADYCAEGg0ABBADYCAAwGC0Gg0AAoAgAgBUYEQEGg0AAgATYCAEGU0ABBlNAAKAIAIARqIgA2AgAgASAAQQFyNgIEIAAgAWogADYCAAwGCyAAQXhxIARqIQQgAEH/AU0EQCAAQQN2IQMgBSgCCCIAIAUoAgwiAkYEQEGM0ABBjNAAKAIAQX4gA3dxNgIADAULIAIgADYCCCAAIAI2AgwMBAsgBSgCGCEGIAUgBSgCDCIARwRAQZzQACgCABogACAFKAIIIgI2AgggAiAANgIMDAMLIAVBFGoiAygCACICRQRAIAUoAhAiAkUNAiAFQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFIABBfnE2AgQgASAEaiAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCAFKAIcIgJBAnRBvNIAaiIDKAIAIAVGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiAANgIAIABFDQELIAAgBjYCGCAFKAIQIgIEQCAAIAI2AhAgAiAANgIYCyAFQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAEaiAENgIAIAEgBEEBcjYCBCABQaDQACgCAEcNAEGU0AAgBDYCAAwBCyAEQf8BTQRAIARBeHFBtNAAaiEAAn9BjNAAKAIAIgJBASAEQQN2dCIDcUUEQEGM0AAgAiADcjYCACAADAELIAAoAggLIgIgATYCDCAAIAE2AgggASAANgIMIAEgAjYCCAwBC0EfIQIgBEH///8HTQRAIARBJiAEQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAgsgASACNgIcIAFCADcCECACQQJ0QbzSAGohAAJAQZDQACgCACIDQQEgAnQiB3FFBEAgACABNgIAQZDQACADIAdyNgIAIAEgADYCGCABIAE2AgggASABNgIMDAELIARBGSACQQF2a0EAIAJBH0cbdCECIAAoAgAhAAJAA0AgACIDKAIEQXhxIARGDQEgAkEddiEAIAJBAXQhAiADIABBBHFqQRBqIgcoAgAiAA0ACyAHIAE2AgAgASADNgIYIAEgATYCDCABIAE2AggMAQsgAygCCCIAIAE2AgwgAyABNgIIIAFBADYCGCABIAM2AgwgASAANgIIC0Gs0ABBrNAAKAIAQQFrIgBBfyAAGzYCAAsLBwAgAC0AKAsHACAALQAqCwcAIAAtACsLBwAgAC0AKQsHACAALwEyCwcAIAAtAC4LQAEEfyAAKAIYIQEgAC0ALSECIAAtACghAyAAKAI4IQQgABAwIAAgBDYCOCAAIAM6ACggACACOgAtIAAgATYCGAu74gECB38DfiABIAJqIQQCQCAAIgIoAgwiAA0AIAIoAgQEQCACIAE2AgQLIwBBEGsiCCQAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAIoAhwiA0EBaw7dAdoBAdkBAgMEBQYHCAkKCwwNDtgBDxDXARES1gETFBUWFxgZGhvgAd8BHB0e1QEfICEiIyQl1AEmJygpKiss0wHSAS0u0QHQAS8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRtsBR0hJSs8BzgFLzQFMzAFNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AAYEBggGDAYQBhQGGAYcBiAGJAYoBiwGMAY0BjgGPAZABkQGSAZMBlAGVAZYBlwGYAZkBmgGbAZwBnQGeAZ8BoAGhAaIBowGkAaUBpgGnAagBqQGqAasBrAGtAa4BrwGwAbEBsgGzAbQBtQG2AbcBywHKAbgByQG5AcgBugG7AbwBvQG+Ab8BwAHBAcIBwwHEAcUBxgEA3AELQQAMxgELQQ4MxQELQQ0MxAELQQ8MwwELQRAMwgELQRMMwQELQRQMwAELQRUMvwELQRYMvgELQRgMvQELQRkMvAELQRoMuwELQRsMugELQRwMuQELQR0MuAELQQgMtwELQR4MtgELQSAMtQELQR8MtAELQQcMswELQSEMsgELQSIMsQELQSMMsAELQSQMrwELQRIMrgELQREMrQELQSUMrAELQSYMqwELQScMqgELQSgMqQELQcMBDKgBC0EqDKcBC0ErDKYBC0EsDKUBC0EtDKQBC0EuDKMBC0EvDKIBC0HEAQyhAQtBMAygAQtBNAyfAQtBDAyeAQtBMQydAQtBMgycAQtBMwybAQtBOQyaAQtBNQyZAQtBxQEMmAELQQsMlwELQToMlgELQTYMlQELQQoMlAELQTcMkwELQTgMkgELQTwMkQELQTsMkAELQT0MjwELQQkMjgELQSkMjQELQT4MjAELQT8MiwELQcAADIoBC0HBAAyJAQtBwgAMiAELQcMADIcBC0HEAAyGAQtBxQAMhQELQcYADIQBC0EXDIMBC0HHAAyCAQtByAAMgQELQckADIABC0HKAAx/C0HLAAx+C0HNAAx9C0HMAAx8C0HOAAx7C0HPAAx6C0HQAAx5C0HRAAx4C0HSAAx3C0HTAAx2C0HUAAx1C0HWAAx0C0HVAAxzC0EGDHILQdcADHELQQUMcAtB2AAMbwtBBAxuC0HZAAxtC0HaAAxsC0HbAAxrC0HcAAxqC0EDDGkLQd0ADGgLQd4ADGcLQd8ADGYLQeEADGULQeAADGQLQeIADGMLQeMADGILQQIMYQtB5AAMYAtB5QAMXwtB5gAMXgtB5wAMXQtB6AAMXAtB6QAMWwtB6gAMWgtB6wAMWQtB7AAMWAtB7QAMVwtB7gAMVgtB7wAMVQtB8AAMVAtB8QAMUwtB8gAMUgtB8wAMUQtB9AAMUAtB9QAMTwtB9gAMTgtB9wAMTQtB+AAMTAtB+QAMSwtB+gAMSgtB+wAMSQtB/AAMSAtB/QAMRwtB/gAMRgtB/wAMRQtBgAEMRAtBgQEMQwtBggEMQgtBgwEMQQtBhAEMQAtBhQEMPwtBhgEMPgtBhwEMPQtBiAEMPAtBiQEMOwtBigEMOgtBiwEMOQtBjAEMOAtBjQEMNwtBjgEMNgtBjwEMNQtBkAEMNAtBkQEMMwtBkgEMMgtBkwEMMQtBlAEMMAtBlQEMLwtBlgEMLgtBlwEMLQtBmAEMLAtBmQEMKwtBmgEMKgtBmwEMKQtBnAEMKAtBnQEMJwtBngEMJgtBnwEMJQtBoAEMJAtBoQEMIwtBogEMIgtBowEMIQtBpAEMIAtBpQEMHwtBpgEMHgtBpwEMHQtBqAEMHAtBqQEMGwtBqgEMGgtBqwEMGQtBrAEMGAtBrQEMFwtBrgEMFgtBAQwVC0GvAQwUC0GwAQwTC0GxAQwSC0GzAQwRC0GyAQwQC0G0AQwPC0G1AQwOC0G2AQwNC0G3AQwMC0G4AQwLC0G5AQwKC0G6AQwJC0G7AQwIC0HGAQwHC0G8AQwGC0G9AQwFC0G+AQwEC0G/AQwDC0HAAQwCC0HCAQwBC0HBAQshAwNAAkACQAJAAkACQAJAAkACQAJAIAICfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAgJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAn8CQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCADDsYBAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHyAhIyUmKCorLC8wMTIzNDU2Nzk6Ozw9lANAQkRFRklLTk9QUVJTVFVWWFpbXF1eX2BhYmNkZWZnaGpsb3Bxc3V2eHl6e3x/gAGBAYIBgwGEAYUBhgGHAYgBiQGKAYsBjAGNAY4BjwGQAZEBkgGTAZQBlQGWAZcBmAGZAZoBmwGcAZ0BngGfAaABoQGiAaMBpAGlAaYBpwGoAakBqgGrAawBrQGuAa8BsAGxAbIBswG0AbUBtgG3AbgBuQG6AbsBvAG9Ab4BvwHAAcEBwgHDAcQBxQHGAccByAHJAcsBzAHNAc4BzwGKA4kDiAOHA4QDgwOAA/sC+gL5AvgC9wL0AvMC8gLLAsECsALZAQsgASAERw3wAkHdASEDDLMDCyABIARHDcgBQcMBIQMMsgMLIAEgBEcNe0H3ACEDDLEDCyABIARHDXBB7wAhAwywAwsgASAERw1pQeoAIQMMrwMLIAEgBEcNZUHoACEDDK4DCyABIARHDWJB5gAhAwytAwsgASAERw0aQRghAwysAwsgASAERw0VQRIhAwyrAwsgASAERw1CQcUAIQMMqgMLIAEgBEcNNEE/IQMMqQMLIAEgBEcNMkE8IQMMqAMLIAEgBEcNK0ExIQMMpwMLIAItAC5BAUYNnwMMwQILQQAhAAJAAkACQCACLQAqRQ0AIAItACtFDQAgAi8BMCIDQQJxRQ0BDAILIAIvATAiA0EBcUUNAQtBASEAIAItAChBAUYNACACLwEyIgVB5ABrQeQASQ0AIAVBzAFGDQAgBUGwAkYNACADQcAAcQ0AQQAhACADQYgEcUGABEYNACADQShxQQBHIQALIAJBADsBMCACQQA6AC8gAEUN3wIgAkIANwMgDOACC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAARQ3MASAAQRVHDd0CIAJBBDYCHCACIAE2AhQgAkGwGDYCECACQRU2AgxBACEDDKQDCyABIARGBEBBBiEDDKQDCyABQQFqIQFBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAA3ZAgwcCyACQgA3AyBBEiEDDIkDCyABIARHDRZBHSEDDKEDCyABIARHBEAgAUEBaiEBQRAhAwyIAwtBByEDDKADCyACIAIpAyAiCiAEIAFrrSILfSIMQgAgCiAMWhs3AyAgCiALWA3UAkEIIQMMnwMLIAEgBEcEQCACQQk2AgggAiABNgIEQRQhAwyGAwtBCSEDDJ4DCyACKQMgQgBSDccBIAIgAi8BMEGAAXI7ATAMQgsgASAERw0/QdAAIQMMnAMLIAEgBEYEQEELIQMMnAMLIAFBAWohAUEAIQACQCACKAI4IgNFDQAgAygCUCIDRQ0AIAIgAxEAACEACyAADc8CDMYBC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ3GASAAQRVHDc0CIAJBCzYCHCACIAE2AhQgAkGCGTYCECACQRU2AgxBACEDDJoDC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ0MIABBFUcNygIgAkEaNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMmQMLQQAhAAJAIAIoAjgiA0UNACADKAJMIgNFDQAgAiADEQAAIQALIABFDcQBIABBFUcNxwIgAkELNgIcIAIgATYCFCACQZEXNgIQIAJBFTYCDEEAIQMMmAMLIAEgBEYEQEEPIQMMmAMLIAEtAAAiAEE7Rg0HIABBDUcNxAIgAUEBaiEBDMMBC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3DASAAQRVHDcICIAJBDzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJYDCwNAIAEtAABB8DVqLQAAIgBBAUcEQCAAQQJHDcECIAIoAgQhAEEAIQMgAkEANgIEIAIgACABQQFqIgEQLSIADcICDMUBCyAEIAFBAWoiAUcNAAtBEiEDDJUDC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3FASAAQRVHDb0CIAJBGzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJQDCyABIARGBEBBFiEDDJQDCyACQQo2AgggAiABNgIEQQAhAAJAIAIoAjgiA0UNACADKAJIIgNFDQAgAiADEQAAIQALIABFDcIBIABBFUcNuQIgAkEVNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMkwMLIAEgBEcEQANAIAEtAABB8DdqLQAAIgBBAkcEQAJAIABBAWsOBMQCvQIAvgK9AgsgAUEBaiEBQQghAwz8AgsgBCABQQFqIgFHDQALQRUhAwyTAwtBFSEDDJIDCwNAIAEtAABB8DlqLQAAIgBBAkcEQCAAQQFrDgTFArcCwwK4ArcCCyAEIAFBAWoiAUcNAAtBGCEDDJEDCyABIARHBEAgAkELNgIIIAIgATYCBEEHIQMM+AILQRkhAwyQAwsgAUEBaiEBDAILIAEgBEYEQEEaIQMMjwMLAkAgAS0AAEENaw4UtQG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwEAvwELQQAhAyACQQA2AhwgAkGvCzYCECACQQI2AgwgAiABQQFqNgIUDI4DCyABIARGBEBBGyEDDI4DCyABLQAAIgBBO0cEQCAAQQ1HDbECIAFBAWohAQy6AQsgAUEBaiEBC0EiIQMM8wILIAEgBEYEQEEcIQMMjAMLQgAhCgJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAS0AAEEwaw43wQLAAgABAgMEBQYH0AHQAdAB0AHQAdAB0AEICQoLDA3QAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdABDg8QERIT0AELQgIhCgzAAgtCAyEKDL8CC0IEIQoMvgILQgUhCgy9AgtCBiEKDLwCC0IHIQoMuwILQgghCgy6AgtCCSEKDLkCC0IKIQoMuAILQgshCgy3AgtCDCEKDLYCC0INIQoMtQILQg4hCgy0AgtCDyEKDLMCC0IKIQoMsgILQgshCgyxAgtCDCEKDLACC0INIQoMrwILQg4hCgyuAgtCDyEKDK0CC0IAIQoCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAEtAABBMGsON8ACvwIAAQIDBAUGB74CvgK+Ar4CvgK+Ar4CCAkKCwwNvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ag4PEBESE74CC0ICIQoMvwILQgMhCgy+AgtCBCEKDL0CC0IFIQoMvAILQgYhCgy7AgtCByEKDLoCC0IIIQoMuQILQgkhCgy4AgtCCiEKDLcCC0ILIQoMtgILQgwhCgy1AgtCDSEKDLQCC0IOIQoMswILQg8hCgyyAgtCCiEKDLECC0ILIQoMsAILQgwhCgyvAgtCDSEKDK4CC0IOIQoMrQILQg8hCgysAgsgAiACKQMgIgogBCABa60iC30iDEIAIAogDFobNwMgIAogC1gNpwJBHyEDDIkDCyABIARHBEAgAkEJNgIIIAIgATYCBEElIQMM8AILQSAhAwyIAwtBASEFIAIvATAiA0EIcUUEQCACKQMgQgBSIQULAkAgAi0ALgRAQQEhACACLQApQQVGDQEgA0HAAHFFIAVxRQ0BC0EAIQAgA0HAAHENAEECIQAgA0EIcQ0AIANBgARxBEACQCACLQAoQQFHDQAgAi0ALUEKcQ0AQQUhAAwCC0EEIQAMAQsgA0EgcUUEQAJAIAItAChBAUYNACACLwEyIgBB5ABrQeQASQ0AIABBzAFGDQAgAEGwAkYNAEEEIQAgA0EocUUNAiADQYgEcUGABEYNAgtBACEADAELQQBBAyACKQMgUBshAAsgAEEBaw4FvgIAsAEBpAKhAgtBESEDDO0CCyACQQE6AC8MhAMLIAEgBEcNnQJBJCEDDIQDCyABIARHDRxBxgAhAwyDAwtBACEAAkAgAigCOCIDRQ0AIAMoAkQiA0UNACACIAMRAAAhAAsgAEUNJyAAQRVHDZgCIAJB0AA2AhwgAiABNgIUIAJBkRg2AhAgAkEVNgIMQQAhAwyCAwsgASAERgRAQSghAwyCAwtBACEDIAJBADYCBCACQQw2AgggAiABIAEQKiIARQ2UAiACQSc2AhwgAiABNgIUIAIgADYCDAyBAwsgASAERgRAQSkhAwyBAwsgAS0AACIAQSBGDRMgAEEJRw2VAiABQQFqIQEMFAsgASAERwRAIAFBAWohAQwWC0EqIQMM/wILIAEgBEYEQEErIQMM/wILIAEtAAAiAEEJRyAAQSBHcQ2QAiACLQAsQQhHDd0CIAJBADoALAzdAgsgASAERgRAQSwhAwz+AgsgAS0AAEEKRw2OAiABQQFqIQEMsAELIAEgBEcNigJBLyEDDPwCCwNAIAEtAAAiAEEgRwRAIABBCmsOBIQCiAKIAoQChgILIAQgAUEBaiIBRw0AC0ExIQMM+wILQTIhAyABIARGDfoCIAIoAgAiACAEIAFraiEHIAEgAGtBA2ohBgJAA0AgAEHwO2otAAAgAS0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDQEgAEEDRgRAQQYhAQziAgsgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAc2AgAM+wILIAJBADYCAAyGAgtBMyEDIAQgASIARg35AiAEIAFrIAIoAgAiAWohByAAIAFrQQhqIQYCQANAIAFB9DtqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBCEYEQEEFIQEM4QILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPoCCyACQQA2AgAgACEBDIUCC0E0IQMgBCABIgBGDfgCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgJAA0AgAUHQwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBBUYEQEEHIQEM4AILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPkCCyACQQA2AgAgACEBDIQCCyABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRg0JDIECCyAEIAFBAWoiAUcNAAtBMCEDDPgCC0EwIQMM9wILIAEgBEcEQANAIAEtAAAiAEEgRwRAIABBCmsOBP8B/gH+Af8B/gELIAQgAUEBaiIBRw0AC0E4IQMM9wILQTghAwz2AgsDQCABLQAAIgBBIEcgAEEJR3EN9gEgBCABQQFqIgFHDQALQTwhAwz1AgsDQCABLQAAIgBBIEcEQAJAIABBCmsOBPkBBAT5AQALIABBLEYN9QEMAwsgBCABQQFqIgFHDQALQT8hAwz0AgtBwAAhAyABIARGDfMCIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAEGAQGstAAAgAS0AAEEgckcNASAAQQZGDdsCIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPQCCyACQQA2AgALQTYhAwzZAgsgASAERgRAQcEAIQMM8gILIAJBDDYCCCACIAE2AgQgAi0ALEEBaw4E+wHuAewB6wHUAgsgAUEBaiEBDPoBCyABIARHBEADQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxIgBBCUYNACAAQSBGDQACQAJAAkACQCAAQeMAaw4TAAMDAwMDAwMBAwMDAwMDAwMDAgMLIAFBAWohAUExIQMM3AILIAFBAWohAUEyIQMM2wILIAFBAWohAUEzIQMM2gILDP4BCyAEIAFBAWoiAUcNAAtBNSEDDPACC0E1IQMM7wILIAEgBEcEQANAIAEtAABBgDxqLQAAQQFHDfcBIAQgAUEBaiIBRw0AC0E9IQMM7wILQT0hAwzuAgtBACEAAkAgAigCOCIDRQ0AIAMoAkAiA0UNACACIAMRAAAhAAsgAEUNASAAQRVHDeYBIAJBwgA2AhwgAiABNgIUIAJB4xg2AhAgAkEVNgIMQQAhAwztAgsgAUEBaiEBC0E8IQMM0gILIAEgBEYEQEHCACEDDOsCCwJAA0ACQCABLQAAQQlrDhgAAswCzALRAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAgDMAgsgBCABQQFqIgFHDQALQcIAIQMM6wILIAFBAWohASACLQAtQQFxRQ3+AQtBLCEDDNACCyABIARHDd4BQcQAIQMM6AILA0AgAS0AAEGQwABqLQAAQQFHDZwBIAQgAUEBaiIBRw0AC0HFACEDDOcCCyABLQAAIgBBIEYN/gEgAEE6Rw3AAiACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgAN3gEM3QELQccAIQMgBCABIgBGDeUCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFBkMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvwIgAUEFRg3CAiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzlAgtByAAhAyAEIAEiAEYN5AIgBCABayACKAIAIgFqIQcgACABa0EJaiEGA0AgAUGWwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw2+AkECIAFBCUYNwgIaIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOQCCyABIARGBEBByQAhAwzkAgsCQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxQe4Aaw4HAL8CvwK/Ar8CvwIBvwILIAFBAWohAUE+IQMMywILIAFBAWohAUE/IQMMygILQcoAIQMgBCABIgBGDeICIAQgAWsgAigCACIBaiEGIAAgAWtBAWohBwNAIAFBoMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvAIgAUEBRg2+AiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBjYCAAziAgtBywAhAyAEIAEiAEYN4QIgBCABayACKAIAIgFqIQcgACABa0EOaiEGA0AgAUGiwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw27AiABQQ5GDb4CIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOECC0HMACEDIAQgASIARg3gAiAEIAFrIAIoAgAiAWohByAAIAFrQQ9qIQYDQCABQcDCAGotAAAgAC0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDboCQQMgAUEPRg2+AhogAUEBaiEBIAQgAEEBaiIARw0ACyACIAc2AgAM4AILQc0AIQMgBCABIgBGDd8CIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFB0MIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNuQJBBCABQQVGDb0CGiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzfAgsgASAERgRAQc4AIQMM3wILAkACQAJAAkAgAS0AACIAQSByIAAgAEHBAGtB/wFxQRpJG0H/AXFB4wBrDhMAvAK8ArwCvAK8ArwCvAK8ArwCvAK8ArwCAbwCvAK8AgIDvAILIAFBAWohAUHBACEDDMgCCyABQQFqIQFBwgAhAwzHAgsgAUEBaiEBQcMAIQMMxgILIAFBAWohAUHEACEDDMUCCyABIARHBEAgAkENNgIIIAIgATYCBEHFACEDDMUCC0HPACEDDN0CCwJAAkAgAS0AAEEKaw4EAZABkAEAkAELIAFBAWohAQtBKCEDDMMCCyABIARGBEBB0QAhAwzcAgsgAS0AAEEgRw0AIAFBAWohASACLQAtQQFxRQ3QAQtBFyEDDMECCyABIARHDcsBQdIAIQMM2QILQdMAIQMgASAERg3YAiACKAIAIgAgBCABa2ohBiABIABrQQFqIQUDQCABLQAAIABB1sIAai0AAEcNxwEgAEEBRg3KASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBjYCAAzYAgsgASAERgRAQdUAIQMM2AILIAEtAABBCkcNwgEgAUEBaiEBDMoBCyABIARGBEBB1gAhAwzXAgsCQAJAIAEtAABBCmsOBADDAcMBAcMBCyABQQFqIQEMygELIAFBAWohAUHKACEDDL0CC0EAIQACQCACKAI4IgNFDQAgAygCPCIDRQ0AIAIgAxEAACEACyAADb8BQc0AIQMMvAILIAItAClBIkYNzwIMiQELIAQgASIFRgRAQdsAIQMM1AILQQAhAEEBIQFBASEGQQAhAwJAAn8CQAJAAkACQAJAAkACQCAFLQAAQTBrDgrFAcQBAAECAwQFBgjDAQtBAgwGC0EDDAULQQQMBAtBBQwDC0EGDAILQQcMAQtBCAshA0EAIQFBACEGDL0BC0EJIQNBASEAQQAhAUEAIQYMvAELIAEgBEYEQEHdACEDDNMCCyABLQAAQS5HDbgBIAFBAWohAQyIAQsgASAERw22AUHfACEDDNECCyABIARHBEAgAkEONgIIIAIgATYCBEHQACEDDLgCC0HgACEDDNACC0HhACEDIAEgBEYNzwIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGA0AgAS0AACAAQeLCAGotAABHDbEBIABBA0YNswEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMzwILQeIAIQMgASAERg3OAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYDQCABLQAAIABB5sIAai0AAEcNsAEgAEECRg2vASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAzOAgtB4wAhAyABIARGDc0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgNAIAEtAAAgAEHpwgBqLQAARw2vASAAQQNGDa0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADM0CCyABIARGBEBB5QAhAwzNAgsgAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANqgFB1gAhAwyzAgsgASAERwRAA0AgAS0AACIAQSBHBEACQAJAAkAgAEHIAGsOCwABswGzAbMBswGzAbMBswGzAQKzAQsgAUEBaiEBQdIAIQMMtwILIAFBAWohAUHTACEDDLYCCyABQQFqIQFB1AAhAwy1AgsgBCABQQFqIgFHDQALQeQAIQMMzAILQeQAIQMMywILA0AgAS0AAEHwwgBqLQAAIgBBAUcEQCAAQQJrDgOnAaYBpQGkAQsgBCABQQFqIgFHDQALQeYAIQMMygILIAFBAWogASAERw0CGkHnACEDDMkCCwNAIAEtAABB8MQAai0AACIAQQFHBEACQCAAQQJrDgSiAaEBoAEAnwELQdcAIQMMsQILIAQgAUEBaiIBRw0AC0HoACEDDMgCCyABIARGBEBB6QAhAwzIAgsCQCABLQAAIgBBCmsOGrcBmwGbAbQBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBpAGbAZsBAJkBCyABQQFqCyEBQQYhAwytAgsDQCABLQAAQfDGAGotAABBAUcNfSAEIAFBAWoiAUcNAAtB6gAhAwzFAgsgAUEBaiABIARHDQIaQesAIQMMxAILIAEgBEYEQEHsACEDDMQCCyABQQFqDAELIAEgBEYEQEHtACEDDMMCCyABQQFqCyEBQQQhAwyoAgsgASAERgRAQe4AIQMMwQILAkACQAJAIAEtAABB8MgAai0AAEEBaw4HkAGPAY4BAHwBAo0BCyABQQFqIQEMCwsgAUEBagyTAQtBACEDIAJBADYCHCACQZsSNgIQIAJBBzYCDCACIAFBAWo2AhQMwAILAkADQCABLQAAQfDIAGotAAAiAEEERwRAAkACQCAAQQFrDgeUAZMBkgGNAQAEAY0BC0HaACEDDKoCCyABQQFqIQFB3AAhAwypAgsgBCABQQFqIgFHDQALQe8AIQMMwAILIAFBAWoMkQELIAQgASIARgRAQfAAIQMMvwILIAAtAABBL0cNASAAQQFqIQEMBwsgBCABIgBGBEBB8QAhAwy+AgsgAC0AACIBQS9GBEAgAEEBaiEBQd0AIQMMpQILIAFBCmsiA0EWSw0AIAAhAUEBIAN0QYmAgAJxDfkBC0EAIQMgAkEANgIcIAIgADYCFCACQYwcNgIQIAJBBzYCDAy8AgsgASAERwRAIAFBAWohAUHeACEDDKMCC0HyACEDDLsCCyABIARGBEBB9AAhAwy7AgsCQCABLQAAQfDMAGotAABBAWsOA/cBcwCCAQtB4QAhAwyhAgsgASAERwRAA0AgAS0AAEHwygBqLQAAIgBBA0cEQAJAIABBAWsOAvkBAIUBC0HfACEDDKMCCyAEIAFBAWoiAUcNAAtB8wAhAwy6AgtB8wAhAwy5AgsgASAERwRAIAJBDzYCCCACIAE2AgRB4AAhAwygAgtB9QAhAwy4AgsgASAERgRAQfYAIQMMuAILIAJBDzYCCCACIAE2AgQLQQMhAwydAgsDQCABLQAAQSBHDY4CIAQgAUEBaiIBRw0AC0H3ACEDDLUCCyABIARGBEBB+AAhAwy1AgsgAS0AAEEgRw16IAFBAWohAQxbC0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAADXgMgAILIAEgBEYEQEH6ACEDDLMCCyABLQAAQcwARw10IAFBAWohAUETDHYLQfsAIQMgASAERg2xAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYDQCABLQAAIABB8M4Aai0AAEcNcyAAQQVGDXUgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMsQILIAEgBEYEQEH8ACEDDLECCwJAAkAgAS0AAEHDAGsODAB0dHR0dHR0dHR0AXQLIAFBAWohAUHmACEDDJgCCyABQQFqIQFB5wAhAwyXAgtB/QAhAyABIARGDa8CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDXIgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADLACCyACQQA2AgAgBkEBaiEBQRAMcwtB/gAhAyABIARGDa4CIAIoAgAiACAEIAFraiEFIAEgAGtBBWohBgJAA0AgAS0AACAAQfbOAGotAABHDXEgAEEFRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK8CCyACQQA2AgAgBkEBaiEBQRYMcgtB/wAhAyABIARGDa0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQfzOAGotAABHDXAgAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK4CCyACQQA2AgAgBkEBaiEBQQUMcQsgASAERgRAQYABIQMMrQILIAEtAABB2QBHDW4gAUEBaiEBQQgMcAsgASAERgRAQYEBIQMMrAILAkACQCABLQAAQc4Aaw4DAG8BbwsgAUEBaiEBQesAIQMMkwILIAFBAWohAUHsACEDDJICCyABIARGBEBBggEhAwyrAgsCQAJAIAEtAABByABrDggAbm5ubm5uAW4LIAFBAWohAUHqACEDDJICCyABQQFqIQFB7QAhAwyRAgtBgwEhAyABIARGDakCIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQYDPAGotAABHDWwgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKoCCyACQQA2AgAgBkEBaiEBQQAMbQtBhAEhAyABIARGDagCIAIoAgAiACAEIAFraiEFIAEgAGtBBGohBgJAA0AgAS0AACAAQYPPAGotAABHDWsgAEEERg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKkCCyACQQA2AgAgBkEBaiEBQSMMbAsgASAERgRAQYUBIQMMqAILAkACQCABLQAAQcwAaw4IAGtra2trawFrCyABQQFqIQFB7wAhAwyPAgsgAUEBaiEBQfAAIQMMjgILIAEgBEYEQEGGASEDDKcCCyABLQAAQcUARw1oIAFBAWohAQxgC0GHASEDIAEgBEYNpQIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGAkADQCABLQAAIABBiM8Aai0AAEcNaCAAQQNGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpgILIAJBADYCACAGQQFqIQFBLQxpC0GIASEDIAEgBEYNpAIgAigCACIAIAQgAWtqIQUgASAAa0EIaiEGAkADQCABLQAAIABB0M8Aai0AAEcNZyAAQQhGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpQILIAJBADYCACAGQQFqIQFBKQxoCyABIARGBEBBiQEhAwykAgtBASABLQAAQd8ARw1nGiABQQFqIQEMXgtBigEhAyABIARGDaICIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgNAIAEtAAAgAEGMzwBqLQAARw1kIABBAUYN+gEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMogILQYsBIQMgASAERg2hAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGOzwBqLQAARw1kIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyiAgsgAkEANgIAIAZBAWohAUECDGULQYwBIQMgASAERg2gAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHwzwBqLQAARw1jIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyhAgsgAkEANgIAIAZBAWohAUEfDGQLQY0BIQMgASAERg2fAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHyzwBqLQAARw1iIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAygAgsgAkEANgIAIAZBAWohAUEJDGMLIAEgBEYEQEGOASEDDJ8CCwJAAkAgAS0AAEHJAGsOBwBiYmJiYgFiCyABQQFqIQFB+AAhAwyGAgsgAUEBaiEBQfkAIQMMhQILQY8BIQMgASAERg2dAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGRzwBqLQAARw1gIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyeAgsgAkEANgIAIAZBAWohAUEYDGELQZABIQMgASAERg2cAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGXzwBqLQAARw1fIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAydAgsgAkEANgIAIAZBAWohAUEXDGALQZEBIQMgASAERg2bAiACKAIAIgAgBCABa2ohBSABIABrQQZqIQYCQANAIAEtAAAgAEGazwBqLQAARw1eIABBBkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAycAgsgAkEANgIAIAZBAWohAUEVDF8LQZIBIQMgASAERg2aAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGhzwBqLQAARw1dIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAybAgsgAkEANgIAIAZBAWohAUEeDF4LIAEgBEYEQEGTASEDDJoCCyABLQAAQcwARw1bIAFBAWohAUEKDF0LIAEgBEYEQEGUASEDDJkCCwJAAkAgAS0AAEHBAGsODwBcXFxcXFxcXFxcXFxcAVwLIAFBAWohAUH+ACEDDIACCyABQQFqIQFB/wAhAwz/AQsgASAERgRAQZUBIQMMmAILAkACQCABLQAAQcEAaw4DAFsBWwsgAUEBaiEBQf0AIQMM/wELIAFBAWohAUGAASEDDP4BC0GWASEDIAEgBEYNlgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBp88Aai0AAEcNWSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlwILIAJBADYCACAGQQFqIQFBCwxaCyABIARGBEBBlwEhAwyWAgsCQAJAAkACQCABLQAAQS1rDiMAW1tbW1tbW1tbW1tbW1tbW1tbW1tbW1sBW1tbW1sCW1tbA1sLIAFBAWohAUH7ACEDDP8BCyABQQFqIQFB/AAhAwz+AQsgAUEBaiEBQYEBIQMM/QELIAFBAWohAUGCASEDDPwBC0GYASEDIAEgBEYNlAIgAigCACIAIAQgAWtqIQUgASAAa0EEaiEGAkADQCABLQAAIABBqc8Aai0AAEcNVyAAQQRGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlQILIAJBADYCACAGQQFqIQFBGQxYC0GZASEDIAEgBEYNkwIgAigCACIAIAQgAWtqIQUgASAAa0EFaiEGAkADQCABLQAAIABBrs8Aai0AAEcNViAAQQVGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlAILIAJBADYCACAGQQFqIQFBBgxXC0GaASEDIAEgBEYNkgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBtM8Aai0AAEcNVSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkwILIAJBADYCACAGQQFqIQFBHAxWC0GbASEDIAEgBEYNkQIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBts8Aai0AAEcNVCAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkgILIAJBADYCACAGQQFqIQFBJwxVCyABIARGBEBBnAEhAwyRAgsCQAJAIAEtAABB1ABrDgIAAVQLIAFBAWohAUGGASEDDPgBCyABQQFqIQFBhwEhAwz3AQtBnQEhAyABIARGDY8CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbjPAGotAABHDVIgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADJACCyACQQA2AgAgBkEBaiEBQSYMUwtBngEhAyABIARGDY4CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbrPAGotAABHDVEgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI8CCyACQQA2AgAgBkEBaiEBQQMMUgtBnwEhAyABIARGDY0CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDVAgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI4CCyACQQA2AgAgBkEBaiEBQQwMUQtBoAEhAyABIARGDYwCIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQbzPAGotAABHDU8gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI0CCyACQQA2AgAgBkEBaiEBQQ0MUAsgASAERgRAQaEBIQMMjAILAkACQCABLQAAQcYAaw4LAE9PT09PT09PTwFPCyABQQFqIQFBiwEhAwzzAQsgAUEBaiEBQYwBIQMM8gELIAEgBEYEQEGiASEDDIsCCyABLQAAQdAARw1MIAFBAWohAQxGCyABIARGBEBBowEhAwyKAgsCQAJAIAEtAABByQBrDgcBTU1NTU0ATQsgAUEBaiEBQY4BIQMM8QELIAFBAWohAUEiDE0LQaQBIQMgASAERg2IAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHAzwBqLQAARw1LIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyJAgsgAkEANgIAIAZBAWohAUEdDEwLIAEgBEYEQEGlASEDDIgCCwJAAkAgAS0AAEHSAGsOAwBLAUsLIAFBAWohAUGQASEDDO8BCyABQQFqIQFBBAxLCyABIARGBEBBpgEhAwyHAgsCQAJAAkACQAJAIAEtAABBwQBrDhUATU1NTU1NTU1NTQFNTQJNTQNNTQRNCyABQQFqIQFBiAEhAwzxAQsgAUEBaiEBQYkBIQMM8AELIAFBAWohAUGKASEDDO8BCyABQQFqIQFBjwEhAwzuAQsgAUEBaiEBQZEBIQMM7QELQacBIQMgASAERg2FAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHtzwBqLQAARw1IIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyGAgsgAkEANgIAIAZBAWohAUERDEkLQagBIQMgASAERg2EAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHCzwBqLQAARw1HIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyFAgsgAkEANgIAIAZBAWohAUEsDEgLQakBIQMgASAERg2DAiACKAIAIgAgBCABa2ohBSABIABrQQRqIQYCQANAIAEtAAAgAEHFzwBqLQAARw1GIABBBEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyEAgsgAkEANgIAIAZBAWohAUErDEcLQaoBIQMgASAERg2CAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHKzwBqLQAARw1FIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyDAgsgAkEANgIAIAZBAWohAUEUDEYLIAEgBEYEQEGrASEDDIICCwJAAkACQAJAIAEtAABBwgBrDg8AAQJHR0dHR0dHR0dHRwNHCyABQQFqIQFBkwEhAwzrAQsgAUEBaiEBQZQBIQMM6gELIAFBAWohAUGVASEDDOkBCyABQQFqIQFBlgEhAwzoAQsgASAERgRAQawBIQMMgQILIAEtAABBxQBHDUIgAUEBaiEBDD0LQa0BIQMgASAERg3/ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHNzwBqLQAARw1CIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyAAgsgAkEANgIAIAZBAWohAUEODEMLIAEgBEYEQEGuASEDDP8BCyABLQAAQdAARw1AIAFBAWohAUElDEILQa8BIQMgASAERg39ASACKAIAIgAgBCABa2ohBSABIABrQQhqIQYCQANAIAEtAAAgAEHQzwBqLQAARw1AIABBCEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz+AQsgAkEANgIAIAZBAWohAUEqDEELIAEgBEYEQEGwASEDDP0BCwJAAkAgAS0AAEHVAGsOCwBAQEBAQEBAQEABQAsgAUEBaiEBQZoBIQMM5AELIAFBAWohAUGbASEDDOMBCyABIARGBEBBsQEhAwz8AQsCQAJAIAEtAABBwQBrDhQAPz8/Pz8/Pz8/Pz8/Pz8/Pz8/AT8LIAFBAWohAUGZASEDDOMBCyABQQFqIQFBnAEhAwziAQtBsgEhAyABIARGDfoBIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQdnPAGotAABHDT0gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPsBCyACQQA2AgAgBkEBaiEBQSEMPgtBswEhAyABIARGDfkBIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAS0AACAAQd3PAGotAABHDTwgAEEGRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPoBCyACQQA2AgAgBkEBaiEBQRoMPQsgASAERgRAQbQBIQMM+QELAkACQAJAIAEtAABBxQBrDhEAPT09PT09PT09AT09PT09Aj0LIAFBAWohAUGdASEDDOEBCyABQQFqIQFBngEhAwzgAQsgAUEBaiEBQZ8BIQMM3wELQbUBIQMgASAERg33ASACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEHkzwBqLQAARw06IABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz4AQsgAkEANgIAIAZBAWohAUEoDDsLQbYBIQMgASAERg32ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHqzwBqLQAARw05IABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz3AQsgAkEANgIAIAZBAWohAUEHDDoLIAEgBEYEQEG3ASEDDPYBCwJAAkAgAS0AAEHFAGsODgA5OTk5OTk5OTk5OTkBOQsgAUEBaiEBQaEBIQMM3QELIAFBAWohAUGiASEDDNwBC0G4ASEDIAEgBEYN9AEgAigCACIAIAQgAWtqIQUgASAAa0ECaiEGAkADQCABLQAAIABB7c8Aai0AAEcNNyAAQQJGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9QELIAJBADYCACAGQQFqIQFBEgw4C0G5ASEDIAEgBEYN8wEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8M8Aai0AAEcNNiAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9AELIAJBADYCACAGQQFqIQFBIAw3C0G6ASEDIAEgBEYN8gEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8s8Aai0AAEcNNSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8wELIAJBADYCACAGQQFqIQFBDww2CyABIARGBEBBuwEhAwzyAQsCQAJAIAEtAABByQBrDgcANTU1NTUBNQsgAUEBaiEBQaUBIQMM2QELIAFBAWohAUGmASEDDNgBC0G8ASEDIAEgBEYN8AEgAigCACIAIAQgAWtqIQUgASAAa0EHaiEGAkADQCABLQAAIABB9M8Aai0AAEcNMyAAQQdGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8QELIAJBADYCACAGQQFqIQFBGww0CyABIARGBEBBvQEhAwzwAQsCQAJAAkAgAS0AAEHCAGsOEgA0NDQ0NDQ0NDQBNDQ0NDQ0AjQLIAFBAWohAUGkASEDDNgBCyABQQFqIQFBpwEhAwzXAQsgAUEBaiEBQagBIQMM1gELIAEgBEYEQEG+ASEDDO8BCyABLQAAQc4ARw0wIAFBAWohAQwsCyABIARGBEBBvwEhAwzuAQsCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCABLQAAQcEAaw4VAAECAz8EBQY/Pz8HCAkKCz8MDQ4PPwsgAUEBaiEBQegAIQMM4wELIAFBAWohAUHpACEDDOIBCyABQQFqIQFB7gAhAwzhAQsgAUEBaiEBQfIAIQMM4AELIAFBAWohAUHzACEDDN8BCyABQQFqIQFB9gAhAwzeAQsgAUEBaiEBQfcAIQMM3QELIAFBAWohAUH6ACEDDNwBCyABQQFqIQFBgwEhAwzbAQsgAUEBaiEBQYQBIQMM2gELIAFBAWohAUGFASEDDNkBCyABQQFqIQFBkgEhAwzYAQsgAUEBaiEBQZgBIQMM1wELIAFBAWohAUGgASEDDNYBCyABQQFqIQFBowEhAwzVAQsgAUEBaiEBQaoBIQMM1AELIAEgBEcEQCACQRA2AgggAiABNgIEQasBIQMM1AELQcABIQMM7AELQQAhAAJAIAIoAjgiA0UNACADKAI0IgNFDQAgAiADEQAAIQALIABFDV4gAEEVRw0HIAJB0QA2AhwgAiABNgIUIAJBsBc2AhAgAkEVNgIMQQAhAwzrAQsgAUEBaiABIARHDQgaQcIBIQMM6gELA0ACQCABLQAAQQprDgQIAAALAAsgBCABQQFqIgFHDQALQcMBIQMM6QELIAEgBEcEQCACQRE2AgggAiABNgIEQQEhAwzQAQtBxAEhAwzoAQsgASAERgRAQcUBIQMM6AELAkACQCABLQAAQQprDgQBKCgAKAsgAUEBagwJCyABQQFqDAULIAEgBEYEQEHGASEDDOcBCwJAAkAgAS0AAEEKaw4XAQsLAQsLCwsLCwsLCwsLCwsLCwsLCwALCyABQQFqIQELQbABIQMMzQELIAEgBEYEQEHIASEDDOYBCyABLQAAQSBHDQkgAkEAOwEyIAFBAWohAUGzASEDDMwBCwNAIAEhAAJAIAEgBEcEQCABLQAAQTBrQf8BcSIDQQpJDQEMJwtBxwEhAwzmAQsCQCACLwEyIgFBmTNLDQAgAiABQQpsIgU7ATIgBUH+/wNxIANB//8Dc0sNACAAQQFqIQEgAiADIAVqIgM7ATIgA0H//wNxQegHSQ0BCwtBACEDIAJBADYCHCACQcEJNgIQIAJBDTYCDCACIABBAWo2AhQM5AELIAJBADYCHCACIAE2AhQgAkHwDDYCECACQRs2AgxBACEDDOMBCyACKAIEIQAgAkEANgIEIAIgACABECYiAA0BIAFBAWoLIQFBrQEhAwzIAQsgAkHBATYCHCACIAA2AgwgAiABQQFqNgIUQQAhAwzgAQsgAigCBCEAIAJBADYCBCACIAAgARAmIgANASABQQFqCyEBQa4BIQMMxQELIAJBwgE2AhwgAiAANgIMIAIgAUEBajYCFEEAIQMM3QELIAJBADYCHCACIAE2AhQgAkGXCzYCECACQQ02AgxBACEDDNwBCyACQQA2AhwgAiABNgIUIAJB4xA2AhAgAkEJNgIMQQAhAwzbAQsgAkECOgAoDKwBC0EAIQMgAkEANgIcIAJBrws2AhAgAkECNgIMIAIgAUEBajYCFAzZAQtBAiEDDL8BC0ENIQMMvgELQSYhAwy9AQtBFSEDDLwBC0EWIQMMuwELQRghAwy6AQtBHCEDDLkBC0EdIQMMuAELQSAhAwy3AQtBISEDDLYBC0EjIQMMtQELQcYAIQMMtAELQS4hAwyzAQtBPSEDDLIBC0HLACEDDLEBC0HOACEDDLABC0HYACEDDK8BC0HZACEDDK4BC0HbACEDDK0BC0HxACEDDKwBC0H0ACEDDKsBC0GNASEDDKoBC0GXASEDDKkBC0GpASEDDKgBC0GvASEDDKcBC0GxASEDDKYBCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB8Rs2AhAgAkEGNgIMDL0BCyACQQA2AgAgBkEBaiEBQSQLOgApIAIoAgQhACACQQA2AgQgAiAAIAEQJyIARQRAQeUAIQMMowELIAJB+QA2AhwgAiABNgIUIAIgADYCDEEAIQMMuwELIABBFUcEQCACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwy7AQsgAkH4ADYCHCACIAE2AhQgAkHKGDYCECACQRU2AgxBACEDDLoBCyACQQA2AhwgAiABNgIUIAJBjhs2AhAgAkEGNgIMQQAhAwy5AQsgAkEANgIcIAIgATYCFCACQf4RNgIQIAJBBzYCDEEAIQMMuAELIAJBADYCHCACIAE2AhQgAkGMHDYCECACQQc2AgxBACEDDLcBCyACQQA2AhwgAiABNgIUIAJBww82AhAgAkEHNgIMQQAhAwy2AQsgAkEANgIcIAIgATYCFCACQcMPNgIQIAJBBzYCDEEAIQMMtQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0RIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMtAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0gIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMswELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0iIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMsgELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0OIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMsQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0dIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMsAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0fIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMrwELIABBP0cNASABQQFqCyEBQQUhAwyUAQtBACEDIAJBADYCHCACIAE2AhQgAkH9EjYCECACQQc2AgwMrAELIAJBADYCHCACIAE2AhQgAkHcCDYCECACQQc2AgxBACEDDKsBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNByACQeUANgIcIAIgATYCFCACIAA2AgxBACEDDKoBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNFiACQdMANgIcIAIgATYCFCACIAA2AgxBACEDDKkBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNGCACQdIANgIcIAIgATYCFCACIAA2AgxBACEDDKgBCyACQQA2AhwgAiABNgIUIAJBxgo2AhAgAkEHNgIMQQAhAwynAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQMgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwymAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRIgAkHTADYCHCACIAE2AhQgAiAANgIMQQAhAwylAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRQgAkHSADYCHCACIAE2AhQgAiAANgIMQQAhAwykAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQAgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwyjAQtB1QAhAwyJAQsgAEEVRwRAIAJBADYCHCACIAE2AhQgAkG5DTYCECACQRo2AgxBACEDDKIBCyACQeQANgIcIAIgATYCFCACQeMXNgIQIAJBFTYCDEEAIQMMoQELIAJBADYCACAGQQFqIQEgAi0AKSIAQSNrQQtJDQQCQCAAQQZLDQBBASAAdEHKAHFFDQAMBQtBACEDIAJBADYCHCACIAE2AhQgAkH3CTYCECACQQg2AgwMoAELIAJBADYCACAGQQFqIQEgAi0AKUEhRg0DIAJBADYCHCACIAE2AhQgAkGbCjYCECACQQg2AgxBACEDDJ8BCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJBkDM2AhAgAkEINgIMDJ0BCyACQQA2AgAgBkEBaiEBIAItAClBI0kNACACQQA2AhwgAiABNgIUIAJB0wk2AhAgAkEINgIMQQAhAwycAQtB0QAhAwyCAQsgAS0AAEEwayIAQf8BcUEKSQRAIAIgADoAKiABQQFqIQFBzwAhAwyCAQsgAigCBCEAIAJBADYCBCACIAAgARAoIgBFDYYBIAJB3gA2AhwgAiABNgIUIAIgADYCDEEAIQMMmgELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ2GASACQdwANgIcIAIgATYCFCACIAA2AgxBACEDDJkBCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMhwELIAJB2gA2AhwgAiAFNgIUIAIgADYCDAyYAQtBACEBQQEhAwsgAiADOgArIAVBAWohAwJAAkACQCACLQAtQRBxDQACQAJAAkAgAi0AKg4DAQACBAsgBkUNAwwCCyAADQEMAgsgAUUNAQsgAigCBCEAIAJBADYCBCACIAAgAxAoIgBFBEAgAyEBDAILIAJB2AA2AhwgAiADNgIUIAIgADYCDEEAIQMMmAELIAIoAgQhACACQQA2AgQgAiAAIAMQKCIARQRAIAMhAQyHAQsgAkHZADYCHCACIAM2AhQgAiAANgIMQQAhAwyXAQtBzAAhAwx9CyAAQRVHBEAgAkEANgIcIAIgATYCFCACQZQNNgIQIAJBITYCDEEAIQMMlgELIAJB1wA2AhwgAiABNgIUIAJByRc2AhAgAkEVNgIMQQAhAwyVAQtBACEDIAJBADYCHCACIAE2AhQgAkGAETYCECACQQk2AgwMlAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0AIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMkwELQckAIQMMeQsgAkEANgIcIAIgATYCFCACQcEoNgIQIAJBBzYCDCACQQA2AgBBACEDDJEBCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAlIgBFDQAgAkHSADYCHCACIAE2AhQgAiAANgIMDJABC0HIACEDDHYLIAJBADYCACAFIQELIAJBgBI7ASogAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANAQtBxwAhAwxzCyAAQRVGBEAgAkHRADYCHCACIAE2AhQgAkHjFzYCECACQRU2AgxBACEDDIwBC0EAIQMgAkEANgIcIAIgATYCFCACQbkNNgIQIAJBGjYCDAyLAQtBACEDIAJBADYCHCACIAE2AhQgAkGgGTYCECACQR42AgwMigELIAEtAABBOkYEQCACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgBFDQEgAkHDADYCHCACIAA2AgwgAiABQQFqNgIUDIoBC0EAIQMgAkEANgIcIAIgATYCFCACQbERNgIQIAJBCjYCDAyJAQsgAUEBaiEBQTshAwxvCyACQcMANgIcIAIgADYCDCACIAFBAWo2AhQMhwELQQAhAyACQQA2AhwgAiABNgIUIAJB8A42AhAgAkEcNgIMDIYBCyACIAIvATBBEHI7ATAMZgsCQCACLwEwIgBBCHFFDQAgAi0AKEEBRw0AIAItAC1BCHFFDQMLIAIgAEH3+wNxQYAEcjsBMAwECyABIARHBEACQANAIAEtAABBMGsiAEH/AXFBCk8EQEE1IQMMbgsgAikDICIKQpmz5syZs+bMGVYNASACIApCCn4iCjcDICAKIACtQv8BgyILQn+FVg0BIAIgCiALfDcDICAEIAFBAWoiAUcNAAtBOSEDDIUBCyACKAIEIQBBACEDIAJBADYCBCACIAAgAUEBaiIBECoiAA0MDHcLQTkhAwyDAQsgAi0AMEEgcQ0GQcUBIQMMaQtBACEDIAJBADYCBCACIAEgARAqIgBFDQQgAkE6NgIcIAIgADYCDCACIAFBAWo2AhQMgQELIAItAChBAUcNACACLQAtQQhxRQ0BC0E3IQMMZgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIABEAgAkE7NgIcIAIgADYCDCACIAFBAWo2AhQMfwsgAUEBaiEBDG4LIAJBCDoALAwECyABQQFqIQEMbQtBACEDIAJBADYCHCACIAE2AhQgAkHkEjYCECACQQQ2AgwMewsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ1sIAJBNzYCHCACIAE2AhQgAiAANgIMDHoLIAIgAi8BMEEgcjsBMAtBMCEDDF8LIAJBNjYCHCACIAE2AhQgAiAANgIMDHcLIABBLEcNASABQQFqIQBBASEBAkACQAJAAkACQCACLQAsQQVrDgQDAQIEAAsgACEBDAQLQQIhAQwBC0EEIQELIAJBAToALCACIAIvATAgAXI7ATAgACEBDAELIAIgAi8BMEEIcjsBMCAAIQELQTkhAwxcCyACQQA6ACwLQTQhAwxaCyABIARGBEBBLSEDDHMLAkACQANAAkAgAS0AAEEKaw4EAgAAAwALIAQgAUEBaiIBRw0AC0EtIQMMdAsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ0CIAJBLDYCHCACIAE2AhQgAiAANgIMDHMLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAS0AAEENRgRAIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAi0ALUEBcQRAQcQBIQMMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIADQEMZQtBLyEDDFcLIAJBLjYCHCACIAE2AhQgAiAANgIMDG8LQQAhAyACQQA2AhwgAiABNgIUIAJB8BQ2AhAgAkEDNgIMDG4LQQEhAwJAAkACQAJAIAItACxBBWsOBAMBAgAECyACIAIvATBBCHI7ATAMAwtBAiEDDAELQQQhAwsgAkEBOgAsIAIgAi8BMCADcjsBMAtBKiEDDFMLQQAhAyACQQA2AhwgAiABNgIUIAJB4Q82AhAgAkEKNgIMDGsLQQEhAwJAAkACQAJAAkACQCACLQAsQQJrDgcFBAQDAQIABAsgAiACLwEwQQhyOwEwDAMLQQIhAwwBC0EEIQMLIAJBAToALCACIAIvATAgA3I7ATALQSshAwxSC0EAIQMgAkEANgIcIAIgATYCFCACQasSNgIQIAJBCzYCDAxqC0EAIQMgAkEANgIcIAIgATYCFCACQf0NNgIQIAJBHTYCDAxpCyABIARHBEADQCABLQAAQSBHDUggBCABQQFqIgFHDQALQSUhAwxpC0ElIQMMaAsgAi0ALUEBcQRAQcMBIQMMTwsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKSIABEAgAkEmNgIcIAIgADYCDCACIAFBAWo2AhQMaAsgAUEBaiEBDFwLIAFBAWohASACLwEwIgBBgAFxBEBBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAEUNBiAAQRVHDR8gAkEFNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMZwsCQCAAQaAEcUGgBEcNACACLQAtQQJxDQBBACEDIAJBADYCHCACIAE2AhQgAkGWEzYCECACQQQ2AgwMZwsgAgJ/IAIvATBBFHFBFEYEQEEBIAItAChBAUYNARogAi8BMkHlAEYMAQsgAi0AKUEFRgs6AC5BACEAAkAgAigCOCIDRQ0AIAMoAiQiA0UNACACIAMRAAAhAAsCQAJAAkACQAJAIAAOFgIBAAQEBAQEBAQEBAQEBAQEBAQEBAMECyACQQE6AC4LIAIgAi8BMEHAAHI7ATALQSchAwxPCyACQSM2AhwgAiABNgIUIAJBpRY2AhAgAkEVNgIMQQAhAwxnC0EAIQMgAkEANgIcIAIgATYCFCACQdULNgIQIAJBETYCDAxmC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAADQELQQ4hAwxLCyAAQRVGBEAgAkECNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMZAtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMYwtBACEDIAJBADYCHCACIAE2AhQgAkGqHDYCECACQQ82AgwMYgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEgCqdqIgEQKyIARQ0AIAJBBTYCHCACIAE2AhQgAiAANgIMDGELQQ8hAwxHC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxfC0IBIQoLIAFBAWohAQJAIAIpAyAiC0L//////////w9YBEAgAiALQgSGIAqENwMgDAELQQAhAyACQQA2AhwgAiABNgIUIAJBrQk2AhAgAkEMNgIMDF4LQSQhAwxEC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxcCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAsIgBFBEAgAUEBaiEBDFILIAJBFzYCHCACIAA2AgwgAiABQQFqNgIUDFsLIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQRY2AhwgAiAANgIMIAIgAUEBajYCFAxbC0EfIQMMQQtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQLSIARQRAIAFBAWohAQxQCyACQRQ2AhwgAiAANgIMIAIgAUEBajYCFAxYCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABEC0iAEUEQCABQQFqIQEMAQsgAkETNgIcIAIgADYCDCACIAFBAWo2AhQMWAtBHiEDDD4LQQAhAyACQQA2AhwgAiABNgIUIAJBxgw2AhAgAkEjNgIMDFYLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABEC0iAEUEQCABQQFqIQEMTgsgAkERNgIcIAIgADYCDCACIAFBAWo2AhQMVQsgAkEQNgIcIAIgATYCFCACIAA2AgwMVAtBACEDIAJBADYCHCACIAE2AhQgAkHGDDYCECACQSM2AgwMUwtBACEDIAJBADYCHCACIAE2AhQgAkHAFTYCECACQQI2AgwMUgsgAigCBCEAQQAhAyACQQA2AgQCQCACIAAgARAtIgBFBEAgAUEBaiEBDAELIAJBDjYCHCACIAA2AgwgAiABQQFqNgIUDFILQRshAww4C0EAIQMgAkEANgIcIAIgATYCFCACQcYMNgIQIAJBIzYCDAxQCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABECwiAEUEQCABQQFqIQEMAQsgAkENNgIcIAIgADYCDCACIAFBAWo2AhQMUAtBGiEDDDYLQQAhAyACQQA2AhwgAiABNgIUIAJBmg82AhAgAkEiNgIMDE4LIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQQw2AhwgAiAANgIMIAIgAUEBajYCFAxOC0EZIQMMNAtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMTAsgAEEVRwRAQQAhAyACQQA2AhwgAiABNgIUIAJBgww2AhAgAkETNgIMDEwLIAJBCjYCHCACIAE2AhQgAkHkFjYCECACQRU2AgxBACEDDEsLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABIAqnaiIBECsiAARAIAJBBzYCHCACIAE2AhQgAiAANgIMDEsLQRMhAwwxCyAAQRVHBEBBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMSgsgAkEeNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMSQtBACEAAkAgAigCOCIDRQ0AIAMoAiwiA0UNACACIAMRAAAhAAsgAEUNQSAAQRVGBEAgAkEDNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMSQtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMSAtBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMRwtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMRgsgAkEAOgAvIAItAC1BBHFFDT8LIAJBADoALyACQQE6ADRBACEDDCsLQQAhAyACQQA2AhwgAkHkETYCECACQQc2AgwgAiABQQFqNgIUDEMLAkADQAJAIAEtAABBCmsOBAACAgACCyAEIAFBAWoiAUcNAAtB3QEhAwxDCwJAAkAgAi0ANEEBRw0AQQAhAAJAIAIoAjgiA0UNACADKAJYIgNFDQAgAiADEQAAIQALIABFDQAgAEEVRw0BIAJB3AE2AhwgAiABNgIUIAJB1RY2AhAgAkEVNgIMQQAhAwxEC0HBASEDDCoLIAJBADYCHCACIAE2AhQgAkHpCzYCECACQR82AgxBACEDDEILAkACQCACLQAoQQFrDgIEAQALQcABIQMMKQtBuQEhAwwoCyACQQI6AC9BACEAAkAgAigCOCIDRQ0AIAMoAgAiA0UNACACIAMRAAAhAAsgAEUEQEHCASEDDCgLIABBFUcEQCACQQA2AhwgAiABNgIUIAJBpAw2AhAgAkEQNgIMQQAhAwxBCyACQdsBNgIcIAIgATYCFCACQfoWNgIQIAJBFTYCDEEAIQMMQAsgASAERgRAQdoBIQMMQAsgAS0AAEHIAEYNASACQQE6ACgLQawBIQMMJQtBvwEhAwwkCyABIARHBEAgAkEQNgIIIAIgATYCBEG+ASEDDCQLQdkBIQMMPAsgASAERgRAQdgBIQMMPAsgAS0AAEHIAEcNBCABQQFqIQFBvQEhAwwiCyABIARGBEBB1wEhAww7CwJAAkAgAS0AAEHFAGsOEAAFBQUFBQUFBQUFBQUFBQEFCyABQQFqIQFBuwEhAwwiCyABQQFqIQFBvAEhAwwhC0HWASEDIAEgBEYNOSACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGD0ABqLQAARw0DIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw6CyACKAIEIQAgAkIANwMAIAIgACAGQQFqIgEQJyIARQRAQcYBIQMMIQsgAkHVATYCHCACIAE2AhQgAiAANgIMQQAhAww5C0HUASEDIAEgBEYNOCACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEGB0ABqLQAARw0CIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw5CyACQYEEOwEoIAIoAgQhACACQgA3AwAgAiAAIAZBAWoiARAnIgANAwwCCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB2Bs2AhAgAkEINgIMDDYLQboBIQMMHAsgAkHTATYCHCACIAE2AhQgAiAANgIMQQAhAww0C0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAARQ0AIABBFUYNASACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwwzC0HkACEDDBkLIAJB+AA2AhwgAiABNgIUIAJByhg2AhAgAkEVNgIMQQAhAwwxC0HSASEDIAQgASIARg0wIAQgAWsgAigCACIBaiEFIAAgAWtBBGohBgJAA0AgAC0AACABQfzPAGotAABHDQEgAUEERg0DIAFBAWohASAEIABBAWoiAEcNAAsgAiAFNgIADDELIAJBADYCHCACIAA2AhQgAkGQMzYCECACQQg2AgwgAkEANgIAQQAhAwwwCyABIARHBEAgAkEONgIIIAIgATYCBEG3ASEDDBcLQdEBIQMMLwsgAkEANgIAIAZBAWohAQtBuAEhAwwUCyABIARGBEBB0AEhAwwtCyABLQAAQTBrIgBB/wFxQQpJBEAgAiAAOgAqIAFBAWohAUG2ASEDDBQLIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0UIAJBzwE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAsgASAERgRAQc4BIQMMLAsCQCABLQAAQS5GBEAgAUEBaiEBDAELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0VIAJBzQE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAtBtQEhAwwSCyAEIAEiBUYEQEHMASEDDCsLQQAhAEEBIQFBASEGQQAhAwJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAIAUtAABBMGsOCgoJAAECAwQFBggLC0ECDAYLQQMMBQtBBAwEC0EFDAMLQQYMAgtBBwwBC0EICyEDQQAhAUEAIQYMAgtBCSEDQQEhAEEAIQFBACEGDAELQQAhAUEBIQMLIAIgAzoAKyAFQQFqIQMCQAJAIAItAC1BEHENAAJAAkACQCACLQAqDgMBAAIECyAGRQ0DDAILIAANAQwCCyABRQ0BCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMAwsgAkHJATYCHCACIAM2AhQgAiAANgIMQQAhAwwtCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMGAsgAkHKATYCHCACIAM2AhQgAiAANgIMQQAhAwwsCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMFgsgAkHLATYCHCACIAU2AhQgAiAANgIMDCsLQbQBIQMMEQtBACEAAkAgAigCOCIDRQ0AIAMoAjwiA0UNACACIAMRAAAhAAsCQCAABEAgAEEVRg0BIAJBADYCHCACIAE2AhQgAkGUDTYCECACQSE2AgxBACEDDCsLQbIBIQMMEQsgAkHIATYCHCACIAE2AhQgAkHJFzYCECACQRU2AgxBACEDDCkLIAJBADYCACAGQQFqIQFB9QAhAwwPCyACLQApQQVGBEBB4wAhAwwPC0HiACEDDA4LIAAhASACQQA2AgALIAJBADoALEEJIQMMDAsgAkEANgIAIAdBAWohAUHAACEDDAsLQQELOgAsIAJBADYCACAGQQFqIQELQSkhAwwIC0E4IQMMBwsCQCABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRw0DIAFBAWohAQwFCyAEIAFBAWoiAUcNAAtBPiEDDCELQT4hAwwgCwsgAkEAOgAsDAELQQshAwwEC0E6IQMMAwsgAUEBaiEBQS0hAwwCCyACIAE6ACwgAkEANgIAIAZBAWohAUEMIQMMAQsgAkEANgIAIAZBAWohAUEKIQMMAAsAC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwXC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwWC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwVC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwUC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwTC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwSC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwRC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwQC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwPC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwOC0EAIQMgAkEANgIcIAIgATYCFCACQcASNgIQIAJBCzYCDAwNC0EAIQMgAkEANgIcIAIgATYCFCACQZUJNgIQIAJBCzYCDAwMC0EAIQMgAkEANgIcIAIgATYCFCACQeEPNgIQIAJBCjYCDAwLC0EAIQMgAkEANgIcIAIgATYCFCACQfsPNgIQIAJBCjYCDAwKC0EAIQMgAkEANgIcIAIgATYCFCACQfEZNgIQIAJBAjYCDAwJC0EAIQMgAkEANgIcIAIgATYCFCACQcQUNgIQIAJBAjYCDAwIC0EAIQMgAkEANgIcIAIgATYCFCACQfIVNgIQIAJBAjYCDAwHCyACQQI2AhwgAiABNgIUIAJBnBo2AhAgAkEWNgIMQQAhAwwGC0EBIQMMBQtB1AAhAyABIARGDQQgCEEIaiEJIAIoAgAhBQJAAkAgASAERwRAIAVB2MIAaiEHIAQgBWogAWshACAFQX9zQQpqIgUgAWohBgNAIAEtAAAgBy0AAEcEQEECIQcMAwsgBUUEQEEAIQcgBiEBDAMLIAVBAWshBSAHQQFqIQcgBCABQQFqIgFHDQALIAAhBSAEIQELIAlBATYCACACIAU2AgAMAQsgAkEANgIAIAkgBzYCAAsgCSABNgIEIAgoAgwhACAIKAIIDgMBBAIACwALIAJBADYCHCACQbUaNgIQIAJBFzYCDCACIABBAWo2AhRBACEDDAILIAJBADYCHCACIAA2AhQgAkHKGjYCECACQQk2AgxBACEDDAELIAEgBEYEQEEiIQMMAQsgAkEJNgIIIAIgATYCBEEhIQMLIAhBEGokACADRQRAIAIoAgwhAAwBCyACIAM2AhxBACEAIAIoAgQiAUUNACACIAEgBCACKAIIEQEAIgFFDQAgAiAENgIUIAIgATYCDCABIQALIAALvgIBAn8gAEEAOgAAIABB3ABqIgFBAWtBADoAACAAQQA6AAIgAEEAOgABIAFBA2tBADoAACABQQJrQQA6AAAgAEEAOgADIAFBBGtBADoAAEEAIABrQQNxIgEgAGoiAEEANgIAQdwAIAFrQXxxIgIgAGoiAUEEa0EANgIAAkAgAkEJSQ0AIABBADYCCCAAQQA2AgQgAUEIa0EANgIAIAFBDGtBADYCACACQRlJDQAgAEEANgIYIABBADYCFCAAQQA2AhAgAEEANgIMIAFBEGtBADYCACABQRRrQQA2AgAgAUEYa0EANgIAIAFBHGtBADYCACACIABBBHFBGHIiAmsiAUEgSQ0AIAAgAmohAANAIABCADcDGCAAQgA3AxAgAEIANwMIIABCADcDACAAQSBqIQAgAUEgayIBQR9LDQALCwtWAQF/AkAgACgCDA0AAkACQAJAAkAgAC0ALw4DAQADAgsgACgCOCIBRQ0AIAEoAiwiAUUNACAAIAERAAAiAQ0DC0EADwsACyAAQcMWNgIQQQ4hAQsgAQsaACAAKAIMRQRAIABB0Rs2AhAgAEEVNgIMCwsUACAAKAIMQRVGBEAgAEEANgIMCwsUACAAKAIMQRZGBEAgAEEANgIMCwsHACAAKAIMCwcAIAAoAhALCQAgACABNgIQCwcAIAAoAhQLFwAgAEEkTwRAAAsgAEECdEGgM2ooAgALFwAgAEEuTwRAAAsgAEECdEGwNGooAgALvwkBAX9B6yghAQJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIABB5ABrDvQDY2IAAWFhYWFhYQIDBAVhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhBgcICQoLDA0OD2FhYWFhEGFhYWFhYWFhYWFhEWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYRITFBUWFxgZGhthYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2YTc4OTphYWFhYWFhYTthYWE8YWFhYT0+P2FhYWFhYWFhQGFhQWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYUJDREVGR0hJSktMTU5PUFFSU2FhYWFhYWFhVFVWV1hZWlthXF1hYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFeYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhX2BhC0HhJw8LQaQhDwtByywPC0H+MQ8LQcAkDwtBqyQPC0GNKA8LQeImDwtBgDAPC0G5Lw8LQdckDwtB7x8PC0HhHw8LQfofDwtB8iAPC0GoLw8LQa4yDwtBiDAPC0HsJw8LQYIiDwtBjh0PC0HQLg8LQcojDwtBxTIPC0HfHA8LQdIcDwtBxCAPC0HXIA8LQaIfDwtB7S4PC0GrMA8LQdQlDwtBzC4PC0H6Lg8LQfwrDwtB0jAPC0HxHQ8LQbsgDwtB9ysPC0GQMQ8LQdcxDwtBoi0PC0HUJw8LQeArDwtBnywPC0HrMQ8LQdUfDwtByjEPC0HeJQ8LQdQeDwtB9BwPC0GnMg8LQbEdDwtBoB0PC0G5MQ8LQbwwDwtBkiEPC0GzJg8LQeksDwtBrB4PC0HUKw8LQfcmDwtBgCYPC0GwIQ8LQf4eDwtBjSMPC0GJLQ8LQfciDwtBoDEPC0GuHw8LQcYlDwtB6B4PC0GTIg8LQcIvDwtBwx0PC0GLLA8LQeEdDwtBjS8PC0HqIQ8LQbQtDwtB0i8PC0HfMg8LQdIyDwtB8DAPC0GpIg8LQfkjDwtBmR4PC0G1LA8LQZswDwtBkjIPC0G2Kw8LQcIiDwtB+DIPC0GeJQ8LQdAiDwtBuh4PC0GBHg8LAAtB1iEhAQsgAQsWACAAIAAtAC1B/gFxIAFBAEdyOgAtCxkAIAAgAC0ALUH9AXEgAUEAR0EBdHI6AC0LGQAgACAALQAtQfsBcSABQQBHQQJ0cjoALQsZACAAIAAtAC1B9wFxIAFBAEdBA3RyOgAtCz4BAn8CQCAAKAI4IgNFDQAgAygCBCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBxhE2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCCCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9go2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCDCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7Ro2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCECIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlRA2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCFCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBqhs2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCGCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7RM2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCKCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9gg2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCHCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBwhk2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCICIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlBQ2AhBBGCEECyAEC1kBAn8CQCAALQAoQQFGDQAgAC8BMiIBQeQAa0HkAEkNACABQcwBRg0AIAFBsAJGDQAgAC8BMCIAQcAAcQ0AQQEhAiAAQYgEcUGABEYNACAAQShxRSECCyACC4wBAQJ/AkACQAJAIAAtACpFDQAgAC0AK0UNACAALwEwIgFBAnFFDQEMAgsgAC8BMCIBQQFxRQ0BC0EBIQIgAC0AKEEBRg0AIAAvATIiAEHkAGtB5ABJDQAgAEHMAUYNACAAQbACRg0AIAFBwABxDQBBACECIAFBiARxQYAERg0AIAFBKHFBAEchAgsgAgtXACAAQRhqQgA3AwAgAEIANwMAIABBOGpCADcDACAAQTBqQgA3AwAgAEEoakIANwMAIABBIGpCADcDACAAQRBqQgA3AwAgAEEIakIANwMAIABB3QE2AhwLBgAgABAyC5otAQt/IwBBEGsiCiQAQaTQACgCACIJRQRAQeTTACgCACIFRQRAQfDTAEJ/NwIAQejTAEKAgISAgIDAADcCAEHk0wAgCkEIakFwcUHYqtWqBXMiBTYCAEH40wBBADYCAEHI0wBBADYCAAtBzNMAQYDUBDYCAEGc0ABBgNQENgIAQbDQACAFNgIAQazQAEF/NgIAQdDTAEGArAM2AgADQCABQcjQAGogAUG80ABqIgI2AgAgAiABQbTQAGoiAzYCACABQcDQAGogAzYCACABQdDQAGogAUHE0ABqIgM2AgAgAyACNgIAIAFB2NAAaiABQczQAGoiAjYCACACIAM2AgAgAUHU0ABqIAI2AgAgAUEgaiIBQYACRw0AC0GM1ARBwasDNgIAQajQAEH00wAoAgA2AgBBmNAAQcCrAzYCAEGk0ABBiNQENgIAQcz/B0E4NgIAQYjUBCEJCwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIABB7AFNBEBBjNAAKAIAIgZBECAAQRNqQXBxIABBC0kbIgRBA3YiAHYiAUEDcQRAAkAgAUEBcSAAckEBcyICQQN0IgBBtNAAaiIBIABBvNAAaigCACIAKAIIIgNGBEBBjNAAIAZBfiACd3E2AgAMAQsgASADNgIIIAMgATYCDAsgAEEIaiEBIAAgAkEDdCICQQNyNgIEIAAgAmoiACAAKAIEQQFyNgIEDBELQZTQACgCACIIIARPDQEgAQRAAkBBAiAAdCICQQAgAmtyIAEgAHRxaCIAQQN0IgJBtNAAaiIBIAJBvNAAaigCACICKAIIIgNGBEBBjNAAIAZBfiAAd3EiBjYCAAwBCyABIAM2AgggAyABNgIMCyACIARBA3I2AgQgAEEDdCIAIARrIQUgACACaiAFNgIAIAIgBGoiBCAFQQFyNgIEIAgEQCAIQXhxQbTQAGohAEGg0AAoAgAhAwJ/QQEgCEEDdnQiASAGcUUEQEGM0AAgASAGcjYCACAADAELIAAoAggLIgEgAzYCDCAAIAM2AgggAyAANgIMIAMgATYCCAsgAkEIaiEBQaDQACAENgIAQZTQACAFNgIADBELQZDQACgCACILRQ0BIAtoQQJ0QbzSAGooAgAiACgCBEF4cSAEayEFIAAhAgNAAkAgAigCECIBRQRAIAJBFGooAgAiAUUNAQsgASgCBEF4cSAEayIDIAVJIQIgAyAFIAIbIQUgASAAIAIbIQAgASECDAELCyAAKAIYIQkgACgCDCIDIABHBEBBnNAAKAIAGiADIAAoAggiATYCCCABIAM2AgwMEAsgAEEUaiICKAIAIgFFBEAgACgCECIBRQ0DIABBEGohAgsDQCACIQcgASIDQRRqIgIoAgAiAQ0AIANBEGohAiADKAIQIgENAAsgB0EANgIADA8LQX8hBCAAQb9/Sw0AIABBE2oiAUFwcSEEQZDQACgCACIIRQ0AQQAgBGshBQJAAkACQAJ/QQAgBEGAAkkNABpBHyAEQf///wdLDQAaIARBJiABQQh2ZyIAa3ZBAXEgAEEBdGtBPmoLIgZBAnRBvNIAaigCACICRQRAQQAhAUEAIQMMAQtBACEBIARBGSAGQQF2a0EAIAZBH0cbdCEAQQAhAwNAAkAgAigCBEF4cSAEayIHIAVPDQAgAiEDIAciBQ0AQQAhBSACIQEMAwsgASACQRRqKAIAIgcgByACIABBHXZBBHFqQRBqKAIAIgJGGyABIAcbIQEgAEEBdCEAIAINAAsLIAEgA3JFBEBBACEDQQIgBnQiAEEAIABrciAIcSIARQ0DIABoQQJ0QbzSAGooAgAhAQsgAUUNAQsDQCABKAIEQXhxIARrIgIgBUkhACACIAUgABshBSABIAMgABshAyABKAIQIgAEfyAABSABQRRqKAIACyIBDQALCyADRQ0AIAVBlNAAKAIAIARrTw0AIAMoAhghByADIAMoAgwiAEcEQEGc0AAoAgAaIAAgAygCCCIBNgIIIAEgADYCDAwOCyADQRRqIgIoAgAiAUUEQCADKAIQIgFFDQMgA0EQaiECCwNAIAIhBiABIgBBFGoiAigCACIBDQAgAEEQaiECIAAoAhAiAQ0ACyAGQQA2AgAMDQtBlNAAKAIAIgMgBE8EQEGg0AAoAgAhAQJAIAMgBGsiAkEQTwRAIAEgBGoiACACQQFyNgIEIAEgA2ogAjYCACABIARBA3I2AgQMAQsgASADQQNyNgIEIAEgA2oiACAAKAIEQQFyNgIEQQAhAEEAIQILQZTQACACNgIAQaDQACAANgIAIAFBCGohAQwPC0GY0AAoAgAiAyAESwRAIAQgCWoiACADIARrIgFBAXI2AgRBpNAAIAA2AgBBmNAAIAE2AgAgCSAEQQNyNgIEIAlBCGohAQwPC0EAIQEgBAJ/QeTTACgCAARAQezTACgCAAwBC0Hw0wBCfzcCAEHo0wBCgICEgICAwAA3AgBB5NMAIApBDGpBcHFB2KrVqgVzNgIAQfjTAEEANgIAQcjTAEEANgIAQYCABAsiACAEQccAaiIFaiIGQQAgAGsiB3EiAk8EQEH80wBBMDYCAAwPCwJAQcTTACgCACIBRQ0AQbzTACgCACIIIAJqIQAgACABTSAAIAhLcQ0AQQAhAUH80wBBMDYCAAwPC0HI0wAtAABBBHENBAJAAkAgCQRAQczTACEBA0AgASgCACIAIAlNBEAgACABKAIEaiAJSw0DCyABKAIIIgENAAsLQQAQMyIAQX9GDQUgAiEGQejTACgCACIBQQFrIgMgAHEEQCACIABrIAAgA2pBACABa3FqIQYLIAQgBk8NBSAGQf7///8HSw0FQcTTACgCACIDBEBBvNMAKAIAIgcgBmohASABIAdNDQYgASADSw0GCyAGEDMiASAARw0BDAcLIAYgA2sgB3EiBkH+////B0sNBCAGEDMhACAAIAEoAgAgASgCBGpGDQMgACEBCwJAIAYgBEHIAGpPDQAgAUF/Rg0AQezTACgCACIAIAUgBmtqQQAgAGtxIgBB/v///wdLBEAgASEADAcLIAAQM0F/RwRAIAAgBmohBiABIQAMBwtBACAGaxAzGgwECyABIgBBf0cNBQwDC0EAIQMMDAtBACEADAoLIABBf0cNAgtByNMAQcjTACgCAEEEcjYCAAsgAkH+////B0sNASACEDMhAEEAEDMhASAAQX9GDQEgAUF/Rg0BIAAgAU8NASABIABrIgYgBEE4ak0NAQtBvNMAQbzTACgCACAGaiIBNgIAQcDTACgCACABSQRAQcDTACABNgIACwJAAkACQEGk0AAoAgAiAgRAQczTACEBA0AgACABKAIAIgMgASgCBCIFakYNAiABKAIIIgENAAsMAgtBnNAAKAIAIgFBAEcgACABT3FFBEBBnNAAIAA2AgALQQAhAUHQ0wAgBjYCAEHM0wAgADYCAEGs0ABBfzYCAEGw0ABB5NMAKAIANgIAQdjTAEEANgIAA0AgAUHI0ABqIAFBvNAAaiICNgIAIAIgAUG00ABqIgM2AgAgAUHA0ABqIAM2AgAgAUHQ0ABqIAFBxNAAaiIDNgIAIAMgAjYCACABQdjQAGogAUHM0ABqIgI2AgAgAiADNgIAIAFB1NAAaiACNgIAIAFBIGoiAUGAAkcNAAtBeCAAa0EPcSIBIABqIgIgBkE4ayIDIAFrIgFBAXI2AgRBqNAAQfTTACgCADYCAEGY0AAgATYCAEGk0AAgAjYCACAAIANqQTg2AgQMAgsgACACTQ0AIAIgA0kNACABKAIMQQhxDQBBeCACa0EPcSIAIAJqIgNBmNAAKAIAIAZqIgcgAGsiAEEBcjYCBCABIAUgBmo2AgRBqNAAQfTTACgCADYCAEGY0AAgADYCAEGk0AAgAzYCACACIAdqQTg2AgQMAQsgAEGc0AAoAgBJBEBBnNAAIAA2AgALIAAgBmohA0HM0wAhAQJAAkACQANAIAMgASgCAEcEQCABKAIIIgENAQwCCwsgAS0ADEEIcUUNAQtBzNMAIQEDQCABKAIAIgMgAk0EQCADIAEoAgRqIgUgAksNAwsgASgCCCEBDAALAAsgASAANgIAIAEgASgCBCAGajYCBCAAQXggAGtBD3FqIgkgBEEDcjYCBCADQXggA2tBD3FqIgYgBCAJaiIEayEBIAIgBkYEQEGk0AAgBDYCAEGY0ABBmNAAKAIAIAFqIgA2AgAgBCAAQQFyNgIEDAgLQaDQACgCACAGRgRAQaDQACAENgIAQZTQAEGU0AAoAgAgAWoiADYCACAEIABBAXI2AgQgACAEaiAANgIADAgLIAYoAgQiBUEDcUEBRw0GIAVBeHEhCCAFQf8BTQRAIAVBA3YhAyAGKAIIIgAgBigCDCICRgRAQYzQAEGM0AAoAgBBfiADd3E2AgAMBwsgAiAANgIIIAAgAjYCDAwGCyAGKAIYIQcgBiAGKAIMIgBHBEAgACAGKAIIIgI2AgggAiAANgIMDAULIAZBFGoiAigCACIFRQRAIAYoAhAiBUUNBCAGQRBqIQILA0AgAiEDIAUiAEEUaiICKAIAIgUNACAAQRBqIQIgACgCECIFDQALIANBADYCAAwEC0F4IABrQQ9xIgEgAGoiByAGQThrIgMgAWsiAUEBcjYCBCAAIANqQTg2AgQgAiAFQTcgBWtBD3FqQT9rIgMgAyACQRBqSRsiA0EjNgIEQajQAEH00wAoAgA2AgBBmNAAIAE2AgBBpNAAIAc2AgAgA0EQakHU0wApAgA3AgAgA0HM0wApAgA3AghB1NMAIANBCGo2AgBB0NMAIAY2AgBBzNMAIAA2AgBB2NMAQQA2AgAgA0EkaiEBA0AgAUEHNgIAIAUgAUEEaiIBSw0ACyACIANGDQAgAyADKAIEQX5xNgIEIAMgAyACayIFNgIAIAIgBUEBcjYCBCAFQf8BTQRAIAVBeHFBtNAAaiEAAn9BjNAAKAIAIgFBASAFQQN2dCIDcUUEQEGM0AAgASADcjYCACAADAELIAAoAggLIgEgAjYCDCAAIAI2AgggAiAANgIMIAIgATYCCAwBC0EfIQEgBUH///8HTQRAIAVBJiAFQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAQsgAiABNgIcIAJCADcCECABQQJ0QbzSAGohAEGQ0AAoAgAiA0EBIAF0IgZxRQRAIAAgAjYCAEGQ0AAgAyAGcjYCACACIAA2AhggAiACNgIIIAIgAjYCDAwBCyAFQRkgAUEBdmtBACABQR9HG3QhASAAKAIAIQMCQANAIAMiACgCBEF4cSAFRg0BIAFBHXYhAyABQQF0IQEgACADQQRxakEQaiIGKAIAIgMNAAsgBiACNgIAIAIgADYCGCACIAI2AgwgAiACNgIIDAELIAAoAggiASACNgIMIAAgAjYCCCACQQA2AhggAiAANgIMIAIgATYCCAtBmNAAKAIAIgEgBE0NAEGk0AAoAgAiACAEaiICIAEgBGsiAUEBcjYCBEGY0AAgATYCAEGk0AAgAjYCACAAIARBA3I2AgQgAEEIaiEBDAgLQQAhAUH80wBBMDYCAAwHC0EAIQALIAdFDQACQCAGKAIcIgJBAnRBvNIAaiIDKAIAIAZGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAdBEEEUIAcoAhAgBkYbaiAANgIAIABFDQELIAAgBzYCGCAGKAIQIgIEQCAAIAI2AhAgAiAANgIYCyAGQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAIaiEBIAYgCGoiBigCBCEFCyAGIAVBfnE2AgQgASAEaiABNgIAIAQgAUEBcjYCBCABQf8BTQRAIAFBeHFBtNAAaiEAAn9BjNAAKAIAIgJBASABQQN2dCIBcUUEQEGM0AAgASACcjYCACAADAELIAAoAggLIgEgBDYCDCAAIAQ2AgggBCAANgIMIAQgATYCCAwBC0EfIQUgAUH///8HTQRAIAFBJiABQQh2ZyIAa3ZBAXEgAEEBdGtBPmohBQsgBCAFNgIcIARCADcCECAFQQJ0QbzSAGohAEGQ0AAoAgAiAkEBIAV0IgNxRQRAIAAgBDYCAEGQ0AAgAiADcjYCACAEIAA2AhggBCAENgIIIAQgBDYCDAwBCyABQRkgBUEBdmtBACAFQR9HG3QhBSAAKAIAIQACQANAIAAiAigCBEF4cSABRg0BIAVBHXYhACAFQQF0IQUgAiAAQQRxakEQaiIDKAIAIgANAAsgAyAENgIAIAQgAjYCGCAEIAQ2AgwgBCAENgIIDAELIAIoAggiACAENgIMIAIgBDYCCCAEQQA2AhggBCACNgIMIAQgADYCCAsgCUEIaiEBDAILAkAgB0UNAAJAIAMoAhwiAUECdEG80gBqIgIoAgAgA0YEQCACIAA2AgAgAA0BQZDQACAIQX4gAXdxIgg2AgAMAgsgB0EQQRQgBygCECADRhtqIAA2AgAgAEUNAQsgACAHNgIYIAMoAhAiAQRAIAAgATYCECABIAA2AhgLIANBFGooAgAiAUUNACAAQRRqIAE2AgAgASAANgIYCwJAIAVBD00EQCADIAQgBWoiAEEDcjYCBCAAIANqIgAgACgCBEEBcjYCBAwBCyADIARqIgIgBUEBcjYCBCADIARBA3I2AgQgAiAFaiAFNgIAIAVB/wFNBEAgBUF4cUG00ABqIQACf0GM0AAoAgAiAUEBIAVBA3Z0IgVxRQRAQYzQACABIAVyNgIAIAAMAQsgACgCCAsiASACNgIMIAAgAjYCCCACIAA2AgwgAiABNgIIDAELQR8hASAFQf///wdNBEAgBUEmIAVBCHZnIgBrdkEBcSAAQQF0a0E+aiEBCyACIAE2AhwgAkIANwIQIAFBAnRBvNIAaiEAQQEgAXQiBCAIcUUEQCAAIAI2AgBBkNAAIAQgCHI2AgAgAiAANgIYIAIgAjYCCCACIAI2AgwMAQsgBUEZIAFBAXZrQQAgAUEfRxt0IQEgACgCACEEAkADQCAEIgAoAgRBeHEgBUYNASABQR12IQQgAUEBdCEBIAAgBEEEcWpBEGoiBigCACIEDQALIAYgAjYCACACIAA2AhggAiACNgIMIAIgAjYCCAwBCyAAKAIIIgEgAjYCDCAAIAI2AgggAkEANgIYIAIgADYCDCACIAE2AggLIANBCGohAQwBCwJAIAlFDQACQCAAKAIcIgFBAnRBvNIAaiICKAIAIABGBEAgAiADNgIAIAMNAUGQ0AAgC0F+IAF3cTYCAAwCCyAJQRBBFCAJKAIQIABGG2ogAzYCACADRQ0BCyADIAk2AhggACgCECIBBEAgAyABNgIQIAEgAzYCGAsgAEEUaigCACIBRQ0AIANBFGogATYCACABIAM2AhgLAkAgBUEPTQRAIAAgBCAFaiIBQQNyNgIEIAAgAWoiASABKAIEQQFyNgIEDAELIAAgBGoiByAFQQFyNgIEIAAgBEEDcjYCBCAFIAdqIAU2AgAgCARAIAhBeHFBtNAAaiEBQaDQACgCACEDAn9BASAIQQN2dCICIAZxRQRAQYzQACACIAZyNgIAIAEMAQsgASgCCAsiAiADNgIMIAEgAzYCCCADIAE2AgwgAyACNgIIC0Gg0AAgBzYCAEGU0AAgBTYCAAsgAEEIaiEBCyAKQRBqJAAgAQtDACAARQRAPwBBEHQPCwJAIABB//8DcQ0AIABBAEgNACAAQRB2QAAiAEF/RgRAQfzTAEEwNgIAQX8PCyAAQRB0DwsACwvcPyIAQYAICwkBAAAAAgAAAAMAQZQICwUEAAAABQBBpAgLCQYAAAAHAAAACABB3AgLii1JbnZhbGlkIGNoYXIgaW4gdXJsIHF1ZXJ5AFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fYm9keQBDb250ZW50LUxlbmd0aCBvdmVyZmxvdwBDaHVuayBzaXplIG92ZXJmbG93AFJlc3BvbnNlIG92ZXJmbG93AEludmFsaWQgbWV0aG9kIGZvciBIVFRQL3gueCByZXF1ZXN0AEludmFsaWQgbWV0aG9kIGZvciBSVFNQL3gueCByZXF1ZXN0AEV4cGVjdGVkIFNPVVJDRSBtZXRob2QgZm9yIElDRS94LnggcmVxdWVzdABJbnZhbGlkIGNoYXIgaW4gdXJsIGZyYWdtZW50IHN0YXJ0AEV4cGVjdGVkIGRvdABTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX3N0YXR1cwBJbnZhbGlkIHJlc3BvbnNlIHN0YXR1cwBJbnZhbGlkIGNoYXJhY3RlciBpbiBjaHVuayBleHRlbnNpb25zAFVzZXIgY2FsbGJhY2sgZXJyb3IAYG9uX3Jlc2V0YCBjYWxsYmFjayBlcnJvcgBgb25fY2h1bmtfaGVhZGVyYCBjYWxsYmFjayBlcnJvcgBgb25fbWVzc2FnZV9iZWdpbmAgY2FsbGJhY2sgZXJyb3IAYG9uX2NodW5rX2V4dGVuc2lvbl92YWx1ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX3N0YXR1c19jb21wbGV0ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX3ZlcnNpb25fY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl91cmxfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9jaHVua19jb21wbGV0ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX2hlYWRlcl92YWx1ZV9jb21wbGV0ZWAgY2FsbGJhY2sgZXJyb3IAYG9uX21lc3NhZ2VfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9tZXRob2RfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9oZWFkZXJfZmllbGRfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9jaHVua19leHRlbnNpb25fbmFtZWAgY2FsbGJhY2sgZXJyb3IAVW5leHBlY3RlZCBjaGFyIGluIHVybCBzZXJ2ZXIASW52YWxpZCBoZWFkZXIgdmFsdWUgY2hhcgBJbnZhbGlkIGhlYWRlciBmaWVsZCBjaGFyAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fdmVyc2lvbgBJbnZhbGlkIG1pbm9yIHZlcnNpb24ASW52YWxpZCBtYWpvciB2ZXJzaW9uAEV4cGVjdGVkIHNwYWNlIGFmdGVyIHZlcnNpb24ARXhwZWN0ZWQgQ1JMRiBhZnRlciB2ZXJzaW9uAEludmFsaWQgSFRUUCB2ZXJzaW9uAEludmFsaWQgaGVhZGVyIHRva2VuAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fdXJsAEludmFsaWQgY2hhcmFjdGVycyBpbiB1cmwAVW5leHBlY3RlZCBzdGFydCBjaGFyIGluIHVybABEb3VibGUgQCBpbiB1cmwARW1wdHkgQ29udGVudC1MZW5ndGgASW52YWxpZCBjaGFyYWN0ZXIgaW4gQ29udGVudC1MZW5ndGgARHVwbGljYXRlIENvbnRlbnQtTGVuZ3RoAEludmFsaWQgY2hhciBpbiB1cmwgcGF0aABDb250ZW50LUxlbmd0aCBjYW4ndCBiZSBwcmVzZW50IHdpdGggVHJhbnNmZXItRW5jb2RpbmcASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgc2l6ZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2hlYWRlcl92YWx1ZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2NodW5rX2V4dGVuc2lvbl92YWx1ZQBJbnZhbGlkIGNoYXJhY3RlciBpbiBjaHVuayBleHRlbnNpb25zIHZhbHVlAE1pc3NpbmcgZXhwZWN0ZWQgTEYgYWZ0ZXIgaGVhZGVyIHZhbHVlAEludmFsaWQgYFRyYW5zZmVyLUVuY29kaW5nYCBoZWFkZXIgdmFsdWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyBxdW90ZSB2YWx1ZQBJbnZhbGlkIGNoYXJhY3RlciBpbiBjaHVuayBleHRlbnNpb25zIHF1b3RlZCB2YWx1ZQBQYXVzZWQgYnkgb25faGVhZGVyc19jb21wbGV0ZQBJbnZhbGlkIEVPRiBzdGF0ZQBvbl9yZXNldCBwYXVzZQBvbl9jaHVua19oZWFkZXIgcGF1c2UAb25fbWVzc2FnZV9iZWdpbiBwYXVzZQBvbl9jaHVua19leHRlbnNpb25fdmFsdWUgcGF1c2UAb25fc3RhdHVzX2NvbXBsZXRlIHBhdXNlAG9uX3ZlcnNpb25fY29tcGxldGUgcGF1c2UAb25fdXJsX2NvbXBsZXRlIHBhdXNlAG9uX2NodW5rX2NvbXBsZXRlIHBhdXNlAG9uX2hlYWRlcl92YWx1ZV9jb21wbGV0ZSBwYXVzZQBvbl9tZXNzYWdlX2NvbXBsZXRlIHBhdXNlAG9uX21ldGhvZF9jb21wbGV0ZSBwYXVzZQBvbl9oZWFkZXJfZmllbGRfY29tcGxldGUgcGF1c2UAb25fY2h1bmtfZXh0ZW5zaW9uX25hbWUgcGF1c2UAVW5leHBlY3RlZCBzcGFjZSBhZnRlciBzdGFydCBsaW5lAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fY2h1bmtfZXh0ZW5zaW9uX25hbWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyBuYW1lAFBhdXNlIG9uIENPTk5FQ1QvVXBncmFkZQBQYXVzZSBvbiBQUkkvVXBncmFkZQBFeHBlY3RlZCBIVFRQLzIgQ29ubmVjdGlvbiBQcmVmYWNlAFNwYW4gY2FsbGJhY2sgZXJyb3IgaW4gb25fbWV0aG9kAEV4cGVjdGVkIHNwYWNlIGFmdGVyIG1ldGhvZABTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2hlYWRlcl9maWVsZABQYXVzZWQASW52YWxpZCB3b3JkIGVuY291bnRlcmVkAEludmFsaWQgbWV0aG9kIGVuY291bnRlcmVkAFVuZXhwZWN0ZWQgY2hhciBpbiB1cmwgc2NoZW1hAFJlcXVlc3QgaGFzIGludmFsaWQgYFRyYW5zZmVyLUVuY29kaW5nYABTV0lUQ0hfUFJPWFkAVVNFX1BST1hZAE1LQUNUSVZJVFkAVU5QUk9DRVNTQUJMRV9FTlRJVFkAQ09QWQBNT1ZFRF9QRVJNQU5FTlRMWQBUT09fRUFSTFkATk9USUZZAEZBSUxFRF9ERVBFTkRFTkNZAEJBRF9HQVRFV0FZAFBMQVkAUFVUAENIRUNLT1VUAEdBVEVXQVlfVElNRU9VVABSRVFVRVNUX1RJTUVPVVQATkVUV09SS19DT05ORUNUX1RJTUVPVVQAQ09OTkVDVElPTl9USU1FT1VUAExPR0lOX1RJTUVPVVQATkVUV09SS19SRUFEX1RJTUVPVVQAUE9TVABNSVNESVJFQ1RFRF9SRVFVRVNUAENMSUVOVF9DTE9TRURfUkVRVUVTVABDTElFTlRfQ0xPU0VEX0xPQURfQkFMQU5DRURfUkVRVUVTVABCQURfUkVRVUVTVABIVFRQX1JFUVVFU1RfU0VOVF9UT19IVFRQU19QT1JUAFJFUE9SVABJTV9BX1RFQVBPVABSRVNFVF9DT05URU5UAE5PX0NPTlRFTlQAUEFSVElBTF9DT05URU5UAEhQRV9JTlZBTElEX0NPTlNUQU5UAEhQRV9DQl9SRVNFVABHRVQASFBFX1NUUklDVABDT05GTElDVABURU1QT1JBUllfUkVESVJFQ1QAUEVSTUFORU5UX1JFRElSRUNUAENPTk5FQ1QATVVMVElfU1RBVFVTAEhQRV9JTlZBTElEX1NUQVRVUwBUT09fTUFOWV9SRVFVRVNUUwBFQVJMWV9ISU5UUwBVTkFWQUlMQUJMRV9GT1JfTEVHQUxfUkVBU09OUwBPUFRJT05TAFNXSVRDSElOR19QUk9UT0NPTFMAVkFSSUFOVF9BTFNPX05FR09USUFURVMATVVMVElQTEVfQ0hPSUNFUwBJTlRFUk5BTF9TRVJWRVJfRVJST1IAV0VCX1NFUlZFUl9VTktOT1dOX0VSUk9SAFJBSUxHVU5fRVJST1IASURFTlRJVFlfUFJPVklERVJfQVVUSEVOVElDQVRJT05fRVJST1IAU1NMX0NFUlRJRklDQVRFX0VSUk9SAElOVkFMSURfWF9GT1JXQVJERURfRk9SAFNFVF9QQVJBTUVURVIAR0VUX1BBUkFNRVRFUgBIUEVfVVNFUgBTRUVfT1RIRVIASFBFX0NCX0NIVU5LX0hFQURFUgBNS0NBTEVOREFSAFNFVFVQAFdFQl9TRVJWRVJfSVNfRE9XTgBURUFSRE9XTgBIUEVfQ0xPU0VEX0NPTk5FQ1RJT04ASEVVUklTVElDX0VYUElSQVRJT04ARElTQ09OTkVDVEVEX09QRVJBVElPTgBOT05fQVVUSE9SSVRBVElWRV9JTkZPUk1BVElPTgBIUEVfSU5WQUxJRF9WRVJTSU9OAEhQRV9DQl9NRVNTQUdFX0JFR0lOAFNJVEVfSVNfRlJPWkVOAEhQRV9JTlZBTElEX0hFQURFUl9UT0tFTgBJTlZBTElEX1RPS0VOAEZPUkJJRERFTgBFTkhBTkNFX1lPVVJfQ0FMTQBIUEVfSU5WQUxJRF9VUkwAQkxPQ0tFRF9CWV9QQVJFTlRBTF9DT05UUk9MAE1LQ09MAEFDTABIUEVfSU5URVJOQUwAUkVRVUVTVF9IRUFERVJfRklFTERTX1RPT19MQVJHRV9VTk9GRklDSUFMAEhQRV9PSwBVTkxJTksAVU5MT0NLAFBSSQBSRVRSWV9XSVRIAEhQRV9JTlZBTElEX0NPTlRFTlRfTEVOR1RIAEhQRV9VTkVYUEVDVEVEX0NPTlRFTlRfTEVOR1RIAEZMVVNIAFBST1BQQVRDSABNLVNFQVJDSABVUklfVE9PX0xPTkcAUFJPQ0VTU0lORwBNSVNDRUxMQU5FT1VTX1BFUlNJU1RFTlRfV0FSTklORwBNSVNDRUxMQU5FT1VTX1dBUk5JTkcASFBFX0lOVkFMSURfVFJBTlNGRVJfRU5DT0RJTkcARXhwZWN0ZWQgQ1JMRgBIUEVfSU5WQUxJRF9DSFVOS19TSVpFAE1PVkUAQ09OVElOVUUASFBFX0NCX1NUQVRVU19DT01QTEVURQBIUEVfQ0JfSEVBREVSU19DT01QTEVURQBIUEVfQ0JfVkVSU0lPTl9DT01QTEVURQBIUEVfQ0JfVVJMX0NPTVBMRVRFAEhQRV9DQl9DSFVOS19DT01QTEVURQBIUEVfQ0JfSEVBREVSX1ZBTFVFX0NPTVBMRVRFAEhQRV9DQl9DSFVOS19FWFRFTlNJT05fVkFMVUVfQ09NUExFVEUASFBFX0NCX0NIVU5LX0VYVEVOU0lPTl9OQU1FX0NPTVBMRVRFAEhQRV9DQl9NRVNTQUdFX0NPTVBMRVRFAEhQRV9DQl9NRVRIT0RfQ09NUExFVEUASFBFX0NCX0hFQURFUl9GSUVMRF9DT01QTEVURQBERUxFVEUASFBFX0lOVkFMSURfRU9GX1NUQVRFAElOVkFMSURfU1NMX0NFUlRJRklDQVRFAFBBVVNFAE5PX1JFU1BPTlNFAFVOU1VQUE9SVEVEX01FRElBX1RZUEUAR09ORQBOT1RfQUNDRVBUQUJMRQBTRVJWSUNFX1VOQVZBSUxBQkxFAFJBTkdFX05PVF9TQVRJU0ZJQUJMRQBPUklHSU5fSVNfVU5SRUFDSEFCTEUAUkVTUE9OU0VfSVNfU1RBTEUAUFVSR0UATUVSR0UAUkVRVUVTVF9IRUFERVJfRklFTERTX1RPT19MQVJHRQBSRVFVRVNUX0hFQURFUl9UT09fTEFSR0UAUEFZTE9BRF9UT09fTEFSR0UASU5TVUZGSUNJRU5UX1NUT1JBR0UASFBFX1BBVVNFRF9VUEdSQURFAEhQRV9QQVVTRURfSDJfVVBHUkFERQBTT1VSQ0UAQU5OT1VOQ0UAVFJBQ0UASFBFX1VORVhQRUNURURfU1BBQ0UAREVTQ1JJQkUAVU5TVUJTQ1JJQkUAUkVDT1JEAEhQRV9JTlZBTElEX01FVEhPRABOT1RfRk9VTkQAUFJPUEZJTkQAVU5CSU5EAFJFQklORABVTkFVVEhPUklaRUQATUVUSE9EX05PVF9BTExPV0VEAEhUVFBfVkVSU0lPTl9OT1RfU1VQUE9SVEVEAEFMUkVBRFlfUkVQT1JURUQAQUNDRVBURUQATk9UX0lNUExFTUVOVEVEAExPT1BfREVURUNURUQASFBFX0NSX0VYUEVDVEVEAEhQRV9MRl9FWFBFQ1RFRABDUkVBVEVEAElNX1VTRUQASFBFX1BBVVNFRABUSU1FT1VUX09DQ1VSRUQAUEFZTUVOVF9SRVFVSVJFRABQUkVDT05ESVRJT05fUkVRVUlSRUQAUFJPWFlfQVVUSEVOVElDQVRJT05fUkVRVUlSRUQATkVUV09SS19BVVRIRU5USUNBVElPTl9SRVFVSVJFRABMRU5HVEhfUkVRVUlSRUQAU1NMX0NFUlRJRklDQVRFX1JFUVVJUkVEAFVQR1JBREVfUkVRVUlSRUQAUEFHRV9FWFBJUkVEAFBSRUNPTkRJVElPTl9GQUlMRUQARVhQRUNUQVRJT05fRkFJTEVEAFJFVkFMSURBVElPTl9GQUlMRUQAU1NMX0hBTkRTSEFLRV9GQUlMRUQATE9DS0VEAFRSQU5TRk9STUFUSU9OX0FQUExJRUQATk9UX01PRElGSUVEAE5PVF9FWFRFTkRFRABCQU5EV0lEVEhfTElNSVRfRVhDRUVERUQAU0lURV9JU19PVkVSTE9BREVEAEhFQUQARXhwZWN0ZWQgSFRUUC8AAF4TAAAmEwAAMBAAAPAXAACdEwAAFRIAADkXAADwEgAAChAAAHUSAACtEgAAghMAAE8UAAB/EAAAoBUAACMUAACJEgAAixQAAE0VAADUEQAAzxQAABAYAADJFgAA3BYAAMERAADgFwAAuxQAAHQUAAB8FQAA5RQAAAgXAAAfEAAAZRUAAKMUAAAoFQAAAhUAAJkVAAAsEAAAixkAAE8PAADUDgAAahAAAM4QAAACFwAAiQ4AAG4TAAAcEwAAZhQAAFYXAADBEwAAzRMAAGwTAABoFwAAZhcAAF8XAAAiEwAAzg8AAGkOAADYDgAAYxYAAMsTAACqDgAAKBcAACYXAADFEwAAXRYAAOgRAABnEwAAZRMAAPIWAABzEwAAHRcAAPkWAADzEQAAzw4AAM4VAAAMEgAAsxEAAKURAABhEAAAMhcAALsTAEH5NQsBAQBBkDYL4AEBAQIBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB/TcLAQEAQZE4C14CAwICAgICAAACAgACAgACAgICAgICAgICAAQAAAAAAAICAgICAgICAgICAgICAgICAgICAgICAgICAAAAAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAAgACAEH9OQsBAQBBkToLXgIAAgICAgIAAAICAAICAAICAgICAgICAgIAAwAEAAAAAgICAgICAgICAgICAgICAgICAgICAgICAgIAAAACAgICAgICAgICAgICAgICAgICAgICAgICAgICAgACAAIAQfA7Cw1sb3NlZWVwLWFsaXZlAEGJPAsBAQBBoDwL4AEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBBiT4LAQEAQaA+C+cBAQEBAQEBAQEBAQEBAgEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQFjaHVua2VkAEGwwAALXwEBAAEBAQEBAAABAQABAQABAQEBAQEBAQEBAAAAAAAAAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQABAEGQwgALIWVjdGlvbmVudC1sZW5ndGhvbnJveHktY29ubmVjdGlvbgBBwMIACy1yYW5zZmVyLWVuY29kaW5ncGdyYWRlDQoNCg0KU00NCg0KVFRQL0NFL1RTUC8AQfnCAAsFAQIAAQMAQZDDAAvgAQQBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAEH5xAALBQECAAEDAEGQxQAL4AEEAQEFAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB+cYACwQBAAABAEGRxwAL3wEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAEH6yAALBAEAAAIAQZDJAAtfAwQAAAQEBAQEBAQEBAQEBQQEBAQEBAQEBAQEBAAEAAYHBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQABAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAQAQfrKAAsEAQAAAQBBkMsACwEBAEGqywALQQIAAAAAAAADAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwAAAAAAAAMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAEH6zAALBAEAAAEAQZDNAAsBAQBBms0ACwYCAAAAAAIAQbHNAAs6AwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAAAAAAAADAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwBB8M4AC5YBTk9VTkNFRUNLT1VUTkVDVEVURUNSSUJFTFVTSEVURUFEU0VBUkNIUkdFQ1RJVklUWUxFTkRBUlZFT1RJRllQVElPTlNDSFNFQVlTVEFUQ0hHRU9SRElSRUNUT1JUUkNIUEFSQU1FVEVSVVJDRUJTQ1JJQkVBUkRPV05BQ0VJTkROS0NLVUJTQ1JJQkVIVFRQL0FEVFAv', 'base64')\n","'use strict'\n\nconst { Buffer } = require('node:buffer')\n\nmodule.exports = Buffer.from('AGFzbQEAAAABJwdgAX8Bf2ADf39/AX9gAX8AYAJ/fwBgBH9/f38Bf2AAAGADf39/AALLAQgDZW52GHdhc21fb25faGVhZGVyc19jb21wbGV0ZQAEA2VudhV3YXNtX29uX21lc3NhZ2VfYmVnaW4AAANlbnYLd2FzbV9vbl91cmwAAQNlbnYOd2FzbV9vbl9zdGF0dXMAAQNlbnYUd2FzbV9vbl9oZWFkZXJfZmllbGQAAQNlbnYUd2FzbV9vbl9oZWFkZXJfdmFsdWUAAQNlbnYMd2FzbV9vbl9ib2R5AAEDZW52GHdhc21fb25fbWVzc2FnZV9jb21wbGV0ZQAAAy0sBQYAAAIAAAAAAAACAQIAAgICAAADAAAAAAMDAwMBAQEBAQEBAQEAAAIAAAAEBQFwARISBQMBAAIGCAF/AUGA1AQLB9EFIgZtZW1vcnkCAAtfaW5pdGlhbGl6ZQAIGV9faW5kaXJlY3RfZnVuY3Rpb25fdGFibGUBAAtsbGh0dHBfaW5pdAAJGGxsaHR0cF9zaG91bGRfa2VlcF9hbGl2ZQAvDGxsaHR0cF9hbGxvYwALBm1hbGxvYwAxC2xsaHR0cF9mcmVlAAwEZnJlZQAMD2xsaHR0cF9nZXRfdHlwZQANFWxsaHR0cF9nZXRfaHR0cF9tYWpvcgAOFWxsaHR0cF9nZXRfaHR0cF9taW5vcgAPEWxsaHR0cF9nZXRfbWV0aG9kABAWbGxodHRwX2dldF9zdGF0dXNfY29kZQAREmxsaHR0cF9nZXRfdXBncmFkZQASDGxsaHR0cF9yZXNldAATDmxsaHR0cF9leGVjdXRlABQUbGxodHRwX3NldHRpbmdzX2luaXQAFQ1sbGh0dHBfZmluaXNoABYMbGxodHRwX3BhdXNlABcNbGxodHRwX3Jlc3VtZQAYG2xsaHR0cF9yZXN1bWVfYWZ0ZXJfdXBncmFkZQAZEGxsaHR0cF9nZXRfZXJybm8AGhdsbGh0dHBfZ2V0X2Vycm9yX3JlYXNvbgAbF2xsaHR0cF9zZXRfZXJyb3JfcmVhc29uABwUbGxodHRwX2dldF9lcnJvcl9wb3MAHRFsbGh0dHBfZXJybm9fbmFtZQAeEmxsaHR0cF9tZXRob2RfbmFtZQAfEmxsaHR0cF9zdGF0dXNfbmFtZQAgGmxsaHR0cF9zZXRfbGVuaWVudF9oZWFkZXJzACEhbGxodHRwX3NldF9sZW5pZW50X2NodW5rZWRfbGVuZ3RoACIdbGxodHRwX3NldF9sZW5pZW50X2tlZXBfYWxpdmUAIyRsbGh0dHBfc2V0X2xlbmllbnRfdHJhbnNmZXJfZW5jb2RpbmcAJBhsbGh0dHBfbWVzc2FnZV9uZWVkc19lb2YALgkXAQBBAQsRAQIDBAUKBgcrLSwqKSglJyYK77MCLBYAQYjQACgCAARAAAtBiNAAQQE2AgALFAAgABAwIAAgAjYCOCAAIAE6ACgLFAAgACAALwEyIAAtAC4gABAvEAALHgEBf0HAABAyIgEQMCABQYAINgI4IAEgADoAKCABC48MAQd/AkAgAEUNACAAQQhrIgEgAEEEaygCACIAQXhxIgRqIQUCQCAAQQFxDQAgAEEDcUUNASABIAEoAgAiAGsiAUGc0AAoAgBJDQEgACAEaiEEAkACQEGg0AAoAgAgAUcEQCAAQf8BTQRAIABBA3YhAyABKAIIIgAgASgCDCICRgRAQYzQAEGM0AAoAgBBfiADd3E2AgAMBQsgAiAANgIIIAAgAjYCDAwECyABKAIYIQYgASABKAIMIgBHBEAgACABKAIIIgI2AgggAiAANgIMDAMLIAFBFGoiAygCACICRQRAIAEoAhAiAkUNAiABQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFKAIEIgBBA3FBA0cNAiAFIABBfnE2AgRBlNAAIAQ2AgAgBSAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCABKAIcIgJBAnRBvNIAaiIDKAIAIAFGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgAUYbaiAANgIAIABFDQELIAAgBjYCGCABKAIQIgIEQCAAIAI2AhAgAiAANgIYCyABQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAFTw0AIAUoAgQiAEEBcUUNAAJAAkACQAJAIABBAnFFBEBBpNAAKAIAIAVGBEBBpNAAIAE2AgBBmNAAQZjQACgCACAEaiIANgIAIAEgAEEBcjYCBCABQaDQACgCAEcNBkGU0ABBADYCAEGg0ABBADYCAAwGC0Gg0AAoAgAgBUYEQEGg0AAgATYCAEGU0ABBlNAAKAIAIARqIgA2AgAgASAAQQFyNgIEIAAgAWogADYCAAwGCyAAQXhxIARqIQQgAEH/AU0EQCAAQQN2IQMgBSgCCCIAIAUoAgwiAkYEQEGM0ABBjNAAKAIAQX4gA3dxNgIADAULIAIgADYCCCAAIAI2AgwMBAsgBSgCGCEGIAUgBSgCDCIARwRAQZzQACgCABogACAFKAIIIgI2AgggAiAANgIMDAMLIAVBFGoiAygCACICRQRAIAUoAhAiAkUNAiAFQRBqIQMLA0AgAyEHIAIiAEEUaiIDKAIAIgINACAAQRBqIQMgACgCECICDQALIAdBADYCAAwCCyAFIABBfnE2AgQgASAEaiAENgIAIAEgBEEBcjYCBAwDC0EAIQALIAZFDQACQCAFKAIcIgJBAnRBvNIAaiIDKAIAIAVGBEAgAyAANgIAIAANAUGQ0ABBkNAAKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiAANgIAIABFDQELIAAgBjYCGCAFKAIQIgIEQCAAIAI2AhAgAiAANgIYCyAFQRRqKAIAIgJFDQAgAEEUaiACNgIAIAIgADYCGAsgASAEaiAENgIAIAEgBEEBcjYCBCABQaDQACgCAEcNAEGU0AAgBDYCAAwBCyAEQf8BTQRAIARBeHFBtNAAaiEAAn9BjNAAKAIAIgJBASAEQQN2dCIDcUUEQEGM0AAgAiADcjYCACAADAELIAAoAggLIgIgATYCDCAAIAE2AgggASAANgIMIAEgAjYCCAwBC0EfIQIgBEH///8HTQRAIARBJiAEQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAgsgASACNgIcIAFCADcCECACQQJ0QbzSAGohAAJAQZDQACgCACIDQQEgAnQiB3FFBEAgACABNgIAQZDQACADIAdyNgIAIAEgADYCGCABIAE2AgggASABNgIMDAELIARBGSACQQF2a0EAIAJBH0cbdCECIAAoAgAhAAJAA0AgACIDKAIEQXhxIARGDQEgAkEddiEAIAJBAXQhAiADIABBBHFqQRBqIgcoAgAiAA0ACyAHIAE2AgAgASADNgIYIAEgATYCDCABIAE2AggMAQsgAygCCCIAIAE2AgwgAyABNgIIIAFBADYCGCABIAM2AgwgASAANgIIC0Gs0ABBrNAAKAIAQQFrIgBBfyAAGzYCAAsLBwAgAC0AKAsHACAALQAqCwcAIAAtACsLBwAgAC0AKQsHACAALwEyCwcAIAAtAC4LQAEEfyAAKAIYIQEgAC0ALSECIAAtACghAyAAKAI4IQQgABAwIAAgBDYCOCAAIAM6ACggACACOgAtIAAgATYCGAu74gECB38DfiABIAJqIQQCQCAAIgIoAgwiAA0AIAIoAgQEQCACIAE2AgQLIwBBEGsiCCQAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAIoAhwiA0EBaw7dAdoBAdkBAgMEBQYHCAkKCwwNDtgBDxDXARES1gETFBUWFxgZGhvgAd8BHB0e1QEfICEiIyQl1AEmJygpKiss0wHSAS0u0QHQAS8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRtsBR0hJSs8BzgFLzQFMzAFNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AAYEBggGDAYQBhQGGAYcBiAGJAYoBiwGMAY0BjgGPAZABkQGSAZMBlAGVAZYBlwGYAZkBmgGbAZwBnQGeAZ8BoAGhAaIBowGkAaUBpgGnAagBqQGqAasBrAGtAa4BrwGwAbEBsgGzAbQBtQG2AbcBywHKAbgByQG5AcgBugG7AbwBvQG+Ab8BwAHBAcIBwwHEAcUBxgEA3AELQQAMxgELQQ4MxQELQQ0MxAELQQ8MwwELQRAMwgELQRMMwQELQRQMwAELQRUMvwELQRYMvgELQRgMvQELQRkMvAELQRoMuwELQRsMugELQRwMuQELQR0MuAELQQgMtwELQR4MtgELQSAMtQELQR8MtAELQQcMswELQSEMsgELQSIMsQELQSMMsAELQSQMrwELQRIMrgELQREMrQELQSUMrAELQSYMqwELQScMqgELQSgMqQELQcMBDKgBC0EqDKcBC0ErDKYBC0EsDKUBC0EtDKQBC0EuDKMBC0EvDKIBC0HEAQyhAQtBMAygAQtBNAyfAQtBDAyeAQtBMQydAQtBMgycAQtBMwybAQtBOQyaAQtBNQyZAQtBxQEMmAELQQsMlwELQToMlgELQTYMlQELQQoMlAELQTcMkwELQTgMkgELQTwMkQELQTsMkAELQT0MjwELQQkMjgELQSkMjQELQT4MjAELQT8MiwELQcAADIoBC0HBAAyJAQtBwgAMiAELQcMADIcBC0HEAAyGAQtBxQAMhQELQcYADIQBC0EXDIMBC0HHAAyCAQtByAAMgQELQckADIABC0HKAAx/C0HLAAx+C0HNAAx9C0HMAAx8C0HOAAx7C0HPAAx6C0HQAAx5C0HRAAx4C0HSAAx3C0HTAAx2C0HUAAx1C0HWAAx0C0HVAAxzC0EGDHILQdcADHELQQUMcAtB2AAMbwtBBAxuC0HZAAxtC0HaAAxsC0HbAAxrC0HcAAxqC0EDDGkLQd0ADGgLQd4ADGcLQd8ADGYLQeEADGULQeAADGQLQeIADGMLQeMADGILQQIMYQtB5AAMYAtB5QAMXwtB5gAMXgtB5wAMXQtB6AAMXAtB6QAMWwtB6gAMWgtB6wAMWQtB7AAMWAtB7QAMVwtB7gAMVgtB7wAMVQtB8AAMVAtB8QAMUwtB8gAMUgtB8wAMUQtB9AAMUAtB9QAMTwtB9gAMTgtB9wAMTQtB+AAMTAtB+QAMSwtB+gAMSgtB+wAMSQtB/AAMSAtB/QAMRwtB/gAMRgtB/wAMRQtBgAEMRAtBgQEMQwtBggEMQgtBgwEMQQtBhAEMQAtBhQEMPwtBhgEMPgtBhwEMPQtBiAEMPAtBiQEMOwtBigEMOgtBiwEMOQtBjAEMOAtBjQEMNwtBjgEMNgtBjwEMNQtBkAEMNAtBkQEMMwtBkgEMMgtBkwEMMQtBlAEMMAtBlQEMLwtBlgEMLgtBlwEMLQtBmAEMLAtBmQEMKwtBmgEMKgtBmwEMKQtBnAEMKAtBnQEMJwtBngEMJgtBnwEMJQtBoAEMJAtBoQEMIwtBogEMIgtBowEMIQtBpAEMIAtBpQEMHwtBpgEMHgtBpwEMHQtBqAEMHAtBqQEMGwtBqgEMGgtBqwEMGQtBrAEMGAtBrQEMFwtBrgEMFgtBAQwVC0GvAQwUC0GwAQwTC0GxAQwSC0GzAQwRC0GyAQwQC0G0AQwPC0G1AQwOC0G2AQwNC0G3AQwMC0G4AQwLC0G5AQwKC0G6AQwJC0G7AQwIC0HGAQwHC0G8AQwGC0G9AQwFC0G+AQwEC0G/AQwDC0HAAQwCC0HCAQwBC0HBAQshAwNAAkACQAJAAkACQAJAAkACQAJAIAICfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAgJ/AkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACfwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACfwJAAkACQAJAAn8CQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCADDsYBAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHyAhIyUmKCorLC8wMTIzNDU2Nzk6Ozw9lANAQkRFRklLTk9QUVJTVFVWWFpbXF1eX2BhYmNkZWZnaGpsb3Bxc3V2eHl6e3x/gAGBAYIBgwGEAYUBhgGHAYgBiQGKAYsBjAGNAY4BjwGQAZEBkgGTAZQBlQGWAZcBmAGZAZoBmwGcAZ0BngGfAaABoQGiAaMBpAGlAaYBpwGoAakBqgGrAawBrQGuAa8BsAGxAbIBswG0AbUBtgG3AbgBuQG6AbsBvAG9Ab4BvwHAAcEBwgHDAcQBxQHGAccByAHJAcsBzAHNAc4BzwGKA4kDiAOHA4QDgwOAA/sC+gL5AvgC9wL0AvMC8gLLAsECsALZAQsgASAERw3wAkHdASEDDLMDCyABIARHDcgBQcMBIQMMsgMLIAEgBEcNe0H3ACEDDLEDCyABIARHDXBB7wAhAwywAwsgASAERw1pQeoAIQMMrwMLIAEgBEcNZUHoACEDDK4DCyABIARHDWJB5gAhAwytAwsgASAERw0aQRghAwysAwsgASAERw0VQRIhAwyrAwsgASAERw1CQcUAIQMMqgMLIAEgBEcNNEE/IQMMqQMLIAEgBEcNMkE8IQMMqAMLIAEgBEcNK0ExIQMMpwMLIAItAC5BAUYNnwMMwQILQQAhAAJAAkACQCACLQAqRQ0AIAItACtFDQAgAi8BMCIDQQJxRQ0BDAILIAIvATAiA0EBcUUNAQtBASEAIAItAChBAUYNACACLwEyIgVB5ABrQeQASQ0AIAVBzAFGDQAgBUGwAkYNACADQcAAcQ0AQQAhACADQYgEcUGABEYNACADQShxQQBHIQALIAJBADsBMCACQQA6AC8gAEUN3wIgAkIANwMgDOACC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAARQ3MASAAQRVHDd0CIAJBBDYCHCACIAE2AhQgAkGwGDYCECACQRU2AgxBACEDDKQDCyABIARGBEBBBiEDDKQDCyABQQFqIQFBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAA3ZAgwcCyACQgA3AyBBEiEDDIkDCyABIARHDRZBHSEDDKEDCyABIARHBEAgAUEBaiEBQRAhAwyIAwtBByEDDKADCyACIAIpAyAiCiAEIAFrrSILfSIMQgAgCiAMWhs3AyAgCiALWA3UAkEIIQMMnwMLIAEgBEcEQCACQQk2AgggAiABNgIEQRQhAwyGAwtBCSEDDJ4DCyACKQMgQgBSDccBIAIgAi8BMEGAAXI7ATAMQgsgASAERw0/QdAAIQMMnAMLIAEgBEYEQEELIQMMnAMLIAFBAWohAUEAIQACQCACKAI4IgNFDQAgAygCUCIDRQ0AIAIgAxEAACEACyAADc8CDMYBC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ3GASAAQRVHDc0CIAJBCzYCHCACIAE2AhQgAkGCGTYCECACQRU2AgxBACEDDJoDC0EAIQACQCACKAI4IgNFDQAgAygCSCIDRQ0AIAIgAxEAACEACyAARQ0MIABBFUcNygIgAkEaNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMmQMLQQAhAAJAIAIoAjgiA0UNACADKAJMIgNFDQAgAiADEQAAIQALIABFDcQBIABBFUcNxwIgAkELNgIcIAIgATYCFCACQZEXNgIQIAJBFTYCDEEAIQMMmAMLIAEgBEYEQEEPIQMMmAMLIAEtAAAiAEE7Rg0HIABBDUcNxAIgAUEBaiEBDMMBC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3DASAAQRVHDcICIAJBDzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJYDCwNAIAEtAABB8DVqLQAAIgBBAUcEQCAAQQJHDcECIAIoAgQhAEEAIQMgAkEANgIEIAIgACABQQFqIgEQLSIADcICDMUBCyAEIAFBAWoiAUcNAAtBEiEDDJUDC0EAIQACQCACKAI4IgNFDQAgAygCTCIDRQ0AIAIgAxEAACEACyAARQ3FASAAQRVHDb0CIAJBGzYCHCACIAE2AhQgAkGRFzYCECACQRU2AgxBACEDDJQDCyABIARGBEBBFiEDDJQDCyACQQo2AgggAiABNgIEQQAhAAJAIAIoAjgiA0UNACADKAJIIgNFDQAgAiADEQAAIQALIABFDcIBIABBFUcNuQIgAkEVNgIcIAIgATYCFCACQYIZNgIQIAJBFTYCDEEAIQMMkwMLIAEgBEcEQANAIAEtAABB8DdqLQAAIgBBAkcEQAJAIABBAWsOBMQCvQIAvgK9AgsgAUEBaiEBQQghAwz8AgsgBCABQQFqIgFHDQALQRUhAwyTAwtBFSEDDJIDCwNAIAEtAABB8DlqLQAAIgBBAkcEQCAAQQFrDgTFArcCwwK4ArcCCyAEIAFBAWoiAUcNAAtBGCEDDJEDCyABIARHBEAgAkELNgIIIAIgATYCBEEHIQMM+AILQRkhAwyQAwsgAUEBaiEBDAILIAEgBEYEQEEaIQMMjwMLAkAgAS0AAEENaw4UtQG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwG/Ab8BvwEAvwELQQAhAyACQQA2AhwgAkGvCzYCECACQQI2AgwgAiABQQFqNgIUDI4DCyABIARGBEBBGyEDDI4DCyABLQAAIgBBO0cEQCAAQQ1HDbECIAFBAWohAQy6AQsgAUEBaiEBC0EiIQMM8wILIAEgBEYEQEEcIQMMjAMLQgAhCgJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAS0AAEEwaw43wQLAAgABAgMEBQYH0AHQAdAB0AHQAdAB0AEICQoLDA3QAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdAB0AHQAdABDg8QERIT0AELQgIhCgzAAgtCAyEKDL8CC0IEIQoMvgILQgUhCgy9AgtCBiEKDLwCC0IHIQoMuwILQgghCgy6AgtCCSEKDLkCC0IKIQoMuAILQgshCgy3AgtCDCEKDLYCC0INIQoMtQILQg4hCgy0AgtCDyEKDLMCC0IKIQoMsgILQgshCgyxAgtCDCEKDLACC0INIQoMrwILQg4hCgyuAgtCDyEKDK0CC0IAIQoCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIAEtAABBMGsON8ACvwIAAQIDBAUGB74CvgK+Ar4CvgK+Ar4CCAkKCwwNvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ar4CvgK+Ag4PEBESE74CC0ICIQoMvwILQgMhCgy+AgtCBCEKDL0CC0IFIQoMvAILQgYhCgy7AgtCByEKDLoCC0IIIQoMuQILQgkhCgy4AgtCCiEKDLcCC0ILIQoMtgILQgwhCgy1AgtCDSEKDLQCC0IOIQoMswILQg8hCgyyAgtCCiEKDLECC0ILIQoMsAILQgwhCgyvAgtCDSEKDK4CC0IOIQoMrQILQg8hCgysAgsgAiACKQMgIgogBCABa60iC30iDEIAIAogDFobNwMgIAogC1gNpwJBHyEDDIkDCyABIARHBEAgAkEJNgIIIAIgATYCBEElIQMM8AILQSAhAwyIAwtBASEFIAIvATAiA0EIcUUEQCACKQMgQgBSIQULAkAgAi0ALgRAQQEhACACLQApQQVGDQEgA0HAAHFFIAVxRQ0BC0EAIQAgA0HAAHENAEECIQAgA0EIcQ0AIANBgARxBEACQCACLQAoQQFHDQAgAi0ALUEKcQ0AQQUhAAwCC0EEIQAMAQsgA0EgcUUEQAJAIAItAChBAUYNACACLwEyIgBB5ABrQeQASQ0AIABBzAFGDQAgAEGwAkYNAEEEIQAgA0EocUUNAiADQYgEcUGABEYNAgtBACEADAELQQBBAyACKQMgUBshAAsgAEEBaw4FvgIAsAEBpAKhAgtBESEDDO0CCyACQQE6AC8MhAMLIAEgBEcNnQJBJCEDDIQDCyABIARHDRxBxgAhAwyDAwtBACEAAkAgAigCOCIDRQ0AIAMoAkQiA0UNACACIAMRAAAhAAsgAEUNJyAAQRVHDZgCIAJB0AA2AhwgAiABNgIUIAJBkRg2AhAgAkEVNgIMQQAhAwyCAwsgASAERgRAQSghAwyCAwtBACEDIAJBADYCBCACQQw2AgggAiABIAEQKiIARQ2UAiACQSc2AhwgAiABNgIUIAIgADYCDAyBAwsgASAERgRAQSkhAwyBAwsgAS0AACIAQSBGDRMgAEEJRw2VAiABQQFqIQEMFAsgASAERwRAIAFBAWohAQwWC0EqIQMM/wILIAEgBEYEQEErIQMM/wILIAEtAAAiAEEJRyAAQSBHcQ2QAiACLQAsQQhHDd0CIAJBADoALAzdAgsgASAERgRAQSwhAwz+AgsgAS0AAEEKRw2OAiABQQFqIQEMsAELIAEgBEcNigJBLyEDDPwCCwNAIAEtAAAiAEEgRwRAIABBCmsOBIQCiAKIAoQChgILIAQgAUEBaiIBRw0AC0ExIQMM+wILQTIhAyABIARGDfoCIAIoAgAiACAEIAFraiEHIAEgAGtBA2ohBgJAA0AgAEHwO2otAAAgAS0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDQEgAEEDRgRAQQYhAQziAgsgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAc2AgAM+wILIAJBADYCAAyGAgtBMyEDIAQgASIARg35AiAEIAFrIAIoAgAiAWohByAAIAFrQQhqIQYCQANAIAFB9DtqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBCEYEQEEFIQEM4QILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPoCCyACQQA2AgAgACEBDIUCC0E0IQMgBCABIgBGDfgCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgJAA0AgAUHQwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw0BIAFBBUYEQEEHIQEM4AILIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADPkCCyACQQA2AgAgACEBDIQCCyABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRg0JDIECCyAEIAFBAWoiAUcNAAtBMCEDDPgCC0EwIQMM9wILIAEgBEcEQANAIAEtAAAiAEEgRwRAIABBCmsOBP8B/gH+Af8B/gELIAQgAUEBaiIBRw0AC0E4IQMM9wILQTghAwz2AgsDQCABLQAAIgBBIEcgAEEJR3EN9gEgBCABQQFqIgFHDQALQTwhAwz1AgsDQCABLQAAIgBBIEcEQAJAIABBCmsOBPkBBAT5AQALIABBLEYN9QEMAwsgBCABQQFqIgFHDQALQT8hAwz0AgtBwAAhAyABIARGDfMCIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAEGAQGstAAAgAS0AAEEgckcNASAAQQZGDdsCIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPQCCyACQQA2AgALQTYhAwzZAgsgASAERgRAQcEAIQMM8gILIAJBDDYCCCACIAE2AgQgAi0ALEEBaw4E+wHuAewB6wHUAgsgAUEBaiEBDPoBCyABIARHBEADQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxIgBBCUYNACAAQSBGDQACQAJAAkACQCAAQeMAaw4TAAMDAwMDAwMBAwMDAwMDAwMDAgMLIAFBAWohAUExIQMM3AILIAFBAWohAUEyIQMM2wILIAFBAWohAUEzIQMM2gILDP4BCyAEIAFBAWoiAUcNAAtBNSEDDPACC0E1IQMM7wILIAEgBEcEQANAIAEtAABBgDxqLQAAQQFHDfcBIAQgAUEBaiIBRw0AC0E9IQMM7wILQT0hAwzuAgtBACEAAkAgAigCOCIDRQ0AIAMoAkAiA0UNACACIAMRAAAhAAsgAEUNASAAQRVHDeYBIAJBwgA2AhwgAiABNgIUIAJB4xg2AhAgAkEVNgIMQQAhAwztAgsgAUEBaiEBC0E8IQMM0gILIAEgBEYEQEHCACEDDOsCCwJAA0ACQCABLQAAQQlrDhgAAswCzALRAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAswCzALMAgDMAgsgBCABQQFqIgFHDQALQcIAIQMM6wILIAFBAWohASACLQAtQQFxRQ3+AQtBLCEDDNACCyABIARHDd4BQcQAIQMM6AILA0AgAS0AAEGQwABqLQAAQQFHDZwBIAQgAUEBaiIBRw0AC0HFACEDDOcCCyABLQAAIgBBIEYN/gEgAEE6Rw3AAiACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgAN3gEM3QELQccAIQMgBCABIgBGDeUCIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFBkMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvwIgAUEFRg3CAiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzlAgtByAAhAyAEIAEiAEYN5AIgBCABayACKAIAIgFqIQcgACABa0EJaiEGA0AgAUGWwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw2+AkECIAFBCUYNwgIaIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOQCCyABIARGBEBByQAhAwzkAgsCQAJAIAEtAAAiAEEgciAAIABBwQBrQf8BcUEaSRtB/wFxQe4Aaw4HAL8CvwK/Ar8CvwIBvwILIAFBAWohAUE+IQMMywILIAFBAWohAUE/IQMMygILQcoAIQMgBCABIgBGDeICIAQgAWsgAigCACIBaiEGIAAgAWtBAWohBwNAIAFBoMIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNvAIgAUEBRg2+AiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBjYCAAziAgtBywAhAyAEIAEiAEYN4QIgBCABayACKAIAIgFqIQcgACABa0EOaiEGA0AgAUGiwgBqLQAAIAAtAAAiBUEgciAFIAVBwQBrQf8BcUEaSRtB/wFxRw27AiABQQ5GDb4CIAFBAWohASAEIABBAWoiAEcNAAsgAiAHNgIADOECC0HMACEDIAQgASIARg3gAiAEIAFrIAIoAgAiAWohByAAIAFrQQ9qIQYDQCABQcDCAGotAAAgAC0AACIFQSByIAUgBUHBAGtB/wFxQRpJG0H/AXFHDboCQQMgAUEPRg2+AhogAUEBaiEBIAQgAEEBaiIARw0ACyACIAc2AgAM4AILQc0AIQMgBCABIgBGDd8CIAQgAWsgAigCACIBaiEHIAAgAWtBBWohBgNAIAFB0MIAai0AACAALQAAIgVBIHIgBSAFQcEAa0H/AXFBGkkbQf8BcUcNuQJBBCABQQVGDb0CGiABQQFqIQEgBCAAQQFqIgBHDQALIAIgBzYCAAzfAgsgASAERgRAQc4AIQMM3wILAkACQAJAAkAgAS0AACIAQSByIAAgAEHBAGtB/wFxQRpJG0H/AXFB4wBrDhMAvAK8ArwCvAK8ArwCvAK8ArwCvAK8ArwCAbwCvAK8AgIDvAILIAFBAWohAUHBACEDDMgCCyABQQFqIQFBwgAhAwzHAgsgAUEBaiEBQcMAIQMMxgILIAFBAWohAUHEACEDDMUCCyABIARHBEAgAkENNgIIIAIgATYCBEHFACEDDMUCC0HPACEDDN0CCwJAAkAgAS0AAEEKaw4EAZABkAEAkAELIAFBAWohAQtBKCEDDMMCCyABIARGBEBB0QAhAwzcAgsgAS0AAEEgRw0AIAFBAWohASACLQAtQQFxRQ3QAQtBFyEDDMECCyABIARHDcsBQdIAIQMM2QILQdMAIQMgASAERg3YAiACKAIAIgAgBCABa2ohBiABIABrQQFqIQUDQCABLQAAIABB1sIAai0AAEcNxwEgAEEBRg3KASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBjYCAAzYAgsgASAERgRAQdUAIQMM2AILIAEtAABBCkcNwgEgAUEBaiEBDMoBCyABIARGBEBB1gAhAwzXAgsCQAJAIAEtAABBCmsOBADDAcMBAcMBCyABQQFqIQEMygELIAFBAWohAUHKACEDDL0CC0EAIQACQCACKAI4IgNFDQAgAygCPCIDRQ0AIAIgAxEAACEACyAADb8BQc0AIQMMvAILIAItAClBIkYNzwIMiQELIAQgASIFRgRAQdsAIQMM1AILQQAhAEEBIQFBASEGQQAhAwJAAn8CQAJAAkACQAJAAkACQCAFLQAAQTBrDgrFAcQBAAECAwQFBgjDAQtBAgwGC0EDDAULQQQMBAtBBQwDC0EGDAILQQcMAQtBCAshA0EAIQFBACEGDL0BC0EJIQNBASEAQQAhAUEAIQYMvAELIAEgBEYEQEHdACEDDNMCCyABLQAAQS5HDbgBIAFBAWohAQyIAQsgASAERw22AUHfACEDDNECCyABIARHBEAgAkEONgIIIAIgATYCBEHQACEDDLgCC0HgACEDDNACC0HhACEDIAEgBEYNzwIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGA0AgAS0AACAAQeLCAGotAABHDbEBIABBA0YNswEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMzwILQeIAIQMgASAERg3OAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYDQCABLQAAIABB5sIAai0AAEcNsAEgAEECRg2vASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAzOAgtB4wAhAyABIARGDc0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgNAIAEtAAAgAEHpwgBqLQAARw2vASAAQQNGDa0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADM0CCyABIARGBEBB5QAhAwzNAgsgAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANqgFB1gAhAwyzAgsgASAERwRAA0AgAS0AACIAQSBHBEACQAJAAkAgAEHIAGsOCwABswGzAbMBswGzAbMBswGzAQKzAQsgAUEBaiEBQdIAIQMMtwILIAFBAWohAUHTACEDDLYCCyABQQFqIQFB1AAhAwy1AgsgBCABQQFqIgFHDQALQeQAIQMMzAILQeQAIQMMywILA0AgAS0AAEHwwgBqLQAAIgBBAUcEQCAAQQJrDgOnAaYBpQGkAQsgBCABQQFqIgFHDQALQeYAIQMMygILIAFBAWogASAERw0CGkHnACEDDMkCCwNAIAEtAABB8MQAai0AACIAQQFHBEACQCAAQQJrDgSiAaEBoAEAnwELQdcAIQMMsQILIAQgAUEBaiIBRw0AC0HoACEDDMgCCyABIARGBEBB6QAhAwzIAgsCQCABLQAAIgBBCmsOGrcBmwGbAbQBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBmwGbAZsBpAGbAZsBAJkBCyABQQFqCyEBQQYhAwytAgsDQCABLQAAQfDGAGotAABBAUcNfSAEIAFBAWoiAUcNAAtB6gAhAwzFAgsgAUEBaiABIARHDQIaQesAIQMMxAILIAEgBEYEQEHsACEDDMQCCyABQQFqDAELIAEgBEYEQEHtACEDDMMCCyABQQFqCyEBQQQhAwyoAgsgASAERgRAQe4AIQMMwQILAkACQAJAIAEtAABB8MgAai0AAEEBaw4HkAGPAY4BAHwBAo0BCyABQQFqIQEMCwsgAUEBagyTAQtBACEDIAJBADYCHCACQZsSNgIQIAJBBzYCDCACIAFBAWo2AhQMwAILAkADQCABLQAAQfDIAGotAAAiAEEERwRAAkACQCAAQQFrDgeUAZMBkgGNAQAEAY0BC0HaACEDDKoCCyABQQFqIQFB3AAhAwypAgsgBCABQQFqIgFHDQALQe8AIQMMwAILIAFBAWoMkQELIAQgASIARgRAQfAAIQMMvwILIAAtAABBL0cNASAAQQFqIQEMBwsgBCABIgBGBEBB8QAhAwy+AgsgAC0AACIBQS9GBEAgAEEBaiEBQd0AIQMMpQILIAFBCmsiA0EWSw0AIAAhAUEBIAN0QYmAgAJxDfkBC0EAIQMgAkEANgIcIAIgADYCFCACQYwcNgIQIAJBBzYCDAy8AgsgASAERwRAIAFBAWohAUHeACEDDKMCC0HyACEDDLsCCyABIARGBEBB9AAhAwy7AgsCQCABLQAAQfDMAGotAABBAWsOA/cBcwCCAQtB4QAhAwyhAgsgASAERwRAA0AgAS0AAEHwygBqLQAAIgBBA0cEQAJAIABBAWsOAvkBAIUBC0HfACEDDKMCCyAEIAFBAWoiAUcNAAtB8wAhAwy6AgtB8wAhAwy5AgsgASAERwRAIAJBDzYCCCACIAE2AgRB4AAhAwygAgtB9QAhAwy4AgsgASAERgRAQfYAIQMMuAILIAJBDzYCCCACIAE2AgQLQQMhAwydAgsDQCABLQAAQSBHDY4CIAQgAUEBaiIBRw0AC0H3ACEDDLUCCyABIARGBEBB+AAhAwy1AgsgAS0AAEEgRw16IAFBAWohAQxbC0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAADXgMgAILIAEgBEYEQEH6ACEDDLMCCyABLQAAQcwARw10IAFBAWohAUETDHYLQfsAIQMgASAERg2xAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYDQCABLQAAIABB8M4Aai0AAEcNcyAAQQVGDXUgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMsQILIAEgBEYEQEH8ACEDDLECCwJAAkAgAS0AAEHDAGsODAB0dHR0dHR0dHR0AXQLIAFBAWohAUHmACEDDJgCCyABQQFqIQFB5wAhAwyXAgtB/QAhAyABIARGDa8CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDXIgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADLACCyACQQA2AgAgBkEBaiEBQRAMcwtB/gAhAyABIARGDa4CIAIoAgAiACAEIAFraiEFIAEgAGtBBWohBgJAA0AgAS0AACAAQfbOAGotAABHDXEgAEEFRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK8CCyACQQA2AgAgBkEBaiEBQRYMcgtB/wAhAyABIARGDa0CIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQfzOAGotAABHDXAgAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADK4CCyACQQA2AgAgBkEBaiEBQQUMcQsgASAERgRAQYABIQMMrQILIAEtAABB2QBHDW4gAUEBaiEBQQgMcAsgASAERgRAQYEBIQMMrAILAkACQCABLQAAQc4Aaw4DAG8BbwsgAUEBaiEBQesAIQMMkwILIAFBAWohAUHsACEDDJICCyABIARGBEBBggEhAwyrAgsCQAJAIAEtAABByABrDggAbm5ubm5uAW4LIAFBAWohAUHqACEDDJICCyABQQFqIQFB7QAhAwyRAgtBgwEhAyABIARGDakCIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQYDPAGotAABHDWwgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKoCCyACQQA2AgAgBkEBaiEBQQAMbQtBhAEhAyABIARGDagCIAIoAgAiACAEIAFraiEFIAEgAGtBBGohBgJAA0AgAS0AACAAQYPPAGotAABHDWsgAEEERg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADKkCCyACQQA2AgAgBkEBaiEBQSMMbAsgASAERgRAQYUBIQMMqAILAkACQCABLQAAQcwAaw4IAGtra2trawFrCyABQQFqIQFB7wAhAwyPAgsgAUEBaiEBQfAAIQMMjgILIAEgBEYEQEGGASEDDKcCCyABLQAAQcUARw1oIAFBAWohAQxgC0GHASEDIAEgBEYNpQIgAigCACIAIAQgAWtqIQUgASAAa0EDaiEGAkADQCABLQAAIABBiM8Aai0AAEcNaCAAQQNGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpgILIAJBADYCACAGQQFqIQFBLQxpC0GIASEDIAEgBEYNpAIgAigCACIAIAQgAWtqIQUgASAAa0EIaiEGAkADQCABLQAAIABB0M8Aai0AAEcNZyAAQQhGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMpQILIAJBADYCACAGQQFqIQFBKQxoCyABIARGBEBBiQEhAwykAgtBASABLQAAQd8ARw1nGiABQQFqIQEMXgtBigEhAyABIARGDaICIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgNAIAEtAAAgAEGMzwBqLQAARw1kIABBAUYN+gEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMogILQYsBIQMgASAERg2hAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGOzwBqLQAARw1kIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyiAgsgAkEANgIAIAZBAWohAUECDGULQYwBIQMgASAERg2gAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHwzwBqLQAARw1jIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyhAgsgAkEANgIAIAZBAWohAUEfDGQLQY0BIQMgASAERg2fAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHyzwBqLQAARw1iIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAygAgsgAkEANgIAIAZBAWohAUEJDGMLIAEgBEYEQEGOASEDDJ8CCwJAAkAgAS0AAEHJAGsOBwBiYmJiYgFiCyABQQFqIQFB+AAhAwyGAgsgAUEBaiEBQfkAIQMMhQILQY8BIQMgASAERg2dAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGRzwBqLQAARw1gIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyeAgsgAkEANgIAIAZBAWohAUEYDGELQZABIQMgASAERg2cAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGXzwBqLQAARw1fIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAydAgsgAkEANgIAIAZBAWohAUEXDGALQZEBIQMgASAERg2bAiACKAIAIgAgBCABa2ohBSABIABrQQZqIQYCQANAIAEtAAAgAEGazwBqLQAARw1eIABBBkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAycAgsgAkEANgIAIAZBAWohAUEVDF8LQZIBIQMgASAERg2aAiACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEGhzwBqLQAARw1dIABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAybAgsgAkEANgIAIAZBAWohAUEeDF4LIAEgBEYEQEGTASEDDJoCCyABLQAAQcwARw1bIAFBAWohAUEKDF0LIAEgBEYEQEGUASEDDJkCCwJAAkAgAS0AAEHBAGsODwBcXFxcXFxcXFxcXFxcAVwLIAFBAWohAUH+ACEDDIACCyABQQFqIQFB/wAhAwz/AQsgASAERgRAQZUBIQMMmAILAkACQCABLQAAQcEAaw4DAFsBWwsgAUEBaiEBQf0AIQMM/wELIAFBAWohAUGAASEDDP4BC0GWASEDIAEgBEYNlgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBp88Aai0AAEcNWSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlwILIAJBADYCACAGQQFqIQFBCwxaCyABIARGBEBBlwEhAwyWAgsCQAJAAkACQCABLQAAQS1rDiMAW1tbW1tbW1tbW1tbW1tbW1tbW1tbW1sBW1tbW1sCW1tbA1sLIAFBAWohAUH7ACEDDP8BCyABQQFqIQFB/AAhAwz+AQsgAUEBaiEBQYEBIQMM/QELIAFBAWohAUGCASEDDPwBC0GYASEDIAEgBEYNlAIgAigCACIAIAQgAWtqIQUgASAAa0EEaiEGAkADQCABLQAAIABBqc8Aai0AAEcNVyAAQQRGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlQILIAJBADYCACAGQQFqIQFBGQxYC0GZASEDIAEgBEYNkwIgAigCACIAIAQgAWtqIQUgASAAa0EFaiEGAkADQCABLQAAIABBrs8Aai0AAEcNViAAQQVGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMlAILIAJBADYCACAGQQFqIQFBBgxXC0GaASEDIAEgBEYNkgIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBtM8Aai0AAEcNVSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkwILIAJBADYCACAGQQFqIQFBHAxWC0GbASEDIAEgBEYNkQIgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABBts8Aai0AAEcNVCAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAMkgILIAJBADYCACAGQQFqIQFBJwxVCyABIARGBEBBnAEhAwyRAgsCQAJAIAEtAABB1ABrDgIAAVQLIAFBAWohAUGGASEDDPgBCyABQQFqIQFBhwEhAwz3AQtBnQEhAyABIARGDY8CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbjPAGotAABHDVIgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADJACCyACQQA2AgAgBkEBaiEBQSYMUwtBngEhAyABIARGDY4CIAIoAgAiACAEIAFraiEFIAEgAGtBAWohBgJAA0AgAS0AACAAQbrPAGotAABHDVEgAEEBRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI8CCyACQQA2AgAgBkEBaiEBQQMMUgtBnwEhAyABIARGDY0CIAIoAgAiACAEIAFraiEFIAEgAGtBAmohBgJAA0AgAS0AACAAQe3PAGotAABHDVAgAEECRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI4CCyACQQA2AgAgBkEBaiEBQQwMUQtBoAEhAyABIARGDYwCIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQbzPAGotAABHDU8gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADI0CCyACQQA2AgAgBkEBaiEBQQ0MUAsgASAERgRAQaEBIQMMjAILAkACQCABLQAAQcYAaw4LAE9PT09PT09PTwFPCyABQQFqIQFBiwEhAwzzAQsgAUEBaiEBQYwBIQMM8gELIAEgBEYEQEGiASEDDIsCCyABLQAAQdAARw1MIAFBAWohAQxGCyABIARGBEBBowEhAwyKAgsCQAJAIAEtAABByQBrDgcBTU1NTU0ATQsgAUEBaiEBQY4BIQMM8QELIAFBAWohAUEiDE0LQaQBIQMgASAERg2IAiACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEHAzwBqLQAARw1LIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyJAgsgAkEANgIAIAZBAWohAUEdDEwLIAEgBEYEQEGlASEDDIgCCwJAAkAgAS0AAEHSAGsOAwBLAUsLIAFBAWohAUGQASEDDO8BCyABQQFqIQFBBAxLCyABIARGBEBBpgEhAwyHAgsCQAJAAkACQAJAIAEtAABBwQBrDhUATU1NTU1NTU1NTQFNTQJNTQNNTQRNCyABQQFqIQFBiAEhAwzxAQsgAUEBaiEBQYkBIQMM8AELIAFBAWohAUGKASEDDO8BCyABQQFqIQFBjwEhAwzuAQsgAUEBaiEBQZEBIQMM7QELQacBIQMgASAERg2FAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHtzwBqLQAARw1IIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyGAgsgAkEANgIAIAZBAWohAUERDEkLQagBIQMgASAERg2EAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHCzwBqLQAARw1HIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyFAgsgAkEANgIAIAZBAWohAUEsDEgLQakBIQMgASAERg2DAiACKAIAIgAgBCABa2ohBSABIABrQQRqIQYCQANAIAEtAAAgAEHFzwBqLQAARw1GIABBBEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyEAgsgAkEANgIAIAZBAWohAUErDEcLQaoBIQMgASAERg2CAiACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHKzwBqLQAARw1FIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyDAgsgAkEANgIAIAZBAWohAUEUDEYLIAEgBEYEQEGrASEDDIICCwJAAkACQAJAIAEtAABBwgBrDg8AAQJHR0dHR0dHR0dHRwNHCyABQQFqIQFBkwEhAwzrAQsgAUEBaiEBQZQBIQMM6gELIAFBAWohAUGVASEDDOkBCyABQQFqIQFBlgEhAwzoAQsgASAERgRAQawBIQMMgQILIAEtAABBxQBHDUIgAUEBaiEBDD0LQa0BIQMgASAERg3/ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHNzwBqLQAARw1CIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAyAAgsgAkEANgIAIAZBAWohAUEODEMLIAEgBEYEQEGuASEDDP8BCyABLQAAQdAARw1AIAFBAWohAUElDEILQa8BIQMgASAERg39ASACKAIAIgAgBCABa2ohBSABIABrQQhqIQYCQANAIAEtAAAgAEHQzwBqLQAARw1AIABBCEYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz+AQsgAkEANgIAIAZBAWohAUEqDEELIAEgBEYEQEGwASEDDP0BCwJAAkAgAS0AAEHVAGsOCwBAQEBAQEBAQEABQAsgAUEBaiEBQZoBIQMM5AELIAFBAWohAUGbASEDDOMBCyABIARGBEBBsQEhAwz8AQsCQAJAIAEtAABBwQBrDhQAPz8/Pz8/Pz8/Pz8/Pz8/Pz8/AT8LIAFBAWohAUGZASEDDOMBCyABQQFqIQFBnAEhAwziAQtBsgEhAyABIARGDfoBIAIoAgAiACAEIAFraiEFIAEgAGtBA2ohBgJAA0AgAS0AACAAQdnPAGotAABHDT0gAEEDRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPsBCyACQQA2AgAgBkEBaiEBQSEMPgtBswEhAyABIARGDfkBIAIoAgAiACAEIAFraiEFIAEgAGtBBmohBgJAA0AgAS0AACAAQd3PAGotAABHDTwgAEEGRg0BIABBAWohACAEIAFBAWoiAUcNAAsgAiAFNgIADPoBCyACQQA2AgAgBkEBaiEBQRoMPQsgASAERgRAQbQBIQMM+QELAkACQAJAIAEtAABBxQBrDhEAPT09PT09PT09AT09PT09Aj0LIAFBAWohAUGdASEDDOEBCyABQQFqIQFBngEhAwzgAQsgAUEBaiEBQZ8BIQMM3wELQbUBIQMgASAERg33ASACKAIAIgAgBCABa2ohBSABIABrQQVqIQYCQANAIAEtAAAgAEHkzwBqLQAARw06IABBBUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz4AQsgAkEANgIAIAZBAWohAUEoDDsLQbYBIQMgASAERg32ASACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEHqzwBqLQAARw05IABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAz3AQsgAkEANgIAIAZBAWohAUEHDDoLIAEgBEYEQEG3ASEDDPYBCwJAAkAgAS0AAEHFAGsODgA5OTk5OTk5OTk5OTkBOQsgAUEBaiEBQaEBIQMM3QELIAFBAWohAUGiASEDDNwBC0G4ASEDIAEgBEYN9AEgAigCACIAIAQgAWtqIQUgASAAa0ECaiEGAkADQCABLQAAIABB7c8Aai0AAEcNNyAAQQJGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9QELIAJBADYCACAGQQFqIQFBEgw4C0G5ASEDIAEgBEYN8wEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8M8Aai0AAEcNNiAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM9AELIAJBADYCACAGQQFqIQFBIAw3C0G6ASEDIAEgBEYN8gEgAigCACIAIAQgAWtqIQUgASAAa0EBaiEGAkADQCABLQAAIABB8s8Aai0AAEcNNSAAQQFGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8wELIAJBADYCACAGQQFqIQFBDww2CyABIARGBEBBuwEhAwzyAQsCQAJAIAEtAABByQBrDgcANTU1NTUBNQsgAUEBaiEBQaUBIQMM2QELIAFBAWohAUGmASEDDNgBC0G8ASEDIAEgBEYN8AEgAigCACIAIAQgAWtqIQUgASAAa0EHaiEGAkADQCABLQAAIABB9M8Aai0AAEcNMyAAQQdGDQEgAEEBaiEAIAQgAUEBaiIBRw0ACyACIAU2AgAM8QELIAJBADYCACAGQQFqIQFBGww0CyABIARGBEBBvQEhAwzwAQsCQAJAAkAgAS0AAEHCAGsOEgA0NDQ0NDQ0NDQBNDQ0NDQ0AjQLIAFBAWohAUGkASEDDNgBCyABQQFqIQFBpwEhAwzXAQsgAUEBaiEBQagBIQMM1gELIAEgBEYEQEG+ASEDDO8BCyABLQAAQc4ARw0wIAFBAWohAQwsCyABIARGBEBBvwEhAwzuAQsCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCABLQAAQcEAaw4VAAECAz8EBQY/Pz8HCAkKCz8MDQ4PPwsgAUEBaiEBQegAIQMM4wELIAFBAWohAUHpACEDDOIBCyABQQFqIQFB7gAhAwzhAQsgAUEBaiEBQfIAIQMM4AELIAFBAWohAUHzACEDDN8BCyABQQFqIQFB9gAhAwzeAQsgAUEBaiEBQfcAIQMM3QELIAFBAWohAUH6ACEDDNwBCyABQQFqIQFBgwEhAwzbAQsgAUEBaiEBQYQBIQMM2gELIAFBAWohAUGFASEDDNkBCyABQQFqIQFBkgEhAwzYAQsgAUEBaiEBQZgBIQMM1wELIAFBAWohAUGgASEDDNYBCyABQQFqIQFBowEhAwzVAQsgAUEBaiEBQaoBIQMM1AELIAEgBEcEQCACQRA2AgggAiABNgIEQasBIQMM1AELQcABIQMM7AELQQAhAAJAIAIoAjgiA0UNACADKAI0IgNFDQAgAiADEQAAIQALIABFDV4gAEEVRw0HIAJB0QA2AhwgAiABNgIUIAJBsBc2AhAgAkEVNgIMQQAhAwzrAQsgAUEBaiABIARHDQgaQcIBIQMM6gELA0ACQCABLQAAQQprDgQIAAALAAsgBCABQQFqIgFHDQALQcMBIQMM6QELIAEgBEcEQCACQRE2AgggAiABNgIEQQEhAwzQAQtBxAEhAwzoAQsgASAERgRAQcUBIQMM6AELAkACQCABLQAAQQprDgQBKCgAKAsgAUEBagwJCyABQQFqDAULIAEgBEYEQEHGASEDDOcBCwJAAkAgAS0AAEEKaw4XAQsLAQsLCwsLCwsLCwsLCwsLCwsLCwALCyABQQFqIQELQbABIQMMzQELIAEgBEYEQEHIASEDDOYBCyABLQAAQSBHDQkgAkEAOwEyIAFBAWohAUGzASEDDMwBCwNAIAEhAAJAIAEgBEcEQCABLQAAQTBrQf8BcSIDQQpJDQEMJwtBxwEhAwzmAQsCQCACLwEyIgFBmTNLDQAgAiABQQpsIgU7ATIgBUH+/wNxIANB//8Dc0sNACAAQQFqIQEgAiADIAVqIgM7ATIgA0H//wNxQegHSQ0BCwtBACEDIAJBADYCHCACQcEJNgIQIAJBDTYCDCACIABBAWo2AhQM5AELIAJBADYCHCACIAE2AhQgAkHwDDYCECACQRs2AgxBACEDDOMBCyACKAIEIQAgAkEANgIEIAIgACABECYiAA0BIAFBAWoLIQFBrQEhAwzIAQsgAkHBATYCHCACIAA2AgwgAiABQQFqNgIUQQAhAwzgAQsgAigCBCEAIAJBADYCBCACIAAgARAmIgANASABQQFqCyEBQa4BIQMMxQELIAJBwgE2AhwgAiAANgIMIAIgAUEBajYCFEEAIQMM3QELIAJBADYCHCACIAE2AhQgAkGXCzYCECACQQ02AgxBACEDDNwBCyACQQA2AhwgAiABNgIUIAJB4xA2AhAgAkEJNgIMQQAhAwzbAQsgAkECOgAoDKwBC0EAIQMgAkEANgIcIAJBrws2AhAgAkECNgIMIAIgAUEBajYCFAzZAQtBAiEDDL8BC0ENIQMMvgELQSYhAwy9AQtBFSEDDLwBC0EWIQMMuwELQRghAwy6AQtBHCEDDLkBC0EdIQMMuAELQSAhAwy3AQtBISEDDLYBC0EjIQMMtQELQcYAIQMMtAELQS4hAwyzAQtBPSEDDLIBC0HLACEDDLEBC0HOACEDDLABC0HYACEDDK8BC0HZACEDDK4BC0HbACEDDK0BC0HxACEDDKwBC0H0ACEDDKsBC0GNASEDDKoBC0GXASEDDKkBC0GpASEDDKgBC0GvASEDDKcBC0GxASEDDKYBCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB8Rs2AhAgAkEGNgIMDL0BCyACQQA2AgAgBkEBaiEBQSQLOgApIAIoAgQhACACQQA2AgQgAiAAIAEQJyIARQRAQeUAIQMMowELIAJB+QA2AhwgAiABNgIUIAIgADYCDEEAIQMMuwELIABBFUcEQCACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwy7AQsgAkH4ADYCHCACIAE2AhQgAkHKGDYCECACQRU2AgxBACEDDLoBCyACQQA2AhwgAiABNgIUIAJBjhs2AhAgAkEGNgIMQQAhAwy5AQsgAkEANgIcIAIgATYCFCACQf4RNgIQIAJBBzYCDEEAIQMMuAELIAJBADYCHCACIAE2AhQgAkGMHDYCECACQQc2AgxBACEDDLcBCyACQQA2AhwgAiABNgIUIAJBww82AhAgAkEHNgIMQQAhAwy2AQsgAkEANgIcIAIgATYCFCACQcMPNgIQIAJBBzYCDEEAIQMMtQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0RIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMtAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0gIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMswELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0iIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMsgELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0OIAJB5QA2AhwgAiABNgIUIAIgADYCDEEAIQMMsQELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0dIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMsAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0fIAJB0gA2AhwgAiABNgIUIAIgADYCDEEAIQMMrwELIABBP0cNASABQQFqCyEBQQUhAwyUAQtBACEDIAJBADYCHCACIAE2AhQgAkH9EjYCECACQQc2AgwMrAELIAJBADYCHCACIAE2AhQgAkHcCDYCECACQQc2AgxBACEDDKsBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNByACQeUANgIcIAIgATYCFCACIAA2AgxBACEDDKoBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNFiACQdMANgIcIAIgATYCFCACIAA2AgxBACEDDKkBCyACKAIEIQAgAkEANgIEIAIgACABECUiAEUNGCACQdIANgIcIAIgATYCFCACIAA2AgxBACEDDKgBCyACQQA2AhwgAiABNgIUIAJBxgo2AhAgAkEHNgIMQQAhAwynAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQMgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwymAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRIgAkHTADYCHCACIAE2AhQgAiAANgIMQQAhAwylAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDRQgAkHSADYCHCACIAE2AhQgAiAANgIMQQAhAwykAQsgAigCBCEAIAJBADYCBCACIAAgARAlIgBFDQAgAkHlADYCHCACIAE2AhQgAiAANgIMQQAhAwyjAQtB1QAhAwyJAQsgAEEVRwRAIAJBADYCHCACIAE2AhQgAkG5DTYCECACQRo2AgxBACEDDKIBCyACQeQANgIcIAIgATYCFCACQeMXNgIQIAJBFTYCDEEAIQMMoQELIAJBADYCACAGQQFqIQEgAi0AKSIAQSNrQQtJDQQCQCAAQQZLDQBBASAAdEHKAHFFDQAMBQtBACEDIAJBADYCHCACIAE2AhQgAkH3CTYCECACQQg2AgwMoAELIAJBADYCACAGQQFqIQEgAi0AKUEhRg0DIAJBADYCHCACIAE2AhQgAkGbCjYCECACQQg2AgxBACEDDJ8BCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJBkDM2AhAgAkEINgIMDJ0BCyACQQA2AgAgBkEBaiEBIAItAClBI0kNACACQQA2AhwgAiABNgIUIAJB0wk2AhAgAkEINgIMQQAhAwycAQtB0QAhAwyCAQsgAS0AAEEwayIAQf8BcUEKSQRAIAIgADoAKiABQQFqIQFBzwAhAwyCAQsgAigCBCEAIAJBADYCBCACIAAgARAoIgBFDYYBIAJB3gA2AhwgAiABNgIUIAIgADYCDEEAIQMMmgELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ2GASACQdwANgIcIAIgATYCFCACIAA2AgxBACEDDJkBCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMhwELIAJB2gA2AhwgAiAFNgIUIAIgADYCDAyYAQtBACEBQQEhAwsgAiADOgArIAVBAWohAwJAAkACQCACLQAtQRBxDQACQAJAAkAgAi0AKg4DAQACBAsgBkUNAwwCCyAADQEMAgsgAUUNAQsgAigCBCEAIAJBADYCBCACIAAgAxAoIgBFBEAgAyEBDAILIAJB2AA2AhwgAiADNgIUIAIgADYCDEEAIQMMmAELIAIoAgQhACACQQA2AgQgAiAAIAMQKCIARQRAIAMhAQyHAQsgAkHZADYCHCACIAM2AhQgAiAANgIMQQAhAwyXAQtBzAAhAwx9CyAAQRVHBEAgAkEANgIcIAIgATYCFCACQZQNNgIQIAJBITYCDEEAIQMMlgELIAJB1wA2AhwgAiABNgIUIAJByRc2AhAgAkEVNgIMQQAhAwyVAQtBACEDIAJBADYCHCACIAE2AhQgAkGAETYCECACQQk2AgwMlAELIAIoAgQhACACQQA2AgQgAiAAIAEQJSIARQ0AIAJB0wA2AhwgAiABNgIUIAIgADYCDEEAIQMMkwELQckAIQMMeQsgAkEANgIcIAIgATYCFCACQcEoNgIQIAJBBzYCDCACQQA2AgBBACEDDJEBCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAlIgBFDQAgAkHSADYCHCACIAE2AhQgAiAANgIMDJABC0HIACEDDHYLIAJBADYCACAFIQELIAJBgBI7ASogAUEBaiEBQQAhAAJAIAIoAjgiA0UNACADKAIwIgNFDQAgAiADEQAAIQALIAANAQtBxwAhAwxzCyAAQRVGBEAgAkHRADYCHCACIAE2AhQgAkHjFzYCECACQRU2AgxBACEDDIwBC0EAIQMgAkEANgIcIAIgATYCFCACQbkNNgIQIAJBGjYCDAyLAQtBACEDIAJBADYCHCACIAE2AhQgAkGgGTYCECACQR42AgwMigELIAEtAABBOkYEQCACKAIEIQBBACEDIAJBADYCBCACIAAgARApIgBFDQEgAkHDADYCHCACIAA2AgwgAiABQQFqNgIUDIoBC0EAIQMgAkEANgIcIAIgATYCFCACQbERNgIQIAJBCjYCDAyJAQsgAUEBaiEBQTshAwxvCyACQcMANgIcIAIgADYCDCACIAFBAWo2AhQMhwELQQAhAyACQQA2AhwgAiABNgIUIAJB8A42AhAgAkEcNgIMDIYBCyACIAIvATBBEHI7ATAMZgsCQCACLwEwIgBBCHFFDQAgAi0AKEEBRw0AIAItAC1BCHFFDQMLIAIgAEH3+wNxQYAEcjsBMAwECyABIARHBEACQANAIAEtAABBMGsiAEH/AXFBCk8EQEE1IQMMbgsgAikDICIKQpmz5syZs+bMGVYNASACIApCCn4iCjcDICAKIACtQv8BgyILQn+FVg0BIAIgCiALfDcDICAEIAFBAWoiAUcNAAtBOSEDDIUBCyACKAIEIQBBACEDIAJBADYCBCACIAAgAUEBaiIBECoiAA0MDHcLQTkhAwyDAQsgAi0AMEEgcQ0GQcUBIQMMaQtBACEDIAJBADYCBCACIAEgARAqIgBFDQQgAkE6NgIcIAIgADYCDCACIAFBAWo2AhQMgQELIAItAChBAUcNACACLQAtQQhxRQ0BC0E3IQMMZgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIABEAgAkE7NgIcIAIgADYCDCACIAFBAWo2AhQMfwsgAUEBaiEBDG4LIAJBCDoALAwECyABQQFqIQEMbQtBACEDIAJBADYCHCACIAE2AhQgAkHkEjYCECACQQQ2AgwMewsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ1sIAJBNzYCHCACIAE2AhQgAiAANgIMDHoLIAIgAi8BMEEgcjsBMAtBMCEDDF8LIAJBNjYCHCACIAE2AhQgAiAANgIMDHcLIABBLEcNASABQQFqIQBBASEBAkACQAJAAkACQCACLQAsQQVrDgQDAQIEAAsgACEBDAQLQQIhAQwBC0EEIQELIAJBAToALCACIAIvATAgAXI7ATAgACEBDAELIAIgAi8BMEEIcjsBMCAAIQELQTkhAwxcCyACQQA6ACwLQTQhAwxaCyABIARGBEBBLSEDDHMLAkACQANAAkAgAS0AAEEKaw4EAgAAAwALIAQgAUEBaiIBRw0AC0EtIQMMdAsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIARQ0CIAJBLDYCHCACIAE2AhQgAiAANgIMDHMLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAS0AAEENRgRAIAIoAgQhAEEAIQMgAkEANgIEIAIgACABECoiAEUEQCABQQFqIQEMAgsgAkEsNgIcIAIgADYCDCACIAFBAWo2AhQMcgsgAi0ALUEBcQRAQcQBIQMMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKiIADQEMZQtBLyEDDFcLIAJBLjYCHCACIAE2AhQgAiAANgIMDG8LQQAhAyACQQA2AhwgAiABNgIUIAJB8BQ2AhAgAkEDNgIMDG4LQQEhAwJAAkACQAJAIAItACxBBWsOBAMBAgAECyACIAIvATBBCHI7ATAMAwtBAiEDDAELQQQhAwsgAkEBOgAsIAIgAi8BMCADcjsBMAtBKiEDDFMLQQAhAyACQQA2AhwgAiABNgIUIAJB4Q82AhAgAkEKNgIMDGsLQQEhAwJAAkACQAJAAkACQCACLQAsQQJrDgcFBAQDAQIABAsgAiACLwEwQQhyOwEwDAMLQQIhAwwBC0EEIQMLIAJBAToALCACIAIvATAgA3I7ATALQSshAwxSC0EAIQMgAkEANgIcIAIgATYCFCACQasSNgIQIAJBCzYCDAxqC0EAIQMgAkEANgIcIAIgATYCFCACQf0NNgIQIAJBHTYCDAxpCyABIARHBEADQCABLQAAQSBHDUggBCABQQFqIgFHDQALQSUhAwxpC0ElIQMMaAsgAi0ALUEBcQRAQcMBIQMMTwsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQKSIABEAgAkEmNgIcIAIgADYCDCACIAFBAWo2AhQMaAsgAUEBaiEBDFwLIAFBAWohASACLwEwIgBBgAFxBEBBACEAAkAgAigCOCIDRQ0AIAMoAlQiA0UNACACIAMRAAAhAAsgAEUNBiAAQRVHDR8gAkEFNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMZwsCQCAAQaAEcUGgBEcNACACLQAtQQJxDQBBACEDIAJBADYCHCACIAE2AhQgAkGWEzYCECACQQQ2AgwMZwsgAgJ/IAIvATBBFHFBFEYEQEEBIAItAChBAUYNARogAi8BMkHlAEYMAQsgAi0AKUEFRgs6AC5BACEAAkAgAigCOCIDRQ0AIAMoAiQiA0UNACACIAMRAAAhAAsCQAJAAkACQAJAIAAOFgIBAAQEBAQEBAQEBAQEBAQEBAQEBAMECyACQQE6AC4LIAIgAi8BMEHAAHI7ATALQSchAwxPCyACQSM2AhwgAiABNgIUIAJBpRY2AhAgAkEVNgIMQQAhAwxnC0EAIQMgAkEANgIcIAIgATYCFCACQdULNgIQIAJBETYCDAxmC0EAIQACQCACKAI4IgNFDQAgAygCLCIDRQ0AIAIgAxEAACEACyAADQELQQ4hAwxLCyAAQRVGBEAgAkECNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMZAtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMYwtBACEDIAJBADYCHCACIAE2AhQgAkGqHDYCECACQQ82AgwMYgsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEgCqdqIgEQKyIARQ0AIAJBBTYCHCACIAE2AhQgAiAANgIMDGELQQ8hAwxHC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxfC0IBIQoLIAFBAWohAQJAIAIpAyAiC0L//////////w9YBEAgAiALQgSGIAqENwMgDAELQQAhAyACQQA2AhwgAiABNgIUIAJBrQk2AhAgAkEMNgIMDF4LQSQhAwxEC0EAIQMgAkEANgIcIAIgATYCFCACQc0TNgIQIAJBDDYCDAxcCyACKAIEIQBBACEDIAJBADYCBCACIAAgARAsIgBFBEAgAUEBaiEBDFILIAJBFzYCHCACIAA2AgwgAiABQQFqNgIUDFsLIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQRY2AhwgAiAANgIMIAIgAUEBajYCFAxbC0EfIQMMQQtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMWQsgAigCBCEAQQAhAyACQQA2AgQgAiAAIAEQLSIARQRAIAFBAWohAQxQCyACQRQ2AhwgAiAANgIMIAIgAUEBajYCFAxYCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABEC0iAEUEQCABQQFqIQEMAQsgAkETNgIcIAIgADYCDCACIAFBAWo2AhQMWAtBHiEDDD4LQQAhAyACQQA2AhwgAiABNgIUIAJBxgw2AhAgAkEjNgIMDFYLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABEC0iAEUEQCABQQFqIQEMTgsgAkERNgIcIAIgADYCDCACIAFBAWo2AhQMVQsgAkEQNgIcIAIgATYCFCACIAA2AgwMVAtBACEDIAJBADYCHCACIAE2AhQgAkHGDDYCECACQSM2AgwMUwtBACEDIAJBADYCHCACIAE2AhQgAkHAFTYCECACQQI2AgwMUgsgAigCBCEAQQAhAyACQQA2AgQCQCACIAAgARAtIgBFBEAgAUEBaiEBDAELIAJBDjYCHCACIAA2AgwgAiABQQFqNgIUDFILQRshAww4C0EAIQMgAkEANgIcIAIgATYCFCACQcYMNgIQIAJBIzYCDAxQCyACKAIEIQBBACEDIAJBADYCBAJAIAIgACABECwiAEUEQCABQQFqIQEMAQsgAkENNgIcIAIgADYCDCACIAFBAWo2AhQMUAtBGiEDDDYLQQAhAyACQQA2AhwgAiABNgIUIAJBmg82AhAgAkEiNgIMDE4LIAIoAgQhAEEAIQMgAkEANgIEAkAgAiAAIAEQLCIARQRAIAFBAWohAQwBCyACQQw2AhwgAiAANgIMIAIgAUEBajYCFAxOC0EZIQMMNAtBACEDIAJBADYCHCACIAE2AhQgAkGaDzYCECACQSI2AgwMTAsgAEEVRwRAQQAhAyACQQA2AhwgAiABNgIUIAJBgww2AhAgAkETNgIMDEwLIAJBCjYCHCACIAE2AhQgAkHkFjYCECACQRU2AgxBACEDDEsLIAIoAgQhAEEAIQMgAkEANgIEIAIgACABIAqnaiIBECsiAARAIAJBBzYCHCACIAE2AhQgAiAANgIMDEsLQRMhAwwxCyAAQRVHBEBBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMSgsgAkEeNgIcIAIgATYCFCACQfkXNgIQIAJBFTYCDEEAIQMMSQtBACEAAkAgAigCOCIDRQ0AIAMoAiwiA0UNACACIAMRAAAhAAsgAEUNQSAAQRVGBEAgAkEDNgIcIAIgATYCFCACQbAYNgIQIAJBFTYCDEEAIQMMSQtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMSAtBACEDIAJBADYCHCACIAE2AhQgAkHaDTYCECACQRQ2AgwMRwtBACEDIAJBADYCHCACIAE2AhQgAkGnDjYCECACQRI2AgwMRgsgAkEAOgAvIAItAC1BBHFFDT8LIAJBADoALyACQQE6ADRBACEDDCsLQQAhAyACQQA2AhwgAkHkETYCECACQQc2AgwgAiABQQFqNgIUDEMLAkADQAJAIAEtAABBCmsOBAACAgACCyAEIAFBAWoiAUcNAAtB3QEhAwxDCwJAAkAgAi0ANEEBRw0AQQAhAAJAIAIoAjgiA0UNACADKAJYIgNFDQAgAiADEQAAIQALIABFDQAgAEEVRw0BIAJB3AE2AhwgAiABNgIUIAJB1RY2AhAgAkEVNgIMQQAhAwxEC0HBASEDDCoLIAJBADYCHCACIAE2AhQgAkHpCzYCECACQR82AgxBACEDDEILAkACQCACLQAoQQFrDgIEAQALQcABIQMMKQtBuQEhAwwoCyACQQI6AC9BACEAAkAgAigCOCIDRQ0AIAMoAgAiA0UNACACIAMRAAAhAAsgAEUEQEHCASEDDCgLIABBFUcEQCACQQA2AhwgAiABNgIUIAJBpAw2AhAgAkEQNgIMQQAhAwxBCyACQdsBNgIcIAIgATYCFCACQfoWNgIQIAJBFTYCDEEAIQMMQAsgASAERgRAQdoBIQMMQAsgAS0AAEHIAEYNASACQQE6ACgLQawBIQMMJQtBvwEhAwwkCyABIARHBEAgAkEQNgIIIAIgATYCBEG+ASEDDCQLQdkBIQMMPAsgASAERgRAQdgBIQMMPAsgAS0AAEHIAEcNBCABQQFqIQFBvQEhAwwiCyABIARGBEBB1wEhAww7CwJAAkAgAS0AAEHFAGsOEAAFBQUFBQUFBQUFBQUFBQEFCyABQQFqIQFBuwEhAwwiCyABQQFqIQFBvAEhAwwhC0HWASEDIAEgBEYNOSACKAIAIgAgBCABa2ohBSABIABrQQJqIQYCQANAIAEtAAAgAEGD0ABqLQAARw0DIABBAkYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw6CyACKAIEIQAgAkIANwMAIAIgACAGQQFqIgEQJyIARQRAQcYBIQMMIQsgAkHVATYCHCACIAE2AhQgAiAANgIMQQAhAww5C0HUASEDIAEgBEYNOCACKAIAIgAgBCABa2ohBSABIABrQQFqIQYCQANAIAEtAAAgAEGB0ABqLQAARw0CIABBAUYNASAAQQFqIQAgBCABQQFqIgFHDQALIAIgBTYCAAw5CyACQYEEOwEoIAIoAgQhACACQgA3AwAgAiAAIAZBAWoiARAnIgANAwwCCyACQQA2AgALQQAhAyACQQA2AhwgAiABNgIUIAJB2Bs2AhAgAkEINgIMDDYLQboBIQMMHAsgAkHTATYCHCACIAE2AhQgAiAANgIMQQAhAww0C0EAIQACQCACKAI4IgNFDQAgAygCOCIDRQ0AIAIgAxEAACEACyAARQ0AIABBFUYNASACQQA2AhwgAiABNgIUIAJBzA42AhAgAkEgNgIMQQAhAwwzC0HkACEDDBkLIAJB+AA2AhwgAiABNgIUIAJByhg2AhAgAkEVNgIMQQAhAwwxC0HSASEDIAQgASIARg0wIAQgAWsgAigCACIBaiEFIAAgAWtBBGohBgJAA0AgAC0AACABQfzPAGotAABHDQEgAUEERg0DIAFBAWohASAEIABBAWoiAEcNAAsgAiAFNgIADDELIAJBADYCHCACIAA2AhQgAkGQMzYCECACQQg2AgwgAkEANgIAQQAhAwwwCyABIARHBEAgAkEONgIIIAIgATYCBEG3ASEDDBcLQdEBIQMMLwsgAkEANgIAIAZBAWohAQtBuAEhAwwUCyABIARGBEBB0AEhAwwtCyABLQAAQTBrIgBB/wFxQQpJBEAgAiAAOgAqIAFBAWohAUG2ASEDDBQLIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0UIAJBzwE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAsgASAERgRAQc4BIQMMLAsCQCABLQAAQS5GBEAgAUEBaiEBDAELIAIoAgQhACACQQA2AgQgAiAAIAEQKCIARQ0VIAJBzQE2AhwgAiABNgIUIAIgADYCDEEAIQMMLAtBtQEhAwwSCyAEIAEiBUYEQEHMASEDDCsLQQAhAEEBIQFBASEGQQAhAwJAAkACQAJAAkACfwJAAkACQAJAAkACQAJAIAUtAABBMGsOCgoJAAECAwQFBggLC0ECDAYLQQMMBQtBBAwEC0EFDAMLQQYMAgtBBwwBC0EICyEDQQAhAUEAIQYMAgtBCSEDQQEhAEEAIQFBACEGDAELQQAhAUEBIQMLIAIgAzoAKyAFQQFqIQMCQAJAIAItAC1BEHENAAJAAkACQCACLQAqDgMBAAIECyAGRQ0DDAILIAANAQwCCyABRQ0BCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMAwsgAkHJATYCHCACIAM2AhQgAiAANgIMQQAhAwwtCyACKAIEIQAgAkEANgIEIAIgACADECgiAEUEQCADIQEMGAsgAkHKATYCHCACIAM2AhQgAiAANgIMQQAhAwwsCyACKAIEIQAgAkEANgIEIAIgACAFECgiAEUEQCAFIQEMFgsgAkHLATYCHCACIAU2AhQgAiAANgIMDCsLQbQBIQMMEQtBACEAAkAgAigCOCIDRQ0AIAMoAjwiA0UNACACIAMRAAAhAAsCQCAABEAgAEEVRg0BIAJBADYCHCACIAE2AhQgAkGUDTYCECACQSE2AgxBACEDDCsLQbIBIQMMEQsgAkHIATYCHCACIAE2AhQgAkHJFzYCECACQRU2AgxBACEDDCkLIAJBADYCACAGQQFqIQFB9QAhAwwPCyACLQApQQVGBEBB4wAhAwwPC0HiACEDDA4LIAAhASACQQA2AgALIAJBADoALEEJIQMMDAsgAkEANgIAIAdBAWohAUHAACEDDAsLQQELOgAsIAJBADYCACAGQQFqIQELQSkhAwwIC0E4IQMMBwsCQCABIARHBEADQCABLQAAQYA+ai0AACIAQQFHBEAgAEECRw0DIAFBAWohAQwFCyAEIAFBAWoiAUcNAAtBPiEDDCELQT4hAwwgCwsgAkEAOgAsDAELQQshAwwEC0E6IQMMAwsgAUEBaiEBQS0hAwwCCyACIAE6ACwgAkEANgIAIAZBAWohAUEMIQMMAQsgAkEANgIAIAZBAWohAUEKIQMMAAsAC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwXC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwWC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwVC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwUC0EAIQMgAkEANgIcIAIgATYCFCACQc0QNgIQIAJBCTYCDAwTC0EAIQMgAkEANgIcIAIgATYCFCACQekKNgIQIAJBCTYCDAwSC0EAIQMgAkEANgIcIAIgATYCFCACQbcQNgIQIAJBCTYCDAwRC0EAIQMgAkEANgIcIAIgATYCFCACQZwRNgIQIAJBCTYCDAwQC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwPC0EAIQMgAkEANgIcIAIgATYCFCACQZcVNgIQIAJBDzYCDAwOC0EAIQMgAkEANgIcIAIgATYCFCACQcASNgIQIAJBCzYCDAwNC0EAIQMgAkEANgIcIAIgATYCFCACQZUJNgIQIAJBCzYCDAwMC0EAIQMgAkEANgIcIAIgATYCFCACQeEPNgIQIAJBCjYCDAwLC0EAIQMgAkEANgIcIAIgATYCFCACQfsPNgIQIAJBCjYCDAwKC0EAIQMgAkEANgIcIAIgATYCFCACQfEZNgIQIAJBAjYCDAwJC0EAIQMgAkEANgIcIAIgATYCFCACQcQUNgIQIAJBAjYCDAwIC0EAIQMgAkEANgIcIAIgATYCFCACQfIVNgIQIAJBAjYCDAwHCyACQQI2AhwgAiABNgIUIAJBnBo2AhAgAkEWNgIMQQAhAwwGC0EBIQMMBQtB1AAhAyABIARGDQQgCEEIaiEJIAIoAgAhBQJAAkAgASAERwRAIAVB2MIAaiEHIAQgBWogAWshACAFQX9zQQpqIgUgAWohBgNAIAEtAAAgBy0AAEcEQEECIQcMAwsgBUUEQEEAIQcgBiEBDAMLIAVBAWshBSAHQQFqIQcgBCABQQFqIgFHDQALIAAhBSAEIQELIAlBATYCACACIAU2AgAMAQsgAkEANgIAIAkgBzYCAAsgCSABNgIEIAgoAgwhACAIKAIIDgMBBAIACwALIAJBADYCHCACQbUaNgIQIAJBFzYCDCACIABBAWo2AhRBACEDDAILIAJBADYCHCACIAA2AhQgAkHKGjYCECACQQk2AgxBACEDDAELIAEgBEYEQEEiIQMMAQsgAkEJNgIIIAIgATYCBEEhIQMLIAhBEGokACADRQRAIAIoAgwhAAwBCyACIAM2AhxBACEAIAIoAgQiAUUNACACIAEgBCACKAIIEQEAIgFFDQAgAiAENgIUIAIgATYCDCABIQALIAALvgIBAn8gAEEAOgAAIABB3ABqIgFBAWtBADoAACAAQQA6AAIgAEEAOgABIAFBA2tBADoAACABQQJrQQA6AAAgAEEAOgADIAFBBGtBADoAAEEAIABrQQNxIgEgAGoiAEEANgIAQdwAIAFrQXxxIgIgAGoiAUEEa0EANgIAAkAgAkEJSQ0AIABBADYCCCAAQQA2AgQgAUEIa0EANgIAIAFBDGtBADYCACACQRlJDQAgAEEANgIYIABBADYCFCAAQQA2AhAgAEEANgIMIAFBEGtBADYCACABQRRrQQA2AgAgAUEYa0EANgIAIAFBHGtBADYCACACIABBBHFBGHIiAmsiAUEgSQ0AIAAgAmohAANAIABCADcDGCAAQgA3AxAgAEIANwMIIABCADcDACAAQSBqIQAgAUEgayIBQR9LDQALCwtWAQF/AkAgACgCDA0AAkACQAJAAkAgAC0ALw4DAQADAgsgACgCOCIBRQ0AIAEoAiwiAUUNACAAIAERAAAiAQ0DC0EADwsACyAAQcMWNgIQQQ4hAQsgAQsaACAAKAIMRQRAIABB0Rs2AhAgAEEVNgIMCwsUACAAKAIMQRVGBEAgAEEANgIMCwsUACAAKAIMQRZGBEAgAEEANgIMCwsHACAAKAIMCwcAIAAoAhALCQAgACABNgIQCwcAIAAoAhQLFwAgAEEkTwRAAAsgAEECdEGgM2ooAgALFwAgAEEuTwRAAAsgAEECdEGwNGooAgALvwkBAX9B6yghAQJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAIABB5ABrDvQDY2IAAWFhYWFhYQIDBAVhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhBgcICQoLDA0OD2FhYWFhEGFhYWFhYWFhYWFhEWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYRITFBUWFxgZGhthYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2YTc4OTphYWFhYWFhYTthYWE8YWFhYT0+P2FhYWFhYWFhQGFhQWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYUJDREVGR0hJSktMTU5PUFFSU2FhYWFhYWFhVFVWV1hZWlthXF1hYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFeYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhX2BhC0HhJw8LQaQhDwtByywPC0H+MQ8LQcAkDwtBqyQPC0GNKA8LQeImDwtBgDAPC0G5Lw8LQdckDwtB7x8PC0HhHw8LQfofDwtB8iAPC0GoLw8LQa4yDwtBiDAPC0HsJw8LQYIiDwtBjh0PC0HQLg8LQcojDwtBxTIPC0HfHA8LQdIcDwtBxCAPC0HXIA8LQaIfDwtB7S4PC0GrMA8LQdQlDwtBzC4PC0H6Lg8LQfwrDwtB0jAPC0HxHQ8LQbsgDwtB9ysPC0GQMQ8LQdcxDwtBoi0PC0HUJw8LQeArDwtBnywPC0HrMQ8LQdUfDwtByjEPC0HeJQ8LQdQeDwtB9BwPC0GnMg8LQbEdDwtBoB0PC0G5MQ8LQbwwDwtBkiEPC0GzJg8LQeksDwtBrB4PC0HUKw8LQfcmDwtBgCYPC0GwIQ8LQf4eDwtBjSMPC0GJLQ8LQfciDwtBoDEPC0GuHw8LQcYlDwtB6B4PC0GTIg8LQcIvDwtBwx0PC0GLLA8LQeEdDwtBjS8PC0HqIQ8LQbQtDwtB0i8PC0HfMg8LQdIyDwtB8DAPC0GpIg8LQfkjDwtBmR4PC0G1LA8LQZswDwtBkjIPC0G2Kw8LQcIiDwtB+DIPC0GeJQ8LQdAiDwtBuh4PC0GBHg8LAAtB1iEhAQsgAQsWACAAIAAtAC1B/gFxIAFBAEdyOgAtCxkAIAAgAC0ALUH9AXEgAUEAR0EBdHI6AC0LGQAgACAALQAtQfsBcSABQQBHQQJ0cjoALQsZACAAIAAtAC1B9wFxIAFBAEdBA3RyOgAtCz4BAn8CQCAAKAI4IgNFDQAgAygCBCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBxhE2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCCCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9go2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCDCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7Ro2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCECIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlRA2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCFCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBqhs2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCGCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB7RM2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCKCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABB9gg2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCHCIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBwhk2AhBBGCEECyAECz4BAn8CQCAAKAI4IgNFDQAgAygCICIDRQ0AIAAgASACIAFrIAMRAQAiBEF/Rw0AIABBlBQ2AhBBGCEECyAEC1kBAn8CQCAALQAoQQFGDQAgAC8BMiIBQeQAa0HkAEkNACABQcwBRg0AIAFBsAJGDQAgAC8BMCIAQcAAcQ0AQQEhAiAAQYgEcUGABEYNACAAQShxRSECCyACC4wBAQJ/AkACQAJAIAAtACpFDQAgAC0AK0UNACAALwEwIgFBAnFFDQEMAgsgAC8BMCIBQQFxRQ0BC0EBIQIgAC0AKEEBRg0AIAAvATIiAEHkAGtB5ABJDQAgAEHMAUYNACAAQbACRg0AIAFBwABxDQBBACECIAFBiARxQYAERg0AIAFBKHFBAEchAgsgAgtzACAAQRBq/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAA/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAAQTBq/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAAQSBq/QwAAAAAAAAAAAAAAAAAAAAA/QsDACAAQd0BNgIcCwYAIAAQMguaLQELfyMAQRBrIgokAEGk0AAoAgAiCUUEQEHk0wAoAgAiBUUEQEHw0wBCfzcCAEHo0wBCgICEgICAwAA3AgBB5NMAIApBCGpBcHFB2KrVqgVzIgU2AgBB+NMAQQA2AgBByNMAQQA2AgALQczTAEGA1AQ2AgBBnNAAQYDUBDYCAEGw0AAgBTYCAEGs0ABBfzYCAEHQ0wBBgKwDNgIAA0AgAUHI0ABqIAFBvNAAaiICNgIAIAIgAUG00ABqIgM2AgAgAUHA0ABqIAM2AgAgAUHQ0ABqIAFBxNAAaiIDNgIAIAMgAjYCACABQdjQAGogAUHM0ABqIgI2AgAgAiADNgIAIAFB1NAAaiACNgIAIAFBIGoiAUGAAkcNAAtBjNQEQcGrAzYCAEGo0ABB9NMAKAIANgIAQZjQAEHAqwM2AgBBpNAAQYjUBDYCAEHM/wdBODYCAEGI1AQhCQsCQAJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkACQCAAQewBTQRAQYzQACgCACIGQRAgAEETakFwcSAAQQtJGyIEQQN2IgB2IgFBA3EEQAJAIAFBAXEgAHJBAXMiAkEDdCIAQbTQAGoiASAAQbzQAGooAgAiACgCCCIDRgRAQYzQACAGQX4gAndxNgIADAELIAEgAzYCCCADIAE2AgwLIABBCGohASAAIAJBA3QiAkEDcjYCBCAAIAJqIgAgACgCBEEBcjYCBAwRC0GU0AAoAgAiCCAETw0BIAEEQAJAQQIgAHQiAkEAIAJrciABIAB0cWgiAEEDdCICQbTQAGoiASACQbzQAGooAgAiAigCCCIDRgRAQYzQACAGQX4gAHdxIgY2AgAMAQsgASADNgIIIAMgATYCDAsgAiAEQQNyNgIEIABBA3QiACAEayEFIAAgAmogBTYCACACIARqIgQgBUEBcjYCBCAIBEAgCEF4cUG00ABqIQBBoNAAKAIAIQMCf0EBIAhBA3Z0IgEgBnFFBEBBjNAAIAEgBnI2AgAgAAwBCyAAKAIICyIBIAM2AgwgACADNgIIIAMgADYCDCADIAE2AggLIAJBCGohAUGg0AAgBDYCAEGU0AAgBTYCAAwRC0GQ0AAoAgAiC0UNASALaEECdEG80gBqKAIAIgAoAgRBeHEgBGshBSAAIQIDQAJAIAIoAhAiAUUEQCACQRRqKAIAIgFFDQELIAEoAgRBeHEgBGsiAyAFSSECIAMgBSACGyEFIAEgACACGyEAIAEhAgwBCwsgACgCGCEJIAAoAgwiAyAARwRAQZzQACgCABogAyAAKAIIIgE2AgggASADNgIMDBALIABBFGoiAigCACIBRQRAIAAoAhAiAUUNAyAAQRBqIQILA0AgAiEHIAEiA0EUaiICKAIAIgENACADQRBqIQIgAygCECIBDQALIAdBADYCAAwPC0F/IQQgAEG/f0sNACAAQRNqIgFBcHEhBEGQ0AAoAgAiCEUNAEEAIARrIQUCQAJAAkACf0EAIARBgAJJDQAaQR8gBEH///8HSw0AGiAEQSYgAUEIdmciAGt2QQFxIABBAXRrQT5qCyIGQQJ0QbzSAGooAgAiAkUEQEEAIQFBACEDDAELQQAhASAEQRkgBkEBdmtBACAGQR9HG3QhAEEAIQMDQAJAIAIoAgRBeHEgBGsiByAFTw0AIAIhAyAHIgUNAEEAIQUgAiEBDAMLIAEgAkEUaigCACIHIAcgAiAAQR12QQRxakEQaigCACICRhsgASAHGyEBIABBAXQhACACDQALCyABIANyRQRAQQAhA0ECIAZ0IgBBACAAa3IgCHEiAEUNAyAAaEECdEG80gBqKAIAIQELIAFFDQELA0AgASgCBEF4cSAEayICIAVJIQAgAiAFIAAbIQUgASADIAAbIQMgASgCECIABH8gAAUgAUEUaigCAAsiAQ0ACwsgA0UNACAFQZTQACgCACAEa08NACADKAIYIQcgAyADKAIMIgBHBEBBnNAAKAIAGiAAIAMoAggiATYCCCABIAA2AgwMDgsgA0EUaiICKAIAIgFFBEAgAygCECIBRQ0DIANBEGohAgsDQCACIQYgASIAQRRqIgIoAgAiAQ0AIABBEGohAiAAKAIQIgENAAsgBkEANgIADA0LQZTQACgCACIDIARPBEBBoNAAKAIAIQECQCADIARrIgJBEE8EQCABIARqIgAgAkEBcjYCBCABIANqIAI2AgAgASAEQQNyNgIEDAELIAEgA0EDcjYCBCABIANqIgAgACgCBEEBcjYCBEEAIQBBACECC0GU0AAgAjYCAEGg0AAgADYCACABQQhqIQEMDwtBmNAAKAIAIgMgBEsEQCAEIAlqIgAgAyAEayIBQQFyNgIEQaTQACAANgIAQZjQACABNgIAIAkgBEEDcjYCBCAJQQhqIQEMDwtBACEBIAQCf0Hk0wAoAgAEQEHs0wAoAgAMAQtB8NMAQn83AgBB6NMAQoCAhICAgMAANwIAQeTTACAKQQxqQXBxQdiq1aoFczYCAEH40wBBADYCAEHI0wBBADYCAEGAgAQLIgAgBEHHAGoiBWoiBkEAIABrIgdxIgJPBEBB/NMAQTA2AgAMDwsCQEHE0wAoAgAiAUUNAEG80wAoAgAiCCACaiEAIAAgAU0gACAIS3ENAEEAIQFB/NMAQTA2AgAMDwtByNMALQAAQQRxDQQCQAJAIAkEQEHM0wAhAQNAIAEoAgAiACAJTQRAIAAgASgCBGogCUsNAwsgASgCCCIBDQALC0EAEDMiAEF/Rg0FIAIhBkHo0wAoAgAiAUEBayIDIABxBEAgAiAAayAAIANqQQAgAWtxaiEGCyAEIAZPDQUgBkH+////B0sNBUHE0wAoAgAiAwRAQbzTACgCACIHIAZqIQEgASAHTQ0GIAEgA0sNBgsgBhAzIgEgAEcNAQwHCyAGIANrIAdxIgZB/v///wdLDQQgBhAzIQAgACABKAIAIAEoAgRqRg0DIAAhAQsCQCAGIARByABqTw0AIAFBf0YNAEHs0wAoAgAiACAFIAZrakEAIABrcSIAQf7///8HSwRAIAEhAAwHCyAAEDNBf0cEQCAAIAZqIQYgASEADAcLQQAgBmsQMxoMBAsgASIAQX9HDQUMAwtBACEDDAwLQQAhAAwKCyAAQX9HDQILQcjTAEHI0wAoAgBBBHI2AgALIAJB/v///wdLDQEgAhAzIQBBABAzIQEgAEF/Rg0BIAFBf0YNASAAIAFPDQEgASAAayIGIARBOGpNDQELQbzTAEG80wAoAgAgBmoiATYCAEHA0wAoAgAgAUkEQEHA0wAgATYCAAsCQAJAAkBBpNAAKAIAIgIEQEHM0wAhAQNAIAAgASgCACIDIAEoAgQiBWpGDQIgASgCCCIBDQALDAILQZzQACgCACIBQQBHIAAgAU9xRQRAQZzQACAANgIAC0EAIQFB0NMAIAY2AgBBzNMAIAA2AgBBrNAAQX82AgBBsNAAQeTTACgCADYCAEHY0wBBADYCAANAIAFByNAAaiABQbzQAGoiAjYCACACIAFBtNAAaiIDNgIAIAFBwNAAaiADNgIAIAFB0NAAaiABQcTQAGoiAzYCACADIAI2AgAgAUHY0ABqIAFBzNAAaiICNgIAIAIgAzYCACABQdTQAGogAjYCACABQSBqIgFBgAJHDQALQXggAGtBD3EiASAAaiICIAZBOGsiAyABayIBQQFyNgIEQajQAEH00wAoAgA2AgBBmNAAIAE2AgBBpNAAIAI2AgAgACADakE4NgIEDAILIAAgAk0NACACIANJDQAgASgCDEEIcQ0AQXggAmtBD3EiACACaiIDQZjQACgCACAGaiIHIABrIgBBAXI2AgQgASAFIAZqNgIEQajQAEH00wAoAgA2AgBBmNAAIAA2AgBBpNAAIAM2AgAgAiAHakE4NgIEDAELIABBnNAAKAIASQRAQZzQACAANgIACyAAIAZqIQNBzNMAIQECQAJAAkADQCADIAEoAgBHBEAgASgCCCIBDQEMAgsLIAEtAAxBCHFFDQELQczTACEBA0AgASgCACIDIAJNBEAgAyABKAIEaiIFIAJLDQMLIAEoAgghAQwACwALIAEgADYCACABIAEoAgQgBmo2AgQgAEF4IABrQQ9xaiIJIARBA3I2AgQgA0F4IANrQQ9xaiIGIAQgCWoiBGshASACIAZGBEBBpNAAIAQ2AgBBmNAAQZjQACgCACABaiIANgIAIAQgAEEBcjYCBAwIC0Gg0AAoAgAgBkYEQEGg0AAgBDYCAEGU0ABBlNAAKAIAIAFqIgA2AgAgBCAAQQFyNgIEIAAgBGogADYCAAwICyAGKAIEIgVBA3FBAUcNBiAFQXhxIQggBUH/AU0EQCAFQQN2IQMgBigCCCIAIAYoAgwiAkYEQEGM0ABBjNAAKAIAQX4gA3dxNgIADAcLIAIgADYCCCAAIAI2AgwMBgsgBigCGCEHIAYgBigCDCIARwRAIAAgBigCCCICNgIIIAIgADYCDAwFCyAGQRRqIgIoAgAiBUUEQCAGKAIQIgVFDQQgBkEQaiECCwNAIAIhAyAFIgBBFGoiAigCACIFDQAgAEEQaiECIAAoAhAiBQ0ACyADQQA2AgAMBAtBeCAAa0EPcSIBIABqIgcgBkE4ayIDIAFrIgFBAXI2AgQgACADakE4NgIEIAIgBUE3IAVrQQ9xakE/ayIDIAMgAkEQakkbIgNBIzYCBEGo0ABB9NMAKAIANgIAQZjQACABNgIAQaTQACAHNgIAIANBEGpB1NMAKQIANwIAIANBzNMAKQIANwIIQdTTACADQQhqNgIAQdDTACAGNgIAQczTACAANgIAQdjTAEEANgIAIANBJGohAQNAIAFBBzYCACAFIAFBBGoiAUsNAAsgAiADRg0AIAMgAygCBEF+cTYCBCADIAMgAmsiBTYCACACIAVBAXI2AgQgBUH/AU0EQCAFQXhxQbTQAGohAAJ/QYzQACgCACIBQQEgBUEDdnQiA3FFBEBBjNAAIAEgA3I2AgAgAAwBCyAAKAIICyIBIAI2AgwgACACNgIIIAIgADYCDCACIAE2AggMAQtBHyEBIAVB////B00EQCAFQSYgBUEIdmciAGt2QQFxIABBAXRrQT5qIQELIAIgATYCHCACQgA3AhAgAUECdEG80gBqIQBBkNAAKAIAIgNBASABdCIGcUUEQCAAIAI2AgBBkNAAIAMgBnI2AgAgAiAANgIYIAIgAjYCCCACIAI2AgwMAQsgBUEZIAFBAXZrQQAgAUEfRxt0IQEgACgCACEDAkADQCADIgAoAgRBeHEgBUYNASABQR12IQMgAUEBdCEBIAAgA0EEcWpBEGoiBigCACIDDQALIAYgAjYCACACIAA2AhggAiACNgIMIAIgAjYCCAwBCyAAKAIIIgEgAjYCDCAAIAI2AgggAkEANgIYIAIgADYCDCACIAE2AggLQZjQACgCACIBIARNDQBBpNAAKAIAIgAgBGoiAiABIARrIgFBAXI2AgRBmNAAIAE2AgBBpNAAIAI2AgAgACAEQQNyNgIEIABBCGohAQwIC0EAIQFB/NMAQTA2AgAMBwtBACEACyAHRQ0AAkAgBigCHCICQQJ0QbzSAGoiAygCACAGRgRAIAMgADYCACAADQFBkNAAQZDQACgCAEF+IAJ3cTYCAAwCCyAHQRBBFCAHKAIQIAZGG2ogADYCACAARQ0BCyAAIAc2AhggBigCECICBEAgACACNgIQIAIgADYCGAsgBkEUaigCACICRQ0AIABBFGogAjYCACACIAA2AhgLIAEgCGohASAGIAhqIgYoAgQhBQsgBiAFQX5xNgIEIAEgBGogATYCACAEIAFBAXI2AgQgAUH/AU0EQCABQXhxQbTQAGohAAJ/QYzQACgCACICQQEgAUEDdnQiAXFFBEBBjNAAIAEgAnI2AgAgAAwBCyAAKAIICyIBIAQ2AgwgACAENgIIIAQgADYCDCAEIAE2AggMAQtBHyEFIAFB////B00EQCABQSYgAUEIdmciAGt2QQFxIABBAXRrQT5qIQULIAQgBTYCHCAEQgA3AhAgBUECdEG80gBqIQBBkNAAKAIAIgJBASAFdCIDcUUEQCAAIAQ2AgBBkNAAIAIgA3I2AgAgBCAANgIYIAQgBDYCCCAEIAQ2AgwMAQsgAUEZIAVBAXZrQQAgBUEfRxt0IQUgACgCACEAAkADQCAAIgIoAgRBeHEgAUYNASAFQR12IQAgBUEBdCEFIAIgAEEEcWpBEGoiAygCACIADQALIAMgBDYCACAEIAI2AhggBCAENgIMIAQgBDYCCAwBCyACKAIIIgAgBDYCDCACIAQ2AgggBEEANgIYIAQgAjYCDCAEIAA2AggLIAlBCGohAQwCCwJAIAdFDQACQCADKAIcIgFBAnRBvNIAaiICKAIAIANGBEAgAiAANgIAIAANAUGQ0AAgCEF+IAF3cSIINgIADAILIAdBEEEUIAcoAhAgA0YbaiAANgIAIABFDQELIAAgBzYCGCADKAIQIgEEQCAAIAE2AhAgASAANgIYCyADQRRqKAIAIgFFDQAgAEEUaiABNgIAIAEgADYCGAsCQCAFQQ9NBEAgAyAEIAVqIgBBA3I2AgQgACADaiIAIAAoAgRBAXI2AgQMAQsgAyAEaiICIAVBAXI2AgQgAyAEQQNyNgIEIAIgBWogBTYCACAFQf8BTQRAIAVBeHFBtNAAaiEAAn9BjNAAKAIAIgFBASAFQQN2dCIFcUUEQEGM0AAgASAFcjYCACAADAELIAAoAggLIgEgAjYCDCAAIAI2AgggAiAANgIMIAIgATYCCAwBC0EfIQEgBUH///8HTQRAIAVBJiAFQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAQsgAiABNgIcIAJCADcCECABQQJ0QbzSAGohAEEBIAF0IgQgCHFFBEAgACACNgIAQZDQACAEIAhyNgIAIAIgADYCGCACIAI2AgggAiACNgIMDAELIAVBGSABQQF2a0EAIAFBH0cbdCEBIAAoAgAhBAJAA0AgBCIAKAIEQXhxIAVGDQEgAUEddiEEIAFBAXQhASAAIARBBHFqQRBqIgYoAgAiBA0ACyAGIAI2AgAgAiAANgIYIAIgAjYCDCACIAI2AggMAQsgACgCCCIBIAI2AgwgACACNgIIIAJBADYCGCACIAA2AgwgAiABNgIICyADQQhqIQEMAQsCQCAJRQ0AAkAgACgCHCIBQQJ0QbzSAGoiAigCACAARgRAIAIgAzYCACADDQFBkNAAIAtBfiABd3E2AgAMAgsgCUEQQRQgCSgCECAARhtqIAM2AgAgA0UNAQsgAyAJNgIYIAAoAhAiAQRAIAMgATYCECABIAM2AhgLIABBFGooAgAiAUUNACADQRRqIAE2AgAgASADNgIYCwJAIAVBD00EQCAAIAQgBWoiAUEDcjYCBCAAIAFqIgEgASgCBEEBcjYCBAwBCyAAIARqIgcgBUEBcjYCBCAAIARBA3I2AgQgBSAHaiAFNgIAIAgEQCAIQXhxQbTQAGohAUGg0AAoAgAhAwJ/QQEgCEEDdnQiAiAGcUUEQEGM0AAgAiAGcjYCACABDAELIAEoAggLIgIgAzYCDCABIAM2AgggAyABNgIMIAMgAjYCCAtBoNAAIAc2AgBBlNAAIAU2AgALIABBCGohAQsgCkEQaiQAIAELQwAgAEUEQD8AQRB0DwsCQCAAQf//A3ENACAAQQBIDQAgAEEQdkAAIgBBf0YEQEH80wBBMDYCAEF/DwsgAEEQdA8LAAsL3D8iAEGACAsJAQAAAAIAAAADAEGUCAsFBAAAAAUAQaQICwkGAAAABwAAAAgAQdwIC4otSW52YWxpZCBjaGFyIGluIHVybCBxdWVyeQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2JvZHkAQ29udGVudC1MZW5ndGggb3ZlcmZsb3cAQ2h1bmsgc2l6ZSBvdmVyZmxvdwBSZXNwb25zZSBvdmVyZmxvdwBJbnZhbGlkIG1ldGhvZCBmb3IgSFRUUC94LnggcmVxdWVzdABJbnZhbGlkIG1ldGhvZCBmb3IgUlRTUC94LnggcmVxdWVzdABFeHBlY3RlZCBTT1VSQ0UgbWV0aG9kIGZvciBJQ0UveC54IHJlcXVlc3QASW52YWxpZCBjaGFyIGluIHVybCBmcmFnbWVudCBzdGFydABFeHBlY3RlZCBkb3QAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9zdGF0dXMASW52YWxpZCByZXNwb25zZSBzdGF0dXMASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucwBVc2VyIGNhbGxiYWNrIGVycm9yAGBvbl9yZXNldGAgY2FsbGJhY2sgZXJyb3IAYG9uX2NodW5rX2hlYWRlcmAgY2FsbGJhY2sgZXJyb3IAYG9uX21lc3NhZ2VfYmVnaW5gIGNhbGxiYWNrIGVycm9yAGBvbl9jaHVua19leHRlbnNpb25fdmFsdWVgIGNhbGxiYWNrIGVycm9yAGBvbl9zdGF0dXNfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl92ZXJzaW9uX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fdXJsX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fY2h1bmtfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9oZWFkZXJfdmFsdWVfY29tcGxldGVgIGNhbGxiYWNrIGVycm9yAGBvbl9tZXNzYWdlX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fbWV0aG9kX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25faGVhZGVyX2ZpZWxkX2NvbXBsZXRlYCBjYWxsYmFjayBlcnJvcgBgb25fY2h1bmtfZXh0ZW5zaW9uX25hbWVgIGNhbGxiYWNrIGVycm9yAFVuZXhwZWN0ZWQgY2hhciBpbiB1cmwgc2VydmVyAEludmFsaWQgaGVhZGVyIHZhbHVlIGNoYXIASW52YWxpZCBoZWFkZXIgZmllbGQgY2hhcgBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX3ZlcnNpb24ASW52YWxpZCBtaW5vciB2ZXJzaW9uAEludmFsaWQgbWFqb3IgdmVyc2lvbgBFeHBlY3RlZCBzcGFjZSBhZnRlciB2ZXJzaW9uAEV4cGVjdGVkIENSTEYgYWZ0ZXIgdmVyc2lvbgBJbnZhbGlkIEhUVFAgdmVyc2lvbgBJbnZhbGlkIGhlYWRlciB0b2tlbgBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX3VybABJbnZhbGlkIGNoYXJhY3RlcnMgaW4gdXJsAFVuZXhwZWN0ZWQgc3RhcnQgY2hhciBpbiB1cmwARG91YmxlIEAgaW4gdXJsAEVtcHR5IENvbnRlbnQtTGVuZ3RoAEludmFsaWQgY2hhcmFjdGVyIGluIENvbnRlbnQtTGVuZ3RoAER1cGxpY2F0ZSBDb250ZW50LUxlbmd0aABJbnZhbGlkIGNoYXIgaW4gdXJsIHBhdGgAQ29udGVudC1MZW5ndGggY2FuJ3QgYmUgcHJlc2VudCB3aXRoIFRyYW5zZmVyLUVuY29kaW5nAEludmFsaWQgY2hhcmFjdGVyIGluIGNodW5rIHNpemUAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9oZWFkZXJfdmFsdWUAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9jaHVua19leHRlbnNpb25fdmFsdWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyB2YWx1ZQBNaXNzaW5nIGV4cGVjdGVkIExGIGFmdGVyIGhlYWRlciB2YWx1ZQBJbnZhbGlkIGBUcmFuc2Zlci1FbmNvZGluZ2AgaGVhZGVyIHZhbHVlAEludmFsaWQgY2hhcmFjdGVyIGluIGNodW5rIGV4dGVuc2lvbnMgcXVvdGUgdmFsdWUASW52YWxpZCBjaGFyYWN0ZXIgaW4gY2h1bmsgZXh0ZW5zaW9ucyBxdW90ZWQgdmFsdWUAUGF1c2VkIGJ5IG9uX2hlYWRlcnNfY29tcGxldGUASW52YWxpZCBFT0Ygc3RhdGUAb25fcmVzZXQgcGF1c2UAb25fY2h1bmtfaGVhZGVyIHBhdXNlAG9uX21lc3NhZ2VfYmVnaW4gcGF1c2UAb25fY2h1bmtfZXh0ZW5zaW9uX3ZhbHVlIHBhdXNlAG9uX3N0YXR1c19jb21wbGV0ZSBwYXVzZQBvbl92ZXJzaW9uX2NvbXBsZXRlIHBhdXNlAG9uX3VybF9jb21wbGV0ZSBwYXVzZQBvbl9jaHVua19jb21wbGV0ZSBwYXVzZQBvbl9oZWFkZXJfdmFsdWVfY29tcGxldGUgcGF1c2UAb25fbWVzc2FnZV9jb21wbGV0ZSBwYXVzZQBvbl9tZXRob2RfY29tcGxldGUgcGF1c2UAb25faGVhZGVyX2ZpZWxkX2NvbXBsZXRlIHBhdXNlAG9uX2NodW5rX2V4dGVuc2lvbl9uYW1lIHBhdXNlAFVuZXhwZWN0ZWQgc3BhY2UgYWZ0ZXIgc3RhcnQgbGluZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX2NodW5rX2V4dGVuc2lvbl9uYW1lAEludmFsaWQgY2hhcmFjdGVyIGluIGNodW5rIGV4dGVuc2lvbnMgbmFtZQBQYXVzZSBvbiBDT05ORUNUL1VwZ3JhZGUAUGF1c2Ugb24gUFJJL1VwZ3JhZGUARXhwZWN0ZWQgSFRUUC8yIENvbm5lY3Rpb24gUHJlZmFjZQBTcGFuIGNhbGxiYWNrIGVycm9yIGluIG9uX21ldGhvZABFeHBlY3RlZCBzcGFjZSBhZnRlciBtZXRob2QAU3BhbiBjYWxsYmFjayBlcnJvciBpbiBvbl9oZWFkZXJfZmllbGQAUGF1c2VkAEludmFsaWQgd29yZCBlbmNvdW50ZXJlZABJbnZhbGlkIG1ldGhvZCBlbmNvdW50ZXJlZABVbmV4cGVjdGVkIGNoYXIgaW4gdXJsIHNjaGVtYQBSZXF1ZXN0IGhhcyBpbnZhbGlkIGBUcmFuc2Zlci1FbmNvZGluZ2AAU1dJVENIX1BST1hZAFVTRV9QUk9YWQBNS0FDVElWSVRZAFVOUFJPQ0VTU0FCTEVfRU5USVRZAENPUFkATU9WRURfUEVSTUFORU5UTFkAVE9PX0VBUkxZAE5PVElGWQBGQUlMRURfREVQRU5ERU5DWQBCQURfR0FURVdBWQBQTEFZAFBVVABDSEVDS09VVABHQVRFV0FZX1RJTUVPVVQAUkVRVUVTVF9USU1FT1VUAE5FVFdPUktfQ09OTkVDVF9USU1FT1VUAENPTk5FQ1RJT05fVElNRU9VVABMT0dJTl9USU1FT1VUAE5FVFdPUktfUkVBRF9USU1FT1VUAFBPU1QATUlTRElSRUNURURfUkVRVUVTVABDTElFTlRfQ0xPU0VEX1JFUVVFU1QAQ0xJRU5UX0NMT1NFRF9MT0FEX0JBTEFOQ0VEX1JFUVVFU1QAQkFEX1JFUVVFU1QASFRUUF9SRVFVRVNUX1NFTlRfVE9fSFRUUFNfUE9SVABSRVBPUlQASU1fQV9URUFQT1QAUkVTRVRfQ09OVEVOVABOT19DT05URU5UAFBBUlRJQUxfQ09OVEVOVABIUEVfSU5WQUxJRF9DT05TVEFOVABIUEVfQ0JfUkVTRVQAR0VUAEhQRV9TVFJJQ1QAQ09ORkxJQ1QAVEVNUE9SQVJZX1JFRElSRUNUAFBFUk1BTkVOVF9SRURJUkVDVABDT05ORUNUAE1VTFRJX1NUQVRVUwBIUEVfSU5WQUxJRF9TVEFUVVMAVE9PX01BTllfUkVRVUVTVFMARUFSTFlfSElOVFMAVU5BVkFJTEFCTEVfRk9SX0xFR0FMX1JFQVNPTlMAT1BUSU9OUwBTV0lUQ0hJTkdfUFJPVE9DT0xTAFZBUklBTlRfQUxTT19ORUdPVElBVEVTAE1VTFRJUExFX0NIT0lDRVMASU5URVJOQUxfU0VSVkVSX0VSUk9SAFdFQl9TRVJWRVJfVU5LTk9XTl9FUlJPUgBSQUlMR1VOX0VSUk9SAElERU5USVRZX1BST1ZJREVSX0FVVEhFTlRJQ0FUSU9OX0VSUk9SAFNTTF9DRVJUSUZJQ0FURV9FUlJPUgBJTlZBTElEX1hfRk9SV0FSREVEX0ZPUgBTRVRfUEFSQU1FVEVSAEdFVF9QQVJBTUVURVIASFBFX1VTRVIAU0VFX09USEVSAEhQRV9DQl9DSFVOS19IRUFERVIATUtDQUxFTkRBUgBTRVRVUABXRUJfU0VSVkVSX0lTX0RPV04AVEVBUkRPV04ASFBFX0NMT1NFRF9DT05ORUNUSU9OAEhFVVJJU1RJQ19FWFBJUkFUSU9OAERJU0NPTk5FQ1RFRF9PUEVSQVRJT04ATk9OX0FVVEhPUklUQVRJVkVfSU5GT1JNQVRJT04ASFBFX0lOVkFMSURfVkVSU0lPTgBIUEVfQ0JfTUVTU0FHRV9CRUdJTgBTSVRFX0lTX0ZST1pFTgBIUEVfSU5WQUxJRF9IRUFERVJfVE9LRU4ASU5WQUxJRF9UT0tFTgBGT1JCSURERU4ARU5IQU5DRV9ZT1VSX0NBTE0ASFBFX0lOVkFMSURfVVJMAEJMT0NLRURfQllfUEFSRU5UQUxfQ09OVFJPTABNS0NPTABBQ0wASFBFX0lOVEVSTkFMAFJFUVVFU1RfSEVBREVSX0ZJRUxEU19UT09fTEFSR0VfVU5PRkZJQ0lBTABIUEVfT0sAVU5MSU5LAFVOTE9DSwBQUkkAUkVUUllfV0lUSABIUEVfSU5WQUxJRF9DT05URU5UX0xFTkdUSABIUEVfVU5FWFBFQ1RFRF9DT05URU5UX0xFTkdUSABGTFVTSABQUk9QUEFUQ0gATS1TRUFSQ0gAVVJJX1RPT19MT05HAFBST0NFU1NJTkcATUlTQ0VMTEFORU9VU19QRVJTSVNURU5UX1dBUk5JTkcATUlTQ0VMTEFORU9VU19XQVJOSU5HAEhQRV9JTlZBTElEX1RSQU5TRkVSX0VOQ09ESU5HAEV4cGVjdGVkIENSTEYASFBFX0lOVkFMSURfQ0hVTktfU0laRQBNT1ZFAENPTlRJTlVFAEhQRV9DQl9TVEFUVVNfQ09NUExFVEUASFBFX0NCX0hFQURFUlNfQ09NUExFVEUASFBFX0NCX1ZFUlNJT05fQ09NUExFVEUASFBFX0NCX1VSTF9DT01QTEVURQBIUEVfQ0JfQ0hVTktfQ09NUExFVEUASFBFX0NCX0hFQURFUl9WQUxVRV9DT01QTEVURQBIUEVfQ0JfQ0hVTktfRVhURU5TSU9OX1ZBTFVFX0NPTVBMRVRFAEhQRV9DQl9DSFVOS19FWFRFTlNJT05fTkFNRV9DT01QTEVURQBIUEVfQ0JfTUVTU0FHRV9DT01QTEVURQBIUEVfQ0JfTUVUSE9EX0NPTVBMRVRFAEhQRV9DQl9IRUFERVJfRklFTERfQ09NUExFVEUAREVMRVRFAEhQRV9JTlZBTElEX0VPRl9TVEFURQBJTlZBTElEX1NTTF9DRVJUSUZJQ0FURQBQQVVTRQBOT19SRVNQT05TRQBVTlNVUFBPUlRFRF9NRURJQV9UWVBFAEdPTkUATk9UX0FDQ0VQVEFCTEUAU0VSVklDRV9VTkFWQUlMQUJMRQBSQU5HRV9OT1RfU0FUSVNGSUFCTEUAT1JJR0lOX0lTX1VOUkVBQ0hBQkxFAFJFU1BPTlNFX0lTX1NUQUxFAFBVUkdFAE1FUkdFAFJFUVVFU1RfSEVBREVSX0ZJRUxEU19UT09fTEFSR0UAUkVRVUVTVF9IRUFERVJfVE9PX0xBUkdFAFBBWUxPQURfVE9PX0xBUkdFAElOU1VGRklDSUVOVF9TVE9SQUdFAEhQRV9QQVVTRURfVVBHUkFERQBIUEVfUEFVU0VEX0gyX1VQR1JBREUAU09VUkNFAEFOTk9VTkNFAFRSQUNFAEhQRV9VTkVYUEVDVEVEX1NQQUNFAERFU0NSSUJFAFVOU1VCU0NSSUJFAFJFQ09SRABIUEVfSU5WQUxJRF9NRVRIT0QATk9UX0ZPVU5EAFBST1BGSU5EAFVOQklORABSRUJJTkQAVU5BVVRIT1JJWkVEAE1FVEhPRF9OT1RfQUxMT1dFRABIVFRQX1ZFUlNJT05fTk9UX1NVUFBPUlRFRABBTFJFQURZX1JFUE9SVEVEAEFDQ0VQVEVEAE5PVF9JTVBMRU1FTlRFRABMT09QX0RFVEVDVEVEAEhQRV9DUl9FWFBFQ1RFRABIUEVfTEZfRVhQRUNURUQAQ1JFQVRFRABJTV9VU0VEAEhQRV9QQVVTRUQAVElNRU9VVF9PQ0NVUkVEAFBBWU1FTlRfUkVRVUlSRUQAUFJFQ09ORElUSU9OX1JFUVVJUkVEAFBST1hZX0FVVEhFTlRJQ0FUSU9OX1JFUVVJUkVEAE5FVFdPUktfQVVUSEVOVElDQVRJT05fUkVRVUlSRUQATEVOR1RIX1JFUVVJUkVEAFNTTF9DRVJUSUZJQ0FURV9SRVFVSVJFRABVUEdSQURFX1JFUVVJUkVEAFBBR0VfRVhQSVJFRABQUkVDT05ESVRJT05fRkFJTEVEAEVYUEVDVEFUSU9OX0ZBSUxFRABSRVZBTElEQVRJT05fRkFJTEVEAFNTTF9IQU5EU0hBS0VfRkFJTEVEAExPQ0tFRABUUkFOU0ZPUk1BVElPTl9BUFBMSUVEAE5PVF9NT0RJRklFRABOT1RfRVhURU5ERUQAQkFORFdJRFRIX0xJTUlUX0VYQ0VFREVEAFNJVEVfSVNfT1ZFUkxPQURFRABIRUFEAEV4cGVjdGVkIEhUVFAvAABeEwAAJhMAADAQAADwFwAAnRMAABUSAAA5FwAA8BIAAAoQAAB1EgAArRIAAIITAABPFAAAfxAAAKAVAAAjFAAAiRIAAIsUAABNFQAA1BEAAM8UAAAQGAAAyRYAANwWAADBEQAA4BcAALsUAAB0FAAAfBUAAOUUAAAIFwAAHxAAAGUVAACjFAAAKBUAAAIVAACZFQAALBAAAIsZAABPDwAA1A4AAGoQAADOEAAAAhcAAIkOAABuEwAAHBMAAGYUAABWFwAAwRMAAM0TAABsEwAAaBcAAGYXAABfFwAAIhMAAM4PAABpDgAA2A4AAGMWAADLEwAAqg4AACgXAAAmFwAAxRMAAF0WAADoEQAAZxMAAGUTAADyFgAAcxMAAB0XAAD5FgAA8xEAAM8OAADOFQAADBIAALMRAAClEQAAYRAAADIXAAC7EwBB+TULAQEAQZA2C+ABAQECAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAQf03CwEBAEGROAteAgMCAgICAgAAAgIAAgIAAgICAgICAgICAgAEAAAAAAACAgICAgICAgICAgICAgICAgICAgICAgICAgAAAAICAgICAgICAgICAgICAgICAgICAgICAgICAgICAAIAAgBB/TkLAQEAQZE6C14CAAICAgICAAACAgACAgACAgICAgICAgICAAMABAAAAAICAgICAgICAgICAgICAgICAgICAgICAgICAAAAAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAAgACAEHwOwsNbG9zZWVlcC1hbGl2ZQBBiTwLAQEAQaA8C+ABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAQYk+CwEBAEGgPgvnAQEBAQEBAQEBAQEBAQIBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBY2h1bmtlZABBsMAAC18BAQABAQEBAQAAAQEAAQEAAQEBAQEBAQEBAQAAAAAAAAABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQAAAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEAAQBBkMIACyFlY3Rpb25lbnQtbGVuZ3Rob25yb3h5LWNvbm5lY3Rpb24AQcDCAAstcmFuc2Zlci1lbmNvZGluZ3BncmFkZQ0KDQoNClNNDQoNClRUUC9DRS9UU1AvAEH5wgALBQECAAEDAEGQwwAL4AEEAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB+cQACwUBAgABAwBBkMUAC+ABBAEBBQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEAQfnGAAsEAQAAAQBBkccAC98BAQEAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQBB+sgACwQBAAACAEGQyQALXwMEAAAEBAQEBAQEBAQEBAUEBAQEBAQEBAQEBAQABAAGBwQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAEAAQABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQAAAAEAEH6ygALBAEAAAEAQZDLAAsBAQBBqssAC0ECAAAAAAAAAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAAAAAAAADAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwBB+swACwQBAAABAEGQzQALAQEAQZrNAAsGAgAAAAACAEGxzQALOgMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAAAAAAAAAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAQfDOAAuWAU5PVU5DRUVDS09VVE5FQ1RFVEVDUklCRUxVU0hFVEVBRFNFQVJDSFJHRUNUSVZJVFlMRU5EQVJWRU9USUZZUFRJT05TQ0hTRUFZU1RBVENIR0VPUkRJUkVDVE9SVFJDSFBBUkFNRVRFUlVSQ0VCU0NSSUJFQVJET1dOQUNFSU5ETktDS1VCU0NSSUJFSFRUUC9BRFRQLw==', 'base64')\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.enumToMap = void 0;\nfunction enumToMap(obj) {\n const res = {};\n Object.keys(obj).forEach((key) => {\n const value = obj[key];\n if (typeof value === 'number') {\n res[key] = value;\n }\n });\n return res;\n}\nexports.enumToMap = enumToMap;\n//# sourceMappingURL=utils.js.map","'use strict'\n\nconst { kClients } = require('../core/symbols')\nconst Agent = require('../dispatcher/agent')\nconst {\n kAgent,\n kMockAgentSet,\n kMockAgentGet,\n kDispatches,\n kIsMockActive,\n kNetConnect,\n kGetNetConnect,\n kOptions,\n kFactory\n} = require('./mock-symbols')\nconst MockClient = require('./mock-client')\nconst MockPool = require('./mock-pool')\nconst { matchValue, buildMockOptions } = require('./mock-utils')\nconst { InvalidArgumentError, UndiciError } = require('../core/errors')\nconst Dispatcher = require('../dispatcher/dispatcher')\nconst Pluralizer = require('./pluralizer')\nconst PendingInterceptorsFormatter = require('./pending-interceptors-formatter')\n\nclass MockAgent extends Dispatcher {\n constructor (opts) {\n super(opts)\n\n this[kNetConnect] = true\n this[kIsMockActive] = true\n\n // Instantiate Agent and encapsulate\n if ((opts?.agent && typeof opts.agent.dispatch !== 'function')) {\n throw new InvalidArgumentError('Argument opts.agent must implement Agent')\n }\n const agent = opts?.agent ? opts.agent : new Agent(opts)\n this[kAgent] = agent\n\n this[kClients] = agent[kClients]\n this[kOptions] = buildMockOptions(opts)\n }\n\n get (origin) {\n let dispatcher = this[kMockAgentGet](origin)\n\n if (!dispatcher) {\n dispatcher = this[kFactory](origin)\n this[kMockAgentSet](origin, dispatcher)\n }\n return dispatcher\n }\n\n dispatch (opts, handler) {\n // Call MockAgent.get to perform additional setup before dispatching as normal\n this.get(opts.origin)\n return this[kAgent].dispatch(opts, handler)\n }\n\n async close () {\n await this[kAgent].close()\n this[kClients].clear()\n }\n\n deactivate () {\n this[kIsMockActive] = false\n }\n\n activate () {\n this[kIsMockActive] = true\n }\n\n enableNetConnect (matcher) {\n if (typeof matcher === 'string' || typeof matcher === 'function' || matcher instanceof RegExp) {\n if (Array.isArray(this[kNetConnect])) {\n this[kNetConnect].push(matcher)\n } else {\n this[kNetConnect] = [matcher]\n }\n } else if (typeof matcher === 'undefined') {\n this[kNetConnect] = true\n } else {\n throw new InvalidArgumentError('Unsupported matcher. Must be one of String|Function|RegExp.')\n }\n }\n\n disableNetConnect () {\n this[kNetConnect] = false\n }\n\n // This is required to bypass issues caused by using global symbols - see:\n // https://github.com/nodejs/undici/issues/1447\n get isMockActive () {\n return this[kIsMockActive]\n }\n\n [kMockAgentSet] (origin, dispatcher) {\n this[kClients].set(origin, dispatcher)\n }\n\n [kFactory] (origin) {\n const mockOptions = Object.assign({ agent: this }, this[kOptions])\n return this[kOptions] && this[kOptions].connections === 1\n ? new MockClient(origin, mockOptions)\n : new MockPool(origin, mockOptions)\n }\n\n [kMockAgentGet] (origin) {\n // First check if we can immediately find it\n const client = this[kClients].get(origin)\n if (client) {\n return client\n }\n\n // If the origin is not a string create a dummy parent pool and return to user\n if (typeof origin !== 'string') {\n const dispatcher = this[kFactory]('http://localhost:9999')\n this[kMockAgentSet](origin, dispatcher)\n return dispatcher\n }\n\n // If we match, create a pool and assign the same dispatches\n for (const [keyMatcher, nonExplicitDispatcher] of Array.from(this[kClients])) {\n if (nonExplicitDispatcher && typeof keyMatcher !== 'string' && matchValue(keyMatcher, origin)) {\n const dispatcher = this[kFactory](origin)\n this[kMockAgentSet](origin, dispatcher)\n dispatcher[kDispatches] = nonExplicitDispatcher[kDispatches]\n return dispatcher\n }\n }\n }\n\n [kGetNetConnect] () {\n return this[kNetConnect]\n }\n\n pendingInterceptors () {\n const mockAgentClients = this[kClients]\n\n return Array.from(mockAgentClients.entries())\n .flatMap(([origin, scope]) => scope[kDispatches].map(dispatch => ({ ...dispatch, origin })))\n .filter(({ pending }) => pending)\n }\n\n assertNoPendingInterceptors ({ pendingInterceptorsFormatter = new PendingInterceptorsFormatter() } = {}) {\n const pending = this.pendingInterceptors()\n\n if (pending.length === 0) {\n return\n }\n\n const pluralizer = new Pluralizer('interceptor', 'interceptors').pluralize(pending.length)\n\n throw new UndiciError(`\n${pluralizer.count} ${pluralizer.noun} ${pluralizer.is} pending:\n\n${pendingInterceptorsFormatter.format(pending)}\n`.trim())\n }\n}\n\nmodule.exports = MockAgent\n","'use strict'\n\nconst { promisify } = require('node:util')\nconst Client = require('../dispatcher/client')\nconst { buildMockDispatch } = require('./mock-utils')\nconst {\n kDispatches,\n kMockAgent,\n kClose,\n kOriginalClose,\n kOrigin,\n kOriginalDispatch,\n kConnected\n} = require('./mock-symbols')\nconst { MockInterceptor } = require('./mock-interceptor')\nconst Symbols = require('../core/symbols')\nconst { InvalidArgumentError } = require('../core/errors')\n\n/**\n * MockClient provides an API that extends the Client to influence the mockDispatches.\n */\nclass MockClient extends Client {\n constructor (origin, opts) {\n super(origin, opts)\n\n if (!opts || !opts.agent || typeof opts.agent.dispatch !== 'function') {\n throw new InvalidArgumentError('Argument opts.agent must implement Agent')\n }\n\n this[kMockAgent] = opts.agent\n this[kOrigin] = origin\n this[kDispatches] = []\n this[kConnected] = 1\n this[kOriginalDispatch] = this.dispatch\n this[kOriginalClose] = this.close.bind(this)\n\n this.dispatch = buildMockDispatch.call(this)\n this.close = this[kClose]\n }\n\n get [Symbols.kConnected] () {\n return this[kConnected]\n }\n\n /**\n * Sets up the base interceptor for mocking replies from undici.\n */\n intercept (opts) {\n return new MockInterceptor(opts, this[kDispatches])\n }\n\n async [kClose] () {\n await promisify(this[kOriginalClose])()\n this[kConnected] = 0\n this[kMockAgent][Symbols.kClients].delete(this[kOrigin])\n }\n}\n\nmodule.exports = MockClient\n","'use strict'\n\nconst { UndiciError } = require('../core/errors')\n\nconst kMockNotMatchedError = Symbol.for('undici.error.UND_MOCK_ERR_MOCK_NOT_MATCHED')\n\n/**\n * The request does not match any registered mock dispatches.\n */\nclass MockNotMatchedError extends UndiciError {\n constructor (message) {\n super(message)\n Error.captureStackTrace(this, MockNotMatchedError)\n this.name = 'MockNotMatchedError'\n this.message = message || 'The request does not match any registered mock dispatches'\n this.code = 'UND_MOCK_ERR_MOCK_NOT_MATCHED'\n }\n\n static [Symbol.hasInstance] (instance) {\n return instance && instance[kMockNotMatchedError] === true\n }\n\n [kMockNotMatchedError] = true\n}\n\nmodule.exports = {\n MockNotMatchedError\n}\n","'use strict'\n\nconst { getResponseData, buildKey, addMockDispatch } = require('./mock-utils')\nconst {\n kDispatches,\n kDispatchKey,\n kDefaultHeaders,\n kDefaultTrailers,\n kContentLength,\n kMockDispatch\n} = require('./mock-symbols')\nconst { InvalidArgumentError } = require('../core/errors')\nconst { buildURL } = require('../core/util')\n\n/**\n * Defines the scope API for an interceptor reply\n */\nclass MockScope {\n constructor (mockDispatch) {\n this[kMockDispatch] = mockDispatch\n }\n\n /**\n * Delay a reply by a set amount in ms.\n */\n delay (waitInMs) {\n if (typeof waitInMs !== 'number' || !Number.isInteger(waitInMs) || waitInMs <= 0) {\n throw new InvalidArgumentError('waitInMs must be a valid integer > 0')\n }\n\n this[kMockDispatch].delay = waitInMs\n return this\n }\n\n /**\n * For a defined reply, never mark as consumed.\n */\n persist () {\n this[kMockDispatch].persist = true\n return this\n }\n\n /**\n * Allow one to define a reply for a set amount of matching requests.\n */\n times (repeatTimes) {\n if (typeof repeatTimes !== 'number' || !Number.isInteger(repeatTimes) || repeatTimes <= 0) {\n throw new InvalidArgumentError('repeatTimes must be a valid integer > 0')\n }\n\n this[kMockDispatch].times = repeatTimes\n return this\n }\n}\n\n/**\n * Defines an interceptor for a Mock\n */\nclass MockInterceptor {\n constructor (opts, mockDispatches) {\n if (typeof opts !== 'object') {\n throw new InvalidArgumentError('opts must be an object')\n }\n if (typeof opts.path === 'undefined') {\n throw new InvalidArgumentError('opts.path must be defined')\n }\n if (typeof opts.method === 'undefined') {\n opts.method = 'GET'\n }\n // See https://github.com/nodejs/undici/issues/1245\n // As per RFC 3986, clients are not supposed to send URI\n // fragments to servers when they retrieve a document,\n if (typeof opts.path === 'string') {\n if (opts.query) {\n opts.path = buildURL(opts.path, opts.query)\n } else {\n // Matches https://github.com/nodejs/undici/blob/main/lib/web/fetch/index.js#L1811\n const parsedURL = new URL(opts.path, 'data://')\n opts.path = parsedURL.pathname + parsedURL.search\n }\n }\n if (typeof opts.method === 'string') {\n opts.method = opts.method.toUpperCase()\n }\n\n this[kDispatchKey] = buildKey(opts)\n this[kDispatches] = mockDispatches\n this[kDefaultHeaders] = {}\n this[kDefaultTrailers] = {}\n this[kContentLength] = false\n }\n\n createMockScopeDispatchData ({ statusCode, data, responseOptions }) {\n const responseData = getResponseData(data)\n const contentLength = this[kContentLength] ? { 'content-length': responseData.length } : {}\n const headers = { ...this[kDefaultHeaders], ...contentLength, ...responseOptions.headers }\n const trailers = { ...this[kDefaultTrailers], ...responseOptions.trailers }\n\n return { statusCode, data, headers, trailers }\n }\n\n validateReplyParameters (replyParameters) {\n if (typeof replyParameters.statusCode === 'undefined') {\n throw new InvalidArgumentError('statusCode must be defined')\n }\n if (typeof replyParameters.responseOptions !== 'object' || replyParameters.responseOptions === null) {\n throw new InvalidArgumentError('responseOptions must be an object')\n }\n }\n\n /**\n * Mock an undici request with a defined reply.\n */\n reply (replyOptionsCallbackOrStatusCode) {\n // Values of reply aren't available right now as they\n // can only be available when the reply callback is invoked.\n if (typeof replyOptionsCallbackOrStatusCode === 'function') {\n // We'll first wrap the provided callback in another function,\n // this function will properly resolve the data from the callback\n // when invoked.\n const wrappedDefaultsCallback = (opts) => {\n // Our reply options callback contains the parameter for statusCode, data and options.\n const resolvedData = replyOptionsCallbackOrStatusCode(opts)\n\n // Check if it is in the right format\n if (typeof resolvedData !== 'object' || resolvedData === null) {\n throw new InvalidArgumentError('reply options callback must return an object')\n }\n\n const replyParameters = { data: '', responseOptions: {}, ...resolvedData }\n this.validateReplyParameters(replyParameters)\n // Since the values can be obtained immediately we return them\n // from this higher order function that will be resolved later.\n return {\n ...this.createMockScopeDispatchData(replyParameters)\n }\n }\n\n // Add usual dispatch data, but this time set the data parameter to function that will eventually provide data.\n const newMockDispatch = addMockDispatch(this[kDispatches], this[kDispatchKey], wrappedDefaultsCallback)\n return new MockScope(newMockDispatch)\n }\n\n // We can have either one or three parameters, if we get here,\n // we should have 1-3 parameters. So we spread the arguments of\n // this function to obtain the parameters, since replyData will always\n // just be the statusCode.\n const replyParameters = {\n statusCode: replyOptionsCallbackOrStatusCode,\n data: arguments[1] === undefined ? '' : arguments[1],\n responseOptions: arguments[2] === undefined ? {} : arguments[2]\n }\n this.validateReplyParameters(replyParameters)\n\n // Send in-already provided data like usual\n const dispatchData = this.createMockScopeDispatchData(replyParameters)\n const newMockDispatch = addMockDispatch(this[kDispatches], this[kDispatchKey], dispatchData)\n return new MockScope(newMockDispatch)\n }\n\n /**\n * Mock an undici request with a defined error.\n */\n replyWithError (error) {\n if (typeof error === 'undefined') {\n throw new InvalidArgumentError('error must be defined')\n }\n\n const newMockDispatch = addMockDispatch(this[kDispatches], this[kDispatchKey], { error })\n return new MockScope(newMockDispatch)\n }\n\n /**\n * Set default reply headers on the interceptor for subsequent replies\n */\n defaultReplyHeaders (headers) {\n if (typeof headers === 'undefined') {\n throw new InvalidArgumentError('headers must be defined')\n }\n\n this[kDefaultHeaders] = headers\n return this\n }\n\n /**\n * Set default reply trailers on the interceptor for subsequent replies\n */\n defaultReplyTrailers (trailers) {\n if (typeof trailers === 'undefined') {\n throw new InvalidArgumentError('trailers must be defined')\n }\n\n this[kDefaultTrailers] = trailers\n return this\n }\n\n /**\n * Set reply content length header for replies on the interceptor\n */\n replyContentLength () {\n this[kContentLength] = true\n return this\n }\n}\n\nmodule.exports.MockInterceptor = MockInterceptor\nmodule.exports.MockScope = MockScope\n","'use strict'\n\nconst { promisify } = require('node:util')\nconst Pool = require('../dispatcher/pool')\nconst { buildMockDispatch } = require('./mock-utils')\nconst {\n kDispatches,\n kMockAgent,\n kClose,\n kOriginalClose,\n kOrigin,\n kOriginalDispatch,\n kConnected\n} = require('./mock-symbols')\nconst { MockInterceptor } = require('./mock-interceptor')\nconst Symbols = require('../core/symbols')\nconst { InvalidArgumentError } = require('../core/errors')\n\n/**\n * MockPool provides an API that extends the Pool to influence the mockDispatches.\n */\nclass MockPool extends Pool {\n constructor (origin, opts) {\n super(origin, opts)\n\n if (!opts || !opts.agent || typeof opts.agent.dispatch !== 'function') {\n throw new InvalidArgumentError('Argument opts.agent must implement Agent')\n }\n\n this[kMockAgent] = opts.agent\n this[kOrigin] = origin\n this[kDispatches] = []\n this[kConnected] = 1\n this[kOriginalDispatch] = this.dispatch\n this[kOriginalClose] = this.close.bind(this)\n\n this.dispatch = buildMockDispatch.call(this)\n this.close = this[kClose]\n }\n\n get [Symbols.kConnected] () {\n return this[kConnected]\n }\n\n /**\n * Sets up the base interceptor for mocking replies from undici.\n */\n intercept (opts) {\n return new MockInterceptor(opts, this[kDispatches])\n }\n\n async [kClose] () {\n await promisify(this[kOriginalClose])()\n this[kConnected] = 0\n this[kMockAgent][Symbols.kClients].delete(this[kOrigin])\n }\n}\n\nmodule.exports = MockPool\n","'use strict'\n\nmodule.exports = {\n kAgent: Symbol('agent'),\n kOptions: Symbol('options'),\n kFactory: Symbol('factory'),\n kDispatches: Symbol('dispatches'),\n kDispatchKey: Symbol('dispatch key'),\n kDefaultHeaders: Symbol('default headers'),\n kDefaultTrailers: Symbol('default trailers'),\n kContentLength: Symbol('content length'),\n kMockAgent: Symbol('mock agent'),\n kMockAgentSet: Symbol('mock agent set'),\n kMockAgentGet: Symbol('mock agent get'),\n kMockDispatch: Symbol('mock dispatch'),\n kClose: Symbol('close'),\n kOriginalClose: Symbol('original agent close'),\n kOrigin: Symbol('origin'),\n kIsMockActive: Symbol('is mock active'),\n kNetConnect: Symbol('net connect'),\n kGetNetConnect: Symbol('get net connect'),\n kConnected: Symbol('connected')\n}\n","'use strict'\n\nconst { MockNotMatchedError } = require('./mock-errors')\nconst {\n kDispatches,\n kMockAgent,\n kOriginalDispatch,\n kOrigin,\n kGetNetConnect\n} = require('./mock-symbols')\nconst { buildURL } = require('../core/util')\nconst { STATUS_CODES } = require('node:http')\nconst {\n types: {\n isPromise\n }\n} = require('node:util')\n\nfunction matchValue (match, value) {\n if (typeof match === 'string') {\n return match === value\n }\n if (match instanceof RegExp) {\n return match.test(value)\n }\n if (typeof match === 'function') {\n return match(value) === true\n }\n return false\n}\n\nfunction lowerCaseEntries (headers) {\n return Object.fromEntries(\n Object.entries(headers).map(([headerName, headerValue]) => {\n return [headerName.toLocaleLowerCase(), headerValue]\n })\n )\n}\n\n/**\n * @param {import('../../index').Headers|string[]|Record} headers\n * @param {string} key\n */\nfunction getHeaderByName (headers, key) {\n if (Array.isArray(headers)) {\n for (let i = 0; i < headers.length; i += 2) {\n if (headers[i].toLocaleLowerCase() === key.toLocaleLowerCase()) {\n return headers[i + 1]\n }\n }\n\n return undefined\n } else if (typeof headers.get === 'function') {\n return headers.get(key)\n } else {\n return lowerCaseEntries(headers)[key.toLocaleLowerCase()]\n }\n}\n\n/** @param {string[]} headers */\nfunction buildHeadersFromArray (headers) { // fetch HeadersList\n const clone = headers.slice()\n const entries = []\n for (let index = 0; index < clone.length; index += 2) {\n entries.push([clone[index], clone[index + 1]])\n }\n return Object.fromEntries(entries)\n}\n\nfunction matchHeaders (mockDispatch, headers) {\n if (typeof mockDispatch.headers === 'function') {\n if (Array.isArray(headers)) { // fetch HeadersList\n headers = buildHeadersFromArray(headers)\n }\n return mockDispatch.headers(headers ? lowerCaseEntries(headers) : {})\n }\n if (typeof mockDispatch.headers === 'undefined') {\n return true\n }\n if (typeof headers !== 'object' || typeof mockDispatch.headers !== 'object') {\n return false\n }\n\n for (const [matchHeaderName, matchHeaderValue] of Object.entries(mockDispatch.headers)) {\n const headerValue = getHeaderByName(headers, matchHeaderName)\n\n if (!matchValue(matchHeaderValue, headerValue)) {\n return false\n }\n }\n return true\n}\n\nfunction safeUrl (path) {\n if (typeof path !== 'string') {\n return path\n }\n\n const pathSegments = path.split('?')\n\n if (pathSegments.length !== 2) {\n return path\n }\n\n const qp = new URLSearchParams(pathSegments.pop())\n qp.sort()\n return [...pathSegments, qp.toString()].join('?')\n}\n\nfunction matchKey (mockDispatch, { path, method, body, headers }) {\n const pathMatch = matchValue(mockDispatch.path, path)\n const methodMatch = matchValue(mockDispatch.method, method)\n const bodyMatch = typeof mockDispatch.body !== 'undefined' ? matchValue(mockDispatch.body, body) : true\n const headersMatch = matchHeaders(mockDispatch, headers)\n return pathMatch && methodMatch && bodyMatch && headersMatch\n}\n\nfunction getResponseData (data) {\n if (Buffer.isBuffer(data)) {\n return data\n } else if (data instanceof Uint8Array) {\n return data\n } else if (data instanceof ArrayBuffer) {\n return data\n } else if (typeof data === 'object') {\n return JSON.stringify(data)\n } else {\n return data.toString()\n }\n}\n\nfunction getMockDispatch (mockDispatches, key) {\n const basePath = key.query ? buildURL(key.path, key.query) : key.path\n const resolvedPath = typeof basePath === 'string' ? safeUrl(basePath) : basePath\n\n // Match path\n let matchedMockDispatches = mockDispatches.filter(({ consumed }) => !consumed).filter(({ path }) => matchValue(safeUrl(path), resolvedPath))\n if (matchedMockDispatches.length === 0) {\n throw new MockNotMatchedError(`Mock dispatch not matched for path '${resolvedPath}'`)\n }\n\n // Match method\n matchedMockDispatches = matchedMockDispatches.filter(({ method }) => matchValue(method, key.method))\n if (matchedMockDispatches.length === 0) {\n throw new MockNotMatchedError(`Mock dispatch not matched for method '${key.method}' on path '${resolvedPath}'`)\n }\n\n // Match body\n matchedMockDispatches = matchedMockDispatches.filter(({ body }) => typeof body !== 'undefined' ? matchValue(body, key.body) : true)\n if (matchedMockDispatches.length === 0) {\n throw new MockNotMatchedError(`Mock dispatch not matched for body '${key.body}' on path '${resolvedPath}'`)\n }\n\n // Match headers\n matchedMockDispatches = matchedMockDispatches.filter((mockDispatch) => matchHeaders(mockDispatch, key.headers))\n if (matchedMockDispatches.length === 0) {\n const headers = typeof key.headers === 'object' ? JSON.stringify(key.headers) : key.headers\n throw new MockNotMatchedError(`Mock dispatch not matched for headers '${headers}' on path '${resolvedPath}'`)\n }\n\n return matchedMockDispatches[0]\n}\n\nfunction addMockDispatch (mockDispatches, key, data) {\n const baseData = { timesInvoked: 0, times: 1, persist: false, consumed: false }\n const replyData = typeof data === 'function' ? { callback: data } : { ...data }\n const newMockDispatch = { ...baseData, ...key, pending: true, data: { error: null, ...replyData } }\n mockDispatches.push(newMockDispatch)\n return newMockDispatch\n}\n\nfunction deleteMockDispatch (mockDispatches, key) {\n const index = mockDispatches.findIndex(dispatch => {\n if (!dispatch.consumed) {\n return false\n }\n return matchKey(dispatch, key)\n })\n if (index !== -1) {\n mockDispatches.splice(index, 1)\n }\n}\n\nfunction buildKey (opts) {\n const { path, method, body, headers, query } = opts\n return {\n path,\n method,\n body,\n headers,\n query\n }\n}\n\nfunction generateKeyValues (data) {\n const keys = Object.keys(data)\n const result = []\n for (let i = 0; i < keys.length; ++i) {\n const key = keys[i]\n const value = data[key]\n const name = Buffer.from(`${key}`)\n if (Array.isArray(value)) {\n for (let j = 0; j < value.length; ++j) {\n result.push(name, Buffer.from(`${value[j]}`))\n }\n } else {\n result.push(name, Buffer.from(`${value}`))\n }\n }\n return result\n}\n\n/**\n * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Status\n * @param {number} statusCode\n */\nfunction getStatusText (statusCode) {\n return STATUS_CODES[statusCode] || 'unknown'\n}\n\nasync function getResponse (body) {\n const buffers = []\n for await (const data of body) {\n buffers.push(data)\n }\n return Buffer.concat(buffers).toString('utf8')\n}\n\n/**\n * Mock dispatch function used to simulate undici dispatches\n */\nfunction mockDispatch (opts, handler) {\n // Get mock dispatch from built key\n const key = buildKey(opts)\n const mockDispatch = getMockDispatch(this[kDispatches], key)\n\n mockDispatch.timesInvoked++\n\n // Here's where we resolve a callback if a callback is present for the dispatch data.\n if (mockDispatch.data.callback) {\n mockDispatch.data = { ...mockDispatch.data, ...mockDispatch.data.callback(opts) }\n }\n\n // Parse mockDispatch data\n const { data: { statusCode, data, headers, trailers, error }, delay, persist } = mockDispatch\n const { timesInvoked, times } = mockDispatch\n\n // If it's used up and not persistent, mark as consumed\n mockDispatch.consumed = !persist && timesInvoked >= times\n mockDispatch.pending = timesInvoked < times\n\n // If specified, trigger dispatch error\n if (error !== null) {\n deleteMockDispatch(this[kDispatches], key)\n handler.onError(error)\n return true\n }\n\n // Handle the request with a delay if necessary\n if (typeof delay === 'number' && delay > 0) {\n setTimeout(() => {\n handleReply(this[kDispatches])\n }, delay)\n } else {\n handleReply(this[kDispatches])\n }\n\n function handleReply (mockDispatches, _data = data) {\n // fetch's HeadersList is a 1D string array\n const optsHeaders = Array.isArray(opts.headers)\n ? buildHeadersFromArray(opts.headers)\n : opts.headers\n const body = typeof _data === 'function'\n ? _data({ ...opts, headers: optsHeaders })\n : _data\n\n // util.types.isPromise is likely needed for jest.\n if (isPromise(body)) {\n // If handleReply is asynchronous, throwing an error\n // in the callback will reject the promise, rather than\n // synchronously throw the error, which breaks some tests.\n // Rather, we wait for the callback to resolve if it is a\n // promise, and then re-run handleReply with the new body.\n body.then((newData) => handleReply(mockDispatches, newData))\n return\n }\n\n const responseData = getResponseData(body)\n const responseHeaders = generateKeyValues(headers)\n const responseTrailers = generateKeyValues(trailers)\n\n handler.onConnect?.(err => handler.onError(err), null)\n handler.onHeaders?.(statusCode, responseHeaders, resume, getStatusText(statusCode))\n handler.onData?.(Buffer.from(responseData))\n handler.onComplete?.(responseTrailers)\n deleteMockDispatch(mockDispatches, key)\n }\n\n function resume () {}\n\n return true\n}\n\nfunction buildMockDispatch () {\n const agent = this[kMockAgent]\n const origin = this[kOrigin]\n const originalDispatch = this[kOriginalDispatch]\n\n return function dispatch (opts, handler) {\n if (agent.isMockActive) {\n try {\n mockDispatch.call(this, opts, handler)\n } catch (error) {\n if (error instanceof MockNotMatchedError) {\n const netConnect = agent[kGetNetConnect]()\n if (netConnect === false) {\n throw new MockNotMatchedError(`${error.message}: subsequent request to origin ${origin} was not allowed (net.connect disabled)`)\n }\n if (checkNetConnect(netConnect, origin)) {\n originalDispatch.call(this, opts, handler)\n } else {\n throw new MockNotMatchedError(`${error.message}: subsequent request to origin ${origin} was not allowed (net.connect is not enabled for this origin)`)\n }\n } else {\n throw error\n }\n }\n } else {\n originalDispatch.call(this, opts, handler)\n }\n }\n}\n\nfunction checkNetConnect (netConnect, origin) {\n const url = new URL(origin)\n if (netConnect === true) {\n return true\n } else if (Array.isArray(netConnect) && netConnect.some((matcher) => matchValue(matcher, url.host))) {\n return true\n }\n return false\n}\n\nfunction buildMockOptions (opts) {\n if (opts) {\n const { agent, ...mockOptions } = opts\n return mockOptions\n }\n}\n\nmodule.exports = {\n getResponseData,\n getMockDispatch,\n addMockDispatch,\n deleteMockDispatch,\n buildKey,\n generateKeyValues,\n matchValue,\n getResponse,\n getStatusText,\n mockDispatch,\n buildMockDispatch,\n checkNetConnect,\n buildMockOptions,\n getHeaderByName,\n buildHeadersFromArray\n}\n","'use strict'\n\nconst { Transform } = require('node:stream')\nconst { Console } = require('node:console')\n\nconst PERSISTENT = process.versions.icu ? '✅' : 'Y '\nconst NOT_PERSISTENT = process.versions.icu ? '❌' : 'N '\n\n/**\n * Gets the output of `console.table(…)` as a string.\n */\nmodule.exports = class PendingInterceptorsFormatter {\n constructor ({ disableColors } = {}) {\n this.transform = new Transform({\n transform (chunk, _enc, cb) {\n cb(null, chunk)\n }\n })\n\n this.logger = new Console({\n stdout: this.transform,\n inspectOptions: {\n colors: !disableColors && !process.env.CI\n }\n })\n }\n\n format (pendingInterceptors) {\n const withPrettyHeaders = pendingInterceptors.map(\n ({ method, path, data: { statusCode }, persist, times, timesInvoked, origin }) => ({\n Method: method,\n Origin: origin,\n Path: path,\n 'Status code': statusCode,\n Persistent: persist ? PERSISTENT : NOT_PERSISTENT,\n Invocations: timesInvoked,\n Remaining: persist ? Infinity : times - timesInvoked\n }))\n\n this.logger.table(withPrettyHeaders)\n return this.transform.read().toString()\n }\n}\n","'use strict'\n\nconst singulars = {\n pronoun: 'it',\n is: 'is',\n was: 'was',\n this: 'this'\n}\n\nconst plurals = {\n pronoun: 'they',\n is: 'are',\n was: 'were',\n this: 'these'\n}\n\nmodule.exports = class Pluralizer {\n constructor (singular, plural) {\n this.singular = singular\n this.plural = plural\n }\n\n pluralize (count) {\n const one = count === 1\n const keys = one ? singulars : plurals\n const noun = one ? this.singular : this.plural\n return { ...keys, count, noun }\n }\n}\n","'use strict'\n\n/**\n * This module offers an optimized timer implementation designed for scenarios\n * where high precision is not critical.\n *\n * The timer achieves faster performance by using a low-resolution approach,\n * with an accuracy target of within 500ms. This makes it particularly useful\n * for timers with delays of 1 second or more, where exact timing is less\n * crucial.\n *\n * It's important to note that Node.js timers are inherently imprecise, as\n * delays can occur due to the event loop being blocked by other operations.\n * Consequently, timers may trigger later than their scheduled time.\n */\n\n/**\n * The fastNow variable contains the internal fast timer clock value.\n *\n * @type {number}\n */\nlet fastNow = 0\n\n/**\n * RESOLUTION_MS represents the target resolution time in milliseconds.\n *\n * @type {number}\n * @default 1000\n */\nconst RESOLUTION_MS = 1e3\n\n/**\n * TICK_MS defines the desired interval in milliseconds between each tick.\n * The target value is set to half the resolution time, minus 1 ms, to account\n * for potential event loop overhead.\n *\n * @type {number}\n * @default 499\n */\nconst TICK_MS = (RESOLUTION_MS >> 1) - 1\n\n/**\n * fastNowTimeout is a Node.js timer used to manage and process\n * the FastTimers stored in the `fastTimers` array.\n *\n * @type {NodeJS.Timeout}\n */\nlet fastNowTimeout\n\n/**\n * The kFastTimer symbol is used to identify FastTimer instances.\n *\n * @type {Symbol}\n */\nconst kFastTimer = Symbol('kFastTimer')\n\n/**\n * The fastTimers array contains all active FastTimers.\n *\n * @type {FastTimer[]}\n */\nconst fastTimers = []\n\n/**\n * These constants represent the various states of a FastTimer.\n */\n\n/**\n * The `NOT_IN_LIST` constant indicates that the FastTimer is not included\n * in the `fastTimers` array. Timers with this status will not be processed\n * during the next tick by the `onTick` function.\n *\n * A FastTimer can be re-added to the `fastTimers` array by invoking the\n * `refresh` method on the FastTimer instance.\n *\n * @type {-2}\n */\nconst NOT_IN_LIST = -2\n\n/**\n * The `TO_BE_CLEARED` constant indicates that the FastTimer is scheduled\n * for removal from the `fastTimers` array. A FastTimer in this state will\n * be removed in the next tick by the `onTick` function and will no longer\n * be processed.\n *\n * This status is also set when the `clear` method is called on the FastTimer instance.\n *\n * @type {-1}\n */\nconst TO_BE_CLEARED = -1\n\n/**\n * The `PENDING` constant signifies that the FastTimer is awaiting processing\n * in the next tick by the `onTick` function. Timers with this status will have\n * their `_idleStart` value set and their status updated to `ACTIVE` in the next tick.\n *\n * @type {0}\n */\nconst PENDING = 0\n\n/**\n * The `ACTIVE` constant indicates that the FastTimer is active and waiting\n * for its timer to expire. During the next tick, the `onTick` function will\n * check if the timer has expired, and if so, it will execute the associated callback.\n *\n * @type {1}\n */\nconst ACTIVE = 1\n\n/**\n * The onTick function processes the fastTimers array.\n *\n * @returns {void}\n */\nfunction onTick () {\n /**\n * Increment the fastNow value by the TICK_MS value, despite the actual time\n * that has passed since the last tick. This approach ensures independence\n * from the system clock and delays caused by a blocked event loop.\n *\n * @type {number}\n */\n fastNow += TICK_MS\n\n /**\n * The `idx` variable is used to iterate over the `fastTimers` array.\n * Expired timers are removed by replacing them with the last element in the array.\n * Consequently, `idx` is only incremented when the current element is not removed.\n *\n * @type {number}\n */\n let idx = 0\n\n /**\n * The len variable will contain the length of the fastTimers array\n * and will be decremented when a FastTimer should be removed from the\n * fastTimers array.\n *\n * @type {number}\n */\n let len = fastTimers.length\n\n while (idx < len) {\n /**\n * @type {FastTimer}\n */\n const timer = fastTimers[idx]\n\n // If the timer is in the ACTIVE state and the timer has expired, it will\n // be processed in the next tick.\n if (timer._state === PENDING) {\n // Set the _idleStart value to the fastNow value minus the TICK_MS value\n // to account for the time the timer was in the PENDING state.\n timer._idleStart = fastNow - TICK_MS\n timer._state = ACTIVE\n } else if (\n timer._state === ACTIVE &&\n fastNow >= timer._idleStart + timer._idleTimeout\n ) {\n timer._state = TO_BE_CLEARED\n timer._idleStart = -1\n timer._onTimeout(timer._timerArg)\n }\n\n if (timer._state === TO_BE_CLEARED) {\n timer._state = NOT_IN_LIST\n\n // Move the last element to the current index and decrement len if it is\n // not the only element in the array.\n if (--len !== 0) {\n fastTimers[idx] = fastTimers[len]\n }\n } else {\n ++idx\n }\n }\n\n // Set the length of the fastTimers array to the new length and thus\n // removing the excess FastTimers elements from the array.\n fastTimers.length = len\n\n // If there are still active FastTimers in the array, refresh the Timer.\n // If there are no active FastTimers, the timer will be refreshed again\n // when a new FastTimer is instantiated.\n if (fastTimers.length !== 0) {\n refreshTimeout()\n }\n}\n\nfunction refreshTimeout () {\n // If the fastNowTimeout is already set, refresh it.\n if (fastNowTimeout) {\n fastNowTimeout.refresh()\n // fastNowTimeout is not instantiated yet, create a new Timer.\n } else {\n clearTimeout(fastNowTimeout)\n fastNowTimeout = setTimeout(onTick, TICK_MS)\n\n // If the Timer has an unref method, call it to allow the process to exit if\n // there are no other active handles.\n if (fastNowTimeout.unref) {\n fastNowTimeout.unref()\n }\n }\n}\n\n/**\n * The `FastTimer` class is a data structure designed to store and manage\n * timer information.\n */\nclass FastTimer {\n [kFastTimer] = true\n\n /**\n * The state of the timer, which can be one of the following:\n * - NOT_IN_LIST (-2)\n * - TO_BE_CLEARED (-1)\n * - PENDING (0)\n * - ACTIVE (1)\n *\n * @type {-2|-1|0|1}\n * @private\n */\n _state = NOT_IN_LIST\n\n /**\n * The number of milliseconds to wait before calling the callback.\n *\n * @type {number}\n * @private\n */\n _idleTimeout = -1\n\n /**\n * The time in milliseconds when the timer was started. This value is used to\n * calculate when the timer should expire.\n *\n * @type {number}\n * @default -1\n * @private\n */\n _idleStart = -1\n\n /**\n * The function to be executed when the timer expires.\n * @type {Function}\n * @private\n */\n _onTimeout\n\n /**\n * The argument to be passed to the callback when the timer expires.\n *\n * @type {*}\n * @private\n */\n _timerArg\n\n /**\n * @constructor\n * @param {Function} callback A function to be executed after the timer\n * expires.\n * @param {number} delay The time, in milliseconds that the timer should wait\n * before the specified function or code is executed.\n * @param {*} arg\n */\n constructor (callback, delay, arg) {\n this._onTimeout = callback\n this._idleTimeout = delay\n this._timerArg = arg\n\n this.refresh()\n }\n\n /**\n * Sets the timer's start time to the current time, and reschedules the timer\n * to call its callback at the previously specified duration adjusted to the\n * current time.\n * Using this on a timer that has already called its callback will reactivate\n * the timer.\n *\n * @returns {void}\n */\n refresh () {\n // In the special case that the timer is not in the list of active timers,\n // add it back to the array to be processed in the next tick by the onTick\n // function.\n if (this._state === NOT_IN_LIST) {\n fastTimers.push(this)\n }\n\n // If the timer is the only active timer, refresh the fastNowTimeout for\n // better resolution.\n if (!fastNowTimeout || fastTimers.length === 1) {\n refreshTimeout()\n }\n\n // Setting the state to PENDING will cause the timer to be reset in the\n // next tick by the onTick function.\n this._state = PENDING\n }\n\n /**\n * The `clear` method cancels the timer, preventing it from executing.\n *\n * @returns {void}\n * @private\n */\n clear () {\n // Set the state to TO_BE_CLEARED to mark the timer for removal in the next\n // tick by the onTick function.\n this._state = TO_BE_CLEARED\n\n // Reset the _idleStart value to -1 to indicate that the timer is no longer\n // active.\n this._idleStart = -1\n }\n}\n\n/**\n * This module exports a setTimeout and clearTimeout function that can be\n * used as a drop-in replacement for the native functions.\n */\nmodule.exports = {\n /**\n * The setTimeout() method sets a timer which executes a function once the\n * timer expires.\n * @param {Function} callback A function to be executed after the timer\n * expires.\n * @param {number} delay The time, in milliseconds that the timer should\n * wait before the specified function or code is executed.\n * @param {*} [arg] An optional argument to be passed to the callback function\n * when the timer expires.\n * @returns {NodeJS.Timeout|FastTimer}\n */\n setTimeout (callback, delay, arg) {\n // If the delay is less than or equal to the RESOLUTION_MS value return a\n // native Node.js Timer instance.\n return delay <= RESOLUTION_MS\n ? setTimeout(callback, delay, arg)\n : new FastTimer(callback, delay, arg)\n },\n /**\n * The clearTimeout method cancels an instantiated Timer previously created\n * by calling setTimeout.\n *\n * @param {NodeJS.Timeout|FastTimer} timeout\n */\n clearTimeout (timeout) {\n // If the timeout is a FastTimer, call its own clear method.\n if (timeout[kFastTimer]) {\n /**\n * @type {FastTimer}\n */\n timeout.clear()\n // Otherwise it is an instance of a native NodeJS.Timeout, so call the\n // Node.js native clearTimeout function.\n } else {\n clearTimeout(timeout)\n }\n },\n /**\n * The setFastTimeout() method sets a fastTimer which executes a function once\n * the timer expires.\n * @param {Function} callback A function to be executed after the timer\n * expires.\n * @param {number} delay The time, in milliseconds that the timer should\n * wait before the specified function or code is executed.\n * @param {*} [arg] An optional argument to be passed to the callback function\n * when the timer expires.\n * @returns {FastTimer}\n */\n setFastTimeout (callback, delay, arg) {\n return new FastTimer(callback, delay, arg)\n },\n /**\n * The clearTimeout method cancels an instantiated FastTimer previously\n * created by calling setFastTimeout.\n *\n * @param {FastTimer} timeout\n */\n clearFastTimeout (timeout) {\n timeout.clear()\n },\n /**\n * The now method returns the value of the internal fast timer clock.\n *\n * @returns {number}\n */\n now () {\n return fastNow\n },\n /**\n * Trigger the onTick function to process the fastTimers array.\n * Exported for testing purposes only.\n * Marking as deprecated to discourage any use outside of testing.\n * @deprecated\n * @param {number} [delay=0] The delay in milliseconds to add to the now value.\n */\n tick (delay = 0) {\n fastNow += delay - RESOLUTION_MS + 1\n onTick()\n onTick()\n },\n /**\n * Reset FastTimers.\n * Exported for testing purposes only.\n * Marking as deprecated to discourage any use outside of testing.\n * @deprecated\n */\n reset () {\n fastNow = 0\n fastTimers.length = 0\n clearTimeout(fastNowTimeout)\n fastNowTimeout = null\n },\n /**\n * Exporting for testing purposes only.\n * Marking as deprecated to discourage any use outside of testing.\n * @deprecated\n */\n kFastTimer\n}\n","'use strict'\n\nconst { kConstruct } = require('./symbols')\nconst { urlEquals, getFieldValues } = require('./util')\nconst { kEnumerableProperty, isDisturbed } = require('../../core/util')\nconst { webidl } = require('../fetch/webidl')\nconst { Response, cloneResponse, fromInnerResponse } = require('../fetch/response')\nconst { Request, fromInnerRequest } = require('../fetch/request')\nconst { kState } = require('../fetch/symbols')\nconst { fetching } = require('../fetch/index')\nconst { urlIsHttpHttpsScheme, createDeferredPromise, readAllBytes } = require('../fetch/util')\nconst assert = require('node:assert')\n\n/**\n * @see https://w3c.github.io/ServiceWorker/#dfn-cache-batch-operation\n * @typedef {Object} CacheBatchOperation\n * @property {'delete' | 'put'} type\n * @property {any} request\n * @property {any} response\n * @property {import('../../types/cache').CacheQueryOptions} options\n */\n\n/**\n * @see https://w3c.github.io/ServiceWorker/#dfn-request-response-list\n * @typedef {[any, any][]} requestResponseList\n */\n\nclass Cache {\n /**\n * @see https://w3c.github.io/ServiceWorker/#dfn-relevant-request-response-list\n * @type {requestResponseList}\n */\n #relevantRequestResponseList\n\n constructor () {\n if (arguments[0] !== kConstruct) {\n webidl.illegalConstructor()\n }\n\n webidl.util.markAsUncloneable(this)\n this.#relevantRequestResponseList = arguments[1]\n }\n\n async match (request, options = {}) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.match'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n request = webidl.converters.RequestInfo(request, prefix, 'request')\n options = webidl.converters.CacheQueryOptions(options, prefix, 'options')\n\n const p = this.#internalMatchAll(request, options, 1)\n\n if (p.length === 0) {\n return\n }\n\n return p[0]\n }\n\n async matchAll (request = undefined, options = {}) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.matchAll'\n if (request !== undefined) request = webidl.converters.RequestInfo(request, prefix, 'request')\n options = webidl.converters.CacheQueryOptions(options, prefix, 'options')\n\n return this.#internalMatchAll(request, options)\n }\n\n async add (request) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.add'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n request = webidl.converters.RequestInfo(request, prefix, 'request')\n\n // 1.\n const requests = [request]\n\n // 2.\n const responseArrayPromise = this.addAll(requests)\n\n // 3.\n return await responseArrayPromise\n }\n\n async addAll (requests) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.addAll'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n // 1.\n const responsePromises = []\n\n // 2.\n const requestList = []\n\n // 3.\n for (let request of requests) {\n if (request === undefined) {\n throw webidl.errors.conversionFailed({\n prefix,\n argument: 'Argument 1',\n types: ['undefined is not allowed']\n })\n }\n\n request = webidl.converters.RequestInfo(request)\n\n if (typeof request === 'string') {\n continue\n }\n\n // 3.1\n const r = request[kState]\n\n // 3.2\n if (!urlIsHttpHttpsScheme(r.url) || r.method !== 'GET') {\n throw webidl.errors.exception({\n header: prefix,\n message: 'Expected http/s scheme when method is not GET.'\n })\n }\n }\n\n // 4.\n /** @type {ReturnType[]} */\n const fetchControllers = []\n\n // 5.\n for (const request of requests) {\n // 5.1\n const r = new Request(request)[kState]\n\n // 5.2\n if (!urlIsHttpHttpsScheme(r.url)) {\n throw webidl.errors.exception({\n header: prefix,\n message: 'Expected http/s scheme.'\n })\n }\n\n // 5.4\n r.initiator = 'fetch'\n r.destination = 'subresource'\n\n // 5.5\n requestList.push(r)\n\n // 5.6\n const responsePromise = createDeferredPromise()\n\n // 5.7\n fetchControllers.push(fetching({\n request: r,\n processResponse (response) {\n // 1.\n if (response.type === 'error' || response.status === 206 || response.status < 200 || response.status > 299) {\n responsePromise.reject(webidl.errors.exception({\n header: 'Cache.addAll',\n message: 'Received an invalid status code or the request failed.'\n }))\n } else if (response.headersList.contains('vary')) { // 2.\n // 2.1\n const fieldValues = getFieldValues(response.headersList.get('vary'))\n\n // 2.2\n for (const fieldValue of fieldValues) {\n // 2.2.1\n if (fieldValue === '*') {\n responsePromise.reject(webidl.errors.exception({\n header: 'Cache.addAll',\n message: 'invalid vary field value'\n }))\n\n for (const controller of fetchControllers) {\n controller.abort()\n }\n\n return\n }\n }\n }\n },\n processResponseEndOfBody (response) {\n // 1.\n if (response.aborted) {\n responsePromise.reject(new DOMException('aborted', 'AbortError'))\n return\n }\n\n // 2.\n responsePromise.resolve(response)\n }\n }))\n\n // 5.8\n responsePromises.push(responsePromise.promise)\n }\n\n // 6.\n const p = Promise.all(responsePromises)\n\n // 7.\n const responses = await p\n\n // 7.1\n const operations = []\n\n // 7.2\n let index = 0\n\n // 7.3\n for (const response of responses) {\n // 7.3.1\n /** @type {CacheBatchOperation} */\n const operation = {\n type: 'put', // 7.3.2\n request: requestList[index], // 7.3.3\n response // 7.3.4\n }\n\n operations.push(operation) // 7.3.5\n\n index++ // 7.3.6\n }\n\n // 7.5\n const cacheJobPromise = createDeferredPromise()\n\n // 7.6.1\n let errorData = null\n\n // 7.6.2\n try {\n this.#batchCacheOperations(operations)\n } catch (e) {\n errorData = e\n }\n\n // 7.6.3\n queueMicrotask(() => {\n // 7.6.3.1\n if (errorData === null) {\n cacheJobPromise.resolve(undefined)\n } else {\n // 7.6.3.2\n cacheJobPromise.reject(errorData)\n }\n })\n\n // 7.7\n return cacheJobPromise.promise\n }\n\n async put (request, response) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.put'\n webidl.argumentLengthCheck(arguments, 2, prefix)\n\n request = webidl.converters.RequestInfo(request, prefix, 'request')\n response = webidl.converters.Response(response, prefix, 'response')\n\n // 1.\n let innerRequest = null\n\n // 2.\n if (request instanceof Request) {\n innerRequest = request[kState]\n } else { // 3.\n innerRequest = new Request(request)[kState]\n }\n\n // 4.\n if (!urlIsHttpHttpsScheme(innerRequest.url) || innerRequest.method !== 'GET') {\n throw webidl.errors.exception({\n header: prefix,\n message: 'Expected an http/s scheme when method is not GET'\n })\n }\n\n // 5.\n const innerResponse = response[kState]\n\n // 6.\n if (innerResponse.status === 206) {\n throw webidl.errors.exception({\n header: prefix,\n message: 'Got 206 status'\n })\n }\n\n // 7.\n if (innerResponse.headersList.contains('vary')) {\n // 7.1.\n const fieldValues = getFieldValues(innerResponse.headersList.get('vary'))\n\n // 7.2.\n for (const fieldValue of fieldValues) {\n // 7.2.1\n if (fieldValue === '*') {\n throw webidl.errors.exception({\n header: prefix,\n message: 'Got * vary field value'\n })\n }\n }\n }\n\n // 8.\n if (innerResponse.body && (isDisturbed(innerResponse.body.stream) || innerResponse.body.stream.locked)) {\n throw webidl.errors.exception({\n header: prefix,\n message: 'Response body is locked or disturbed'\n })\n }\n\n // 9.\n const clonedResponse = cloneResponse(innerResponse)\n\n // 10.\n const bodyReadPromise = createDeferredPromise()\n\n // 11.\n if (innerResponse.body != null) {\n // 11.1\n const stream = innerResponse.body.stream\n\n // 11.2\n const reader = stream.getReader()\n\n // 11.3\n readAllBytes(reader).then(bodyReadPromise.resolve, bodyReadPromise.reject)\n } else {\n bodyReadPromise.resolve(undefined)\n }\n\n // 12.\n /** @type {CacheBatchOperation[]} */\n const operations = []\n\n // 13.\n /** @type {CacheBatchOperation} */\n const operation = {\n type: 'put', // 14.\n request: innerRequest, // 15.\n response: clonedResponse // 16.\n }\n\n // 17.\n operations.push(operation)\n\n // 19.\n const bytes = await bodyReadPromise.promise\n\n if (clonedResponse.body != null) {\n clonedResponse.body.source = bytes\n }\n\n // 19.1\n const cacheJobPromise = createDeferredPromise()\n\n // 19.2.1\n let errorData = null\n\n // 19.2.2\n try {\n this.#batchCacheOperations(operations)\n } catch (e) {\n errorData = e\n }\n\n // 19.2.3\n queueMicrotask(() => {\n // 19.2.3.1\n if (errorData === null) {\n cacheJobPromise.resolve()\n } else { // 19.2.3.2\n cacheJobPromise.reject(errorData)\n }\n })\n\n return cacheJobPromise.promise\n }\n\n async delete (request, options = {}) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.delete'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n request = webidl.converters.RequestInfo(request, prefix, 'request')\n options = webidl.converters.CacheQueryOptions(options, prefix, 'options')\n\n /**\n * @type {Request}\n */\n let r = null\n\n if (request instanceof Request) {\n r = request[kState]\n\n if (r.method !== 'GET' && !options.ignoreMethod) {\n return false\n }\n } else {\n assert(typeof request === 'string')\n\n r = new Request(request)[kState]\n }\n\n /** @type {CacheBatchOperation[]} */\n const operations = []\n\n /** @type {CacheBatchOperation} */\n const operation = {\n type: 'delete',\n request: r,\n options\n }\n\n operations.push(operation)\n\n const cacheJobPromise = createDeferredPromise()\n\n let errorData = null\n let requestResponses\n\n try {\n requestResponses = this.#batchCacheOperations(operations)\n } catch (e) {\n errorData = e\n }\n\n queueMicrotask(() => {\n if (errorData === null) {\n cacheJobPromise.resolve(!!requestResponses?.length)\n } else {\n cacheJobPromise.reject(errorData)\n }\n })\n\n return cacheJobPromise.promise\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#dom-cache-keys\n * @param {any} request\n * @param {import('../../types/cache').CacheQueryOptions} options\n * @returns {Promise}\n */\n async keys (request = undefined, options = {}) {\n webidl.brandCheck(this, Cache)\n\n const prefix = 'Cache.keys'\n\n if (request !== undefined) request = webidl.converters.RequestInfo(request, prefix, 'request')\n options = webidl.converters.CacheQueryOptions(options, prefix, 'options')\n\n // 1.\n let r = null\n\n // 2.\n if (request !== undefined) {\n // 2.1\n if (request instanceof Request) {\n // 2.1.1\n r = request[kState]\n\n // 2.1.2\n if (r.method !== 'GET' && !options.ignoreMethod) {\n return []\n }\n } else if (typeof request === 'string') { // 2.2\n r = new Request(request)[kState]\n }\n }\n\n // 4.\n const promise = createDeferredPromise()\n\n // 5.\n // 5.1\n const requests = []\n\n // 5.2\n if (request === undefined) {\n // 5.2.1\n for (const requestResponse of this.#relevantRequestResponseList) {\n // 5.2.1.1\n requests.push(requestResponse[0])\n }\n } else { // 5.3\n // 5.3.1\n const requestResponses = this.#queryCache(r, options)\n\n // 5.3.2\n for (const requestResponse of requestResponses) {\n // 5.3.2.1\n requests.push(requestResponse[0])\n }\n }\n\n // 5.4\n queueMicrotask(() => {\n // 5.4.1\n const requestList = []\n\n // 5.4.2\n for (const request of requests) {\n const requestObject = fromInnerRequest(\n request,\n new AbortController().signal,\n 'immutable'\n )\n // 5.4.2.1\n requestList.push(requestObject)\n }\n\n // 5.4.3\n promise.resolve(Object.freeze(requestList))\n })\n\n return promise.promise\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#batch-cache-operations-algorithm\n * @param {CacheBatchOperation[]} operations\n * @returns {requestResponseList}\n */\n #batchCacheOperations (operations) {\n // 1.\n const cache = this.#relevantRequestResponseList\n\n // 2.\n const backupCache = [...cache]\n\n // 3.\n const addedItems = []\n\n // 4.1\n const resultList = []\n\n try {\n // 4.2\n for (const operation of operations) {\n // 4.2.1\n if (operation.type !== 'delete' && operation.type !== 'put') {\n throw webidl.errors.exception({\n header: 'Cache.#batchCacheOperations',\n message: 'operation type does not match \"delete\" or \"put\"'\n })\n }\n\n // 4.2.2\n if (operation.type === 'delete' && operation.response != null) {\n throw webidl.errors.exception({\n header: 'Cache.#batchCacheOperations',\n message: 'delete operation should not have an associated response'\n })\n }\n\n // 4.2.3\n if (this.#queryCache(operation.request, operation.options, addedItems).length) {\n throw new DOMException('???', 'InvalidStateError')\n }\n\n // 4.2.4\n let requestResponses\n\n // 4.2.5\n if (operation.type === 'delete') {\n // 4.2.5.1\n requestResponses = this.#queryCache(operation.request, operation.options)\n\n // TODO: the spec is wrong, this is needed to pass WPTs\n if (requestResponses.length === 0) {\n return []\n }\n\n // 4.2.5.2\n for (const requestResponse of requestResponses) {\n const idx = cache.indexOf(requestResponse)\n assert(idx !== -1)\n\n // 4.2.5.2.1\n cache.splice(idx, 1)\n }\n } else if (operation.type === 'put') { // 4.2.6\n // 4.2.6.1\n if (operation.response == null) {\n throw webidl.errors.exception({\n header: 'Cache.#batchCacheOperations',\n message: 'put operation should have an associated response'\n })\n }\n\n // 4.2.6.2\n const r = operation.request\n\n // 4.2.6.3\n if (!urlIsHttpHttpsScheme(r.url)) {\n throw webidl.errors.exception({\n header: 'Cache.#batchCacheOperations',\n message: 'expected http or https scheme'\n })\n }\n\n // 4.2.6.4\n if (r.method !== 'GET') {\n throw webidl.errors.exception({\n header: 'Cache.#batchCacheOperations',\n message: 'not get method'\n })\n }\n\n // 4.2.6.5\n if (operation.options != null) {\n throw webidl.errors.exception({\n header: 'Cache.#batchCacheOperations',\n message: 'options must not be defined'\n })\n }\n\n // 4.2.6.6\n requestResponses = this.#queryCache(operation.request)\n\n // 4.2.6.7\n for (const requestResponse of requestResponses) {\n const idx = cache.indexOf(requestResponse)\n assert(idx !== -1)\n\n // 4.2.6.7.1\n cache.splice(idx, 1)\n }\n\n // 4.2.6.8\n cache.push([operation.request, operation.response])\n\n // 4.2.6.10\n addedItems.push([operation.request, operation.response])\n }\n\n // 4.2.7\n resultList.push([operation.request, operation.response])\n }\n\n // 4.3\n return resultList\n } catch (e) { // 5.\n // 5.1\n this.#relevantRequestResponseList.length = 0\n\n // 5.2\n this.#relevantRequestResponseList = backupCache\n\n // 5.3\n throw e\n }\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#query-cache\n * @param {any} requestQuery\n * @param {import('../../types/cache').CacheQueryOptions} options\n * @param {requestResponseList} targetStorage\n * @returns {requestResponseList}\n */\n #queryCache (requestQuery, options, targetStorage) {\n /** @type {requestResponseList} */\n const resultList = []\n\n const storage = targetStorage ?? this.#relevantRequestResponseList\n\n for (const requestResponse of storage) {\n const [cachedRequest, cachedResponse] = requestResponse\n if (this.#requestMatchesCachedItem(requestQuery, cachedRequest, cachedResponse, options)) {\n resultList.push(requestResponse)\n }\n }\n\n return resultList\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#request-matches-cached-item-algorithm\n * @param {any} requestQuery\n * @param {any} request\n * @param {any | null} response\n * @param {import('../../types/cache').CacheQueryOptions | undefined} options\n * @returns {boolean}\n */\n #requestMatchesCachedItem (requestQuery, request, response = null, options) {\n // if (options?.ignoreMethod === false && request.method === 'GET') {\n // return false\n // }\n\n const queryURL = new URL(requestQuery.url)\n\n const cachedURL = new URL(request.url)\n\n if (options?.ignoreSearch) {\n cachedURL.search = ''\n\n queryURL.search = ''\n }\n\n if (!urlEquals(queryURL, cachedURL, true)) {\n return false\n }\n\n if (\n response == null ||\n options?.ignoreVary ||\n !response.headersList.contains('vary')\n ) {\n return true\n }\n\n const fieldValues = getFieldValues(response.headersList.get('vary'))\n\n for (const fieldValue of fieldValues) {\n if (fieldValue === '*') {\n return false\n }\n\n const requestValue = request.headersList.get(fieldValue)\n const queryValue = requestQuery.headersList.get(fieldValue)\n\n // If one has the header and the other doesn't, or one has\n // a different value than the other, return false\n if (requestValue !== queryValue) {\n return false\n }\n }\n\n return true\n }\n\n #internalMatchAll (request, options, maxResponses = Infinity) {\n // 1.\n let r = null\n\n // 2.\n if (request !== undefined) {\n if (request instanceof Request) {\n // 2.1.1\n r = request[kState]\n\n // 2.1.2\n if (r.method !== 'GET' && !options.ignoreMethod) {\n return []\n }\n } else if (typeof request === 'string') {\n // 2.2.1\n r = new Request(request)[kState]\n }\n }\n\n // 5.\n // 5.1\n const responses = []\n\n // 5.2\n if (request === undefined) {\n // 5.2.1\n for (const requestResponse of this.#relevantRequestResponseList) {\n responses.push(requestResponse[1])\n }\n } else { // 5.3\n // 5.3.1\n const requestResponses = this.#queryCache(r, options)\n\n // 5.3.2\n for (const requestResponse of requestResponses) {\n responses.push(requestResponse[1])\n }\n }\n\n // 5.4\n // We don't implement CORs so we don't need to loop over the responses, yay!\n\n // 5.5.1\n const responseList = []\n\n // 5.5.2\n for (const response of responses) {\n // 5.5.2.1\n const responseObject = fromInnerResponse(response, 'immutable')\n\n responseList.push(responseObject.clone())\n\n if (responseList.length >= maxResponses) {\n break\n }\n }\n\n // 6.\n return Object.freeze(responseList)\n }\n}\n\nObject.defineProperties(Cache.prototype, {\n [Symbol.toStringTag]: {\n value: 'Cache',\n configurable: true\n },\n match: kEnumerableProperty,\n matchAll: kEnumerableProperty,\n add: kEnumerableProperty,\n addAll: kEnumerableProperty,\n put: kEnumerableProperty,\n delete: kEnumerableProperty,\n keys: kEnumerableProperty\n})\n\nconst cacheQueryOptionConverters = [\n {\n key: 'ignoreSearch',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'ignoreMethod',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'ignoreVary',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n }\n]\n\nwebidl.converters.CacheQueryOptions = webidl.dictionaryConverter(cacheQueryOptionConverters)\n\nwebidl.converters.MultiCacheQueryOptions = webidl.dictionaryConverter([\n ...cacheQueryOptionConverters,\n {\n key: 'cacheName',\n converter: webidl.converters.DOMString\n }\n])\n\nwebidl.converters.Response = webidl.interfaceConverter(Response)\n\nwebidl.converters['sequence'] = webidl.sequenceConverter(\n webidl.converters.RequestInfo\n)\n\nmodule.exports = {\n Cache\n}\n","'use strict'\n\nconst { kConstruct } = require('./symbols')\nconst { Cache } = require('./cache')\nconst { webidl } = require('../fetch/webidl')\nconst { kEnumerableProperty } = require('../../core/util')\n\nclass CacheStorage {\n /**\n * @see https://w3c.github.io/ServiceWorker/#dfn-relevant-name-to-cache-map\n * @type {Map}\n */\n async has (cacheName) {\n webidl.brandCheck(this, CacheStorage)\n\n const prefix = 'CacheStorage.has'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n cacheName = webidl.converters.DOMString(cacheName, prefix, 'cacheName')\n\n // 2.1.1\n // 2.2\n return this.#caches.has(cacheName)\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#dom-cachestorage-open\n * @param {string} cacheName\n * @returns {Promise}\n */\n async open (cacheName) {\n webidl.brandCheck(this, CacheStorage)\n\n const prefix = 'CacheStorage.open'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n cacheName = webidl.converters.DOMString(cacheName, prefix, 'cacheName')\n\n // 2.1\n if (this.#caches.has(cacheName)) {\n // await caches.open('v1') !== await caches.open('v1')\n\n // 2.1.1\n const cache = this.#caches.get(cacheName)\n\n // 2.1.1.1\n return new Cache(kConstruct, cache)\n }\n\n // 2.2\n const cache = []\n\n // 2.3\n this.#caches.set(cacheName, cache)\n\n // 2.4\n return new Cache(kConstruct, cache)\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#cache-storage-delete\n * @param {string} cacheName\n * @returns {Promise}\n */\n async delete (cacheName) {\n webidl.brandCheck(this, CacheStorage)\n\n const prefix = 'CacheStorage.delete'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n cacheName = webidl.converters.DOMString(cacheName, prefix, 'cacheName')\n\n return this.#caches.delete(cacheName)\n }\n\n /**\n * @see https://w3c.github.io/ServiceWorker/#cache-storage-keys\n * @returns {Promise}\n */\n async keys () {\n webidl.brandCheck(this, CacheStorage)\n\n // 2.1\n const keys = this.#caches.keys()\n\n // 2.2\n return [...keys]\n }\n}\n\nObject.defineProperties(CacheStorage.prototype, {\n [Symbol.toStringTag]: {\n value: 'CacheStorage',\n configurable: true\n },\n match: kEnumerableProperty,\n has: kEnumerableProperty,\n open: kEnumerableProperty,\n delete: kEnumerableProperty,\n keys: kEnumerableProperty\n})\n\nmodule.exports = {\n CacheStorage\n}\n","'use strict'\n\nmodule.exports = {\n kConstruct: require('../../core/symbols').kConstruct\n}\n","'use strict'\n\nconst assert = require('node:assert')\nconst { URLSerializer } = require('../fetch/data-url')\nconst { isValidHeaderName } = require('../fetch/util')\n\n/**\n * @see https://url.spec.whatwg.org/#concept-url-equals\n * @param {URL} A\n * @param {URL} B\n * @param {boolean | undefined} excludeFragment\n * @returns {boolean}\n */\nfunction urlEquals (A, B, excludeFragment = false) {\n const serializedA = URLSerializer(A, excludeFragment)\n\n const serializedB = URLSerializer(B, excludeFragment)\n\n return serializedA === serializedB\n}\n\n/**\n * @see https://github.com/chromium/chromium/blob/694d20d134cb553d8d89e5500b9148012b1ba299/content/browser/cache_storage/cache_storage_cache.cc#L260-L262\n * @param {string} header\n */\nfunction getFieldValues (header) {\n assert(header !== null)\n\n const values = []\n\n for (let value of header.split(',')) {\n value = value.trim()\n\n if (isValidHeaderName(value)) {\n values.push(value)\n }\n }\n\n return values\n}\n\nmodule.exports = {\n urlEquals,\n getFieldValues\n}\n","'use strict'\n\n// https://wicg.github.io/cookie-store/#cookie-maximum-attribute-value-size\nconst maxAttributeValueSize = 1024\n\n// https://wicg.github.io/cookie-store/#cookie-maximum-name-value-pair-size\nconst maxNameValuePairSize = 4096\n\nmodule.exports = {\n maxAttributeValueSize,\n maxNameValuePairSize\n}\n","'use strict'\n\nconst { parseSetCookie } = require('./parse')\nconst { stringify } = require('./util')\nconst { webidl } = require('../fetch/webidl')\nconst { Headers } = require('../fetch/headers')\n\n/**\n * @typedef {Object} Cookie\n * @property {string} name\n * @property {string} value\n * @property {Date|number|undefined} expires\n * @property {number|undefined} maxAge\n * @property {string|undefined} domain\n * @property {string|undefined} path\n * @property {boolean|undefined} secure\n * @property {boolean|undefined} httpOnly\n * @property {'Strict'|'Lax'|'None'} sameSite\n * @property {string[]} unparsed\n */\n\n/**\n * @param {Headers} headers\n * @returns {Record}\n */\nfunction getCookies (headers) {\n webidl.argumentLengthCheck(arguments, 1, 'getCookies')\n\n webidl.brandCheck(headers, Headers, { strict: false })\n\n const cookie = headers.get('cookie')\n const out = {}\n\n if (!cookie) {\n return out\n }\n\n for (const piece of cookie.split(';')) {\n const [name, ...value] = piece.split('=')\n\n out[name.trim()] = value.join('=')\n }\n\n return out\n}\n\n/**\n * @param {Headers} headers\n * @param {string} name\n * @param {{ path?: string, domain?: string }|undefined} attributes\n * @returns {void}\n */\nfunction deleteCookie (headers, name, attributes) {\n webidl.brandCheck(headers, Headers, { strict: false })\n\n const prefix = 'deleteCookie'\n webidl.argumentLengthCheck(arguments, 2, prefix)\n\n name = webidl.converters.DOMString(name, prefix, 'name')\n attributes = webidl.converters.DeleteCookieAttributes(attributes)\n\n // Matches behavior of\n // https://github.com/denoland/deno_std/blob/63827b16330b82489a04614027c33b7904e08be5/http/cookie.ts#L278\n setCookie(headers, {\n name,\n value: '',\n expires: new Date(0),\n ...attributes\n })\n}\n\n/**\n * @param {Headers} headers\n * @returns {Cookie[]}\n */\nfunction getSetCookies (headers) {\n webidl.argumentLengthCheck(arguments, 1, 'getSetCookies')\n\n webidl.brandCheck(headers, Headers, { strict: false })\n\n const cookies = headers.getSetCookie()\n\n if (!cookies) {\n return []\n }\n\n return cookies.map((pair) => parseSetCookie(pair))\n}\n\n/**\n * @param {Headers} headers\n * @param {Cookie} cookie\n * @returns {void}\n */\nfunction setCookie (headers, cookie) {\n webidl.argumentLengthCheck(arguments, 2, 'setCookie')\n\n webidl.brandCheck(headers, Headers, { strict: false })\n\n cookie = webidl.converters.Cookie(cookie)\n\n const str = stringify(cookie)\n\n if (str) {\n headers.append('Set-Cookie', str)\n }\n}\n\nwebidl.converters.DeleteCookieAttributes = webidl.dictionaryConverter([\n {\n converter: webidl.nullableConverter(webidl.converters.DOMString),\n key: 'path',\n defaultValue: () => null\n },\n {\n converter: webidl.nullableConverter(webidl.converters.DOMString),\n key: 'domain',\n defaultValue: () => null\n }\n])\n\nwebidl.converters.Cookie = webidl.dictionaryConverter([\n {\n converter: webidl.converters.DOMString,\n key: 'name'\n },\n {\n converter: webidl.converters.DOMString,\n key: 'value'\n },\n {\n converter: webidl.nullableConverter((value) => {\n if (typeof value === 'number') {\n return webidl.converters['unsigned long long'](value)\n }\n\n return new Date(value)\n }),\n key: 'expires',\n defaultValue: () => null\n },\n {\n converter: webidl.nullableConverter(webidl.converters['long long']),\n key: 'maxAge',\n defaultValue: () => null\n },\n {\n converter: webidl.nullableConverter(webidl.converters.DOMString),\n key: 'domain',\n defaultValue: () => null\n },\n {\n converter: webidl.nullableConverter(webidl.converters.DOMString),\n key: 'path',\n defaultValue: () => null\n },\n {\n converter: webidl.nullableConverter(webidl.converters.boolean),\n key: 'secure',\n defaultValue: () => null\n },\n {\n converter: webidl.nullableConverter(webidl.converters.boolean),\n key: 'httpOnly',\n defaultValue: () => null\n },\n {\n converter: webidl.converters.USVString,\n key: 'sameSite',\n allowedValues: ['Strict', 'Lax', 'None']\n },\n {\n converter: webidl.sequenceConverter(webidl.converters.DOMString),\n key: 'unparsed',\n defaultValue: () => new Array(0)\n }\n])\n\nmodule.exports = {\n getCookies,\n deleteCookie,\n getSetCookies,\n setCookie\n}\n","'use strict'\n\nconst { maxNameValuePairSize, maxAttributeValueSize } = require('./constants')\nconst { isCTLExcludingHtab } = require('./util')\nconst { collectASequenceOfCodePointsFast } = require('../fetch/data-url')\nconst assert = require('node:assert')\n\n/**\n * @description Parses the field-value attributes of a set-cookie header string.\n * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4\n * @param {string} header\n * @returns if the header is invalid, null will be returned\n */\nfunction parseSetCookie (header) {\n // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F\n // character (CTL characters excluding HTAB): Abort these steps and\n // ignore the set-cookie-string entirely.\n if (isCTLExcludingHtab(header)) {\n return null\n }\n\n let nameValuePair = ''\n let unparsedAttributes = ''\n let name = ''\n let value = ''\n\n // 2. If the set-cookie-string contains a %x3B (\";\") character:\n if (header.includes(';')) {\n // 1. The name-value-pair string consists of the characters up to,\n // but not including, the first %x3B (\";\"), and the unparsed-\n // attributes consist of the remainder of the set-cookie-string\n // (including the %x3B (\";\") in question).\n const position = { position: 0 }\n\n nameValuePair = collectASequenceOfCodePointsFast(';', header, position)\n unparsedAttributes = header.slice(position.position)\n } else {\n // Otherwise:\n\n // 1. The name-value-pair string consists of all the characters\n // contained in the set-cookie-string, and the unparsed-\n // attributes is the empty string.\n nameValuePair = header\n }\n\n // 3. If the name-value-pair string lacks a %x3D (\"=\") character, then\n // the name string is empty, and the value string is the value of\n // name-value-pair.\n if (!nameValuePair.includes('=')) {\n value = nameValuePair\n } else {\n // Otherwise, the name string consists of the characters up to, but\n // not including, the first %x3D (\"=\") character, and the (possibly\n // empty) value string consists of the characters after the first\n // %x3D (\"=\") character.\n const position = { position: 0 }\n name = collectASequenceOfCodePointsFast(\n '=',\n nameValuePair,\n position\n )\n value = nameValuePair.slice(position.position + 1)\n }\n\n // 4. Remove any leading or trailing WSP characters from the name\n // string and the value string.\n name = name.trim()\n value = value.trim()\n\n // 5. If the sum of the lengths of the name string and the value string\n // is more than 4096 octets, abort these steps and ignore the set-\n // cookie-string entirely.\n if (name.length + value.length > maxNameValuePairSize) {\n return null\n }\n\n // 6. The cookie-name is the name string, and the cookie-value is the\n // value string.\n return {\n name, value, ...parseUnparsedAttributes(unparsedAttributes)\n }\n}\n\n/**\n * Parses the remaining attributes of a set-cookie header\n * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4\n * @param {string} unparsedAttributes\n * @param {[Object.]={}} cookieAttributeList\n */\nfunction parseUnparsedAttributes (unparsedAttributes, cookieAttributeList = {}) {\n // 1. If the unparsed-attributes string is empty, skip the rest of\n // these steps.\n if (unparsedAttributes.length === 0) {\n return cookieAttributeList\n }\n\n // 2. Discard the first character of the unparsed-attributes (which\n // will be a %x3B (\";\") character).\n assert(unparsedAttributes[0] === ';')\n unparsedAttributes = unparsedAttributes.slice(1)\n\n let cookieAv = ''\n\n // 3. If the remaining unparsed-attributes contains a %x3B (\";\")\n // character:\n if (unparsedAttributes.includes(';')) {\n // 1. Consume the characters of the unparsed-attributes up to, but\n // not including, the first %x3B (\";\") character.\n cookieAv = collectASequenceOfCodePointsFast(\n ';',\n unparsedAttributes,\n { position: 0 }\n )\n unparsedAttributes = unparsedAttributes.slice(cookieAv.length)\n } else {\n // Otherwise:\n\n // 1. Consume the remainder of the unparsed-attributes.\n cookieAv = unparsedAttributes\n unparsedAttributes = ''\n }\n\n // Let the cookie-av string be the characters consumed in this step.\n\n let attributeName = ''\n let attributeValue = ''\n\n // 4. If the cookie-av string contains a %x3D (\"=\") character:\n if (cookieAv.includes('=')) {\n // 1. The (possibly empty) attribute-name string consists of the\n // characters up to, but not including, the first %x3D (\"=\")\n // character, and the (possibly empty) attribute-value string\n // consists of the characters after the first %x3D (\"=\")\n // character.\n const position = { position: 0 }\n\n attributeName = collectASequenceOfCodePointsFast(\n '=',\n cookieAv,\n position\n )\n attributeValue = cookieAv.slice(position.position + 1)\n } else {\n // Otherwise:\n\n // 1. The attribute-name string consists of the entire cookie-av\n // string, and the attribute-value string is empty.\n attributeName = cookieAv\n }\n\n // 5. Remove any leading or trailing WSP characters from the attribute-\n // name string and the attribute-value string.\n attributeName = attributeName.trim()\n attributeValue = attributeValue.trim()\n\n // 6. If the attribute-value is longer than 1024 octets, ignore the\n // cookie-av string and return to Step 1 of this algorithm.\n if (attributeValue.length > maxAttributeValueSize) {\n return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n }\n\n // 7. Process the attribute-name and attribute-value according to the\n // requirements in the following subsections. (Notice that\n // attributes with unrecognized attribute-names are ignored.)\n const attributeNameLowercase = attributeName.toLowerCase()\n\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.1\n // If the attribute-name case-insensitively matches the string\n // \"Expires\", the user agent MUST process the cookie-av as follows.\n if (attributeNameLowercase === 'expires') {\n // 1. Let the expiry-time be the result of parsing the attribute-value\n // as cookie-date (see Section 5.1.1).\n const expiryTime = new Date(attributeValue)\n\n // 2. If the attribute-value failed to parse as a cookie date, ignore\n // the cookie-av.\n\n cookieAttributeList.expires = expiryTime\n } else if (attributeNameLowercase === 'max-age') {\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.2\n // If the attribute-name case-insensitively matches the string \"Max-\n // Age\", the user agent MUST process the cookie-av as follows.\n\n // 1. If the first character of the attribute-value is not a DIGIT or a\n // \"-\" character, ignore the cookie-av.\n const charCode = attributeValue.charCodeAt(0)\n\n if ((charCode < 48 || charCode > 57) && attributeValue[0] !== '-') {\n return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n }\n\n // 2. If the remainder of attribute-value contains a non-DIGIT\n // character, ignore the cookie-av.\n if (!/^\\d+$/.test(attributeValue)) {\n return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n }\n\n // 3. Let delta-seconds be the attribute-value converted to an integer.\n const deltaSeconds = Number(attributeValue)\n\n // 4. Let cookie-age-limit be the maximum age of the cookie (which\n // SHOULD be 400 days or less, see Section 4.1.2.2).\n\n // 5. Set delta-seconds to the smaller of its present value and cookie-\n // age-limit.\n // deltaSeconds = Math.min(deltaSeconds * 1000, maxExpiresMs)\n\n // 6. If delta-seconds is less than or equal to zero (0), let expiry-\n // time be the earliest representable date and time. Otherwise, let\n // the expiry-time be the current date and time plus delta-seconds\n // seconds.\n // const expiryTime = deltaSeconds <= 0 ? Date.now() : Date.now() + deltaSeconds\n\n // 7. Append an attribute to the cookie-attribute-list with an\n // attribute-name of Max-Age and an attribute-value of expiry-time.\n cookieAttributeList.maxAge = deltaSeconds\n } else if (attributeNameLowercase === 'domain') {\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.3\n // If the attribute-name case-insensitively matches the string \"Domain\",\n // the user agent MUST process the cookie-av as follows.\n\n // 1. Let cookie-domain be the attribute-value.\n let cookieDomain = attributeValue\n\n // 2. If cookie-domain starts with %x2E (\".\"), let cookie-domain be\n // cookie-domain without its leading %x2E (\".\").\n if (cookieDomain[0] === '.') {\n cookieDomain = cookieDomain.slice(1)\n }\n\n // 3. Convert the cookie-domain to lower case.\n cookieDomain = cookieDomain.toLowerCase()\n\n // 4. Append an attribute to the cookie-attribute-list with an\n // attribute-name of Domain and an attribute-value of cookie-domain.\n cookieAttributeList.domain = cookieDomain\n } else if (attributeNameLowercase === 'path') {\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.4\n // If the attribute-name case-insensitively matches the string \"Path\",\n // the user agent MUST process the cookie-av as follows.\n\n // 1. If the attribute-value is empty or if the first character of the\n // attribute-value is not %x2F (\"/\"):\n let cookiePath = ''\n if (attributeValue.length === 0 || attributeValue[0] !== '/') {\n // 1. Let cookie-path be the default-path.\n cookiePath = '/'\n } else {\n // Otherwise:\n\n // 1. Let cookie-path be the attribute-value.\n cookiePath = attributeValue\n }\n\n // 2. Append an attribute to the cookie-attribute-list with an\n // attribute-name of Path and an attribute-value of cookie-path.\n cookieAttributeList.path = cookiePath\n } else if (attributeNameLowercase === 'secure') {\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.5\n // If the attribute-name case-insensitively matches the string \"Secure\",\n // the user agent MUST append an attribute to the cookie-attribute-list\n // with an attribute-name of Secure and an empty attribute-value.\n\n cookieAttributeList.secure = true\n } else if (attributeNameLowercase === 'httponly') {\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.6\n // If the attribute-name case-insensitively matches the string\n // \"HttpOnly\", the user agent MUST append an attribute to the cookie-\n // attribute-list with an attribute-name of HttpOnly and an empty\n // attribute-value.\n\n cookieAttributeList.httpOnly = true\n } else if (attributeNameLowercase === 'samesite') {\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.7\n // If the attribute-name case-insensitively matches the string\n // \"SameSite\", the user agent MUST process the cookie-av as follows:\n\n // 1. Let enforcement be \"Default\".\n let enforcement = 'Default'\n\n const attributeValueLowercase = attributeValue.toLowerCase()\n // 2. If cookie-av's attribute-value is a case-insensitive match for\n // \"None\", set enforcement to \"None\".\n if (attributeValueLowercase.includes('none')) {\n enforcement = 'None'\n }\n\n // 3. If cookie-av's attribute-value is a case-insensitive match for\n // \"Strict\", set enforcement to \"Strict\".\n if (attributeValueLowercase.includes('strict')) {\n enforcement = 'Strict'\n }\n\n // 4. If cookie-av's attribute-value is a case-insensitive match for\n // \"Lax\", set enforcement to \"Lax\".\n if (attributeValueLowercase.includes('lax')) {\n enforcement = 'Lax'\n }\n\n // 5. Append an attribute to the cookie-attribute-list with an\n // attribute-name of \"SameSite\" and an attribute-value of\n // enforcement.\n cookieAttributeList.sameSite = enforcement\n } else {\n cookieAttributeList.unparsed ??= []\n\n cookieAttributeList.unparsed.push(`${attributeName}=${attributeValue}`)\n }\n\n // 8. Return to Step 1 of this algorithm.\n return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n}\n\nmodule.exports = {\n parseSetCookie,\n parseUnparsedAttributes\n}\n","'use strict'\n\n/**\n * @param {string} value\n * @returns {boolean}\n */\nfunction isCTLExcludingHtab (value) {\n for (let i = 0; i < value.length; ++i) {\n const code = value.charCodeAt(i)\n\n if (\n (code >= 0x00 && code <= 0x08) ||\n (code >= 0x0A && code <= 0x1F) ||\n code === 0x7F\n ) {\n return true\n }\n }\n return false\n}\n\n/**\n CHAR = \n token = 1*\n separators = \"(\" | \")\" | \"<\" | \">\" | \"@\"\n | \",\" | \";\" | \":\" | \"\\\" | <\">\n | \"/\" | \"[\" | \"]\" | \"?\" | \"=\"\n | \"{\" | \"}\" | SP | HT\n * @param {string} name\n */\nfunction validateCookieName (name) {\n for (let i = 0; i < name.length; ++i) {\n const code = name.charCodeAt(i)\n\n if (\n code < 0x21 || // exclude CTLs (0-31), SP and HT\n code > 0x7E || // exclude non-ascii and DEL\n code === 0x22 || // \"\n code === 0x28 || // (\n code === 0x29 || // )\n code === 0x3C || // <\n code === 0x3E || // >\n code === 0x40 || // @\n code === 0x2C || // ,\n code === 0x3B || // ;\n code === 0x3A || // :\n code === 0x5C || // \\\n code === 0x2F || // /\n code === 0x5B || // [\n code === 0x5D || // ]\n code === 0x3F || // ?\n code === 0x3D || // =\n code === 0x7B || // {\n code === 0x7D // }\n ) {\n throw new Error('Invalid cookie name')\n }\n }\n}\n\n/**\n cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )\n cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E\n ; US-ASCII characters excluding CTLs,\n ; whitespace DQUOTE, comma, semicolon,\n ; and backslash\n * @param {string} value\n */\nfunction validateCookieValue (value) {\n let len = value.length\n let i = 0\n\n // if the value is wrapped in DQUOTE\n if (value[0] === '\"') {\n if (len === 1 || value[len - 1] !== '\"') {\n throw new Error('Invalid cookie value')\n }\n --len\n ++i\n }\n\n while (i < len) {\n const code = value.charCodeAt(i++)\n\n if (\n code < 0x21 || // exclude CTLs (0-31)\n code > 0x7E || // non-ascii and DEL (127)\n code === 0x22 || // \"\n code === 0x2C || // ,\n code === 0x3B || // ;\n code === 0x5C // \\\n ) {\n throw new Error('Invalid cookie value')\n }\n }\n}\n\n/**\n * path-value = \n * @param {string} path\n */\nfunction validateCookiePath (path) {\n for (let i = 0; i < path.length; ++i) {\n const code = path.charCodeAt(i)\n\n if (\n code < 0x20 || // exclude CTLs (0-31)\n code === 0x7F || // DEL\n code === 0x3B // ;\n ) {\n throw new Error('Invalid cookie path')\n }\n }\n}\n\n/**\n * I have no idea why these values aren't allowed to be honest,\n * but Deno tests these. - Khafra\n * @param {string} domain\n */\nfunction validateCookieDomain (domain) {\n if (\n domain.startsWith('-') ||\n domain.endsWith('.') ||\n domain.endsWith('-')\n ) {\n throw new Error('Invalid cookie domain')\n }\n}\n\nconst IMFDays = [\n 'Sun', 'Mon', 'Tue', 'Wed',\n 'Thu', 'Fri', 'Sat'\n]\n\nconst IMFMonths = [\n 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',\n 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'\n]\n\nconst IMFPaddedNumbers = Array(61).fill(0).map((_, i) => i.toString().padStart(2, '0'))\n\n/**\n * @see https://www.rfc-editor.org/rfc/rfc7231#section-7.1.1.1\n * @param {number|Date} date\n IMF-fixdate = day-name \",\" SP date1 SP time-of-day SP GMT\n ; fixed length/zone/capitalization subset of the format\n ; see Section 3.3 of [RFC5322]\n\n day-name = %x4D.6F.6E ; \"Mon\", case-sensitive\n / %x54.75.65 ; \"Tue\", case-sensitive\n / %x57.65.64 ; \"Wed\", case-sensitive\n / %x54.68.75 ; \"Thu\", case-sensitive\n / %x46.72.69 ; \"Fri\", case-sensitive\n / %x53.61.74 ; \"Sat\", case-sensitive\n / %x53.75.6E ; \"Sun\", case-sensitive\n date1 = day SP month SP year\n ; e.g., 02 Jun 1982\n\n day = 2DIGIT\n month = %x4A.61.6E ; \"Jan\", case-sensitive\n / %x46.65.62 ; \"Feb\", case-sensitive\n / %x4D.61.72 ; \"Mar\", case-sensitive\n / %x41.70.72 ; \"Apr\", case-sensitive\n / %x4D.61.79 ; \"May\", case-sensitive\n / %x4A.75.6E ; \"Jun\", case-sensitive\n / %x4A.75.6C ; \"Jul\", case-sensitive\n / %x41.75.67 ; \"Aug\", case-sensitive\n / %x53.65.70 ; \"Sep\", case-sensitive\n / %x4F.63.74 ; \"Oct\", case-sensitive\n / %x4E.6F.76 ; \"Nov\", case-sensitive\n / %x44.65.63 ; \"Dec\", case-sensitive\n year = 4DIGIT\n\n GMT = %x47.4D.54 ; \"GMT\", case-sensitive\n\n time-of-day = hour \":\" minute \":\" second\n ; 00:00:00 - 23:59:60 (leap second)\n\n hour = 2DIGIT\n minute = 2DIGIT\n second = 2DIGIT\n */\nfunction toIMFDate (date) {\n if (typeof date === 'number') {\n date = new Date(date)\n }\n\n return `${IMFDays[date.getUTCDay()]}, ${IMFPaddedNumbers[date.getUTCDate()]} ${IMFMonths[date.getUTCMonth()]} ${date.getUTCFullYear()} ${IMFPaddedNumbers[date.getUTCHours()]}:${IMFPaddedNumbers[date.getUTCMinutes()]}:${IMFPaddedNumbers[date.getUTCSeconds()]} GMT`\n}\n\n/**\n max-age-av = \"Max-Age=\" non-zero-digit *DIGIT\n ; In practice, both expires-av and max-age-av\n ; are limited to dates representable by the\n ; user agent.\n * @param {number} maxAge\n */\nfunction validateCookieMaxAge (maxAge) {\n if (maxAge < 0) {\n throw new Error('Invalid cookie max-age')\n }\n}\n\n/**\n * @see https://www.rfc-editor.org/rfc/rfc6265#section-4.1.1\n * @param {import('./index').Cookie} cookie\n */\nfunction stringify (cookie) {\n if (cookie.name.length === 0) {\n return null\n }\n\n validateCookieName(cookie.name)\n validateCookieValue(cookie.value)\n\n const out = [`${cookie.name}=${cookie.value}`]\n\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1\n // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2\n if (cookie.name.startsWith('__Secure-')) {\n cookie.secure = true\n }\n\n if (cookie.name.startsWith('__Host-')) {\n cookie.secure = true\n cookie.domain = null\n cookie.path = '/'\n }\n\n if (cookie.secure) {\n out.push('Secure')\n }\n\n if (cookie.httpOnly) {\n out.push('HttpOnly')\n }\n\n if (typeof cookie.maxAge === 'number') {\n validateCookieMaxAge(cookie.maxAge)\n out.push(`Max-Age=${cookie.maxAge}`)\n }\n\n if (cookie.domain) {\n validateCookieDomain(cookie.domain)\n out.push(`Domain=${cookie.domain}`)\n }\n\n if (cookie.path) {\n validateCookiePath(cookie.path)\n out.push(`Path=${cookie.path}`)\n }\n\n if (cookie.expires && cookie.expires.toString() !== 'Invalid Date') {\n out.push(`Expires=${toIMFDate(cookie.expires)}`)\n }\n\n if (cookie.sameSite) {\n out.push(`SameSite=${cookie.sameSite}`)\n }\n\n for (const part of cookie.unparsed) {\n if (!part.includes('=')) {\n throw new Error('Invalid unparsed')\n }\n\n const [key, ...value] = part.split('=')\n\n out.push(`${key.trim()}=${value.join('=')}`)\n }\n\n return out.join('; ')\n}\n\nmodule.exports = {\n isCTLExcludingHtab,\n validateCookieName,\n validateCookiePath,\n validateCookieValue,\n toIMFDate,\n stringify\n}\n","'use strict'\nconst { Transform } = require('node:stream')\nconst { isASCIINumber, isValidLastEventId } = require('./util')\n\n/**\n * @type {number[]} BOM\n */\nconst BOM = [0xEF, 0xBB, 0xBF]\n/**\n * @type {10} LF\n */\nconst LF = 0x0A\n/**\n * @type {13} CR\n */\nconst CR = 0x0D\n/**\n * @type {58} COLON\n */\nconst COLON = 0x3A\n/**\n * @type {32} SPACE\n */\nconst SPACE = 0x20\n\n/**\n * @typedef {object} EventSourceStreamEvent\n * @type {object}\n * @property {string} [event] The event type.\n * @property {string} [data] The data of the message.\n * @property {string} [id] A unique ID for the event.\n * @property {string} [retry] The reconnection time, in milliseconds.\n */\n\n/**\n * @typedef eventSourceSettings\n * @type {object}\n * @property {string} lastEventId The last event ID received from the server.\n * @property {string} origin The origin of the event source.\n * @property {number} reconnectionTime The reconnection time, in milliseconds.\n */\n\nclass EventSourceStream extends Transform {\n /**\n * @type {eventSourceSettings}\n */\n state = null\n\n /**\n * Leading byte-order-mark check.\n * @type {boolean}\n */\n checkBOM = true\n\n /**\n * @type {boolean}\n */\n crlfCheck = false\n\n /**\n * @type {boolean}\n */\n eventEndCheck = false\n\n /**\n * @type {Buffer}\n */\n buffer = null\n\n pos = 0\n\n event = {\n data: undefined,\n event: undefined,\n id: undefined,\n retry: undefined\n }\n\n /**\n * @param {object} options\n * @param {eventSourceSettings} options.eventSourceSettings\n * @param {Function} [options.push]\n */\n constructor (options = {}) {\n // Enable object mode as EventSourceStream emits objects of shape\n // EventSourceStreamEvent\n options.readableObjectMode = true\n\n super(options)\n\n this.state = options.eventSourceSettings || {}\n if (options.push) {\n this.push = options.push\n }\n }\n\n /**\n * @param {Buffer} chunk\n * @param {string} _encoding\n * @param {Function} callback\n * @returns {void}\n */\n _transform (chunk, _encoding, callback) {\n if (chunk.length === 0) {\n callback()\n return\n }\n\n // Cache the chunk in the buffer, as the data might not be complete while\n // processing it\n // TODO: Investigate if there is a more performant way to handle\n // incoming chunks\n // see: https://github.com/nodejs/undici/issues/2630\n if (this.buffer) {\n this.buffer = Buffer.concat([this.buffer, chunk])\n } else {\n this.buffer = chunk\n }\n\n // Strip leading byte-order-mark if we opened the stream and started\n // the processing of the incoming data\n if (this.checkBOM) {\n switch (this.buffer.length) {\n case 1:\n // Check if the first byte is the same as the first byte of the BOM\n if (this.buffer[0] === BOM[0]) {\n // If it is, we need to wait for more data\n callback()\n return\n }\n // Set the checkBOM flag to false as we don't need to check for the\n // BOM anymore\n this.checkBOM = false\n\n // The buffer only contains one byte so we need to wait for more data\n callback()\n return\n case 2:\n // Check if the first two bytes are the same as the first two bytes\n // of the BOM\n if (\n this.buffer[0] === BOM[0] &&\n this.buffer[1] === BOM[1]\n ) {\n // If it is, we need to wait for more data, because the third byte\n // is needed to determine if it is the BOM or not\n callback()\n return\n }\n\n // Set the checkBOM flag to false as we don't need to check for the\n // BOM anymore\n this.checkBOM = false\n break\n case 3:\n // Check if the first three bytes are the same as the first three\n // bytes of the BOM\n if (\n this.buffer[0] === BOM[0] &&\n this.buffer[1] === BOM[1] &&\n this.buffer[2] === BOM[2]\n ) {\n // If it is, we can drop the buffered data, as it is only the BOM\n this.buffer = Buffer.alloc(0)\n // Set the checkBOM flag to false as we don't need to check for the\n // BOM anymore\n this.checkBOM = false\n\n // Await more data\n callback()\n return\n }\n // If it is not the BOM, we can start processing the data\n this.checkBOM = false\n break\n default:\n // The buffer is longer than 3 bytes, so we can drop the BOM if it is\n // present\n if (\n this.buffer[0] === BOM[0] &&\n this.buffer[1] === BOM[1] &&\n this.buffer[2] === BOM[2]\n ) {\n // Remove the BOM from the buffer\n this.buffer = this.buffer.subarray(3)\n }\n\n // Set the checkBOM flag to false as we don't need to check for the\n this.checkBOM = false\n break\n }\n }\n\n while (this.pos < this.buffer.length) {\n // If the previous line ended with an end-of-line, we need to check\n // if the next character is also an end-of-line.\n if (this.eventEndCheck) {\n // If the the current character is an end-of-line, then the event\n // is finished and we can process it\n\n // If the previous line ended with a carriage return, we need to\n // check if the current character is a line feed and remove it\n // from the buffer.\n if (this.crlfCheck) {\n // If the current character is a line feed, we can remove it\n // from the buffer and reset the crlfCheck flag\n if (this.buffer[this.pos] === LF) {\n this.buffer = this.buffer.subarray(this.pos + 1)\n this.pos = 0\n this.crlfCheck = false\n\n // It is possible that the line feed is not the end of the\n // event. We need to check if the next character is an\n // end-of-line character to determine if the event is\n // finished. We simply continue the loop to check the next\n // character.\n\n // As we removed the line feed from the buffer and set the\n // crlfCheck flag to false, we basically don't make any\n // distinction between a line feed and a carriage return.\n continue\n }\n this.crlfCheck = false\n }\n\n if (this.buffer[this.pos] === LF || this.buffer[this.pos] === CR) {\n // If the current character is a carriage return, we need to\n // set the crlfCheck flag to true, as we need to check if the\n // next character is a line feed so we can remove it from the\n // buffer\n if (this.buffer[this.pos] === CR) {\n this.crlfCheck = true\n }\n\n this.buffer = this.buffer.subarray(this.pos + 1)\n this.pos = 0\n if (\n this.event.data !== undefined || this.event.event || this.event.id || this.event.retry) {\n this.processEvent(this.event)\n }\n this.clearEvent()\n continue\n }\n // If the current character is not an end-of-line, then the event\n // is not finished and we have to reset the eventEndCheck flag\n this.eventEndCheck = false\n continue\n }\n\n // If the current character is an end-of-line, we can process the\n // line\n if (this.buffer[this.pos] === LF || this.buffer[this.pos] === CR) {\n // If the current character is a carriage return, we need to\n // set the crlfCheck flag to true, as we need to check if the\n // next character is a line feed\n if (this.buffer[this.pos] === CR) {\n this.crlfCheck = true\n }\n\n // In any case, we can process the line as we reached an\n // end-of-line character\n this.parseLine(this.buffer.subarray(0, this.pos), this.event)\n\n // Remove the processed line from the buffer\n this.buffer = this.buffer.subarray(this.pos + 1)\n // Reset the position as we removed the processed line from the buffer\n this.pos = 0\n // A line was processed and this could be the end of the event. We need\n // to check if the next line is empty to determine if the event is\n // finished.\n this.eventEndCheck = true\n continue\n }\n\n this.pos++\n }\n\n callback()\n }\n\n /**\n * @param {Buffer} line\n * @param {EventStreamEvent} event\n */\n parseLine (line, event) {\n // If the line is empty (a blank line)\n // Dispatch the event, as defined below.\n // This will be handled in the _transform method\n if (line.length === 0) {\n return\n }\n\n // If the line starts with a U+003A COLON character (:)\n // Ignore the line.\n const colonPosition = line.indexOf(COLON)\n if (colonPosition === 0) {\n return\n }\n\n let field = ''\n let value = ''\n\n // If the line contains a U+003A COLON character (:)\n if (colonPosition !== -1) {\n // Collect the characters on the line before the first U+003A COLON\n // character (:), and let field be that string.\n // TODO: Investigate if there is a more performant way to extract the\n // field\n // see: https://github.com/nodejs/undici/issues/2630\n field = line.subarray(0, colonPosition).toString('utf8')\n\n // Collect the characters on the line after the first U+003A COLON\n // character (:), and let value be that string.\n // If value starts with a U+0020 SPACE character, remove it from value.\n let valueStart = colonPosition + 1\n if (line[valueStart] === SPACE) {\n ++valueStart\n }\n // TODO: Investigate if there is a more performant way to extract the\n // value\n // see: https://github.com/nodejs/undici/issues/2630\n value = line.subarray(valueStart).toString('utf8')\n\n // Otherwise, the string is not empty but does not contain a U+003A COLON\n // character (:)\n } else {\n // Process the field using the steps described below, using the whole\n // line as the field name, and the empty string as the field value.\n field = line.toString('utf8')\n value = ''\n }\n\n // Modify the event with the field name and value. The value is also\n // decoded as UTF-8\n switch (field) {\n case 'data':\n if (event[field] === undefined) {\n event[field] = value\n } else {\n event[field] += `\\n${value}`\n }\n break\n case 'retry':\n if (isASCIINumber(value)) {\n event[field] = value\n }\n break\n case 'id':\n if (isValidLastEventId(value)) {\n event[field] = value\n }\n break\n case 'event':\n if (value.length > 0) {\n event[field] = value\n }\n break\n }\n }\n\n /**\n * @param {EventSourceStreamEvent} event\n */\n processEvent (event) {\n if (event.retry && isASCIINumber(event.retry)) {\n this.state.reconnectionTime = parseInt(event.retry, 10)\n }\n\n if (event.id && isValidLastEventId(event.id)) {\n this.state.lastEventId = event.id\n }\n\n // only dispatch event, when data is provided\n if (event.data !== undefined) {\n this.push({\n type: event.event || 'message',\n options: {\n data: event.data,\n lastEventId: this.state.lastEventId,\n origin: this.state.origin\n }\n })\n }\n }\n\n clearEvent () {\n this.event = {\n data: undefined,\n event: undefined,\n id: undefined,\n retry: undefined\n }\n }\n}\n\nmodule.exports = {\n EventSourceStream\n}\n","'use strict'\n\nconst { pipeline } = require('node:stream')\nconst { fetching } = require('../fetch')\nconst { makeRequest } = require('../fetch/request')\nconst { webidl } = require('../fetch/webidl')\nconst { EventSourceStream } = require('./eventsource-stream')\nconst { parseMIMEType } = require('../fetch/data-url')\nconst { createFastMessageEvent } = require('../websocket/events')\nconst { isNetworkError } = require('../fetch/response')\nconst { delay } = require('./util')\nconst { kEnumerableProperty } = require('../../core/util')\nconst { environmentSettingsObject } = require('../fetch/util')\n\nlet experimentalWarned = false\n\n/**\n * A reconnection time, in milliseconds. This must initially be an implementation-defined value,\n * probably in the region of a few seconds.\n *\n * In Comparison:\n * - Chrome uses 3000ms.\n * - Deno uses 5000ms.\n *\n * @type {3000}\n */\nconst defaultReconnectionTime = 3000\n\n/**\n * The readyState attribute represents the state of the connection.\n * @enum\n * @readonly\n * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#dom-eventsource-readystate-dev\n */\n\n/**\n * The connection has not yet been established, or it was closed and the user\n * agent is reconnecting.\n * @type {0}\n */\nconst CONNECTING = 0\n\n/**\n * The user agent has an open connection and is dispatching events as it\n * receives them.\n * @type {1}\n */\nconst OPEN = 1\n\n/**\n * The connection is not open, and the user agent is not trying to reconnect.\n * @type {2}\n */\nconst CLOSED = 2\n\n/**\n * Requests for the element will have their mode set to \"cors\" and their credentials mode set to \"same-origin\".\n * @type {'anonymous'}\n */\nconst ANONYMOUS = 'anonymous'\n\n/**\n * Requests for the element will have their mode set to \"cors\" and their credentials mode set to \"include\".\n * @type {'use-credentials'}\n */\nconst USE_CREDENTIALS = 'use-credentials'\n\n/**\n * The EventSource interface is used to receive server-sent events. It\n * connects to a server over HTTP and receives events in text/event-stream\n * format without closing the connection.\n * @extends {EventTarget}\n * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#server-sent-events\n * @api public\n */\nclass EventSource extends EventTarget {\n #events = {\n open: null,\n error: null,\n message: null\n }\n\n #url = null\n #withCredentials = false\n\n #readyState = CONNECTING\n\n #request = null\n #controller = null\n\n #dispatcher\n\n /**\n * @type {import('./eventsource-stream').eventSourceSettings}\n */\n #state\n\n /**\n * Creates a new EventSource object.\n * @param {string} url\n * @param {EventSourceInit} [eventSourceInitDict]\n * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#the-eventsource-interface\n */\n constructor (url, eventSourceInitDict = {}) {\n // 1. Let ev be a new EventSource object.\n super()\n\n webidl.util.markAsUncloneable(this)\n\n const prefix = 'EventSource constructor'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n if (!experimentalWarned) {\n experimentalWarned = true\n process.emitWarning('EventSource is experimental, expect them to change at any time.', {\n code: 'UNDICI-ES'\n })\n }\n\n url = webidl.converters.USVString(url, prefix, 'url')\n eventSourceInitDict = webidl.converters.EventSourceInitDict(eventSourceInitDict, prefix, 'eventSourceInitDict')\n\n this.#dispatcher = eventSourceInitDict.dispatcher\n this.#state = {\n lastEventId: '',\n reconnectionTime: defaultReconnectionTime\n }\n\n // 2. Let settings be ev's relevant settings object.\n // https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object\n const settings = environmentSettingsObject\n\n let urlRecord\n\n try {\n // 3. Let urlRecord be the result of encoding-parsing a URL given url, relative to settings.\n urlRecord = new URL(url, settings.settingsObject.baseUrl)\n this.#state.origin = urlRecord.origin\n } catch (e) {\n // 4. If urlRecord is failure, then throw a \"SyntaxError\" DOMException.\n throw new DOMException(e, 'SyntaxError')\n }\n\n // 5. Set ev's url to urlRecord.\n this.#url = urlRecord.href\n\n // 6. Let corsAttributeState be Anonymous.\n let corsAttributeState = ANONYMOUS\n\n // 7. If the value of eventSourceInitDict's withCredentials member is true,\n // then set corsAttributeState to Use Credentials and set ev's\n // withCredentials attribute to true.\n if (eventSourceInitDict.withCredentials) {\n corsAttributeState = USE_CREDENTIALS\n this.#withCredentials = true\n }\n\n // 8. Let request be the result of creating a potential-CORS request given\n // urlRecord, the empty string, and corsAttributeState.\n const initRequest = {\n redirect: 'follow',\n keepalive: true,\n // @see https://html.spec.whatwg.org/multipage/urls-and-fetching.html#cors-settings-attributes\n mode: 'cors',\n credentials: corsAttributeState === 'anonymous'\n ? 'same-origin'\n : 'omit',\n referrer: 'no-referrer'\n }\n\n // 9. Set request's client to settings.\n initRequest.client = environmentSettingsObject.settingsObject\n\n // 10. User agents may set (`Accept`, `text/event-stream`) in request's header list.\n initRequest.headersList = [['accept', { name: 'accept', value: 'text/event-stream' }]]\n\n // 11. Set request's cache mode to \"no-store\".\n initRequest.cache = 'no-store'\n\n // 12. Set request's initiator type to \"other\".\n initRequest.initiator = 'other'\n\n initRequest.urlList = [new URL(this.#url)]\n\n // 13. Set ev's request to request.\n this.#request = makeRequest(initRequest)\n\n this.#connect()\n }\n\n /**\n * Returns the state of this EventSource object's connection. It can have the\n * values described below.\n * @returns {0|1|2}\n * @readonly\n */\n get readyState () {\n return this.#readyState\n }\n\n /**\n * Returns the URL providing the event stream.\n * @readonly\n * @returns {string}\n */\n get url () {\n return this.#url\n }\n\n /**\n * Returns a boolean indicating whether the EventSource object was\n * instantiated with CORS credentials set (true), or not (false, the default).\n */\n get withCredentials () {\n return this.#withCredentials\n }\n\n #connect () {\n if (this.#readyState === CLOSED) return\n\n this.#readyState = CONNECTING\n\n const fetchParams = {\n request: this.#request,\n dispatcher: this.#dispatcher\n }\n\n // 14. Let processEventSourceEndOfBody given response res be the following step: if res is not a network error, then reestablish the connection.\n const processEventSourceEndOfBody = (response) => {\n if (isNetworkError(response)) {\n this.dispatchEvent(new Event('error'))\n this.close()\n }\n\n this.#reconnect()\n }\n\n // 15. Fetch request, with processResponseEndOfBody set to processEventSourceEndOfBody...\n fetchParams.processResponseEndOfBody = processEventSourceEndOfBody\n\n // and processResponse set to the following steps given response res:\n fetchParams.processResponse = (response) => {\n // 1. If res is an aborted network error, then fail the connection.\n\n if (isNetworkError(response)) {\n // 1. When a user agent is to fail the connection, the user agent\n // must queue a task which, if the readyState attribute is set to a\n // value other than CLOSED, sets the readyState attribute to CLOSED\n // and fires an event named error at the EventSource object. Once the\n // user agent has failed the connection, it does not attempt to\n // reconnect.\n if (response.aborted) {\n this.close()\n this.dispatchEvent(new Event('error'))\n return\n // 2. Otherwise, if res is a network error, then reestablish the\n // connection, unless the user agent knows that to be futile, in\n // which case the user agent may fail the connection.\n } else {\n this.#reconnect()\n return\n }\n }\n\n // 3. Otherwise, if res's status is not 200, or if res's `Content-Type`\n // is not `text/event-stream`, then fail the connection.\n const contentType = response.headersList.get('content-type', true)\n const mimeType = contentType !== null ? parseMIMEType(contentType) : 'failure'\n const contentTypeValid = mimeType !== 'failure' && mimeType.essence === 'text/event-stream'\n if (\n response.status !== 200 ||\n contentTypeValid === false\n ) {\n this.close()\n this.dispatchEvent(new Event('error'))\n return\n }\n\n // 4. Otherwise, announce the connection and interpret res's body\n // line by line.\n\n // When a user agent is to announce the connection, the user agent\n // must queue a task which, if the readyState attribute is set to a\n // value other than CLOSED, sets the readyState attribute to OPEN\n // and fires an event named open at the EventSource object.\n // @see https://html.spec.whatwg.org/multipage/server-sent-events.html#sse-processing-model\n this.#readyState = OPEN\n this.dispatchEvent(new Event('open'))\n\n // If redirected to a different origin, set the origin to the new origin.\n this.#state.origin = response.urlList[response.urlList.length - 1].origin\n\n const eventSourceStream = new EventSourceStream({\n eventSourceSettings: this.#state,\n push: (event) => {\n this.dispatchEvent(createFastMessageEvent(\n event.type,\n event.options\n ))\n }\n })\n\n pipeline(response.body.stream,\n eventSourceStream,\n (error) => {\n if (\n error?.aborted === false\n ) {\n this.close()\n this.dispatchEvent(new Event('error'))\n }\n })\n }\n\n this.#controller = fetching(fetchParams)\n }\n\n /**\n * @see https://html.spec.whatwg.org/multipage/server-sent-events.html#sse-processing-model\n * @returns {Promise}\n */\n async #reconnect () {\n // When a user agent is to reestablish the connection, the user agent must\n // run the following steps. These steps are run in parallel, not as part of\n // a task. (The tasks that it queues, of course, are run like normal tasks\n // and not themselves in parallel.)\n\n // 1. Queue a task to run the following steps:\n\n // 1. If the readyState attribute is set to CLOSED, abort the task.\n if (this.#readyState === CLOSED) return\n\n // 2. Set the readyState attribute to CONNECTING.\n this.#readyState = CONNECTING\n\n // 3. Fire an event named error at the EventSource object.\n this.dispatchEvent(new Event('error'))\n\n // 2. Wait a delay equal to the reconnection time of the event source.\n await delay(this.#state.reconnectionTime)\n\n // 5. Queue a task to run the following steps:\n\n // 1. If the EventSource object's readyState attribute is not set to\n // CONNECTING, then return.\n if (this.#readyState !== CONNECTING) return\n\n // 2. Let request be the EventSource object's request.\n // 3. If the EventSource object's last event ID string is not the empty\n // string, then:\n // 1. Let lastEventIDValue be the EventSource object's last event ID\n // string, encoded as UTF-8.\n // 2. Set (`Last-Event-ID`, lastEventIDValue) in request's header\n // list.\n if (this.#state.lastEventId.length) {\n this.#request.headersList.set('last-event-id', this.#state.lastEventId, true)\n }\n\n // 4. Fetch request and process the response obtained in this fashion, if any, as described earlier in this section.\n this.#connect()\n }\n\n /**\n * Closes the connection, if any, and sets the readyState attribute to\n * CLOSED.\n */\n close () {\n webidl.brandCheck(this, EventSource)\n\n if (this.#readyState === CLOSED) return\n this.#readyState = CLOSED\n this.#controller.abort()\n this.#request = null\n }\n\n get onopen () {\n return this.#events.open\n }\n\n set onopen (fn) {\n if (this.#events.open) {\n this.removeEventListener('open', this.#events.open)\n }\n\n if (typeof fn === 'function') {\n this.#events.open = fn\n this.addEventListener('open', fn)\n } else {\n this.#events.open = null\n }\n }\n\n get onmessage () {\n return this.#events.message\n }\n\n set onmessage (fn) {\n if (this.#events.message) {\n this.removeEventListener('message', this.#events.message)\n }\n\n if (typeof fn === 'function') {\n this.#events.message = fn\n this.addEventListener('message', fn)\n } else {\n this.#events.message = null\n }\n }\n\n get onerror () {\n return this.#events.error\n }\n\n set onerror (fn) {\n if (this.#events.error) {\n this.removeEventListener('error', this.#events.error)\n }\n\n if (typeof fn === 'function') {\n this.#events.error = fn\n this.addEventListener('error', fn)\n } else {\n this.#events.error = null\n }\n }\n}\n\nconst constantsPropertyDescriptors = {\n CONNECTING: {\n __proto__: null,\n configurable: false,\n enumerable: true,\n value: CONNECTING,\n writable: false\n },\n OPEN: {\n __proto__: null,\n configurable: false,\n enumerable: true,\n value: OPEN,\n writable: false\n },\n CLOSED: {\n __proto__: null,\n configurable: false,\n enumerable: true,\n value: CLOSED,\n writable: false\n }\n}\n\nObject.defineProperties(EventSource, constantsPropertyDescriptors)\nObject.defineProperties(EventSource.prototype, constantsPropertyDescriptors)\n\nObject.defineProperties(EventSource.prototype, {\n close: kEnumerableProperty,\n onerror: kEnumerableProperty,\n onmessage: kEnumerableProperty,\n onopen: kEnumerableProperty,\n readyState: kEnumerableProperty,\n url: kEnumerableProperty,\n withCredentials: kEnumerableProperty\n})\n\nwebidl.converters.EventSourceInitDict = webidl.dictionaryConverter([\n {\n key: 'withCredentials',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'dispatcher', // undici only\n converter: webidl.converters.any\n }\n])\n\nmodule.exports = {\n EventSource,\n defaultReconnectionTime\n}\n","'use strict'\n\n/**\n * Checks if the given value is a valid LastEventId.\n * @param {string} value\n * @returns {boolean}\n */\nfunction isValidLastEventId (value) {\n // LastEventId should not contain U+0000 NULL\n return value.indexOf('\\u0000') === -1\n}\n\n/**\n * Checks if the given value is a base 10 digit.\n * @param {string} value\n * @returns {boolean}\n */\nfunction isASCIINumber (value) {\n if (value.length === 0) return false\n for (let i = 0; i < value.length; i++) {\n if (value.charCodeAt(i) < 0x30 || value.charCodeAt(i) > 0x39) return false\n }\n return true\n}\n\n// https://github.com/nodejs/undici/issues/2664\nfunction delay (ms) {\n return new Promise((resolve) => {\n setTimeout(resolve, ms).unref()\n })\n}\n\nmodule.exports = {\n isValidLastEventId,\n isASCIINumber,\n delay\n}\n","'use strict'\n\nconst util = require('../../core/util')\nconst {\n ReadableStreamFrom,\n isBlobLike,\n isReadableStreamLike,\n readableStreamClose,\n createDeferredPromise,\n fullyReadBody,\n extractMimeType,\n utf8DecodeBytes\n} = require('./util')\nconst { FormData } = require('./formdata')\nconst { kState } = require('./symbols')\nconst { webidl } = require('./webidl')\nconst { Blob } = require('node:buffer')\nconst assert = require('node:assert')\nconst { isErrored, isDisturbed } = require('node:stream')\nconst { isArrayBuffer } = require('node:util/types')\nconst { serializeAMimeType } = require('./data-url')\nconst { multipartFormDataParser } = require('./formdata-parser')\nlet random\n\ntry {\n const crypto = require('node:crypto')\n random = (max) => crypto.randomInt(0, max)\n} catch {\n random = (max) => Math.floor(Math.random(max))\n}\n\nconst textEncoder = new TextEncoder()\nfunction noop () {}\n\nconst hasFinalizationRegistry = globalThis.FinalizationRegistry && process.version.indexOf('v18') !== 0\nlet streamRegistry\n\nif (hasFinalizationRegistry) {\n streamRegistry = new FinalizationRegistry((weakRef) => {\n const stream = weakRef.deref()\n if (stream && !stream.locked && !isDisturbed(stream) && !isErrored(stream)) {\n stream.cancel('Response object has been garbage collected').catch(noop)\n }\n })\n}\n\n// https://fetch.spec.whatwg.org/#concept-bodyinit-extract\nfunction extractBody (object, keepalive = false) {\n // 1. Let stream be null.\n let stream = null\n\n // 2. If object is a ReadableStream object, then set stream to object.\n if (object instanceof ReadableStream) {\n stream = object\n } else if (isBlobLike(object)) {\n // 3. Otherwise, if object is a Blob object, set stream to the\n // result of running object’s get stream.\n stream = object.stream()\n } else {\n // 4. Otherwise, set stream to a new ReadableStream object, and set\n // up stream with byte reading support.\n stream = new ReadableStream({\n async pull (controller) {\n const buffer = typeof source === 'string' ? textEncoder.encode(source) : source\n\n if (buffer.byteLength) {\n controller.enqueue(buffer)\n }\n\n queueMicrotask(() => readableStreamClose(controller))\n },\n start () {},\n type: 'bytes'\n })\n }\n\n // 5. Assert: stream is a ReadableStream object.\n assert(isReadableStreamLike(stream))\n\n // 6. Let action be null.\n let action = null\n\n // 7. Let source be null.\n let source = null\n\n // 8. Let length be null.\n let length = null\n\n // 9. Let type be null.\n let type = null\n\n // 10. Switch on object:\n if (typeof object === 'string') {\n // Set source to the UTF-8 encoding of object.\n // Note: setting source to a Uint8Array here breaks some mocking assumptions.\n source = object\n\n // Set type to `text/plain;charset=UTF-8`.\n type = 'text/plain;charset=UTF-8'\n } else if (object instanceof URLSearchParams) {\n // URLSearchParams\n\n // spec says to run application/x-www-form-urlencoded on body.list\n // this is implemented in Node.js as apart of an URLSearchParams instance toString method\n // See: https://github.com/nodejs/node/blob/e46c680bf2b211bbd52cf959ca17ee98c7f657f5/lib/internal/url.js#L490\n // and https://github.com/nodejs/node/blob/e46c680bf2b211bbd52cf959ca17ee98c7f657f5/lib/internal/url.js#L1100\n\n // Set source to the result of running the application/x-www-form-urlencoded serializer with object’s list.\n source = object.toString()\n\n // Set type to `application/x-www-form-urlencoded;charset=UTF-8`.\n type = 'application/x-www-form-urlencoded;charset=UTF-8'\n } else if (isArrayBuffer(object)) {\n // BufferSource/ArrayBuffer\n\n // Set source to a copy of the bytes held by object.\n source = new Uint8Array(object.slice())\n } else if (ArrayBuffer.isView(object)) {\n // BufferSource/ArrayBufferView\n\n // Set source to a copy of the bytes held by object.\n source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength))\n } else if (util.isFormDataLike(object)) {\n const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}`\n const prefix = `--${boundary}\\r\\nContent-Disposition: form-data`\n\n /*! formdata-polyfill. MIT License. Jimmy Wärting */\n const escape = (str) =>\n str.replace(/\\n/g, '%0A').replace(/\\r/g, '%0D').replace(/\"/g, '%22')\n const normalizeLinefeeds = (value) => value.replace(/\\r?\\n|\\r/g, '\\r\\n')\n\n // Set action to this step: run the multipart/form-data\n // encoding algorithm, with object’s entry list and UTF-8.\n // - This ensures that the body is immutable and can't be changed afterwords\n // - That the content-length is calculated in advance.\n // - And that all parts are pre-encoded and ready to be sent.\n\n const blobParts = []\n const rn = new Uint8Array([13, 10]) // '\\r\\n'\n length = 0\n let hasUnknownSizeValue = false\n\n for (const [name, value] of object) {\n if (typeof value === 'string') {\n const chunk = textEncoder.encode(prefix +\n `; name=\"${escape(normalizeLinefeeds(name))}\"` +\n `\\r\\n\\r\\n${normalizeLinefeeds(value)}\\r\\n`)\n blobParts.push(chunk)\n length += chunk.byteLength\n } else {\n const chunk = textEncoder.encode(`${prefix}; name=\"${escape(normalizeLinefeeds(name))}\"` +\n (value.name ? `; filename=\"${escape(value.name)}\"` : '') + '\\r\\n' +\n `Content-Type: ${\n value.type || 'application/octet-stream'\n }\\r\\n\\r\\n`)\n blobParts.push(chunk, value, rn)\n if (typeof value.size === 'number') {\n length += chunk.byteLength + value.size + rn.byteLength\n } else {\n hasUnknownSizeValue = true\n }\n }\n }\n\n // CRLF is appended to the body to function with legacy servers and match other implementations.\n // https://github.com/curl/curl/blob/3434c6b46e682452973972e8313613dfa58cd690/lib/mime.c#L1029-L1030\n // https://github.com/form-data/form-data/issues/63\n const chunk = textEncoder.encode(`--${boundary}--\\r\\n`)\n blobParts.push(chunk)\n length += chunk.byteLength\n if (hasUnknownSizeValue) {\n length = null\n }\n\n // Set source to object.\n source = object\n\n action = async function * () {\n for (const part of blobParts) {\n if (part.stream) {\n yield * part.stream()\n } else {\n yield part\n }\n }\n }\n\n // Set type to `multipart/form-data; boundary=`,\n // followed by the multipart/form-data boundary string generated\n // by the multipart/form-data encoding algorithm.\n type = `multipart/form-data; boundary=${boundary}`\n } else if (isBlobLike(object)) {\n // Blob\n\n // Set source to object.\n source = object\n\n // Set length to object’s size.\n length = object.size\n\n // If object’s type attribute is not the empty byte sequence, set\n // type to its value.\n if (object.type) {\n type = object.type\n }\n } else if (typeof object[Symbol.asyncIterator] === 'function') {\n // If keepalive is true, then throw a TypeError.\n if (keepalive) {\n throw new TypeError('keepalive')\n }\n\n // If object is disturbed or locked, then throw a TypeError.\n if (util.isDisturbed(object) || object.locked) {\n throw new TypeError(\n 'Response body object should not be disturbed or locked'\n )\n }\n\n stream =\n object instanceof ReadableStream ? object : ReadableStreamFrom(object)\n }\n\n // 11. If source is a byte sequence, then set action to a\n // step that returns source and length to source’s length.\n if (typeof source === 'string' || util.isBuffer(source)) {\n length = Buffer.byteLength(source)\n }\n\n // 12. If action is non-null, then run these steps in in parallel:\n if (action != null) {\n // Run action.\n let iterator\n stream = new ReadableStream({\n async start () {\n iterator = action(object)[Symbol.asyncIterator]()\n },\n async pull (controller) {\n const { value, done } = await iterator.next()\n if (done) {\n // When running action is done, close stream.\n queueMicrotask(() => {\n controller.close()\n controller.byobRequest?.respond(0)\n })\n } else {\n // Whenever one or more bytes are available and stream is not errored,\n // enqueue a Uint8Array wrapping an ArrayBuffer containing the available\n // bytes into stream.\n if (!isErrored(stream)) {\n const buffer = new Uint8Array(value)\n if (buffer.byteLength) {\n controller.enqueue(buffer)\n }\n }\n }\n return controller.desiredSize > 0\n },\n async cancel (reason) {\n await iterator.return()\n },\n type: 'bytes'\n })\n }\n\n // 13. Let body be a body whose stream is stream, source is source,\n // and length is length.\n const body = { stream, source, length }\n\n // 14. Return (body, type).\n return [body, type]\n}\n\n// https://fetch.spec.whatwg.org/#bodyinit-safely-extract\nfunction safelyExtractBody (object, keepalive = false) {\n // To safely extract a body and a `Content-Type` value from\n // a byte sequence or BodyInit object object, run these steps:\n\n // 1. If object is a ReadableStream object, then:\n if (object instanceof ReadableStream) {\n // Assert: object is neither disturbed nor locked.\n // istanbul ignore next\n assert(!util.isDisturbed(object), 'The body has already been consumed.')\n // istanbul ignore next\n assert(!object.locked, 'The stream is locked.')\n }\n\n // 2. Return the results of extracting object.\n return extractBody(object, keepalive)\n}\n\nfunction cloneBody (instance, body) {\n // To clone a body body, run these steps:\n\n // https://fetch.spec.whatwg.org/#concept-body-clone\n\n // 1. Let « out1, out2 » be the result of teeing body’s stream.\n const [out1, out2] = body.stream.tee()\n\n // 2. Set body’s stream to out1.\n body.stream = out1\n\n // 3. Return a body whose stream is out2 and other members are copied from body.\n return {\n stream: out2,\n length: body.length,\n source: body.source\n }\n}\n\nfunction throwIfAborted (state) {\n if (state.aborted) {\n throw new DOMException('The operation was aborted.', 'AbortError')\n }\n}\n\nfunction bodyMixinMethods (instance) {\n const methods = {\n blob () {\n // The blob() method steps are to return the result of\n // running consume body with this and the following step\n // given a byte sequence bytes: return a Blob whose\n // contents are bytes and whose type attribute is this’s\n // MIME type.\n return consumeBody(this, (bytes) => {\n let mimeType = bodyMimeType(this)\n\n if (mimeType === null) {\n mimeType = ''\n } else if (mimeType) {\n mimeType = serializeAMimeType(mimeType)\n }\n\n // Return a Blob whose contents are bytes and type attribute\n // is mimeType.\n return new Blob([bytes], { type: mimeType })\n }, instance)\n },\n\n arrayBuffer () {\n // The arrayBuffer() method steps are to return the result\n // of running consume body with this and the following step\n // given a byte sequence bytes: return a new ArrayBuffer\n // whose contents are bytes.\n return consumeBody(this, (bytes) => {\n return new Uint8Array(bytes).buffer\n }, instance)\n },\n\n text () {\n // The text() method steps are to return the result of running\n // consume body with this and UTF-8 decode.\n return consumeBody(this, utf8DecodeBytes, instance)\n },\n\n json () {\n // The json() method steps are to return the result of running\n // consume body with this and parse JSON from bytes.\n return consumeBody(this, parseJSONFromBytes, instance)\n },\n\n formData () {\n // The formData() method steps are to return the result of running\n // consume body with this and the following step given a byte sequence bytes:\n return consumeBody(this, (value) => {\n // 1. Let mimeType be the result of get the MIME type with this.\n const mimeType = bodyMimeType(this)\n\n // 2. If mimeType is non-null, then switch on mimeType’s essence and run\n // the corresponding steps:\n if (mimeType !== null) {\n switch (mimeType.essence) {\n case 'multipart/form-data': {\n // 1. ... [long step]\n const parsed = multipartFormDataParser(value, mimeType)\n\n // 2. If that fails for some reason, then throw a TypeError.\n if (parsed === 'failure') {\n throw new TypeError('Failed to parse body as FormData.')\n }\n\n // 3. Return a new FormData object, appending each entry,\n // resulting from the parsing operation, to its entry list.\n const fd = new FormData()\n fd[kState] = parsed\n\n return fd\n }\n case 'application/x-www-form-urlencoded': {\n // 1. Let entries be the result of parsing bytes.\n const entries = new URLSearchParams(value.toString())\n\n // 2. If entries is failure, then throw a TypeError.\n\n // 3. Return a new FormData object whose entry list is entries.\n const fd = new FormData()\n\n for (const [name, value] of entries) {\n fd.append(name, value)\n }\n\n return fd\n }\n }\n }\n\n // 3. Throw a TypeError.\n throw new TypeError(\n 'Content-Type was not one of \"multipart/form-data\" or \"application/x-www-form-urlencoded\".'\n )\n }, instance)\n },\n\n bytes () {\n // The bytes() method steps are to return the result of running consume body\n // with this and the following step given a byte sequence bytes: return the\n // result of creating a Uint8Array from bytes in this’s relevant realm.\n return consumeBody(this, (bytes) => {\n return new Uint8Array(bytes)\n }, instance)\n }\n }\n\n return methods\n}\n\nfunction mixinBody (prototype) {\n Object.assign(prototype.prototype, bodyMixinMethods(prototype))\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-body-consume-body\n * @param {Response|Request} object\n * @param {(value: unknown) => unknown} convertBytesToJSValue\n * @param {Response|Request} instance\n */\nasync function consumeBody (object, convertBytesToJSValue, instance) {\n webidl.brandCheck(object, instance)\n\n // 1. If object is unusable, then return a promise rejected\n // with a TypeError.\n if (bodyUnusable(object)) {\n throw new TypeError('Body is unusable: Body has already been read')\n }\n\n throwIfAborted(object[kState])\n\n // 2. Let promise be a new promise.\n const promise = createDeferredPromise()\n\n // 3. Let errorSteps given error be to reject promise with error.\n const errorSteps = (error) => promise.reject(error)\n\n // 4. Let successSteps given a byte sequence data be to resolve\n // promise with the result of running convertBytesToJSValue\n // with data. If that threw an exception, then run errorSteps\n // with that exception.\n const successSteps = (data) => {\n try {\n promise.resolve(convertBytesToJSValue(data))\n } catch (e) {\n errorSteps(e)\n }\n }\n\n // 5. If object’s body is null, then run successSteps with an\n // empty byte sequence.\n if (object[kState].body == null) {\n successSteps(Buffer.allocUnsafe(0))\n return promise.promise\n }\n\n // 6. Otherwise, fully read object’s body given successSteps,\n // errorSteps, and object’s relevant global object.\n await fullyReadBody(object[kState].body, successSteps, errorSteps)\n\n // 7. Return promise.\n return promise.promise\n}\n\n// https://fetch.spec.whatwg.org/#body-unusable\nfunction bodyUnusable (object) {\n const body = object[kState].body\n\n // An object including the Body interface mixin is\n // said to be unusable if its body is non-null and\n // its body’s stream is disturbed or locked.\n return body != null && (body.stream.locked || util.isDisturbed(body.stream))\n}\n\n/**\n * @see https://infra.spec.whatwg.org/#parse-json-bytes-to-a-javascript-value\n * @param {Uint8Array} bytes\n */\nfunction parseJSONFromBytes (bytes) {\n return JSON.parse(utf8DecodeBytes(bytes))\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-body-mime-type\n * @param {import('./response').Response|import('./request').Request} requestOrResponse\n */\nfunction bodyMimeType (requestOrResponse) {\n // 1. Let headers be null.\n // 2. If requestOrResponse is a Request object, then set headers to requestOrResponse’s request’s header list.\n // 3. Otherwise, set headers to requestOrResponse’s response’s header list.\n /** @type {import('./headers').HeadersList} */\n const headers = requestOrResponse[kState].headersList\n\n // 4. Let mimeType be the result of extracting a MIME type from headers.\n const mimeType = extractMimeType(headers)\n\n // 5. If mimeType is failure, then return null.\n if (mimeType === 'failure') {\n return null\n }\n\n // 6. Return mimeType.\n return mimeType\n}\n\nmodule.exports = {\n extractBody,\n safelyExtractBody,\n cloneBody,\n mixinBody,\n streamRegistry,\n hasFinalizationRegistry,\n bodyUnusable\n}\n","'use strict'\n\nconst corsSafeListedMethods = /** @type {const} */ (['GET', 'HEAD', 'POST'])\nconst corsSafeListedMethodsSet = new Set(corsSafeListedMethods)\n\nconst nullBodyStatus = /** @type {const} */ ([101, 204, 205, 304])\n\nconst redirectStatus = /** @type {const} */ ([301, 302, 303, 307, 308])\nconst redirectStatusSet = new Set(redirectStatus)\n\n/**\n * @see https://fetch.spec.whatwg.org/#block-bad-port\n */\nconst badPorts = /** @type {const} */ ([\n '1', '7', '9', '11', '13', '15', '17', '19', '20', '21', '22', '23', '25', '37', '42', '43', '53', '69', '77', '79',\n '87', '95', '101', '102', '103', '104', '109', '110', '111', '113', '115', '117', '119', '123', '135', '137',\n '139', '143', '161', '179', '389', '427', '465', '512', '513', '514', '515', '526', '530', '531', '532',\n '540', '548', '554', '556', '563', '587', '601', '636', '989', '990', '993', '995', '1719', '1720', '1723',\n '2049', '3659', '4045', '4190', '5060', '5061', '6000', '6566', '6665', '6666', '6667', '6668', '6669', '6679',\n '6697', '10080'\n])\nconst badPortsSet = new Set(badPorts)\n\n/**\n * @see https://w3c.github.io/webappsec-referrer-policy/#referrer-policies\n */\nconst referrerPolicy = /** @type {const} */ ([\n '',\n 'no-referrer',\n 'no-referrer-when-downgrade',\n 'same-origin',\n 'origin',\n 'strict-origin',\n 'origin-when-cross-origin',\n 'strict-origin-when-cross-origin',\n 'unsafe-url'\n])\nconst referrerPolicySet = new Set(referrerPolicy)\n\nconst requestRedirect = /** @type {const} */ (['follow', 'manual', 'error'])\n\nconst safeMethods = /** @type {const} */ (['GET', 'HEAD', 'OPTIONS', 'TRACE'])\nconst safeMethodsSet = new Set(safeMethods)\n\nconst requestMode = /** @type {const} */ (['navigate', 'same-origin', 'no-cors', 'cors'])\n\nconst requestCredentials = /** @type {const} */ (['omit', 'same-origin', 'include'])\n\nconst requestCache = /** @type {const} */ ([\n 'default',\n 'no-store',\n 'reload',\n 'no-cache',\n 'force-cache',\n 'only-if-cached'\n])\n\n/**\n * @see https://fetch.spec.whatwg.org/#request-body-header-name\n */\nconst requestBodyHeader = /** @type {const} */ ([\n 'content-encoding',\n 'content-language',\n 'content-location',\n 'content-type',\n // See https://github.com/nodejs/undici/issues/2021\n // 'Content-Length' is a forbidden header name, which is typically\n // removed in the Headers implementation. However, undici doesn't\n // filter out headers, so we add it here.\n 'content-length'\n])\n\n/**\n * @see https://fetch.spec.whatwg.org/#enumdef-requestduplex\n */\nconst requestDuplex = /** @type {const} */ ([\n 'half'\n])\n\n/**\n * @see http://fetch.spec.whatwg.org/#forbidden-method\n */\nconst forbiddenMethods = /** @type {const} */ (['CONNECT', 'TRACE', 'TRACK'])\nconst forbiddenMethodsSet = new Set(forbiddenMethods)\n\nconst subresource = /** @type {const} */ ([\n 'audio',\n 'audioworklet',\n 'font',\n 'image',\n 'manifest',\n 'paintworklet',\n 'script',\n 'style',\n 'track',\n 'video',\n 'xslt',\n ''\n])\nconst subresourceSet = new Set(subresource)\n\nmodule.exports = {\n subresource,\n forbiddenMethods,\n requestBodyHeader,\n referrerPolicy,\n requestRedirect,\n requestMode,\n requestCredentials,\n requestCache,\n redirectStatus,\n corsSafeListedMethods,\n nullBodyStatus,\n safeMethods,\n badPorts,\n requestDuplex,\n subresourceSet,\n badPortsSet,\n redirectStatusSet,\n corsSafeListedMethodsSet,\n safeMethodsSet,\n forbiddenMethodsSet,\n referrerPolicySet\n}\n","'use strict'\n\nconst assert = require('node:assert')\n\nconst encoder = new TextEncoder()\n\n/**\n * @see https://mimesniff.spec.whatwg.org/#http-token-code-point\n */\nconst HTTP_TOKEN_CODEPOINTS = /^[!#$%&'*+\\-.^_|~A-Za-z0-9]+$/\nconst HTTP_WHITESPACE_REGEX = /[\\u000A\\u000D\\u0009\\u0020]/ // eslint-disable-line\nconst ASCII_WHITESPACE_REPLACE_REGEX = /[\\u0009\\u000A\\u000C\\u000D\\u0020]/g // eslint-disable-line\n/**\n * @see https://mimesniff.spec.whatwg.org/#http-quoted-string-token-code-point\n */\nconst HTTP_QUOTED_STRING_TOKENS = /^[\\u0009\\u0020-\\u007E\\u0080-\\u00FF]+$/ // eslint-disable-line\n\n// https://fetch.spec.whatwg.org/#data-url-processor\n/** @param {URL} dataURL */\nfunction dataURLProcessor (dataURL) {\n // 1. Assert: dataURL’s scheme is \"data\".\n assert(dataURL.protocol === 'data:')\n\n // 2. Let input be the result of running the URL\n // serializer on dataURL with exclude fragment\n // set to true.\n let input = URLSerializer(dataURL, true)\n\n // 3. Remove the leading \"data:\" string from input.\n input = input.slice(5)\n\n // 4. Let position point at the start of input.\n const position = { position: 0 }\n\n // 5. Let mimeType be the result of collecting a\n // sequence of code points that are not equal\n // to U+002C (,), given position.\n let mimeType = collectASequenceOfCodePointsFast(\n ',',\n input,\n position\n )\n\n // 6. Strip leading and trailing ASCII whitespace\n // from mimeType.\n // Undici implementation note: we need to store the\n // length because if the mimetype has spaces removed,\n // the wrong amount will be sliced from the input in\n // step #9\n const mimeTypeLength = mimeType.length\n mimeType = removeASCIIWhitespace(mimeType, true, true)\n\n // 7. If position is past the end of input, then\n // return failure\n if (position.position >= input.length) {\n return 'failure'\n }\n\n // 8. Advance position by 1.\n position.position++\n\n // 9. Let encodedBody be the remainder of input.\n const encodedBody = input.slice(mimeTypeLength + 1)\n\n // 10. Let body be the percent-decoding of encodedBody.\n let body = stringPercentDecode(encodedBody)\n\n // 11. If mimeType ends with U+003B (;), followed by\n // zero or more U+0020 SPACE, followed by an ASCII\n // case-insensitive match for \"base64\", then:\n if (/;(\\u0020){0,}base64$/i.test(mimeType)) {\n // 1. Let stringBody be the isomorphic decode of body.\n const stringBody = isomorphicDecode(body)\n\n // 2. Set body to the forgiving-base64 decode of\n // stringBody.\n body = forgivingBase64(stringBody)\n\n // 3. If body is failure, then return failure.\n if (body === 'failure') {\n return 'failure'\n }\n\n // 4. Remove the last 6 code points from mimeType.\n mimeType = mimeType.slice(0, -6)\n\n // 5. Remove trailing U+0020 SPACE code points from mimeType,\n // if any.\n mimeType = mimeType.replace(/(\\u0020)+$/, '')\n\n // 6. Remove the last U+003B (;) code point from mimeType.\n mimeType = mimeType.slice(0, -1)\n }\n\n // 12. If mimeType starts with U+003B (;), then prepend\n // \"text/plain\" to mimeType.\n if (mimeType.startsWith(';')) {\n mimeType = 'text/plain' + mimeType\n }\n\n // 13. Let mimeTypeRecord be the result of parsing\n // mimeType.\n let mimeTypeRecord = parseMIMEType(mimeType)\n\n // 14. If mimeTypeRecord is failure, then set\n // mimeTypeRecord to text/plain;charset=US-ASCII.\n if (mimeTypeRecord === 'failure') {\n mimeTypeRecord = parseMIMEType('text/plain;charset=US-ASCII')\n }\n\n // 15. Return a new data: URL struct whose MIME\n // type is mimeTypeRecord and body is body.\n // https://fetch.spec.whatwg.org/#data-url-struct\n return { mimeType: mimeTypeRecord, body }\n}\n\n// https://url.spec.whatwg.org/#concept-url-serializer\n/**\n * @param {URL} url\n * @param {boolean} excludeFragment\n */\nfunction URLSerializer (url, excludeFragment = false) {\n if (!excludeFragment) {\n return url.href\n }\n\n const href = url.href\n const hashLength = url.hash.length\n\n const serialized = hashLength === 0 ? href : href.substring(0, href.length - hashLength)\n\n if (!hashLength && href.endsWith('#')) {\n return serialized.slice(0, -1)\n }\n\n return serialized\n}\n\n// https://infra.spec.whatwg.org/#collect-a-sequence-of-code-points\n/**\n * @param {(char: string) => boolean} condition\n * @param {string} input\n * @param {{ position: number }} position\n */\nfunction collectASequenceOfCodePoints (condition, input, position) {\n // 1. Let result be the empty string.\n let result = ''\n\n // 2. While position doesn’t point past the end of input and the\n // code point at position within input meets the condition condition:\n while (position.position < input.length && condition(input[position.position])) {\n // 1. Append that code point to the end of result.\n result += input[position.position]\n\n // 2. Advance position by 1.\n position.position++\n }\n\n // 3. Return result.\n return result\n}\n\n/**\n * A faster collectASequenceOfCodePoints that only works when comparing a single character.\n * @param {string} char\n * @param {string} input\n * @param {{ position: number }} position\n */\nfunction collectASequenceOfCodePointsFast (char, input, position) {\n const idx = input.indexOf(char, position.position)\n const start = position.position\n\n if (idx === -1) {\n position.position = input.length\n return input.slice(start)\n }\n\n position.position = idx\n return input.slice(start, position.position)\n}\n\n// https://url.spec.whatwg.org/#string-percent-decode\n/** @param {string} input */\nfunction stringPercentDecode (input) {\n // 1. Let bytes be the UTF-8 encoding of input.\n const bytes = encoder.encode(input)\n\n // 2. Return the percent-decoding of bytes.\n return percentDecode(bytes)\n}\n\n/**\n * @param {number} byte\n */\nfunction isHexCharByte (byte) {\n // 0-9 A-F a-f\n return (byte >= 0x30 && byte <= 0x39) || (byte >= 0x41 && byte <= 0x46) || (byte >= 0x61 && byte <= 0x66)\n}\n\n/**\n * @param {number} byte\n */\nfunction hexByteToNumber (byte) {\n return (\n // 0-9\n byte >= 0x30 && byte <= 0x39\n ? (byte - 48)\n // Convert to uppercase\n // ((byte & 0xDF) - 65) + 10\n : ((byte & 0xDF) - 55)\n )\n}\n\n// https://url.spec.whatwg.org/#percent-decode\n/** @param {Uint8Array} input */\nfunction percentDecode (input) {\n const length = input.length\n // 1. Let output be an empty byte sequence.\n /** @type {Uint8Array} */\n const output = new Uint8Array(length)\n let j = 0\n // 2. For each byte byte in input:\n for (let i = 0; i < length; ++i) {\n const byte = input[i]\n\n // 1. If byte is not 0x25 (%), then append byte to output.\n if (byte !== 0x25) {\n output[j++] = byte\n\n // 2. Otherwise, if byte is 0x25 (%) and the next two bytes\n // after byte in input are not in the ranges\n // 0x30 (0) to 0x39 (9), 0x41 (A) to 0x46 (F),\n // and 0x61 (a) to 0x66 (f), all inclusive, append byte\n // to output.\n } else if (\n byte === 0x25 &&\n !(isHexCharByte(input[i + 1]) && isHexCharByte(input[i + 2]))\n ) {\n output[j++] = 0x25\n\n // 3. Otherwise:\n } else {\n // 1. Let bytePoint be the two bytes after byte in input,\n // decoded, and then interpreted as hexadecimal number.\n // 2. Append a byte whose value is bytePoint to output.\n output[j++] = (hexByteToNumber(input[i + 1]) << 4) | hexByteToNumber(input[i + 2])\n\n // 3. Skip the next two bytes in input.\n i += 2\n }\n }\n\n // 3. Return output.\n return length === j ? output : output.subarray(0, j)\n}\n\n// https://mimesniff.spec.whatwg.org/#parse-a-mime-type\n/** @param {string} input */\nfunction parseMIMEType (input) {\n // 1. Remove any leading and trailing HTTP whitespace\n // from input.\n input = removeHTTPWhitespace(input, true, true)\n\n // 2. Let position be a position variable for input,\n // initially pointing at the start of input.\n const position = { position: 0 }\n\n // 3. Let type be the result of collecting a sequence\n // of code points that are not U+002F (/) from\n // input, given position.\n const type = collectASequenceOfCodePointsFast(\n '/',\n input,\n position\n )\n\n // 4. If type is the empty string or does not solely\n // contain HTTP token code points, then return failure.\n // https://mimesniff.spec.whatwg.org/#http-token-code-point\n if (type.length === 0 || !HTTP_TOKEN_CODEPOINTS.test(type)) {\n return 'failure'\n }\n\n // 5. If position is past the end of input, then return\n // failure\n if (position.position > input.length) {\n return 'failure'\n }\n\n // 6. Advance position by 1. (This skips past U+002F (/).)\n position.position++\n\n // 7. Let subtype be the result of collecting a sequence of\n // code points that are not U+003B (;) from input, given\n // position.\n let subtype = collectASequenceOfCodePointsFast(\n ';',\n input,\n position\n )\n\n // 8. Remove any trailing HTTP whitespace from subtype.\n subtype = removeHTTPWhitespace(subtype, false, true)\n\n // 9. If subtype is the empty string or does not solely\n // contain HTTP token code points, then return failure.\n if (subtype.length === 0 || !HTTP_TOKEN_CODEPOINTS.test(subtype)) {\n return 'failure'\n }\n\n const typeLowercase = type.toLowerCase()\n const subtypeLowercase = subtype.toLowerCase()\n\n // 10. Let mimeType be a new MIME type record whose type\n // is type, in ASCII lowercase, and subtype is subtype,\n // in ASCII lowercase.\n // https://mimesniff.spec.whatwg.org/#mime-type\n const mimeType = {\n type: typeLowercase,\n subtype: subtypeLowercase,\n /** @type {Map} */\n parameters: new Map(),\n // https://mimesniff.spec.whatwg.org/#mime-type-essence\n essence: `${typeLowercase}/${subtypeLowercase}`\n }\n\n // 11. While position is not past the end of input:\n while (position.position < input.length) {\n // 1. Advance position by 1. (This skips past U+003B (;).)\n position.position++\n\n // 2. Collect a sequence of code points that are HTTP\n // whitespace from input given position.\n collectASequenceOfCodePoints(\n // https://fetch.spec.whatwg.org/#http-whitespace\n char => HTTP_WHITESPACE_REGEX.test(char),\n input,\n position\n )\n\n // 3. Let parameterName be the result of collecting a\n // sequence of code points that are not U+003B (;)\n // or U+003D (=) from input, given position.\n let parameterName = collectASequenceOfCodePoints(\n (char) => char !== ';' && char !== '=',\n input,\n position\n )\n\n // 4. Set parameterName to parameterName, in ASCII\n // lowercase.\n parameterName = parameterName.toLowerCase()\n\n // 5. If position is not past the end of input, then:\n if (position.position < input.length) {\n // 1. If the code point at position within input is\n // U+003B (;), then continue.\n if (input[position.position] === ';') {\n continue\n }\n\n // 2. Advance position by 1. (This skips past U+003D (=).)\n position.position++\n }\n\n // 6. If position is past the end of input, then break.\n if (position.position > input.length) {\n break\n }\n\n // 7. Let parameterValue be null.\n let parameterValue = null\n\n // 8. If the code point at position within input is\n // U+0022 (\"), then:\n if (input[position.position] === '\"') {\n // 1. Set parameterValue to the result of collecting\n // an HTTP quoted string from input, given position\n // and the extract-value flag.\n parameterValue = collectAnHTTPQuotedString(input, position, true)\n\n // 2. Collect a sequence of code points that are not\n // U+003B (;) from input, given position.\n collectASequenceOfCodePointsFast(\n ';',\n input,\n position\n )\n\n // 9. Otherwise:\n } else {\n // 1. Set parameterValue to the result of collecting\n // a sequence of code points that are not U+003B (;)\n // from input, given position.\n parameterValue = collectASequenceOfCodePointsFast(\n ';',\n input,\n position\n )\n\n // 2. Remove any trailing HTTP whitespace from parameterValue.\n parameterValue = removeHTTPWhitespace(parameterValue, false, true)\n\n // 3. If parameterValue is the empty string, then continue.\n if (parameterValue.length === 0) {\n continue\n }\n }\n\n // 10. If all of the following are true\n // - parameterName is not the empty string\n // - parameterName solely contains HTTP token code points\n // - parameterValue solely contains HTTP quoted-string token code points\n // - mimeType’s parameters[parameterName] does not exist\n // then set mimeType’s parameters[parameterName] to parameterValue.\n if (\n parameterName.length !== 0 &&\n HTTP_TOKEN_CODEPOINTS.test(parameterName) &&\n (parameterValue.length === 0 || HTTP_QUOTED_STRING_TOKENS.test(parameterValue)) &&\n !mimeType.parameters.has(parameterName)\n ) {\n mimeType.parameters.set(parameterName, parameterValue)\n }\n }\n\n // 12. Return mimeType.\n return mimeType\n}\n\n// https://infra.spec.whatwg.org/#forgiving-base64-decode\n/** @param {string} data */\nfunction forgivingBase64 (data) {\n // 1. Remove all ASCII whitespace from data.\n data = data.replace(ASCII_WHITESPACE_REPLACE_REGEX, '') // eslint-disable-line\n\n let dataLength = data.length\n // 2. If data’s code point length divides by 4 leaving\n // no remainder, then:\n if (dataLength % 4 === 0) {\n // 1. If data ends with one or two U+003D (=) code points,\n // then remove them from data.\n if (data.charCodeAt(dataLength - 1) === 0x003D) {\n --dataLength\n if (data.charCodeAt(dataLength - 1) === 0x003D) {\n --dataLength\n }\n }\n }\n\n // 3. If data’s code point length divides by 4 leaving\n // a remainder of 1, then return failure.\n if (dataLength % 4 === 1) {\n return 'failure'\n }\n\n // 4. If data contains a code point that is not one of\n // U+002B (+)\n // U+002F (/)\n // ASCII alphanumeric\n // then return failure.\n if (/[^+/0-9A-Za-z]/.test(data.length === dataLength ? data : data.substring(0, dataLength))) {\n return 'failure'\n }\n\n const buffer = Buffer.from(data, 'base64')\n return new Uint8Array(buffer.buffer, buffer.byteOffset, buffer.byteLength)\n}\n\n// https://fetch.spec.whatwg.org/#collect-an-http-quoted-string\n// tests: https://fetch.spec.whatwg.org/#example-http-quoted-string\n/**\n * @param {string} input\n * @param {{ position: number }} position\n * @param {boolean?} extractValue\n */\nfunction collectAnHTTPQuotedString (input, position, extractValue) {\n // 1. Let positionStart be position.\n const positionStart = position.position\n\n // 2. Let value be the empty string.\n let value = ''\n\n // 3. Assert: the code point at position within input\n // is U+0022 (\").\n assert(input[position.position] === '\"')\n\n // 4. Advance position by 1.\n position.position++\n\n // 5. While true:\n while (true) {\n // 1. Append the result of collecting a sequence of code points\n // that are not U+0022 (\") or U+005C (\\) from input, given\n // position, to value.\n value += collectASequenceOfCodePoints(\n (char) => char !== '\"' && char !== '\\\\',\n input,\n position\n )\n\n // 2. If position is past the end of input, then break.\n if (position.position >= input.length) {\n break\n }\n\n // 3. Let quoteOrBackslash be the code point at position within\n // input.\n const quoteOrBackslash = input[position.position]\n\n // 4. Advance position by 1.\n position.position++\n\n // 5. If quoteOrBackslash is U+005C (\\), then:\n if (quoteOrBackslash === '\\\\') {\n // 1. If position is past the end of input, then append\n // U+005C (\\) to value and break.\n if (position.position >= input.length) {\n value += '\\\\'\n break\n }\n\n // 2. Append the code point at position within input to value.\n value += input[position.position]\n\n // 3. Advance position by 1.\n position.position++\n\n // 6. Otherwise:\n } else {\n // 1. Assert: quoteOrBackslash is U+0022 (\").\n assert(quoteOrBackslash === '\"')\n\n // 2. Break.\n break\n }\n }\n\n // 6. If the extract-value flag is set, then return value.\n if (extractValue) {\n return value\n }\n\n // 7. Return the code points from positionStart to position,\n // inclusive, within input.\n return input.slice(positionStart, position.position)\n}\n\n/**\n * @see https://mimesniff.spec.whatwg.org/#serialize-a-mime-type\n */\nfunction serializeAMimeType (mimeType) {\n assert(mimeType !== 'failure')\n const { parameters, essence } = mimeType\n\n // 1. Let serialization be the concatenation of mimeType’s\n // type, U+002F (/), and mimeType’s subtype.\n let serialization = essence\n\n // 2. For each name → value of mimeType’s parameters:\n for (let [name, value] of parameters.entries()) {\n // 1. Append U+003B (;) to serialization.\n serialization += ';'\n\n // 2. Append name to serialization.\n serialization += name\n\n // 3. Append U+003D (=) to serialization.\n serialization += '='\n\n // 4. If value does not solely contain HTTP token code\n // points or value is the empty string, then:\n if (!HTTP_TOKEN_CODEPOINTS.test(value)) {\n // 1. Precede each occurrence of U+0022 (\") or\n // U+005C (\\) in value with U+005C (\\).\n value = value.replace(/(\\\\|\")/g, '\\\\$1')\n\n // 2. Prepend U+0022 (\") to value.\n value = '\"' + value\n\n // 3. Append U+0022 (\") to value.\n value += '\"'\n }\n\n // 5. Append value to serialization.\n serialization += value\n }\n\n // 3. Return serialization.\n return serialization\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#http-whitespace\n * @param {number} char\n */\nfunction isHTTPWhiteSpace (char) {\n // \"\\r\\n\\t \"\n return char === 0x00d || char === 0x00a || char === 0x009 || char === 0x020\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#http-whitespace\n * @param {string} str\n * @param {boolean} [leading=true]\n * @param {boolean} [trailing=true]\n */\nfunction removeHTTPWhitespace (str, leading = true, trailing = true) {\n return removeChars(str, leading, trailing, isHTTPWhiteSpace)\n}\n\n/**\n * @see https://infra.spec.whatwg.org/#ascii-whitespace\n * @param {number} char\n */\nfunction isASCIIWhitespace (char) {\n // \"\\r\\n\\t\\f \"\n return char === 0x00d || char === 0x00a || char === 0x009 || char === 0x00c || char === 0x020\n}\n\n/**\n * @see https://infra.spec.whatwg.org/#strip-leading-and-trailing-ascii-whitespace\n * @param {string} str\n * @param {boolean} [leading=true]\n * @param {boolean} [trailing=true]\n */\nfunction removeASCIIWhitespace (str, leading = true, trailing = true) {\n return removeChars(str, leading, trailing, isASCIIWhitespace)\n}\n\n/**\n * @param {string} str\n * @param {boolean} leading\n * @param {boolean} trailing\n * @param {(charCode: number) => boolean} predicate\n * @returns\n */\nfunction removeChars (str, leading, trailing, predicate) {\n let lead = 0\n let trail = str.length - 1\n\n if (leading) {\n while (lead < str.length && predicate(str.charCodeAt(lead))) lead++\n }\n\n if (trailing) {\n while (trail > 0 && predicate(str.charCodeAt(trail))) trail--\n }\n\n return lead === 0 && trail === str.length - 1 ? str : str.slice(lead, trail + 1)\n}\n\n/**\n * @see https://infra.spec.whatwg.org/#isomorphic-decode\n * @param {Uint8Array} input\n * @returns {string}\n */\nfunction isomorphicDecode (input) {\n // 1. To isomorphic decode a byte sequence input, return a string whose code point\n // length is equal to input’s length and whose code points have the same values\n // as the values of input’s bytes, in the same order.\n const length = input.length\n if ((2 << 15) - 1 > length) {\n return String.fromCharCode.apply(null, input)\n }\n let result = ''; let i = 0\n let addition = (2 << 15) - 1\n while (i < length) {\n if (i + addition > length) {\n addition = length - i\n }\n result += String.fromCharCode.apply(null, input.subarray(i, i += addition))\n }\n return result\n}\n\n/**\n * @see https://mimesniff.spec.whatwg.org/#minimize-a-supported-mime-type\n * @param {Exclude, 'failure'>} mimeType\n */\nfunction minimizeSupportedMimeType (mimeType) {\n switch (mimeType.essence) {\n case 'application/ecmascript':\n case 'application/javascript':\n case 'application/x-ecmascript':\n case 'application/x-javascript':\n case 'text/ecmascript':\n case 'text/javascript':\n case 'text/javascript1.0':\n case 'text/javascript1.1':\n case 'text/javascript1.2':\n case 'text/javascript1.3':\n case 'text/javascript1.4':\n case 'text/javascript1.5':\n case 'text/jscript':\n case 'text/livescript':\n case 'text/x-ecmascript':\n case 'text/x-javascript':\n // 1. If mimeType is a JavaScript MIME type, then return \"text/javascript\".\n return 'text/javascript'\n case 'application/json':\n case 'text/json':\n // 2. If mimeType is a JSON MIME type, then return \"application/json\".\n return 'application/json'\n case 'image/svg+xml':\n // 3. If mimeType’s essence is \"image/svg+xml\", then return \"image/svg+xml\".\n return 'image/svg+xml'\n case 'text/xml':\n case 'application/xml':\n // 4. If mimeType is an XML MIME type, then return \"application/xml\".\n return 'application/xml'\n }\n\n // 2. If mimeType is a JSON MIME type, then return \"application/json\".\n if (mimeType.subtype.endsWith('+json')) {\n return 'application/json'\n }\n\n // 4. If mimeType is an XML MIME type, then return \"application/xml\".\n if (mimeType.subtype.endsWith('+xml')) {\n return 'application/xml'\n }\n\n // 5. If mimeType is supported by the user agent, then return mimeType’s essence.\n // Technically, node doesn't support any mimetypes.\n\n // 6. Return the empty string.\n return ''\n}\n\nmodule.exports = {\n dataURLProcessor,\n URLSerializer,\n collectASequenceOfCodePoints,\n collectASequenceOfCodePointsFast,\n stringPercentDecode,\n parseMIMEType,\n collectAnHTTPQuotedString,\n serializeAMimeType,\n removeChars,\n removeHTTPWhitespace,\n minimizeSupportedMimeType,\n HTTP_TOKEN_CODEPOINTS,\n isomorphicDecode\n}\n","'use strict'\n\nconst { kConnected, kSize } = require('../../core/symbols')\n\nclass CompatWeakRef {\n constructor (value) {\n this.value = value\n }\n\n deref () {\n return this.value[kConnected] === 0 && this.value[kSize] === 0\n ? undefined\n : this.value\n }\n}\n\nclass CompatFinalizer {\n constructor (finalizer) {\n this.finalizer = finalizer\n }\n\n register (dispatcher, key) {\n if (dispatcher.on) {\n dispatcher.on('disconnect', () => {\n if (dispatcher[kConnected] === 0 && dispatcher[kSize] === 0) {\n this.finalizer(key)\n }\n })\n }\n }\n\n unregister (key) {}\n}\n\nmodule.exports = function () {\n // FIXME: remove workaround when the Node bug is backported to v18\n // https://github.com/nodejs/node/issues/49344#issuecomment-1741776308\n if (process.env.NODE_V8_COVERAGE && process.version.startsWith('v18')) {\n process._rawDebug('Using compatibility WeakRef and FinalizationRegistry')\n return {\n WeakRef: CompatWeakRef,\n FinalizationRegistry: CompatFinalizer\n }\n }\n return { WeakRef, FinalizationRegistry }\n}\n","'use strict'\n\nconst { Blob, File } = require('node:buffer')\nconst { kState } = require('./symbols')\nconst { webidl } = require('./webidl')\n\n// TODO(@KhafraDev): remove\nclass FileLike {\n constructor (blobLike, fileName, options = {}) {\n // TODO: argument idl type check\n\n // The File constructor is invoked with two or three parameters, depending\n // on whether the optional dictionary parameter is used. When the File()\n // constructor is invoked, user agents must run the following steps:\n\n // 1. Let bytes be the result of processing blob parts given fileBits and\n // options.\n\n // 2. Let n be the fileName argument to the constructor.\n const n = fileName\n\n // 3. Process FilePropertyBag dictionary argument by running the following\n // substeps:\n\n // 1. If the type member is provided and is not the empty string, let t\n // be set to the type dictionary member. If t contains any characters\n // outside the range U+0020 to U+007E, then set t to the empty string\n // and return from these substeps.\n // TODO\n const t = options.type\n\n // 2. Convert every character in t to ASCII lowercase.\n // TODO\n\n // 3. If the lastModified member is provided, let d be set to the\n // lastModified dictionary member. If it is not provided, set d to the\n // current date and time represented as the number of milliseconds since\n // the Unix Epoch (which is the equivalent of Date.now() [ECMA-262]).\n const d = options.lastModified ?? Date.now()\n\n // 4. Return a new File object F such that:\n // F refers to the bytes byte sequence.\n // F.size is set to the number of total bytes in bytes.\n // F.name is set to n.\n // F.type is set to t.\n // F.lastModified is set to d.\n\n this[kState] = {\n blobLike,\n name: n,\n type: t,\n lastModified: d\n }\n }\n\n stream (...args) {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].blobLike.stream(...args)\n }\n\n arrayBuffer (...args) {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].blobLike.arrayBuffer(...args)\n }\n\n slice (...args) {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].blobLike.slice(...args)\n }\n\n text (...args) {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].blobLike.text(...args)\n }\n\n get size () {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].blobLike.size\n }\n\n get type () {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].blobLike.type\n }\n\n get name () {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].name\n }\n\n get lastModified () {\n webidl.brandCheck(this, FileLike)\n\n return this[kState].lastModified\n }\n\n get [Symbol.toStringTag] () {\n return 'File'\n }\n}\n\nwebidl.converters.Blob = webidl.interfaceConverter(Blob)\n\n// If this function is moved to ./util.js, some tools (such as\n// rollup) will warn about circular dependencies. See:\n// https://github.com/nodejs/undici/issues/1629\nfunction isFileLike (object) {\n return (\n (object instanceof File) ||\n (\n object &&\n (typeof object.stream === 'function' ||\n typeof object.arrayBuffer === 'function') &&\n object[Symbol.toStringTag] === 'File'\n )\n )\n}\n\nmodule.exports = { FileLike, isFileLike }\n","'use strict'\n\nconst { isUSVString, bufferToLowerCasedHeaderName } = require('../../core/util')\nconst { utf8DecodeBytes } = require('./util')\nconst { HTTP_TOKEN_CODEPOINTS, isomorphicDecode } = require('./data-url')\nconst { isFileLike } = require('./file')\nconst { makeEntry } = require('./formdata')\nconst assert = require('node:assert')\nconst { File: NodeFile } = require('node:buffer')\n\nconst File = globalThis.File ?? NodeFile\n\nconst formDataNameBuffer = Buffer.from('form-data; name=\"')\nconst filenameBuffer = Buffer.from('; filename')\nconst dd = Buffer.from('--')\nconst ddcrlf = Buffer.from('--\\r\\n')\n\n/**\n * @param {string} chars\n */\nfunction isAsciiString (chars) {\n for (let i = 0; i < chars.length; ++i) {\n if ((chars.charCodeAt(i) & ~0x7F) !== 0) {\n return false\n }\n }\n return true\n}\n\n/**\n * @see https://andreubotella.github.io/multipart-form-data/#multipart-form-data-boundary\n * @param {string} boundary\n */\nfunction validateBoundary (boundary) {\n const length = boundary.length\n\n // - its length is greater or equal to 27 and lesser or equal to 70, and\n if (length < 27 || length > 70) {\n return false\n }\n\n // - it is composed by bytes in the ranges 0x30 to 0x39, 0x41 to 0x5A, or\n // 0x61 to 0x7A, inclusive (ASCII alphanumeric), or which are 0x27 ('),\n // 0x2D (-) or 0x5F (_).\n for (let i = 0; i < length; ++i) {\n const cp = boundary.charCodeAt(i)\n\n if (!(\n (cp >= 0x30 && cp <= 0x39) ||\n (cp >= 0x41 && cp <= 0x5a) ||\n (cp >= 0x61 && cp <= 0x7a) ||\n cp === 0x27 ||\n cp === 0x2d ||\n cp === 0x5f\n )) {\n return false\n }\n }\n\n return true\n}\n\n/**\n * @see https://andreubotella.github.io/multipart-form-data/#multipart-form-data-parser\n * @param {Buffer} input\n * @param {ReturnType} mimeType\n */\nfunction multipartFormDataParser (input, mimeType) {\n // 1. Assert: mimeType’s essence is \"multipart/form-data\".\n assert(mimeType !== 'failure' && mimeType.essence === 'multipart/form-data')\n\n const boundaryString = mimeType.parameters.get('boundary')\n\n // 2. If mimeType’s parameters[\"boundary\"] does not exist, return failure.\n // Otherwise, let boundary be the result of UTF-8 decoding mimeType’s\n // parameters[\"boundary\"].\n if (boundaryString === undefined) {\n return 'failure'\n }\n\n const boundary = Buffer.from(`--${boundaryString}`, 'utf8')\n\n // 3. Let entry list be an empty entry list.\n const entryList = []\n\n // 4. Let position be a pointer to a byte in input, initially pointing at\n // the first byte.\n const position = { position: 0 }\n\n // Note: undici addition, allows leading and trailing CRLFs.\n while (input[position.position] === 0x0d && input[position.position + 1] === 0x0a) {\n position.position += 2\n }\n\n let trailing = input.length\n\n while (input[trailing - 1] === 0x0a && input[trailing - 2] === 0x0d) {\n trailing -= 2\n }\n\n if (trailing !== input.length) {\n input = input.subarray(0, trailing)\n }\n\n // 5. While true:\n while (true) {\n // 5.1. If position points to a sequence of bytes starting with 0x2D 0x2D\n // (`--`) followed by boundary, advance position by 2 + the length of\n // boundary. Otherwise, return failure.\n // Note: boundary is padded with 2 dashes already, no need to add 2.\n if (input.subarray(position.position, position.position + boundary.length).equals(boundary)) {\n position.position += boundary.length\n } else {\n return 'failure'\n }\n\n // 5.2. If position points to the sequence of bytes 0x2D 0x2D 0x0D 0x0A\n // (`--` followed by CR LF) followed by the end of input, return entry list.\n // Note: a body does NOT need to end with CRLF. It can end with --.\n if (\n (position.position === input.length - 2 && bufferStartsWith(input, dd, position)) ||\n (position.position === input.length - 4 && bufferStartsWith(input, ddcrlf, position))\n ) {\n return entryList\n }\n\n // 5.3. If position does not point to a sequence of bytes starting with 0x0D\n // 0x0A (CR LF), return failure.\n if (input[position.position] !== 0x0d || input[position.position + 1] !== 0x0a) {\n return 'failure'\n }\n\n // 5.4. Advance position by 2. (This skips past the newline.)\n position.position += 2\n\n // 5.5. Let name, filename and contentType be the result of parsing\n // multipart/form-data headers on input and position, if the result\n // is not failure. Otherwise, return failure.\n const result = parseMultipartFormDataHeaders(input, position)\n\n if (result === 'failure') {\n return 'failure'\n }\n\n let { name, filename, contentType, encoding } = result\n\n // 5.6. Advance position by 2. (This skips past the empty line that marks\n // the end of the headers.)\n position.position += 2\n\n // 5.7. Let body be the empty byte sequence.\n let body\n\n // 5.8. Body loop: While position is not past the end of input:\n // TODO: the steps here are completely wrong\n {\n const boundaryIndex = input.indexOf(boundary.subarray(2), position.position)\n\n if (boundaryIndex === -1) {\n return 'failure'\n }\n\n body = input.subarray(position.position, boundaryIndex - 4)\n\n position.position += body.length\n\n // Note: position must be advanced by the body's length before being\n // decoded, otherwise the parsing will fail.\n if (encoding === 'base64') {\n body = Buffer.from(body.toString(), 'base64')\n }\n }\n\n // 5.9. If position does not point to a sequence of bytes starting with\n // 0x0D 0x0A (CR LF), return failure. Otherwise, advance position by 2.\n if (input[position.position] !== 0x0d || input[position.position + 1] !== 0x0a) {\n return 'failure'\n } else {\n position.position += 2\n }\n\n // 5.10. If filename is not null:\n let value\n\n if (filename !== null) {\n // 5.10.1. If contentType is null, set contentType to \"text/plain\".\n contentType ??= 'text/plain'\n\n // 5.10.2. If contentType is not an ASCII string, set contentType to the empty string.\n\n // Note: `buffer.isAscii` can be used at zero-cost, but converting a string to a buffer is a high overhead.\n // Content-Type is a relatively small string, so it is faster to use `String#charCodeAt`.\n if (!isAsciiString(contentType)) {\n contentType = ''\n }\n\n // 5.10.3. Let value be a new File object with name filename, type contentType, and body body.\n value = new File([body], filename, { type: contentType })\n } else {\n // 5.11. Otherwise:\n\n // 5.11.1. Let value be the UTF-8 decoding without BOM of body.\n value = utf8DecodeBytes(Buffer.from(body))\n }\n\n // 5.12. Assert: name is a scalar value string and value is either a scalar value string or a File object.\n assert(isUSVString(name))\n assert((typeof value === 'string' && isUSVString(value)) || isFileLike(value))\n\n // 5.13. Create an entry with name and value, and append it to entry list.\n entryList.push(makeEntry(name, value, filename))\n }\n}\n\n/**\n * @see https://andreubotella.github.io/multipart-form-data/#parse-multipart-form-data-headers\n * @param {Buffer} input\n * @param {{ position: number }} position\n */\nfunction parseMultipartFormDataHeaders (input, position) {\n // 1. Let name, filename and contentType be null.\n let name = null\n let filename = null\n let contentType = null\n let encoding = null\n\n // 2. While true:\n while (true) {\n // 2.1. If position points to a sequence of bytes starting with 0x0D 0x0A (CR LF):\n if (input[position.position] === 0x0d && input[position.position + 1] === 0x0a) {\n // 2.1.1. If name is null, return failure.\n if (name === null) {\n return 'failure'\n }\n\n // 2.1.2. Return name, filename and contentType.\n return { name, filename, contentType, encoding }\n }\n\n // 2.2. Let header name be the result of collecting a sequence of bytes that are\n // not 0x0A (LF), 0x0D (CR) or 0x3A (:), given position.\n let headerName = collectASequenceOfBytes(\n (char) => char !== 0x0a && char !== 0x0d && char !== 0x3a,\n input,\n position\n )\n\n // 2.3. Remove any HTTP tab or space bytes from the start or end of header name.\n headerName = removeChars(headerName, true, true, (char) => char === 0x9 || char === 0x20)\n\n // 2.4. If header name does not match the field-name token production, return failure.\n if (!HTTP_TOKEN_CODEPOINTS.test(headerName.toString())) {\n return 'failure'\n }\n\n // 2.5. If the byte at position is not 0x3A (:), return failure.\n if (input[position.position] !== 0x3a) {\n return 'failure'\n }\n\n // 2.6. Advance position by 1.\n position.position++\n\n // 2.7. Collect a sequence of bytes that are HTTP tab or space bytes given position.\n // (Do nothing with those bytes.)\n collectASequenceOfBytes(\n (char) => char === 0x20 || char === 0x09,\n input,\n position\n )\n\n // 2.8. Byte-lowercase header name and switch on the result:\n switch (bufferToLowerCasedHeaderName(headerName)) {\n case 'content-disposition': {\n // 1. Set name and filename to null.\n name = filename = null\n\n // 2. If position does not point to a sequence of bytes starting with\n // `form-data; name=\"`, return failure.\n if (!bufferStartsWith(input, formDataNameBuffer, position)) {\n return 'failure'\n }\n\n // 3. Advance position so it points at the byte after the next 0x22 (\")\n // byte (the one in the sequence of bytes matched above).\n position.position += 17\n\n // 4. Set name to the result of parsing a multipart/form-data name given\n // input and position, if the result is not failure. Otherwise, return\n // failure.\n name = parseMultipartFormDataName(input, position)\n\n if (name === null) {\n return 'failure'\n }\n\n // 5. If position points to a sequence of bytes starting with `; filename=\"`:\n if (bufferStartsWith(input, filenameBuffer, position)) {\n // Note: undici also handles filename*\n let check = position.position + filenameBuffer.length\n\n if (input[check] === 0x2a) {\n position.position += 1\n check += 1\n }\n\n if (input[check] !== 0x3d || input[check + 1] !== 0x22) { // =\"\n return 'failure'\n }\n\n // 1. Advance position so it points at the byte after the next 0x22 (\") byte\n // (the one in the sequence of bytes matched above).\n position.position += 12\n\n // 2. Set filename to the result of parsing a multipart/form-data name given\n // input and position, if the result is not failure. Otherwise, return failure.\n filename = parseMultipartFormDataName(input, position)\n\n if (filename === null) {\n return 'failure'\n }\n }\n\n break\n }\n case 'content-type': {\n // 1. Let header value be the result of collecting a sequence of bytes that are\n // not 0x0A (LF) or 0x0D (CR), given position.\n let headerValue = collectASequenceOfBytes(\n (char) => char !== 0x0a && char !== 0x0d,\n input,\n position\n )\n\n // 2. Remove any HTTP tab or space bytes from the end of header value.\n headerValue = removeChars(headerValue, false, true, (char) => char === 0x9 || char === 0x20)\n\n // 3. Set contentType to the isomorphic decoding of header value.\n contentType = isomorphicDecode(headerValue)\n\n break\n }\n case 'content-transfer-encoding': {\n let headerValue = collectASequenceOfBytes(\n (char) => char !== 0x0a && char !== 0x0d,\n input,\n position\n )\n\n headerValue = removeChars(headerValue, false, true, (char) => char === 0x9 || char === 0x20)\n\n encoding = isomorphicDecode(headerValue)\n\n break\n }\n default: {\n // Collect a sequence of bytes that are not 0x0A (LF) or 0x0D (CR), given position.\n // (Do nothing with those bytes.)\n collectASequenceOfBytes(\n (char) => char !== 0x0a && char !== 0x0d,\n input,\n position\n )\n }\n }\n\n // 2.9. If position does not point to a sequence of bytes starting with 0x0D 0x0A\n // (CR LF), return failure. Otherwise, advance position by 2 (past the newline).\n if (input[position.position] !== 0x0d && input[position.position + 1] !== 0x0a) {\n return 'failure'\n } else {\n position.position += 2\n }\n }\n}\n\n/**\n * @see https://andreubotella.github.io/multipart-form-data/#parse-a-multipart-form-data-name\n * @param {Buffer} input\n * @param {{ position: number }} position\n */\nfunction parseMultipartFormDataName (input, position) {\n // 1. Assert: The byte at (position - 1) is 0x22 (\").\n assert(input[position.position - 1] === 0x22)\n\n // 2. Let name be the result of collecting a sequence of bytes that are not 0x0A (LF), 0x0D (CR) or 0x22 (\"), given position.\n /** @type {string | Buffer} */\n let name = collectASequenceOfBytes(\n (char) => char !== 0x0a && char !== 0x0d && char !== 0x22,\n input,\n position\n )\n\n // 3. If the byte at position is not 0x22 (\"), return failure. Otherwise, advance position by 1.\n if (input[position.position] !== 0x22) {\n return null // name could be 'failure'\n } else {\n position.position++\n }\n\n // 4. Replace any occurrence of the following subsequences in name with the given byte:\n // - `%0A`: 0x0A (LF)\n // - `%0D`: 0x0D (CR)\n // - `%22`: 0x22 (\")\n name = new TextDecoder().decode(name)\n .replace(/%0A/ig, '\\n')\n .replace(/%0D/ig, '\\r')\n .replace(/%22/g, '\"')\n\n // 5. Return the UTF-8 decoding without BOM of name.\n return name\n}\n\n/**\n * @param {(char: number) => boolean} condition\n * @param {Buffer} input\n * @param {{ position: number }} position\n */\nfunction collectASequenceOfBytes (condition, input, position) {\n let start = position.position\n\n while (start < input.length && condition(input[start])) {\n ++start\n }\n\n return input.subarray(position.position, (position.position = start))\n}\n\n/**\n * @param {Buffer} buf\n * @param {boolean} leading\n * @param {boolean} trailing\n * @param {(charCode: number) => boolean} predicate\n * @returns {Buffer}\n */\nfunction removeChars (buf, leading, trailing, predicate) {\n let lead = 0\n let trail = buf.length - 1\n\n if (leading) {\n while (lead < buf.length && predicate(buf[lead])) lead++\n }\n\n if (trailing) {\n while (trail > 0 && predicate(buf[trail])) trail--\n }\n\n return lead === 0 && trail === buf.length - 1 ? buf : buf.subarray(lead, trail + 1)\n}\n\n/**\n * Checks if {@param buffer} starts with {@param start}\n * @param {Buffer} buffer\n * @param {Buffer} start\n * @param {{ position: number }} position\n */\nfunction bufferStartsWith (buffer, start, position) {\n if (buffer.length < start.length) {\n return false\n }\n\n for (let i = 0; i < start.length; i++) {\n if (start[i] !== buffer[position.position + i]) {\n return false\n }\n }\n\n return true\n}\n\nmodule.exports = {\n multipartFormDataParser,\n validateBoundary\n}\n","'use strict'\n\nconst { isBlobLike, iteratorMixin } = require('./util')\nconst { kState } = require('./symbols')\nconst { kEnumerableProperty } = require('../../core/util')\nconst { FileLike, isFileLike } = require('./file')\nconst { webidl } = require('./webidl')\nconst { File: NativeFile } = require('node:buffer')\nconst nodeUtil = require('node:util')\n\n/** @type {globalThis['File']} */\nconst File = globalThis.File ?? NativeFile\n\n// https://xhr.spec.whatwg.org/#formdata\nclass FormData {\n constructor (form) {\n webidl.util.markAsUncloneable(this)\n\n if (form !== undefined) {\n throw webidl.errors.conversionFailed({\n prefix: 'FormData constructor',\n argument: 'Argument 1',\n types: ['undefined']\n })\n }\n\n this[kState] = []\n }\n\n append (name, value, filename = undefined) {\n webidl.brandCheck(this, FormData)\n\n const prefix = 'FormData.append'\n webidl.argumentLengthCheck(arguments, 2, prefix)\n\n if (arguments.length === 3 && !isBlobLike(value)) {\n throw new TypeError(\n \"Failed to execute 'append' on 'FormData': parameter 2 is not of type 'Blob'\"\n )\n }\n\n // 1. Let value be value if given; otherwise blobValue.\n\n name = webidl.converters.USVString(name, prefix, 'name')\n value = isBlobLike(value)\n ? webidl.converters.Blob(value, prefix, 'value', { strict: false })\n : webidl.converters.USVString(value, prefix, 'value')\n filename = arguments.length === 3\n ? webidl.converters.USVString(filename, prefix, 'filename')\n : undefined\n\n // 2. Let entry be the result of creating an entry with\n // name, value, and filename if given.\n const entry = makeEntry(name, value, filename)\n\n // 3. Append entry to this’s entry list.\n this[kState].push(entry)\n }\n\n delete (name) {\n webidl.brandCheck(this, FormData)\n\n const prefix = 'FormData.delete'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n name = webidl.converters.USVString(name, prefix, 'name')\n\n // The delete(name) method steps are to remove all entries whose name\n // is name from this’s entry list.\n this[kState] = this[kState].filter(entry => entry.name !== name)\n }\n\n get (name) {\n webidl.brandCheck(this, FormData)\n\n const prefix = 'FormData.get'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n name = webidl.converters.USVString(name, prefix, 'name')\n\n // 1. If there is no entry whose name is name in this’s entry list,\n // then return null.\n const idx = this[kState].findIndex((entry) => entry.name === name)\n if (idx === -1) {\n return null\n }\n\n // 2. Return the value of the first entry whose name is name from\n // this’s entry list.\n return this[kState][idx].value\n }\n\n getAll (name) {\n webidl.brandCheck(this, FormData)\n\n const prefix = 'FormData.getAll'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n name = webidl.converters.USVString(name, prefix, 'name')\n\n // 1. If there is no entry whose name is name in this’s entry list,\n // then return the empty list.\n // 2. Return the values of all entries whose name is name, in order,\n // from this’s entry list.\n return this[kState]\n .filter((entry) => entry.name === name)\n .map((entry) => entry.value)\n }\n\n has (name) {\n webidl.brandCheck(this, FormData)\n\n const prefix = 'FormData.has'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n name = webidl.converters.USVString(name, prefix, 'name')\n\n // The has(name) method steps are to return true if there is an entry\n // whose name is name in this’s entry list; otherwise false.\n return this[kState].findIndex((entry) => entry.name === name) !== -1\n }\n\n set (name, value, filename = undefined) {\n webidl.brandCheck(this, FormData)\n\n const prefix = 'FormData.set'\n webidl.argumentLengthCheck(arguments, 2, prefix)\n\n if (arguments.length === 3 && !isBlobLike(value)) {\n throw new TypeError(\n \"Failed to execute 'set' on 'FormData': parameter 2 is not of type 'Blob'\"\n )\n }\n\n // The set(name, value) and set(name, blobValue, filename) method steps\n // are:\n\n // 1. Let value be value if given; otherwise blobValue.\n\n name = webidl.converters.USVString(name, prefix, 'name')\n value = isBlobLike(value)\n ? webidl.converters.Blob(value, prefix, 'name', { strict: false })\n : webidl.converters.USVString(value, prefix, 'name')\n filename = arguments.length === 3\n ? webidl.converters.USVString(filename, prefix, 'name')\n : undefined\n\n // 2. Let entry be the result of creating an entry with name, value, and\n // filename if given.\n const entry = makeEntry(name, value, filename)\n\n // 3. If there are entries in this’s entry list whose name is name, then\n // replace the first such entry with entry and remove the others.\n const idx = this[kState].findIndex((entry) => entry.name === name)\n if (idx !== -1) {\n this[kState] = [\n ...this[kState].slice(0, idx),\n entry,\n ...this[kState].slice(idx + 1).filter((entry) => entry.name !== name)\n ]\n } else {\n // 4. Otherwise, append entry to this’s entry list.\n this[kState].push(entry)\n }\n }\n\n [nodeUtil.inspect.custom] (depth, options) {\n const state = this[kState].reduce((a, b) => {\n if (a[b.name]) {\n if (Array.isArray(a[b.name])) {\n a[b.name].push(b.value)\n } else {\n a[b.name] = [a[b.name], b.value]\n }\n } else {\n a[b.name] = b.value\n }\n\n return a\n }, { __proto__: null })\n\n options.depth ??= depth\n options.colors ??= true\n\n const output = nodeUtil.formatWithOptions(options, state)\n\n // remove [Object null prototype]\n return `FormData ${output.slice(output.indexOf(']') + 2)}`\n }\n}\n\niteratorMixin('FormData', FormData, kState, 'name', 'value')\n\nObject.defineProperties(FormData.prototype, {\n append: kEnumerableProperty,\n delete: kEnumerableProperty,\n get: kEnumerableProperty,\n getAll: kEnumerableProperty,\n has: kEnumerableProperty,\n set: kEnumerableProperty,\n [Symbol.toStringTag]: {\n value: 'FormData',\n configurable: true\n }\n})\n\n/**\n * @see https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#create-an-entry\n * @param {string} name\n * @param {string|Blob} value\n * @param {?string} filename\n * @returns\n */\nfunction makeEntry (name, value, filename) {\n // 1. Set name to the result of converting name into a scalar value string.\n // Note: This operation was done by the webidl converter USVString.\n\n // 2. If value is a string, then set value to the result of converting\n // value into a scalar value string.\n if (typeof value === 'string') {\n // Note: This operation was done by the webidl converter USVString.\n } else {\n // 3. Otherwise:\n\n // 1. If value is not a File object, then set value to a new File object,\n // representing the same bytes, whose name attribute value is \"blob\"\n if (!isFileLike(value)) {\n value = value instanceof Blob\n ? new File([value], 'blob', { type: value.type })\n : new FileLike(value, 'blob', { type: value.type })\n }\n\n // 2. If filename is given, then set value to a new File object,\n // representing the same bytes, whose name attribute is filename.\n if (filename !== undefined) {\n /** @type {FilePropertyBag} */\n const options = {\n type: value.type,\n lastModified: value.lastModified\n }\n\n value = value instanceof NativeFile\n ? new File([value], filename, options)\n : new FileLike(value, filename, options)\n }\n }\n\n // 4. Return an entry whose name is name and whose value is value.\n return { name, value }\n}\n\nmodule.exports = { FormData, makeEntry }\n","'use strict'\n\n// In case of breaking changes, increase the version\n// number to avoid conflicts.\nconst globalOrigin = Symbol.for('undici.globalOrigin.1')\n\nfunction getGlobalOrigin () {\n return globalThis[globalOrigin]\n}\n\nfunction setGlobalOrigin (newOrigin) {\n if (newOrigin === undefined) {\n Object.defineProperty(globalThis, globalOrigin, {\n value: undefined,\n writable: true,\n enumerable: false,\n configurable: false\n })\n\n return\n }\n\n const parsedURL = new URL(newOrigin)\n\n if (parsedURL.protocol !== 'http:' && parsedURL.protocol !== 'https:') {\n throw new TypeError(`Only http & https urls are allowed, received ${parsedURL.protocol}`)\n }\n\n Object.defineProperty(globalThis, globalOrigin, {\n value: parsedURL,\n writable: true,\n enumerable: false,\n configurable: false\n })\n}\n\nmodule.exports = {\n getGlobalOrigin,\n setGlobalOrigin\n}\n","// https://github.com/Ethan-Arrowood/undici-fetch\n\n'use strict'\n\nconst { kConstruct } = require('../../core/symbols')\nconst { kEnumerableProperty } = require('../../core/util')\nconst {\n iteratorMixin,\n isValidHeaderName,\n isValidHeaderValue\n} = require('./util')\nconst { webidl } = require('./webidl')\nconst assert = require('node:assert')\nconst util = require('node:util')\n\nconst kHeadersMap = Symbol('headers map')\nconst kHeadersSortedMap = Symbol('headers map sorted')\n\n/**\n * @param {number} code\n */\nfunction isHTTPWhiteSpaceCharCode (code) {\n return code === 0x00a || code === 0x00d || code === 0x009 || code === 0x020\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-header-value-normalize\n * @param {string} potentialValue\n */\nfunction headerValueNormalize (potentialValue) {\n // To normalize a byte sequence potentialValue, remove\n // any leading and trailing HTTP whitespace bytes from\n // potentialValue.\n let i = 0; let j = potentialValue.length\n\n while (j > i && isHTTPWhiteSpaceCharCode(potentialValue.charCodeAt(j - 1))) --j\n while (j > i && isHTTPWhiteSpaceCharCode(potentialValue.charCodeAt(i))) ++i\n\n return i === 0 && j === potentialValue.length ? potentialValue : potentialValue.substring(i, j)\n}\n\nfunction fill (headers, object) {\n // To fill a Headers object headers with a given object object, run these steps:\n\n // 1. If object is a sequence, then for each header in object:\n // Note: webidl conversion to array has already been done.\n if (Array.isArray(object)) {\n for (let i = 0; i < object.length; ++i) {\n const header = object[i]\n // 1. If header does not contain exactly two items, then throw a TypeError.\n if (header.length !== 2) {\n throw webidl.errors.exception({\n header: 'Headers constructor',\n message: `expected name/value pair to be length 2, found ${header.length}.`\n })\n }\n\n // 2. Append (header’s first item, header’s second item) to headers.\n appendHeader(headers, header[0], header[1])\n }\n } else if (typeof object === 'object' && object !== null) {\n // Note: null should throw\n\n // 2. Otherwise, object is a record, then for each key → value in object,\n // append (key, value) to headers\n const keys = Object.keys(object)\n for (let i = 0; i < keys.length; ++i) {\n appendHeader(headers, keys[i], object[keys[i]])\n }\n } else {\n throw webidl.errors.conversionFailed({\n prefix: 'Headers constructor',\n argument: 'Argument 1',\n types: ['sequence>', 'record']\n })\n }\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-headers-append\n */\nfunction appendHeader (headers, name, value) {\n // 1. Normalize value.\n value = headerValueNormalize(value)\n\n // 2. If name is not a header name or value is not a\n // header value, then throw a TypeError.\n if (!isValidHeaderName(name)) {\n throw webidl.errors.invalidArgument({\n prefix: 'Headers.append',\n value: name,\n type: 'header name'\n })\n } else if (!isValidHeaderValue(value)) {\n throw webidl.errors.invalidArgument({\n prefix: 'Headers.append',\n value,\n type: 'header value'\n })\n }\n\n // 3. If headers’s guard is \"immutable\", then throw a TypeError.\n // 4. Otherwise, if headers’s guard is \"request\" and name is a\n // forbidden header name, return.\n // 5. Otherwise, if headers’s guard is \"request-no-cors\":\n // TODO\n // Note: undici does not implement forbidden header names\n if (getHeadersGuard(headers) === 'immutable') {\n throw new TypeError('immutable')\n }\n\n // 6. Otherwise, if headers’s guard is \"response\" and name is a\n // forbidden response-header name, return.\n\n // 7. Append (name, value) to headers’s header list.\n return getHeadersList(headers).append(name, value, false)\n\n // 8. If headers’s guard is \"request-no-cors\", then remove\n // privileged no-CORS request headers from headers\n}\n\nfunction compareHeaderName (a, b) {\n return a[0] < b[0] ? -1 : 1\n}\n\nclass HeadersList {\n /** @type {[string, string][]|null} */\n cookies = null\n\n constructor (init) {\n if (init instanceof HeadersList) {\n this[kHeadersMap] = new Map(init[kHeadersMap])\n this[kHeadersSortedMap] = init[kHeadersSortedMap]\n this.cookies = init.cookies === null ? null : [...init.cookies]\n } else {\n this[kHeadersMap] = new Map(init)\n this[kHeadersSortedMap] = null\n }\n }\n\n /**\n * @see https://fetch.spec.whatwg.org/#header-list-contains\n * @param {string} name\n * @param {boolean} isLowerCase\n */\n contains (name, isLowerCase) {\n // A header list list contains a header name name if list\n // contains a header whose name is a byte-case-insensitive\n // match for name.\n\n return this[kHeadersMap].has(isLowerCase ? name : name.toLowerCase())\n }\n\n clear () {\n this[kHeadersMap].clear()\n this[kHeadersSortedMap] = null\n this.cookies = null\n }\n\n /**\n * @see https://fetch.spec.whatwg.org/#concept-header-list-append\n * @param {string} name\n * @param {string} value\n * @param {boolean} isLowerCase\n */\n append (name, value, isLowerCase) {\n this[kHeadersSortedMap] = null\n\n // 1. If list contains name, then set name to the first such\n // header’s name.\n const lowercaseName = isLowerCase ? name : name.toLowerCase()\n const exists = this[kHeadersMap].get(lowercaseName)\n\n // 2. Append (name, value) to list.\n if (exists) {\n const delimiter = lowercaseName === 'cookie' ? '; ' : ', '\n this[kHeadersMap].set(lowercaseName, {\n name: exists.name,\n value: `${exists.value}${delimiter}${value}`\n })\n } else {\n this[kHeadersMap].set(lowercaseName, { name, value })\n }\n\n if (lowercaseName === 'set-cookie') {\n (this.cookies ??= []).push(value)\n }\n }\n\n /**\n * @see https://fetch.spec.whatwg.org/#concept-header-list-set\n * @param {string} name\n * @param {string} value\n * @param {boolean} isLowerCase\n */\n set (name, value, isLowerCase) {\n this[kHeadersSortedMap] = null\n const lowercaseName = isLowerCase ? name : name.toLowerCase()\n\n if (lowercaseName === 'set-cookie') {\n this.cookies = [value]\n }\n\n // 1. If list contains name, then set the value of\n // the first such header to value and remove the\n // others.\n // 2. Otherwise, append header (name, value) to list.\n this[kHeadersMap].set(lowercaseName, { name, value })\n }\n\n /**\n * @see https://fetch.spec.whatwg.org/#concept-header-list-delete\n * @param {string} name\n * @param {boolean} isLowerCase\n */\n delete (name, isLowerCase) {\n this[kHeadersSortedMap] = null\n if (!isLowerCase) name = name.toLowerCase()\n\n if (name === 'set-cookie') {\n this.cookies = null\n }\n\n this[kHeadersMap].delete(name)\n }\n\n /**\n * @see https://fetch.spec.whatwg.org/#concept-header-list-get\n * @param {string} name\n * @param {boolean} isLowerCase\n * @returns {string | null}\n */\n get (name, isLowerCase) {\n // 1. If list does not contain name, then return null.\n // 2. Return the values of all headers in list whose name\n // is a byte-case-insensitive match for name,\n // separated from each other by 0x2C 0x20, in order.\n return this[kHeadersMap].get(isLowerCase ? name : name.toLowerCase())?.value ?? null\n }\n\n * [Symbol.iterator] () {\n // use the lowercased name\n for (const { 0: name, 1: { value } } of this[kHeadersMap]) {\n yield [name, value]\n }\n }\n\n get entries () {\n const headers = {}\n\n if (this[kHeadersMap].size !== 0) {\n for (const { name, value } of this[kHeadersMap].values()) {\n headers[name] = value\n }\n }\n\n return headers\n }\n\n rawValues () {\n return this[kHeadersMap].values()\n }\n\n get entriesList () {\n const headers = []\n\n if (this[kHeadersMap].size !== 0) {\n for (const { 0: lowerName, 1: { name, value } } of this[kHeadersMap]) {\n if (lowerName === 'set-cookie') {\n for (const cookie of this.cookies) {\n headers.push([name, cookie])\n }\n } else {\n headers.push([name, value])\n }\n }\n }\n\n return headers\n }\n\n // https://fetch.spec.whatwg.org/#convert-header-names-to-a-sorted-lowercase-set\n toSortedArray () {\n const size = this[kHeadersMap].size\n const array = new Array(size)\n // In most cases, you will use the fast-path.\n // fast-path: Use binary insertion sort for small arrays.\n if (size <= 32) {\n if (size === 0) {\n // If empty, it is an empty array. To avoid the first index assignment.\n return array\n }\n // Improve performance by unrolling loop and avoiding double-loop.\n // Double-loop-less version of the binary insertion sort.\n const iterator = this[kHeadersMap][Symbol.iterator]()\n const firstValue = iterator.next().value\n // set [name, value] to first index.\n array[0] = [firstValue[0], firstValue[1].value]\n // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine\n // 3.2.2. Assert: value is non-null.\n assert(firstValue[1].value !== null)\n for (\n let i = 1, j = 0, right = 0, left = 0, pivot = 0, x, value;\n i < size;\n ++i\n ) {\n // get next value\n value = iterator.next().value\n // set [name, value] to current index.\n x = array[i] = [value[0], value[1].value]\n // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine\n // 3.2.2. Assert: value is non-null.\n assert(x[1] !== null)\n left = 0\n right = i\n // binary search\n while (left < right) {\n // middle index\n pivot = left + ((right - left) >> 1)\n // compare header name\n if (array[pivot][0] <= x[0]) {\n left = pivot + 1\n } else {\n right = pivot\n }\n }\n if (i !== pivot) {\n j = i\n while (j > left) {\n array[j] = array[--j]\n }\n array[left] = x\n }\n }\n /* c8 ignore next 4 */\n if (!iterator.next().done) {\n // This is for debugging and will never be called.\n throw new TypeError('Unreachable')\n }\n return array\n } else {\n // This case would be a rare occurrence.\n // slow-path: fallback\n let i = 0\n for (const { 0: name, 1: { value } } of this[kHeadersMap]) {\n array[i++] = [name, value]\n // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine\n // 3.2.2. Assert: value is non-null.\n assert(value !== null)\n }\n return array.sort(compareHeaderName)\n }\n }\n}\n\n// https://fetch.spec.whatwg.org/#headers-class\nclass Headers {\n #guard\n #headersList\n\n constructor (init = undefined) {\n webidl.util.markAsUncloneable(this)\n\n if (init === kConstruct) {\n return\n }\n\n this.#headersList = new HeadersList()\n\n // The new Headers(init) constructor steps are:\n\n // 1. Set this’s guard to \"none\".\n this.#guard = 'none'\n\n // 2. If init is given, then fill this with init.\n if (init !== undefined) {\n init = webidl.converters.HeadersInit(init, 'Headers contructor', 'init')\n fill(this, init)\n }\n }\n\n // https://fetch.spec.whatwg.org/#dom-headers-append\n append (name, value) {\n webidl.brandCheck(this, Headers)\n\n webidl.argumentLengthCheck(arguments, 2, 'Headers.append')\n\n const prefix = 'Headers.append'\n name = webidl.converters.ByteString(name, prefix, 'name')\n value = webidl.converters.ByteString(value, prefix, 'value')\n\n return appendHeader(this, name, value)\n }\n\n // https://fetch.spec.whatwg.org/#dom-headers-delete\n delete (name) {\n webidl.brandCheck(this, Headers)\n\n webidl.argumentLengthCheck(arguments, 1, 'Headers.delete')\n\n const prefix = 'Headers.delete'\n name = webidl.converters.ByteString(name, prefix, 'name')\n\n // 1. If name is not a header name, then throw a TypeError.\n if (!isValidHeaderName(name)) {\n throw webidl.errors.invalidArgument({\n prefix: 'Headers.delete',\n value: name,\n type: 'header name'\n })\n }\n\n // 2. If this’s guard is \"immutable\", then throw a TypeError.\n // 3. Otherwise, if this’s guard is \"request\" and name is a\n // forbidden header name, return.\n // 4. Otherwise, if this’s guard is \"request-no-cors\", name\n // is not a no-CORS-safelisted request-header name, and\n // name is not a privileged no-CORS request-header name,\n // return.\n // 5. Otherwise, if this’s guard is \"response\" and name is\n // a forbidden response-header name, return.\n // Note: undici does not implement forbidden header names\n if (this.#guard === 'immutable') {\n throw new TypeError('immutable')\n }\n\n // 6. If this’s header list does not contain name, then\n // return.\n if (!this.#headersList.contains(name, false)) {\n return\n }\n\n // 7. Delete name from this’s header list.\n // 8. If this’s guard is \"request-no-cors\", then remove\n // privileged no-CORS request headers from this.\n this.#headersList.delete(name, false)\n }\n\n // https://fetch.spec.whatwg.org/#dom-headers-get\n get (name) {\n webidl.brandCheck(this, Headers)\n\n webidl.argumentLengthCheck(arguments, 1, 'Headers.get')\n\n const prefix = 'Headers.get'\n name = webidl.converters.ByteString(name, prefix, 'name')\n\n // 1. If name is not a header name, then throw a TypeError.\n if (!isValidHeaderName(name)) {\n throw webidl.errors.invalidArgument({\n prefix,\n value: name,\n type: 'header name'\n })\n }\n\n // 2. Return the result of getting name from this’s header\n // list.\n return this.#headersList.get(name, false)\n }\n\n // https://fetch.spec.whatwg.org/#dom-headers-has\n has (name) {\n webidl.brandCheck(this, Headers)\n\n webidl.argumentLengthCheck(arguments, 1, 'Headers.has')\n\n const prefix = 'Headers.has'\n name = webidl.converters.ByteString(name, prefix, 'name')\n\n // 1. If name is not a header name, then throw a TypeError.\n if (!isValidHeaderName(name)) {\n throw webidl.errors.invalidArgument({\n prefix,\n value: name,\n type: 'header name'\n })\n }\n\n // 2. Return true if this’s header list contains name;\n // otherwise false.\n return this.#headersList.contains(name, false)\n }\n\n // https://fetch.spec.whatwg.org/#dom-headers-set\n set (name, value) {\n webidl.brandCheck(this, Headers)\n\n webidl.argumentLengthCheck(arguments, 2, 'Headers.set')\n\n const prefix = 'Headers.set'\n name = webidl.converters.ByteString(name, prefix, 'name')\n value = webidl.converters.ByteString(value, prefix, 'value')\n\n // 1. Normalize value.\n value = headerValueNormalize(value)\n\n // 2. If name is not a header name or value is not a\n // header value, then throw a TypeError.\n if (!isValidHeaderName(name)) {\n throw webidl.errors.invalidArgument({\n prefix,\n value: name,\n type: 'header name'\n })\n } else if (!isValidHeaderValue(value)) {\n throw webidl.errors.invalidArgument({\n prefix,\n value,\n type: 'header value'\n })\n }\n\n // 3. If this’s guard is \"immutable\", then throw a TypeError.\n // 4. Otherwise, if this’s guard is \"request\" and name is a\n // forbidden header name, return.\n // 5. Otherwise, if this’s guard is \"request-no-cors\" and\n // name/value is not a no-CORS-safelisted request-header,\n // return.\n // 6. Otherwise, if this’s guard is \"response\" and name is a\n // forbidden response-header name, return.\n // Note: undici does not implement forbidden header names\n if (this.#guard === 'immutable') {\n throw new TypeError('immutable')\n }\n\n // 7. Set (name, value) in this’s header list.\n // 8. If this’s guard is \"request-no-cors\", then remove\n // privileged no-CORS request headers from this\n this.#headersList.set(name, value, false)\n }\n\n // https://fetch.spec.whatwg.org/#dom-headers-getsetcookie\n getSetCookie () {\n webidl.brandCheck(this, Headers)\n\n // 1. If this’s header list does not contain `Set-Cookie`, then return « ».\n // 2. Return the values of all headers in this’s header list whose name is\n // a byte-case-insensitive match for `Set-Cookie`, in order.\n\n const list = this.#headersList.cookies\n\n if (list) {\n return [...list]\n }\n\n return []\n }\n\n // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine\n get [kHeadersSortedMap] () {\n if (this.#headersList[kHeadersSortedMap]) {\n return this.#headersList[kHeadersSortedMap]\n }\n\n // 1. Let headers be an empty list of headers with the key being the name\n // and value the value.\n const headers = []\n\n // 2. Let names be the result of convert header names to a sorted-lowercase\n // set with all the names of the headers in list.\n const names = this.#headersList.toSortedArray()\n\n const cookies = this.#headersList.cookies\n\n // fast-path\n if (cookies === null || cookies.length === 1) {\n // Note: The non-null assertion of value has already been done by `HeadersList#toSortedArray`\n return (this.#headersList[kHeadersSortedMap] = names)\n }\n\n // 3. For each name of names:\n for (let i = 0; i < names.length; ++i) {\n const { 0: name, 1: value } = names[i]\n // 1. If name is `set-cookie`, then:\n if (name === 'set-cookie') {\n // 1. Let values be a list of all values of headers in list whose name\n // is a byte-case-insensitive match for name, in order.\n\n // 2. For each value of values:\n // 1. Append (name, value) to headers.\n for (let j = 0; j < cookies.length; ++j) {\n headers.push([name, cookies[j]])\n }\n } else {\n // 2. Otherwise:\n\n // 1. Let value be the result of getting name from list.\n\n // 2. Assert: value is non-null.\n // Note: This operation was done by `HeadersList#toSortedArray`.\n\n // 3. Append (name, value) to headers.\n headers.push([name, value])\n }\n }\n\n // 4. Return headers.\n return (this.#headersList[kHeadersSortedMap] = headers)\n }\n\n [util.inspect.custom] (depth, options) {\n options.depth ??= depth\n\n return `Headers ${util.formatWithOptions(options, this.#headersList.entries)}`\n }\n\n static getHeadersGuard (o) {\n return o.#guard\n }\n\n static setHeadersGuard (o, guard) {\n o.#guard = guard\n }\n\n static getHeadersList (o) {\n return o.#headersList\n }\n\n static setHeadersList (o, list) {\n o.#headersList = list\n }\n}\n\nconst { getHeadersGuard, setHeadersGuard, getHeadersList, setHeadersList } = Headers\nReflect.deleteProperty(Headers, 'getHeadersGuard')\nReflect.deleteProperty(Headers, 'setHeadersGuard')\nReflect.deleteProperty(Headers, 'getHeadersList')\nReflect.deleteProperty(Headers, 'setHeadersList')\n\niteratorMixin('Headers', Headers, kHeadersSortedMap, 0, 1)\n\nObject.defineProperties(Headers.prototype, {\n append: kEnumerableProperty,\n delete: kEnumerableProperty,\n get: kEnumerableProperty,\n has: kEnumerableProperty,\n set: kEnumerableProperty,\n getSetCookie: kEnumerableProperty,\n [Symbol.toStringTag]: {\n value: 'Headers',\n configurable: true\n },\n [util.inspect.custom]: {\n enumerable: false\n }\n})\n\nwebidl.converters.HeadersInit = function (V, prefix, argument) {\n if (webidl.util.Type(V) === 'Object') {\n const iterator = Reflect.get(V, Symbol.iterator)\n\n // A work-around to ensure we send the properly-cased Headers when V is a Headers object.\n // Read https://github.com/nodejs/undici/pull/3159#issuecomment-2075537226 before touching, please.\n if (!util.types.isProxy(V) && iterator === Headers.prototype.entries) { // Headers object\n try {\n return getHeadersList(V).entriesList\n } catch {\n // fall-through\n }\n }\n\n if (typeof iterator === 'function') {\n return webidl.converters['sequence>'](V, prefix, argument, iterator.bind(V))\n }\n\n return webidl.converters['record'](V, prefix, argument)\n }\n\n throw webidl.errors.conversionFailed({\n prefix: 'Headers constructor',\n argument: 'Argument 1',\n types: ['sequence>', 'record']\n })\n}\n\nmodule.exports = {\n fill,\n // for test.\n compareHeaderName,\n Headers,\n HeadersList,\n getHeadersGuard,\n setHeadersGuard,\n setHeadersList,\n getHeadersList\n}\n","// https://github.com/Ethan-Arrowood/undici-fetch\n\n'use strict'\n\nconst {\n makeNetworkError,\n makeAppropriateNetworkError,\n filterResponse,\n makeResponse,\n fromInnerResponse\n} = require('./response')\nconst { HeadersList } = require('./headers')\nconst { Request, cloneRequest } = require('./request')\nconst zlib = require('node:zlib')\nconst {\n bytesMatch,\n makePolicyContainer,\n clonePolicyContainer,\n requestBadPort,\n TAOCheck,\n appendRequestOriginHeader,\n responseLocationURL,\n requestCurrentURL,\n setRequestReferrerPolicyOnRedirect,\n tryUpgradeRequestToAPotentiallyTrustworthyURL,\n createOpaqueTimingInfo,\n appendFetchMetadata,\n corsCheck,\n crossOriginResourcePolicyCheck,\n determineRequestsReferrer,\n coarsenedSharedCurrentTime,\n createDeferredPromise,\n isBlobLike,\n sameOrigin,\n isCancelled,\n isAborted,\n isErrorLike,\n fullyReadBody,\n readableStreamClose,\n isomorphicEncode,\n urlIsLocal,\n urlIsHttpHttpsScheme,\n urlHasHttpsScheme,\n clampAndCoarsenConnectionTimingInfo,\n simpleRangeHeaderValue,\n buildContentRange,\n createInflate,\n extractMimeType\n} = require('./util')\nconst { kState, kDispatcher } = require('./symbols')\nconst assert = require('node:assert')\nconst { safelyExtractBody, extractBody } = require('./body')\nconst {\n redirectStatusSet,\n nullBodyStatus,\n safeMethodsSet,\n requestBodyHeader,\n subresourceSet\n} = require('./constants')\nconst EE = require('node:events')\nconst { Readable, pipeline, finished } = require('node:stream')\nconst { addAbortListener, isErrored, isReadable, bufferToLowerCasedHeaderName } = require('../../core/util')\nconst { dataURLProcessor, serializeAMimeType, minimizeSupportedMimeType } = require('./data-url')\nconst { getGlobalDispatcher } = require('../../global')\nconst { webidl } = require('./webidl')\nconst { STATUS_CODES } = require('node:http')\nconst GET_OR_HEAD = ['GET', 'HEAD']\n\nconst defaultUserAgent = typeof __UNDICI_IS_NODE__ !== 'undefined' || typeof esbuildDetection !== 'undefined'\n ? 'node'\n : 'undici'\n\n/** @type {import('buffer').resolveObjectURL} */\nlet resolveObjectURL\n\nclass Fetch extends EE {\n constructor (dispatcher) {\n super()\n\n this.dispatcher = dispatcher\n this.connection = null\n this.dump = false\n this.state = 'ongoing'\n }\n\n terminate (reason) {\n if (this.state !== 'ongoing') {\n return\n }\n\n this.state = 'terminated'\n this.connection?.destroy(reason)\n this.emit('terminated', reason)\n }\n\n // https://fetch.spec.whatwg.org/#fetch-controller-abort\n abort (error) {\n if (this.state !== 'ongoing') {\n return\n }\n\n // 1. Set controller’s state to \"aborted\".\n this.state = 'aborted'\n\n // 2. Let fallbackError be an \"AbortError\" DOMException.\n // 3. Set error to fallbackError if it is not given.\n if (!error) {\n error = new DOMException('The operation was aborted.', 'AbortError')\n }\n\n // 4. Let serializedError be StructuredSerialize(error).\n // If that threw an exception, catch it, and let\n // serializedError be StructuredSerialize(fallbackError).\n\n // 5. Set controller’s serialized abort reason to serializedError.\n this.serializedAbortReason = error\n\n this.connection?.destroy(error)\n this.emit('terminated', error)\n }\n}\n\nfunction handleFetchDone (response) {\n finalizeAndReportTiming(response, 'fetch')\n}\n\n// https://fetch.spec.whatwg.org/#fetch-method\nfunction fetch (input, init = undefined) {\n webidl.argumentLengthCheck(arguments, 1, 'globalThis.fetch')\n\n // 1. Let p be a new promise.\n let p = createDeferredPromise()\n\n // 2. Let requestObject be the result of invoking the initial value of\n // Request as constructor with input and init as arguments. If this throws\n // an exception, reject p with it and return p.\n let requestObject\n\n try {\n requestObject = new Request(input, init)\n } catch (e) {\n p.reject(e)\n return p.promise\n }\n\n // 3. Let request be requestObject’s request.\n const request = requestObject[kState]\n\n // 4. If requestObject’s signal’s aborted flag is set, then:\n if (requestObject.signal.aborted) {\n // 1. Abort the fetch() call with p, request, null, and\n // requestObject’s signal’s abort reason.\n abortFetch(p, request, null, requestObject.signal.reason)\n\n // 2. Return p.\n return p.promise\n }\n\n // 5. Let globalObject be request’s client’s global object.\n const globalObject = request.client.globalObject\n\n // 6. If globalObject is a ServiceWorkerGlobalScope object, then set\n // request’s service-workers mode to \"none\".\n if (globalObject?.constructor?.name === 'ServiceWorkerGlobalScope') {\n request.serviceWorkers = 'none'\n }\n\n // 7. Let responseObject be null.\n let responseObject = null\n\n // 8. Let relevantRealm be this’s relevant Realm.\n\n // 9. Let locallyAborted be false.\n let locallyAborted = false\n\n // 10. Let controller be null.\n let controller = null\n\n // 11. Add the following abort steps to requestObject’s signal:\n addAbortListener(\n requestObject.signal,\n () => {\n // 1. Set locallyAborted to true.\n locallyAborted = true\n\n // 2. Assert: controller is non-null.\n assert(controller != null)\n\n // 3. Abort controller with requestObject’s signal’s abort reason.\n controller.abort(requestObject.signal.reason)\n\n const realResponse = responseObject?.deref()\n\n // 4. Abort the fetch() call with p, request, responseObject,\n // and requestObject’s signal’s abort reason.\n abortFetch(p, request, realResponse, requestObject.signal.reason)\n }\n )\n\n // 12. Let handleFetchDone given response response be to finalize and\n // report timing with response, globalObject, and \"fetch\".\n // see function handleFetchDone\n\n // 13. Set controller to the result of calling fetch given request,\n // with processResponseEndOfBody set to handleFetchDone, and processResponse\n // given response being these substeps:\n\n const processResponse = (response) => {\n // 1. If locallyAborted is true, terminate these substeps.\n if (locallyAborted) {\n return\n }\n\n // 2. If response’s aborted flag is set, then:\n if (response.aborted) {\n // 1. Let deserializedError be the result of deserialize a serialized\n // abort reason given controller’s serialized abort reason and\n // relevantRealm.\n\n // 2. Abort the fetch() call with p, request, responseObject, and\n // deserializedError.\n\n abortFetch(p, request, responseObject, controller.serializedAbortReason)\n return\n }\n\n // 3. If response is a network error, then reject p with a TypeError\n // and terminate these substeps.\n if (response.type === 'error') {\n p.reject(new TypeError('fetch failed', { cause: response.error }))\n return\n }\n\n // 4. Set responseObject to the result of creating a Response object,\n // given response, \"immutable\", and relevantRealm.\n responseObject = new WeakRef(fromInnerResponse(response, 'immutable'))\n\n // 5. Resolve p with responseObject.\n p.resolve(responseObject.deref())\n p = null\n }\n\n controller = fetching({\n request,\n processResponseEndOfBody: handleFetchDone,\n processResponse,\n dispatcher: requestObject[kDispatcher] // undici\n })\n\n // 14. Return p.\n return p.promise\n}\n\n// https://fetch.spec.whatwg.org/#finalize-and-report-timing\nfunction finalizeAndReportTiming (response, initiatorType = 'other') {\n // 1. If response is an aborted network error, then return.\n if (response.type === 'error' && response.aborted) {\n return\n }\n\n // 2. If response’s URL list is null or empty, then return.\n if (!response.urlList?.length) {\n return\n }\n\n // 3. Let originalURL be response’s URL list[0].\n const originalURL = response.urlList[0]\n\n // 4. Let timingInfo be response’s timing info.\n let timingInfo = response.timingInfo\n\n // 5. Let cacheState be response’s cache state.\n let cacheState = response.cacheState\n\n // 6. If originalURL’s scheme is not an HTTP(S) scheme, then return.\n if (!urlIsHttpHttpsScheme(originalURL)) {\n return\n }\n\n // 7. If timingInfo is null, then return.\n if (timingInfo === null) {\n return\n }\n\n // 8. If response’s timing allow passed flag is not set, then:\n if (!response.timingAllowPassed) {\n // 1. Set timingInfo to a the result of creating an opaque timing info for timingInfo.\n timingInfo = createOpaqueTimingInfo({\n startTime: timingInfo.startTime\n })\n\n // 2. Set cacheState to the empty string.\n cacheState = ''\n }\n\n // 9. Set timingInfo’s end time to the coarsened shared current time\n // given global’s relevant settings object’s cross-origin isolated\n // capability.\n // TODO: given global’s relevant settings object’s cross-origin isolated\n // capability?\n timingInfo.endTime = coarsenedSharedCurrentTime()\n\n // 10. Set response’s timing info to timingInfo.\n response.timingInfo = timingInfo\n\n // 11. Mark resource timing for timingInfo, originalURL, initiatorType,\n // global, and cacheState.\n markResourceTiming(\n timingInfo,\n originalURL.href,\n initiatorType,\n globalThis,\n cacheState\n )\n}\n\n// https://w3c.github.io/resource-timing/#dfn-mark-resource-timing\nconst markResourceTiming = performance.markResourceTiming\n\n// https://fetch.spec.whatwg.org/#abort-fetch\nfunction abortFetch (p, request, responseObject, error) {\n // 1. Reject promise with error.\n if (p) {\n // We might have already resolved the promise at this stage\n p.reject(error)\n }\n\n // 2. If request’s body is not null and is readable, then cancel request’s\n // body with error.\n if (request.body != null && isReadable(request.body?.stream)) {\n request.body.stream.cancel(error).catch((err) => {\n if (err.code === 'ERR_INVALID_STATE') {\n // Node bug?\n return\n }\n throw err\n })\n }\n\n // 3. If responseObject is null, then return.\n if (responseObject == null) {\n return\n }\n\n // 4. Let response be responseObject’s response.\n const response = responseObject[kState]\n\n // 5. If response’s body is not null and is readable, then error response’s\n // body with error.\n if (response.body != null && isReadable(response.body?.stream)) {\n response.body.stream.cancel(error).catch((err) => {\n if (err.code === 'ERR_INVALID_STATE') {\n // Node bug?\n return\n }\n throw err\n })\n }\n}\n\n// https://fetch.spec.whatwg.org/#fetching\nfunction fetching ({\n request,\n processRequestBodyChunkLength,\n processRequestEndOfBody,\n processResponse,\n processResponseEndOfBody,\n processResponseConsumeBody,\n useParallelQueue = false,\n dispatcher = getGlobalDispatcher() // undici\n}) {\n // Ensure that the dispatcher is set accordingly\n assert(dispatcher)\n\n // 1. Let taskDestination be null.\n let taskDestination = null\n\n // 2. Let crossOriginIsolatedCapability be false.\n let crossOriginIsolatedCapability = false\n\n // 3. If request’s client is non-null, then:\n if (request.client != null) {\n // 1. Set taskDestination to request’s client’s global object.\n taskDestination = request.client.globalObject\n\n // 2. Set crossOriginIsolatedCapability to request’s client’s cross-origin\n // isolated capability.\n crossOriginIsolatedCapability =\n request.client.crossOriginIsolatedCapability\n }\n\n // 4. If useParallelQueue is true, then set taskDestination to the result of\n // starting a new parallel queue.\n // TODO\n\n // 5. Let timingInfo be a new fetch timing info whose start time and\n // post-redirect start time are the coarsened shared current time given\n // crossOriginIsolatedCapability.\n const currentTime = coarsenedSharedCurrentTime(crossOriginIsolatedCapability)\n const timingInfo = createOpaqueTimingInfo({\n startTime: currentTime\n })\n\n // 6. Let fetchParams be a new fetch params whose\n // request is request,\n // timing info is timingInfo,\n // process request body chunk length is processRequestBodyChunkLength,\n // process request end-of-body is processRequestEndOfBody,\n // process response is processResponse,\n // process response consume body is processResponseConsumeBody,\n // process response end-of-body is processResponseEndOfBody,\n // task destination is taskDestination,\n // and cross-origin isolated capability is crossOriginIsolatedCapability.\n const fetchParams = {\n controller: new Fetch(dispatcher),\n request,\n timingInfo,\n processRequestBodyChunkLength,\n processRequestEndOfBody,\n processResponse,\n processResponseConsumeBody,\n processResponseEndOfBody,\n taskDestination,\n crossOriginIsolatedCapability\n }\n\n // 7. If request’s body is a byte sequence, then set request’s body to\n // request’s body as a body.\n // NOTE: Since fetching is only called from fetch, body should already be\n // extracted.\n assert(!request.body || request.body.stream)\n\n // 8. If request’s window is \"client\", then set request’s window to request’s\n // client, if request’s client’s global object is a Window object; otherwise\n // \"no-window\".\n if (request.window === 'client') {\n // TODO: What if request.client is null?\n request.window =\n request.client?.globalObject?.constructor?.name === 'Window'\n ? request.client\n : 'no-window'\n }\n\n // 9. If request’s origin is \"client\", then set request’s origin to request’s\n // client’s origin.\n if (request.origin === 'client') {\n request.origin = request.client.origin\n }\n\n // 10. If all of the following conditions are true:\n // TODO\n\n // 11. If request’s policy container is \"client\", then:\n if (request.policyContainer === 'client') {\n // 1. If request’s client is non-null, then set request’s policy\n // container to a clone of request’s client’s policy container. [HTML]\n if (request.client != null) {\n request.policyContainer = clonePolicyContainer(\n request.client.policyContainer\n )\n } else {\n // 2. Otherwise, set request’s policy container to a new policy\n // container.\n request.policyContainer = makePolicyContainer()\n }\n }\n\n // 12. If request’s header list does not contain `Accept`, then:\n if (!request.headersList.contains('accept', true)) {\n // 1. Let value be `*/*`.\n const value = '*/*'\n\n // 2. A user agent should set value to the first matching statement, if\n // any, switching on request’s destination:\n // \"document\"\n // \"frame\"\n // \"iframe\"\n // `text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8`\n // \"image\"\n // `image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5`\n // \"style\"\n // `text/css,*/*;q=0.1`\n // TODO\n\n // 3. Append `Accept`/value to request’s header list.\n request.headersList.append('accept', value, true)\n }\n\n // 13. If request’s header list does not contain `Accept-Language`, then\n // user agents should append `Accept-Language`/an appropriate value to\n // request’s header list.\n if (!request.headersList.contains('accept-language', true)) {\n request.headersList.append('accept-language', '*', true)\n }\n\n // 14. If request’s priority is null, then use request’s initiator and\n // destination appropriately in setting request’s priority to a\n // user-agent-defined object.\n if (request.priority === null) {\n // TODO\n }\n\n // 15. If request is a subresource request, then:\n if (subresourceSet.has(request.destination)) {\n // TODO\n }\n\n // 16. Run main fetch given fetchParams.\n mainFetch(fetchParams)\n .catch(err => {\n fetchParams.controller.terminate(err)\n })\n\n // 17. Return fetchParam's controller\n return fetchParams.controller\n}\n\n// https://fetch.spec.whatwg.org/#concept-main-fetch\nasync function mainFetch (fetchParams, recursive = false) {\n // 1. Let request be fetchParams’s request.\n const request = fetchParams.request\n\n // 2. Let response be null.\n let response = null\n\n // 3. If request’s local-URLs-only flag is set and request’s current URL is\n // not local, then set response to a network error.\n if (request.localURLsOnly && !urlIsLocal(requestCurrentURL(request))) {\n response = makeNetworkError('local URLs only')\n }\n\n // 4. Run report Content Security Policy violations for request.\n // TODO\n\n // 5. Upgrade request to a potentially trustworthy URL, if appropriate.\n tryUpgradeRequestToAPotentiallyTrustworthyURL(request)\n\n // 6. If should request be blocked due to a bad port, should fetching request\n // be blocked as mixed content, or should request be blocked by Content\n // Security Policy returns blocked, then set response to a network error.\n if (requestBadPort(request) === 'blocked') {\n response = makeNetworkError('bad port')\n }\n // TODO: should fetching request be blocked as mixed content?\n // TODO: should request be blocked by Content Security Policy?\n\n // 7. If request’s referrer policy is the empty string, then set request’s\n // referrer policy to request’s policy container’s referrer policy.\n if (request.referrerPolicy === '') {\n request.referrerPolicy = request.policyContainer.referrerPolicy\n }\n\n // 8. If request’s referrer is not \"no-referrer\", then set request’s\n // referrer to the result of invoking determine request’s referrer.\n if (request.referrer !== 'no-referrer') {\n request.referrer = determineRequestsReferrer(request)\n }\n\n // 9. Set request’s current URL’s scheme to \"https\" if all of the following\n // conditions are true:\n // - request’s current URL’s scheme is \"http\"\n // - request’s current URL’s host is a domain\n // - Matching request’s current URL’s host per Known HSTS Host Domain Name\n // Matching results in either a superdomain match with an asserted\n // includeSubDomains directive or a congruent match (with or without an\n // asserted includeSubDomains directive). [HSTS]\n // TODO\n\n // 10. If recursive is false, then run the remaining steps in parallel.\n // TODO\n\n // 11. If response is null, then set response to the result of running\n // the steps corresponding to the first matching statement:\n if (response === null) {\n response = await (async () => {\n const currentURL = requestCurrentURL(request)\n\n if (\n // - request’s current URL’s origin is same origin with request’s origin,\n // and request’s response tainting is \"basic\"\n (sameOrigin(currentURL, request.url) && request.responseTainting === 'basic') ||\n // request’s current URL’s scheme is \"data\"\n (currentURL.protocol === 'data:') ||\n // - request’s mode is \"navigate\" or \"websocket\"\n (request.mode === 'navigate' || request.mode === 'websocket')\n ) {\n // 1. Set request’s response tainting to \"basic\".\n request.responseTainting = 'basic'\n\n // 2. Return the result of running scheme fetch given fetchParams.\n return await schemeFetch(fetchParams)\n }\n\n // request’s mode is \"same-origin\"\n if (request.mode === 'same-origin') {\n // 1. Return a network error.\n return makeNetworkError('request mode cannot be \"same-origin\"')\n }\n\n // request’s mode is \"no-cors\"\n if (request.mode === 'no-cors') {\n // 1. If request’s redirect mode is not \"follow\", then return a network\n // error.\n if (request.redirect !== 'follow') {\n return makeNetworkError(\n 'redirect mode cannot be \"follow\" for \"no-cors\" request'\n )\n }\n\n // 2. Set request’s response tainting to \"opaque\".\n request.responseTainting = 'opaque'\n\n // 3. Return the result of running scheme fetch given fetchParams.\n return await schemeFetch(fetchParams)\n }\n\n // request’s current URL’s scheme is not an HTTP(S) scheme\n if (!urlIsHttpHttpsScheme(requestCurrentURL(request))) {\n // Return a network error.\n return makeNetworkError('URL scheme must be a HTTP(S) scheme')\n }\n\n // - request’s use-CORS-preflight flag is set\n // - request’s unsafe-request flag is set and either request’s method is\n // not a CORS-safelisted method or CORS-unsafe request-header names with\n // request’s header list is not empty\n // 1. Set request’s response tainting to \"cors\".\n // 2. Let corsWithPreflightResponse be the result of running HTTP fetch\n // given fetchParams and true.\n // 3. If corsWithPreflightResponse is a network error, then clear cache\n // entries using request.\n // 4. Return corsWithPreflightResponse.\n // TODO\n\n // Otherwise\n // 1. Set request’s response tainting to \"cors\".\n request.responseTainting = 'cors'\n\n // 2. Return the result of running HTTP fetch given fetchParams.\n return await httpFetch(fetchParams)\n })()\n }\n\n // 12. If recursive is true, then return response.\n if (recursive) {\n return response\n }\n\n // 13. If response is not a network error and response is not a filtered\n // response, then:\n if (response.status !== 0 && !response.internalResponse) {\n // If request’s response tainting is \"cors\", then:\n if (request.responseTainting === 'cors') {\n // 1. Let headerNames be the result of extracting header list values\n // given `Access-Control-Expose-Headers` and response’s header list.\n // TODO\n // 2. If request’s credentials mode is not \"include\" and headerNames\n // contains `*`, then set response’s CORS-exposed header-name list to\n // all unique header names in response’s header list.\n // TODO\n // 3. Otherwise, if headerNames is not null or failure, then set\n // response’s CORS-exposed header-name list to headerNames.\n // TODO\n }\n\n // Set response to the following filtered response with response as its\n // internal response, depending on request’s response tainting:\n if (request.responseTainting === 'basic') {\n response = filterResponse(response, 'basic')\n } else if (request.responseTainting === 'cors') {\n response = filterResponse(response, 'cors')\n } else if (request.responseTainting === 'opaque') {\n response = filterResponse(response, 'opaque')\n } else {\n assert(false)\n }\n }\n\n // 14. Let internalResponse be response, if response is a network error,\n // and response’s internal response otherwise.\n let internalResponse =\n response.status === 0 ? response : response.internalResponse\n\n // 15. If internalResponse’s URL list is empty, then set it to a clone of\n // request’s URL list.\n if (internalResponse.urlList.length === 0) {\n internalResponse.urlList.push(...request.urlList)\n }\n\n // 16. If request’s timing allow failed flag is unset, then set\n // internalResponse’s timing allow passed flag.\n if (!request.timingAllowFailed) {\n response.timingAllowPassed = true\n }\n\n // 17. If response is not a network error and any of the following returns\n // blocked\n // - should internalResponse to request be blocked as mixed content\n // - should internalResponse to request be blocked by Content Security Policy\n // - should internalResponse to request be blocked due to its MIME type\n // - should internalResponse to request be blocked due to nosniff\n // TODO\n\n // 18. If response’s type is \"opaque\", internalResponse’s status is 206,\n // internalResponse’s range-requested flag is set, and request’s header\n // list does not contain `Range`, then set response and internalResponse\n // to a network error.\n if (\n response.type === 'opaque' &&\n internalResponse.status === 206 &&\n internalResponse.rangeRequested &&\n !request.headers.contains('range', true)\n ) {\n response = internalResponse = makeNetworkError()\n }\n\n // 19. If response is not a network error and either request’s method is\n // `HEAD` or `CONNECT`, or internalResponse’s status is a null body status,\n // set internalResponse’s body to null and disregard any enqueuing toward\n // it (if any).\n if (\n response.status !== 0 &&\n (request.method === 'HEAD' ||\n request.method === 'CONNECT' ||\n nullBodyStatus.includes(internalResponse.status))\n ) {\n internalResponse.body = null\n fetchParams.controller.dump = true\n }\n\n // 20. If request’s integrity metadata is not the empty string, then:\n if (request.integrity) {\n // 1. Let processBodyError be this step: run fetch finale given fetchParams\n // and a network error.\n const processBodyError = (reason) =>\n fetchFinale(fetchParams, makeNetworkError(reason))\n\n // 2. If request’s response tainting is \"opaque\", or response’s body is null,\n // then run processBodyError and abort these steps.\n if (request.responseTainting === 'opaque' || response.body == null) {\n processBodyError(response.error)\n return\n }\n\n // 3. Let processBody given bytes be these steps:\n const processBody = (bytes) => {\n // 1. If bytes do not match request’s integrity metadata,\n // then run processBodyError and abort these steps. [SRI]\n if (!bytesMatch(bytes, request.integrity)) {\n processBodyError('integrity mismatch')\n return\n }\n\n // 2. Set response’s body to bytes as a body.\n response.body = safelyExtractBody(bytes)[0]\n\n // 3. Run fetch finale given fetchParams and response.\n fetchFinale(fetchParams, response)\n }\n\n // 4. Fully read response’s body given processBody and processBodyError.\n await fullyReadBody(response.body, processBody, processBodyError)\n } else {\n // 21. Otherwise, run fetch finale given fetchParams and response.\n fetchFinale(fetchParams, response)\n }\n}\n\n// https://fetch.spec.whatwg.org/#concept-scheme-fetch\n// given a fetch params fetchParams\nfunction schemeFetch (fetchParams) {\n // Note: since the connection is destroyed on redirect, which sets fetchParams to a\n // cancelled state, we do not want this condition to trigger *unless* there have been\n // no redirects. See https://github.com/nodejs/undici/issues/1776\n // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams.\n if (isCancelled(fetchParams) && fetchParams.request.redirectCount === 0) {\n return Promise.resolve(makeAppropriateNetworkError(fetchParams))\n }\n\n // 2. Let request be fetchParams’s request.\n const { request } = fetchParams\n\n const { protocol: scheme } = requestCurrentURL(request)\n\n // 3. Switch on request’s current URL’s scheme and run the associated steps:\n switch (scheme) {\n case 'about:': {\n // If request’s current URL’s path is the string \"blank\", then return a new response\n // whose status message is `OK`, header list is « (`Content-Type`, `text/html;charset=utf-8`) »,\n // and body is the empty byte sequence as a body.\n\n // Otherwise, return a network error.\n return Promise.resolve(makeNetworkError('about scheme is not supported'))\n }\n case 'blob:': {\n if (!resolveObjectURL) {\n resolveObjectURL = require('node:buffer').resolveObjectURL\n }\n\n // 1. Let blobURLEntry be request’s current URL’s blob URL entry.\n const blobURLEntry = requestCurrentURL(request)\n\n // https://github.com/web-platform-tests/wpt/blob/7b0ebaccc62b566a1965396e5be7bb2bc06f841f/FileAPI/url/resources/fetch-tests.js#L52-L56\n // Buffer.resolveObjectURL does not ignore URL queries.\n if (blobURLEntry.search.length !== 0) {\n return Promise.resolve(makeNetworkError('NetworkError when attempting to fetch resource.'))\n }\n\n const blob = resolveObjectURL(blobURLEntry.toString())\n\n // 2. If request’s method is not `GET`, blobURLEntry is null, or blobURLEntry’s\n // object is not a Blob object, then return a network error.\n if (request.method !== 'GET' || !isBlobLike(blob)) {\n return Promise.resolve(makeNetworkError('invalid method'))\n }\n\n // 3. Let blob be blobURLEntry’s object.\n // Note: done above\n\n // 4. Let response be a new response.\n const response = makeResponse()\n\n // 5. Let fullLength be blob’s size.\n const fullLength = blob.size\n\n // 6. Let serializedFullLength be fullLength, serialized and isomorphic encoded.\n const serializedFullLength = isomorphicEncode(`${fullLength}`)\n\n // 7. Let type be blob’s type.\n const type = blob.type\n\n // 8. If request’s header list does not contain `Range`:\n // 9. Otherwise:\n if (!request.headersList.contains('range', true)) {\n // 1. Let bodyWithType be the result of safely extracting blob.\n // Note: in the FileAPI a blob \"object\" is a Blob *or* a MediaSource.\n // In node, this can only ever be a Blob. Therefore we can safely\n // use extractBody directly.\n const bodyWithType = extractBody(blob)\n\n // 2. Set response’s status message to `OK`.\n response.statusText = 'OK'\n\n // 3. Set response’s body to bodyWithType’s body.\n response.body = bodyWithType[0]\n\n // 4. Set response’s header list to « (`Content-Length`, serializedFullLength), (`Content-Type`, type) ».\n response.headersList.set('content-length', serializedFullLength, true)\n response.headersList.set('content-type', type, true)\n } else {\n // 1. Set response’s range-requested flag.\n response.rangeRequested = true\n\n // 2. Let rangeHeader be the result of getting `Range` from request’s header list.\n const rangeHeader = request.headersList.get('range', true)\n\n // 3. Let rangeValue be the result of parsing a single range header value given rangeHeader and true.\n const rangeValue = simpleRangeHeaderValue(rangeHeader, true)\n\n // 4. If rangeValue is failure, then return a network error.\n if (rangeValue === 'failure') {\n return Promise.resolve(makeNetworkError('failed to fetch the data URL'))\n }\n\n // 5. Let (rangeStart, rangeEnd) be rangeValue.\n let { rangeStartValue: rangeStart, rangeEndValue: rangeEnd } = rangeValue\n\n // 6. If rangeStart is null:\n // 7. Otherwise:\n if (rangeStart === null) {\n // 1. Set rangeStart to fullLength − rangeEnd.\n rangeStart = fullLength - rangeEnd\n\n // 2. Set rangeEnd to rangeStart + rangeEnd − 1.\n rangeEnd = rangeStart + rangeEnd - 1\n } else {\n // 1. If rangeStart is greater than or equal to fullLength, then return a network error.\n if (rangeStart >= fullLength) {\n return Promise.resolve(makeNetworkError('Range start is greater than the blob\\'s size.'))\n }\n\n // 2. If rangeEnd is null or rangeEnd is greater than or equal to fullLength, then set\n // rangeEnd to fullLength − 1.\n if (rangeEnd === null || rangeEnd >= fullLength) {\n rangeEnd = fullLength - 1\n }\n }\n\n // 8. Let slicedBlob be the result of invoking slice blob given blob, rangeStart,\n // rangeEnd + 1, and type.\n const slicedBlob = blob.slice(rangeStart, rangeEnd, type)\n\n // 9. Let slicedBodyWithType be the result of safely extracting slicedBlob.\n // Note: same reason as mentioned above as to why we use extractBody\n const slicedBodyWithType = extractBody(slicedBlob)\n\n // 10. Set response’s body to slicedBodyWithType’s body.\n response.body = slicedBodyWithType[0]\n\n // 11. Let serializedSlicedLength be slicedBlob’s size, serialized and isomorphic encoded.\n const serializedSlicedLength = isomorphicEncode(`${slicedBlob.size}`)\n\n // 12. Let contentRange be the result of invoking build a content range given rangeStart,\n // rangeEnd, and fullLength.\n const contentRange = buildContentRange(rangeStart, rangeEnd, fullLength)\n\n // 13. Set response’s status to 206.\n response.status = 206\n\n // 14. Set response’s status message to `Partial Content`.\n response.statusText = 'Partial Content'\n\n // 15. Set response’s header list to « (`Content-Length`, serializedSlicedLength),\n // (`Content-Type`, type), (`Content-Range`, contentRange) ».\n response.headersList.set('content-length', serializedSlicedLength, true)\n response.headersList.set('content-type', type, true)\n response.headersList.set('content-range', contentRange, true)\n }\n\n // 10. Return response.\n return Promise.resolve(response)\n }\n case 'data:': {\n // 1. Let dataURLStruct be the result of running the\n // data: URL processor on request’s current URL.\n const currentURL = requestCurrentURL(request)\n const dataURLStruct = dataURLProcessor(currentURL)\n\n // 2. If dataURLStruct is failure, then return a\n // network error.\n if (dataURLStruct === 'failure') {\n return Promise.resolve(makeNetworkError('failed to fetch the data URL'))\n }\n\n // 3. Let mimeType be dataURLStruct’s MIME type, serialized.\n const mimeType = serializeAMimeType(dataURLStruct.mimeType)\n\n // 4. Return a response whose status message is `OK`,\n // header list is « (`Content-Type`, mimeType) »,\n // and body is dataURLStruct’s body as a body.\n return Promise.resolve(makeResponse({\n statusText: 'OK',\n headersList: [\n ['content-type', { name: 'Content-Type', value: mimeType }]\n ],\n body: safelyExtractBody(dataURLStruct.body)[0]\n }))\n }\n case 'file:': {\n // For now, unfortunate as it is, file URLs are left as an exercise for the reader.\n // When in doubt, return a network error.\n return Promise.resolve(makeNetworkError('not implemented... yet...'))\n }\n case 'http:':\n case 'https:': {\n // Return the result of running HTTP fetch given fetchParams.\n\n return httpFetch(fetchParams)\n .catch((err) => makeNetworkError(err))\n }\n default: {\n return Promise.resolve(makeNetworkError('unknown scheme'))\n }\n }\n}\n\n// https://fetch.spec.whatwg.org/#finalize-response\nfunction finalizeResponse (fetchParams, response) {\n // 1. Set fetchParams’s request’s done flag.\n fetchParams.request.done = true\n\n // 2, If fetchParams’s process response done is not null, then queue a fetch\n // task to run fetchParams’s process response done given response, with\n // fetchParams’s task destination.\n if (fetchParams.processResponseDone != null) {\n queueMicrotask(() => fetchParams.processResponseDone(response))\n }\n}\n\n// https://fetch.spec.whatwg.org/#fetch-finale\nfunction fetchFinale (fetchParams, response) {\n // 1. Let timingInfo be fetchParams’s timing info.\n let timingInfo = fetchParams.timingInfo\n\n // 2. If response is not a network error and fetchParams’s request’s client is a secure context,\n // then set timingInfo’s server-timing headers to the result of getting, decoding, and splitting\n // `Server-Timing` from response’s internal response’s header list.\n // TODO\n\n // 3. Let processResponseEndOfBody be the following steps:\n const processResponseEndOfBody = () => {\n // 1. Let unsafeEndTime be the unsafe shared current time.\n const unsafeEndTime = Date.now() // ?\n\n // 2. If fetchParams’s request’s destination is \"document\", then set fetchParams’s controller’s\n // full timing info to fetchParams’s timing info.\n if (fetchParams.request.destination === 'document') {\n fetchParams.controller.fullTimingInfo = timingInfo\n }\n\n // 3. Set fetchParams’s controller’s report timing steps to the following steps given a global object global:\n fetchParams.controller.reportTimingSteps = () => {\n // 1. If fetchParams’s request’s URL’s scheme is not an HTTP(S) scheme, then return.\n if (fetchParams.request.url.protocol !== 'https:') {\n return\n }\n\n // 2. Set timingInfo’s end time to the relative high resolution time given unsafeEndTime and global.\n timingInfo.endTime = unsafeEndTime\n\n // 3. Let cacheState be response’s cache state.\n let cacheState = response.cacheState\n\n // 4. Let bodyInfo be response’s body info.\n const bodyInfo = response.bodyInfo\n\n // 5. If response’s timing allow passed flag is not set, then set timingInfo to the result of creating an\n // opaque timing info for timingInfo and set cacheState to the empty string.\n if (!response.timingAllowPassed) {\n timingInfo = createOpaqueTimingInfo(timingInfo)\n\n cacheState = ''\n }\n\n // 6. Let responseStatus be 0.\n let responseStatus = 0\n\n // 7. If fetchParams’s request’s mode is not \"navigate\" or response’s has-cross-origin-redirects is false:\n if (fetchParams.request.mode !== 'navigator' || !response.hasCrossOriginRedirects) {\n // 1. Set responseStatus to response’s status.\n responseStatus = response.status\n\n // 2. Let mimeType be the result of extracting a MIME type from response’s header list.\n const mimeType = extractMimeType(response.headersList)\n\n // 3. If mimeType is not failure, then set bodyInfo’s content type to the result of minimizing a supported MIME type given mimeType.\n if (mimeType !== 'failure') {\n bodyInfo.contentType = minimizeSupportedMimeType(mimeType)\n }\n }\n\n // 8. If fetchParams’s request’s initiator type is non-null, then mark resource timing given timingInfo,\n // fetchParams’s request’s URL, fetchParams’s request’s initiator type, global, cacheState, bodyInfo,\n // and responseStatus.\n if (fetchParams.request.initiatorType != null) {\n // TODO: update markresourcetiming\n markResourceTiming(timingInfo, fetchParams.request.url.href, fetchParams.request.initiatorType, globalThis, cacheState, bodyInfo, responseStatus)\n }\n }\n\n // 4. Let processResponseEndOfBodyTask be the following steps:\n const processResponseEndOfBodyTask = () => {\n // 1. Set fetchParams’s request’s done flag.\n fetchParams.request.done = true\n\n // 2. If fetchParams’s process response end-of-body is non-null, then run fetchParams’s process\n // response end-of-body given response.\n if (fetchParams.processResponseEndOfBody != null) {\n queueMicrotask(() => fetchParams.processResponseEndOfBody(response))\n }\n\n // 3. If fetchParams’s request’s initiator type is non-null and fetchParams’s request’s client’s\n // global object is fetchParams’s task destination, then run fetchParams’s controller’s report\n // timing steps given fetchParams’s request’s client’s global object.\n if (fetchParams.request.initiatorType != null) {\n fetchParams.controller.reportTimingSteps()\n }\n }\n\n // 5. Queue a fetch task to run processResponseEndOfBodyTask with fetchParams’s task destination\n queueMicrotask(() => processResponseEndOfBodyTask())\n }\n\n // 4. If fetchParams’s process response is non-null, then queue a fetch task to run fetchParams’s\n // process response given response, with fetchParams’s task destination.\n if (fetchParams.processResponse != null) {\n queueMicrotask(() => {\n fetchParams.processResponse(response)\n fetchParams.processResponse = null\n })\n }\n\n // 5. Let internalResponse be response, if response is a network error; otherwise response’s internal response.\n const internalResponse = response.type === 'error' ? response : (response.internalResponse ?? response)\n\n // 6. If internalResponse’s body is null, then run processResponseEndOfBody.\n // 7. Otherwise:\n if (internalResponse.body == null) {\n processResponseEndOfBody()\n } else {\n // mcollina: all the following steps of the specs are skipped.\n // The internal transform stream is not needed.\n // See https://github.com/nodejs/undici/pull/3093#issuecomment-2050198541\n\n // 1. Let transformStream be a new TransformStream.\n // 2. Let identityTransformAlgorithm be an algorithm which, given chunk, enqueues chunk in transformStream.\n // 3. Set up transformStream with transformAlgorithm set to identityTransformAlgorithm and flushAlgorithm\n // set to processResponseEndOfBody.\n // 4. Set internalResponse’s body’s stream to the result of internalResponse’s body’s stream piped through transformStream.\n\n finished(internalResponse.body.stream, () => {\n processResponseEndOfBody()\n })\n }\n}\n\n// https://fetch.spec.whatwg.org/#http-fetch\nasync function httpFetch (fetchParams) {\n // 1. Let request be fetchParams’s request.\n const request = fetchParams.request\n\n // 2. Let response be null.\n let response = null\n\n // 3. Let actualResponse be null.\n let actualResponse = null\n\n // 4. Let timingInfo be fetchParams’s timing info.\n const timingInfo = fetchParams.timingInfo\n\n // 5. If request’s service-workers mode is \"all\", then:\n if (request.serviceWorkers === 'all') {\n // TODO\n }\n\n // 6. If response is null, then:\n if (response === null) {\n // 1. If makeCORSPreflight is true and one of these conditions is true:\n // TODO\n\n // 2. If request’s redirect mode is \"follow\", then set request’s\n // service-workers mode to \"none\".\n if (request.redirect === 'follow') {\n request.serviceWorkers = 'none'\n }\n\n // 3. Set response and actualResponse to the result of running\n // HTTP-network-or-cache fetch given fetchParams.\n actualResponse = response = await httpNetworkOrCacheFetch(fetchParams)\n\n // 4. If request’s response tainting is \"cors\" and a CORS check\n // for request and response returns failure, then return a network error.\n if (\n request.responseTainting === 'cors' &&\n corsCheck(request, response) === 'failure'\n ) {\n return makeNetworkError('cors failure')\n }\n\n // 5. If the TAO check for request and response returns failure, then set\n // request’s timing allow failed flag.\n if (TAOCheck(request, response) === 'failure') {\n request.timingAllowFailed = true\n }\n }\n\n // 7. If either request’s response tainting or response’s type\n // is \"opaque\", and the cross-origin resource policy check with\n // request’s origin, request’s client, request’s destination,\n // and actualResponse returns blocked, then return a network error.\n if (\n (request.responseTainting === 'opaque' || response.type === 'opaque') &&\n crossOriginResourcePolicyCheck(\n request.origin,\n request.client,\n request.destination,\n actualResponse\n ) === 'blocked'\n ) {\n return makeNetworkError('blocked')\n }\n\n // 8. If actualResponse’s status is a redirect status, then:\n if (redirectStatusSet.has(actualResponse.status)) {\n // 1. If actualResponse’s status is not 303, request’s body is not null,\n // and the connection uses HTTP/2, then user agents may, and are even\n // encouraged to, transmit an RST_STREAM frame.\n // See, https://github.com/whatwg/fetch/issues/1288\n if (request.redirect !== 'manual') {\n fetchParams.controller.connection.destroy(undefined, false)\n }\n\n // 2. Switch on request’s redirect mode:\n if (request.redirect === 'error') {\n // Set response to a network error.\n response = makeNetworkError('unexpected redirect')\n } else if (request.redirect === 'manual') {\n // Set response to an opaque-redirect filtered response whose internal\n // response is actualResponse.\n // NOTE(spec): On the web this would return an `opaqueredirect` response,\n // but that doesn't make sense server side.\n // See https://github.com/nodejs/undici/issues/1193.\n response = actualResponse\n } else if (request.redirect === 'follow') {\n // Set response to the result of running HTTP-redirect fetch given\n // fetchParams and response.\n response = await httpRedirectFetch(fetchParams, response)\n } else {\n assert(false)\n }\n }\n\n // 9. Set response’s timing info to timingInfo.\n response.timingInfo = timingInfo\n\n // 10. Return response.\n return response\n}\n\n// https://fetch.spec.whatwg.org/#http-redirect-fetch\nfunction httpRedirectFetch (fetchParams, response) {\n // 1. Let request be fetchParams’s request.\n const request = fetchParams.request\n\n // 2. Let actualResponse be response, if response is not a filtered response,\n // and response’s internal response otherwise.\n const actualResponse = response.internalResponse\n ? response.internalResponse\n : response\n\n // 3. Let locationURL be actualResponse’s location URL given request’s current\n // URL’s fragment.\n let locationURL\n\n try {\n locationURL = responseLocationURL(\n actualResponse,\n requestCurrentURL(request).hash\n )\n\n // 4. If locationURL is null, then return response.\n if (locationURL == null) {\n return response\n }\n } catch (err) {\n // 5. If locationURL is failure, then return a network error.\n return Promise.resolve(makeNetworkError(err))\n }\n\n // 6. If locationURL’s scheme is not an HTTP(S) scheme, then return a network\n // error.\n if (!urlIsHttpHttpsScheme(locationURL)) {\n return Promise.resolve(makeNetworkError('URL scheme must be a HTTP(S) scheme'))\n }\n\n // 7. If request’s redirect count is 20, then return a network error.\n if (request.redirectCount === 20) {\n return Promise.resolve(makeNetworkError('redirect count exceeded'))\n }\n\n // 8. Increase request’s redirect count by 1.\n request.redirectCount += 1\n\n // 9. If request’s mode is \"cors\", locationURL includes credentials, and\n // request’s origin is not same origin with locationURL’s origin, then return\n // a network error.\n if (\n request.mode === 'cors' &&\n (locationURL.username || locationURL.password) &&\n !sameOrigin(request, locationURL)\n ) {\n return Promise.resolve(makeNetworkError('cross origin not allowed for request mode \"cors\"'))\n }\n\n // 10. If request’s response tainting is \"cors\" and locationURL includes\n // credentials, then return a network error.\n if (\n request.responseTainting === 'cors' &&\n (locationURL.username || locationURL.password)\n ) {\n return Promise.resolve(makeNetworkError(\n 'URL cannot contain credentials for request mode \"cors\"'\n ))\n }\n\n // 11. If actualResponse’s status is not 303, request’s body is non-null,\n // and request’s body’s source is null, then return a network error.\n if (\n actualResponse.status !== 303 &&\n request.body != null &&\n request.body.source == null\n ) {\n return Promise.resolve(makeNetworkError())\n }\n\n // 12. If one of the following is true\n // - actualResponse’s status is 301 or 302 and request’s method is `POST`\n // - actualResponse’s status is 303 and request’s method is not `GET` or `HEAD`\n if (\n ([301, 302].includes(actualResponse.status) && request.method === 'POST') ||\n (actualResponse.status === 303 &&\n !GET_OR_HEAD.includes(request.method))\n ) {\n // then:\n // 1. Set request’s method to `GET` and request’s body to null.\n request.method = 'GET'\n request.body = null\n\n // 2. For each headerName of request-body-header name, delete headerName from\n // request’s header list.\n for (const headerName of requestBodyHeader) {\n request.headersList.delete(headerName)\n }\n }\n\n // 13. If request’s current URL’s origin is not same origin with locationURL’s\n // origin, then for each headerName of CORS non-wildcard request-header name,\n // delete headerName from request’s header list.\n if (!sameOrigin(requestCurrentURL(request), locationURL)) {\n // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name\n request.headersList.delete('authorization', true)\n\n // https://fetch.spec.whatwg.org/#authentication-entries\n request.headersList.delete('proxy-authorization', true)\n\n // \"Cookie\" and \"Host\" are forbidden request-headers, which undici doesn't implement.\n request.headersList.delete('cookie', true)\n request.headersList.delete('host', true)\n }\n\n // 14. If request’s body is non-null, then set request’s body to the first return\n // value of safely extracting request’s body’s source.\n if (request.body != null) {\n assert(request.body.source != null)\n request.body = safelyExtractBody(request.body.source)[0]\n }\n\n // 15. Let timingInfo be fetchParams’s timing info.\n const timingInfo = fetchParams.timingInfo\n\n // 16. Set timingInfo’s redirect end time and post-redirect start time to the\n // coarsened shared current time given fetchParams’s cross-origin isolated\n // capability.\n timingInfo.redirectEndTime = timingInfo.postRedirectStartTime =\n coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability)\n\n // 17. If timingInfo’s redirect start time is 0, then set timingInfo’s\n // redirect start time to timingInfo’s start time.\n if (timingInfo.redirectStartTime === 0) {\n timingInfo.redirectStartTime = timingInfo.startTime\n }\n\n // 18. Append locationURL to request’s URL list.\n request.urlList.push(locationURL)\n\n // 19. Invoke set request’s referrer policy on redirect on request and\n // actualResponse.\n setRequestReferrerPolicyOnRedirect(request, actualResponse)\n\n // 20. Return the result of running main fetch given fetchParams and true.\n return mainFetch(fetchParams, true)\n}\n\n// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch\nasync function httpNetworkOrCacheFetch (\n fetchParams,\n isAuthenticationFetch = false,\n isNewConnectionFetch = false\n) {\n // 1. Let request be fetchParams’s request.\n const request = fetchParams.request\n\n // 2. Let httpFetchParams be null.\n let httpFetchParams = null\n\n // 3. Let httpRequest be null.\n let httpRequest = null\n\n // 4. Let response be null.\n let response = null\n\n // 5. Let storedResponse be null.\n // TODO: cache\n\n // 6. Let httpCache be null.\n const httpCache = null\n\n // 7. Let the revalidatingFlag be unset.\n const revalidatingFlag = false\n\n // 8. Run these steps, but abort when the ongoing fetch is terminated:\n\n // 1. If request’s window is \"no-window\" and request’s redirect mode is\n // \"error\", then set httpFetchParams to fetchParams and httpRequest to\n // request.\n if (request.window === 'no-window' && request.redirect === 'error') {\n httpFetchParams = fetchParams\n httpRequest = request\n } else {\n // Otherwise:\n\n // 1. Set httpRequest to a clone of request.\n httpRequest = cloneRequest(request)\n\n // 2. Set httpFetchParams to a copy of fetchParams.\n httpFetchParams = { ...fetchParams }\n\n // 3. Set httpFetchParams’s request to httpRequest.\n httpFetchParams.request = httpRequest\n }\n\n // 3. Let includeCredentials be true if one of\n const includeCredentials =\n request.credentials === 'include' ||\n (request.credentials === 'same-origin' &&\n request.responseTainting === 'basic')\n\n // 4. Let contentLength be httpRequest’s body’s length, if httpRequest’s\n // body is non-null; otherwise null.\n const contentLength = httpRequest.body ? httpRequest.body.length : null\n\n // 5. Let contentLengthHeaderValue be null.\n let contentLengthHeaderValue = null\n\n // 6. If httpRequest’s body is null and httpRequest’s method is `POST` or\n // `PUT`, then set contentLengthHeaderValue to `0`.\n if (\n httpRequest.body == null &&\n ['POST', 'PUT'].includes(httpRequest.method)\n ) {\n contentLengthHeaderValue = '0'\n }\n\n // 7. If contentLength is non-null, then set contentLengthHeaderValue to\n // contentLength, serialized and isomorphic encoded.\n if (contentLength != null) {\n contentLengthHeaderValue = isomorphicEncode(`${contentLength}`)\n }\n\n // 8. If contentLengthHeaderValue is non-null, then append\n // `Content-Length`/contentLengthHeaderValue to httpRequest’s header\n // list.\n if (contentLengthHeaderValue != null) {\n httpRequest.headersList.append('content-length', contentLengthHeaderValue, true)\n }\n\n // 9. If contentLengthHeaderValue is non-null, then append (`Content-Length`,\n // contentLengthHeaderValue) to httpRequest’s header list.\n\n // 10. If contentLength is non-null and httpRequest’s keepalive is true,\n // then:\n if (contentLength != null && httpRequest.keepalive) {\n // NOTE: keepalive is a noop outside of browser context.\n }\n\n // 11. If httpRequest’s referrer is a URL, then append\n // `Referer`/httpRequest’s referrer, serialized and isomorphic encoded,\n // to httpRequest’s header list.\n if (httpRequest.referrer instanceof URL) {\n httpRequest.headersList.append('referer', isomorphicEncode(httpRequest.referrer.href), true)\n }\n\n // 12. Append a request `Origin` header for httpRequest.\n appendRequestOriginHeader(httpRequest)\n\n // 13. Append the Fetch metadata headers for httpRequest. [FETCH-METADATA]\n appendFetchMetadata(httpRequest)\n\n // 14. If httpRequest’s header list does not contain `User-Agent`, then\n // user agents should append `User-Agent`/default `User-Agent` value to\n // httpRequest’s header list.\n if (!httpRequest.headersList.contains('user-agent', true)) {\n httpRequest.headersList.append('user-agent', defaultUserAgent)\n }\n\n // 15. If httpRequest’s cache mode is \"default\" and httpRequest’s header\n // list contains `If-Modified-Since`, `If-None-Match`,\n // `If-Unmodified-Since`, `If-Match`, or `If-Range`, then set\n // httpRequest’s cache mode to \"no-store\".\n if (\n httpRequest.cache === 'default' &&\n (httpRequest.headersList.contains('if-modified-since', true) ||\n httpRequest.headersList.contains('if-none-match', true) ||\n httpRequest.headersList.contains('if-unmodified-since', true) ||\n httpRequest.headersList.contains('if-match', true) ||\n httpRequest.headersList.contains('if-range', true))\n ) {\n httpRequest.cache = 'no-store'\n }\n\n // 16. If httpRequest’s cache mode is \"no-cache\", httpRequest’s prevent\n // no-cache cache-control header modification flag is unset, and\n // httpRequest’s header list does not contain `Cache-Control`, then append\n // `Cache-Control`/`max-age=0` to httpRequest’s header list.\n if (\n httpRequest.cache === 'no-cache' &&\n !httpRequest.preventNoCacheCacheControlHeaderModification &&\n !httpRequest.headersList.contains('cache-control', true)\n ) {\n httpRequest.headersList.append('cache-control', 'max-age=0', true)\n }\n\n // 17. If httpRequest’s cache mode is \"no-store\" or \"reload\", then:\n if (httpRequest.cache === 'no-store' || httpRequest.cache === 'reload') {\n // 1. If httpRequest’s header list does not contain `Pragma`, then append\n // `Pragma`/`no-cache` to httpRequest’s header list.\n if (!httpRequest.headersList.contains('pragma', true)) {\n httpRequest.headersList.append('pragma', 'no-cache', true)\n }\n\n // 2. If httpRequest’s header list does not contain `Cache-Control`,\n // then append `Cache-Control`/`no-cache` to httpRequest’s header list.\n if (!httpRequest.headersList.contains('cache-control', true)) {\n httpRequest.headersList.append('cache-control', 'no-cache', true)\n }\n }\n\n // 18. If httpRequest’s header list contains `Range`, then append\n // `Accept-Encoding`/`identity` to httpRequest’s header list.\n if (httpRequest.headersList.contains('range', true)) {\n httpRequest.headersList.append('accept-encoding', 'identity', true)\n }\n\n // 19. Modify httpRequest’s header list per HTTP. Do not append a given\n // header if httpRequest’s header list contains that header’s name.\n // TODO: https://github.com/whatwg/fetch/issues/1285#issuecomment-896560129\n if (!httpRequest.headersList.contains('accept-encoding', true)) {\n if (urlHasHttpsScheme(requestCurrentURL(httpRequest))) {\n httpRequest.headersList.append('accept-encoding', 'br, gzip, deflate', true)\n } else {\n httpRequest.headersList.append('accept-encoding', 'gzip, deflate', true)\n }\n }\n\n httpRequest.headersList.delete('host', true)\n\n // 20. If includeCredentials is true, then:\n if (includeCredentials) {\n // 1. If the user agent is not configured to block cookies for httpRequest\n // (see section 7 of [COOKIES]), then:\n // TODO: credentials\n // 2. If httpRequest’s header list does not contain `Authorization`, then:\n // TODO: credentials\n }\n\n // 21. If there’s a proxy-authentication entry, use it as appropriate.\n // TODO: proxy-authentication\n\n // 22. Set httpCache to the result of determining the HTTP cache\n // partition, given httpRequest.\n // TODO: cache\n\n // 23. If httpCache is null, then set httpRequest’s cache mode to\n // \"no-store\".\n if (httpCache == null) {\n httpRequest.cache = 'no-store'\n }\n\n // 24. If httpRequest’s cache mode is neither \"no-store\" nor \"reload\",\n // then:\n if (httpRequest.cache !== 'no-store' && httpRequest.cache !== 'reload') {\n // TODO: cache\n }\n\n // 9. If aborted, then return the appropriate network error for fetchParams.\n // TODO\n\n // 10. If response is null, then:\n if (response == null) {\n // 1. If httpRequest’s cache mode is \"only-if-cached\", then return a\n // network error.\n if (httpRequest.cache === 'only-if-cached') {\n return makeNetworkError('only if cached')\n }\n\n // 2. Let forwardResponse be the result of running HTTP-network fetch\n // given httpFetchParams, includeCredentials, and isNewConnectionFetch.\n const forwardResponse = await httpNetworkFetch(\n httpFetchParams,\n includeCredentials,\n isNewConnectionFetch\n )\n\n // 3. If httpRequest’s method is unsafe and forwardResponse’s status is\n // in the range 200 to 399, inclusive, invalidate appropriate stored\n // responses in httpCache, as per the \"Invalidation\" chapter of HTTP\n // Caching, and set storedResponse to null. [HTTP-CACHING]\n if (\n !safeMethodsSet.has(httpRequest.method) &&\n forwardResponse.status >= 200 &&\n forwardResponse.status <= 399\n ) {\n // TODO: cache\n }\n\n // 4. If the revalidatingFlag is set and forwardResponse’s status is 304,\n // then:\n if (revalidatingFlag && forwardResponse.status === 304) {\n // TODO: cache\n }\n\n // 5. If response is null, then:\n if (response == null) {\n // 1. Set response to forwardResponse.\n response = forwardResponse\n\n // 2. Store httpRequest and forwardResponse in httpCache, as per the\n // \"Storing Responses in Caches\" chapter of HTTP Caching. [HTTP-CACHING]\n // TODO: cache\n }\n }\n\n // 11. Set response’s URL list to a clone of httpRequest’s URL list.\n response.urlList = [...httpRequest.urlList]\n\n // 12. If httpRequest’s header list contains `Range`, then set response’s\n // range-requested flag.\n if (httpRequest.headersList.contains('range', true)) {\n response.rangeRequested = true\n }\n\n // 13. Set response’s request-includes-credentials to includeCredentials.\n response.requestIncludesCredentials = includeCredentials\n\n // 14. If response’s status is 401, httpRequest’s response tainting is not\n // \"cors\", includeCredentials is true, and request’s window is an environment\n // settings object, then:\n // TODO\n\n // 15. If response’s status is 407, then:\n if (response.status === 407) {\n // 1. If request’s window is \"no-window\", then return a network error.\n if (request.window === 'no-window') {\n return makeNetworkError()\n }\n\n // 2. ???\n\n // 3. If fetchParams is canceled, then return the appropriate network error for fetchParams.\n if (isCancelled(fetchParams)) {\n return makeAppropriateNetworkError(fetchParams)\n }\n\n // 4. Prompt the end user as appropriate in request’s window and store\n // the result as a proxy-authentication entry. [HTTP-AUTH]\n // TODO: Invoke some kind of callback?\n\n // 5. Set response to the result of running HTTP-network-or-cache fetch given\n // fetchParams.\n // TODO\n return makeNetworkError('proxy authentication required')\n }\n\n // 16. If all of the following are true\n if (\n // response’s status is 421\n response.status === 421 &&\n // isNewConnectionFetch is false\n !isNewConnectionFetch &&\n // request’s body is null, or request’s body is non-null and request’s body’s source is non-null\n (request.body == null || request.body.source != null)\n ) {\n // then:\n\n // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams.\n if (isCancelled(fetchParams)) {\n return makeAppropriateNetworkError(fetchParams)\n }\n\n // 2. Set response to the result of running HTTP-network-or-cache\n // fetch given fetchParams, isAuthenticationFetch, and true.\n\n // TODO (spec): The spec doesn't specify this but we need to cancel\n // the active response before we can start a new one.\n // https://github.com/whatwg/fetch/issues/1293\n fetchParams.controller.connection.destroy()\n\n response = await httpNetworkOrCacheFetch(\n fetchParams,\n isAuthenticationFetch,\n true\n )\n }\n\n // 17. If isAuthenticationFetch is true, then create an authentication entry\n if (isAuthenticationFetch) {\n // TODO\n }\n\n // 18. Return response.\n return response\n}\n\n// https://fetch.spec.whatwg.org/#http-network-fetch\nasync function httpNetworkFetch (\n fetchParams,\n includeCredentials = false,\n forceNewConnection = false\n) {\n assert(!fetchParams.controller.connection || fetchParams.controller.connection.destroyed)\n\n fetchParams.controller.connection = {\n abort: null,\n destroyed: false,\n destroy (err, abort = true) {\n if (!this.destroyed) {\n this.destroyed = true\n if (abort) {\n this.abort?.(err ?? new DOMException('The operation was aborted.', 'AbortError'))\n }\n }\n }\n }\n\n // 1. Let request be fetchParams’s request.\n const request = fetchParams.request\n\n // 2. Let response be null.\n let response = null\n\n // 3. Let timingInfo be fetchParams’s timing info.\n const timingInfo = fetchParams.timingInfo\n\n // 4. Let httpCache be the result of determining the HTTP cache partition,\n // given request.\n // TODO: cache\n const httpCache = null\n\n // 5. If httpCache is null, then set request’s cache mode to \"no-store\".\n if (httpCache == null) {\n request.cache = 'no-store'\n }\n\n // 6. Let networkPartitionKey be the result of determining the network\n // partition key given request.\n // TODO\n\n // 7. Let newConnection be \"yes\" if forceNewConnection is true; otherwise\n // \"no\".\n const newConnection = forceNewConnection ? 'yes' : 'no' // eslint-disable-line no-unused-vars\n\n // 8. Switch on request’s mode:\n if (request.mode === 'websocket') {\n // Let connection be the result of obtaining a WebSocket connection,\n // given request’s current URL.\n // TODO\n } else {\n // Let connection be the result of obtaining a connection, given\n // networkPartitionKey, request’s current URL’s origin,\n // includeCredentials, and forceNewConnection.\n // TODO\n }\n\n // 9. Run these steps, but abort when the ongoing fetch is terminated:\n\n // 1. If connection is failure, then return a network error.\n\n // 2. Set timingInfo’s final connection timing info to the result of\n // calling clamp and coarsen connection timing info with connection’s\n // timing info, timingInfo’s post-redirect start time, and fetchParams’s\n // cross-origin isolated capability.\n\n // 3. If connection is not an HTTP/2 connection, request’s body is non-null,\n // and request’s body’s source is null, then append (`Transfer-Encoding`,\n // `chunked`) to request’s header list.\n\n // 4. Set timingInfo’s final network-request start time to the coarsened\n // shared current time given fetchParams’s cross-origin isolated\n // capability.\n\n // 5. Set response to the result of making an HTTP request over connection\n // using request with the following caveats:\n\n // - Follow the relevant requirements from HTTP. [HTTP] [HTTP-SEMANTICS]\n // [HTTP-COND] [HTTP-CACHING] [HTTP-AUTH]\n\n // - If request’s body is non-null, and request’s body’s source is null,\n // then the user agent may have a buffer of up to 64 kibibytes and store\n // a part of request’s body in that buffer. If the user agent reads from\n // request’s body beyond that buffer’s size and the user agent needs to\n // resend request, then instead return a network error.\n\n // - Set timingInfo’s final network-response start time to the coarsened\n // shared current time given fetchParams’s cross-origin isolated capability,\n // immediately after the user agent’s HTTP parser receives the first byte\n // of the response (e.g., frame header bytes for HTTP/2 or response status\n // line for HTTP/1.x).\n\n // - Wait until all the headers are transmitted.\n\n // - Any responses whose status is in the range 100 to 199, inclusive,\n // and is not 101, are to be ignored, except for the purposes of setting\n // timingInfo’s final network-response start time above.\n\n // - If request’s header list contains `Transfer-Encoding`/`chunked` and\n // response is transferred via HTTP/1.0 or older, then return a network\n // error.\n\n // - If the HTTP request results in a TLS client certificate dialog, then:\n\n // 1. If request’s window is an environment settings object, make the\n // dialog available in request’s window.\n\n // 2. Otherwise, return a network error.\n\n // To transmit request’s body body, run these steps:\n let requestBody = null\n // 1. If body is null and fetchParams’s process request end-of-body is\n // non-null, then queue a fetch task given fetchParams’s process request\n // end-of-body and fetchParams’s task destination.\n if (request.body == null && fetchParams.processRequestEndOfBody) {\n queueMicrotask(() => fetchParams.processRequestEndOfBody())\n } else if (request.body != null) {\n // 2. Otherwise, if body is non-null:\n\n // 1. Let processBodyChunk given bytes be these steps:\n const processBodyChunk = async function * (bytes) {\n // 1. If the ongoing fetch is terminated, then abort these steps.\n if (isCancelled(fetchParams)) {\n return\n }\n\n // 2. Run this step in parallel: transmit bytes.\n yield bytes\n\n // 3. If fetchParams’s process request body is non-null, then run\n // fetchParams’s process request body given bytes’s length.\n fetchParams.processRequestBodyChunkLength?.(bytes.byteLength)\n }\n\n // 2. Let processEndOfBody be these steps:\n const processEndOfBody = () => {\n // 1. If fetchParams is canceled, then abort these steps.\n if (isCancelled(fetchParams)) {\n return\n }\n\n // 2. If fetchParams’s process request end-of-body is non-null,\n // then run fetchParams’s process request end-of-body.\n if (fetchParams.processRequestEndOfBody) {\n fetchParams.processRequestEndOfBody()\n }\n }\n\n // 3. Let processBodyError given e be these steps:\n const processBodyError = (e) => {\n // 1. If fetchParams is canceled, then abort these steps.\n if (isCancelled(fetchParams)) {\n return\n }\n\n // 2. If e is an \"AbortError\" DOMException, then abort fetchParams’s controller.\n if (e.name === 'AbortError') {\n fetchParams.controller.abort()\n } else {\n fetchParams.controller.terminate(e)\n }\n }\n\n // 4. Incrementally read request’s body given processBodyChunk, processEndOfBody,\n // processBodyError, and fetchParams’s task destination.\n requestBody = (async function * () {\n try {\n for await (const bytes of request.body.stream) {\n yield * processBodyChunk(bytes)\n }\n processEndOfBody()\n } catch (err) {\n processBodyError(err)\n }\n })()\n }\n\n try {\n // socket is only provided for websockets\n const { body, status, statusText, headersList, socket } = await dispatch({ body: requestBody })\n\n if (socket) {\n response = makeResponse({ status, statusText, headersList, socket })\n } else {\n const iterator = body[Symbol.asyncIterator]()\n fetchParams.controller.next = () => iterator.next()\n\n response = makeResponse({ status, statusText, headersList })\n }\n } catch (err) {\n // 10. If aborted, then:\n if (err.name === 'AbortError') {\n // 1. If connection uses HTTP/2, then transmit an RST_STREAM frame.\n fetchParams.controller.connection.destroy()\n\n // 2. Return the appropriate network error for fetchParams.\n return makeAppropriateNetworkError(fetchParams, err)\n }\n\n return makeNetworkError(err)\n }\n\n // 11. Let pullAlgorithm be an action that resumes the ongoing fetch\n // if it is suspended.\n const pullAlgorithm = async () => {\n await fetchParams.controller.resume()\n }\n\n // 12. Let cancelAlgorithm be an algorithm that aborts fetchParams’s\n // controller with reason, given reason.\n const cancelAlgorithm = (reason) => {\n // If the aborted fetch was already terminated, then we do not\n // need to do anything.\n if (!isCancelled(fetchParams)) {\n fetchParams.controller.abort(reason)\n }\n }\n\n // 13. Let highWaterMark be a non-negative, non-NaN number, chosen by\n // the user agent.\n // TODO\n\n // 14. Let sizeAlgorithm be an algorithm that accepts a chunk object\n // and returns a non-negative, non-NaN, non-infinite number, chosen by the user agent.\n // TODO\n\n // 15. Let stream be a new ReadableStream.\n // 16. Set up stream with byte reading support with pullAlgorithm set to pullAlgorithm,\n // cancelAlgorithm set to cancelAlgorithm.\n const stream = new ReadableStream(\n {\n async start (controller) {\n fetchParams.controller.controller = controller\n },\n async pull (controller) {\n await pullAlgorithm(controller)\n },\n async cancel (reason) {\n await cancelAlgorithm(reason)\n },\n type: 'bytes'\n }\n )\n\n // 17. Run these steps, but abort when the ongoing fetch is terminated:\n\n // 1. Set response’s body to a new body whose stream is stream.\n response.body = { stream, source: null, length: null }\n\n // 2. If response is not a network error and request’s cache mode is\n // not \"no-store\", then update response in httpCache for request.\n // TODO\n\n // 3. If includeCredentials is true and the user agent is not configured\n // to block cookies for request (see section 7 of [COOKIES]), then run the\n // \"set-cookie-string\" parsing algorithm (see section 5.2 of [COOKIES]) on\n // the value of each header whose name is a byte-case-insensitive match for\n // `Set-Cookie` in response’s header list, if any, and request’s current URL.\n // TODO\n\n // 18. If aborted, then:\n // TODO\n\n // 19. Run these steps in parallel:\n\n // 1. Run these steps, but abort when fetchParams is canceled:\n fetchParams.controller.onAborted = onAborted\n fetchParams.controller.on('terminated', onAborted)\n fetchParams.controller.resume = async () => {\n // 1. While true\n while (true) {\n // 1-3. See onData...\n\n // 4. Set bytes to the result of handling content codings given\n // codings and bytes.\n let bytes\n let isFailure\n try {\n const { done, value } = await fetchParams.controller.next()\n\n if (isAborted(fetchParams)) {\n break\n }\n\n bytes = done ? undefined : value\n } catch (err) {\n if (fetchParams.controller.ended && !timingInfo.encodedBodySize) {\n // zlib doesn't like empty streams.\n bytes = undefined\n } else {\n bytes = err\n\n // err may be propagated from the result of calling readablestream.cancel,\n // which might not be an error. https://github.com/nodejs/undici/issues/2009\n isFailure = true\n }\n }\n\n if (bytes === undefined) {\n // 2. Otherwise, if the bytes transmission for response’s message\n // body is done normally and stream is readable, then close\n // stream, finalize response for fetchParams and response, and\n // abort these in-parallel steps.\n readableStreamClose(fetchParams.controller.controller)\n\n finalizeResponse(fetchParams, response)\n\n return\n }\n\n // 5. Increase timingInfo’s decoded body size by bytes’s length.\n timingInfo.decodedBodySize += bytes?.byteLength ?? 0\n\n // 6. If bytes is failure, then terminate fetchParams’s controller.\n if (isFailure) {\n fetchParams.controller.terminate(bytes)\n return\n }\n\n // 7. Enqueue a Uint8Array wrapping an ArrayBuffer containing bytes\n // into stream.\n const buffer = new Uint8Array(bytes)\n if (buffer.byteLength) {\n fetchParams.controller.controller.enqueue(buffer)\n }\n\n // 8. If stream is errored, then terminate the ongoing fetch.\n if (isErrored(stream)) {\n fetchParams.controller.terminate()\n return\n }\n\n // 9. If stream doesn’t need more data ask the user agent to suspend\n // the ongoing fetch.\n if (fetchParams.controller.controller.desiredSize <= 0) {\n return\n }\n }\n }\n\n // 2. If aborted, then:\n function onAborted (reason) {\n // 2. If fetchParams is aborted, then:\n if (isAborted(fetchParams)) {\n // 1. Set response’s aborted flag.\n response.aborted = true\n\n // 2. If stream is readable, then error stream with the result of\n // deserialize a serialized abort reason given fetchParams’s\n // controller’s serialized abort reason and an\n // implementation-defined realm.\n if (isReadable(stream)) {\n fetchParams.controller.controller.error(\n fetchParams.controller.serializedAbortReason\n )\n }\n } else {\n // 3. Otherwise, if stream is readable, error stream with a TypeError.\n if (isReadable(stream)) {\n fetchParams.controller.controller.error(new TypeError('terminated', {\n cause: isErrorLike(reason) ? reason : undefined\n }))\n }\n }\n\n // 4. If connection uses HTTP/2, then transmit an RST_STREAM frame.\n // 5. Otherwise, the user agent should close connection unless it would be bad for performance to do so.\n fetchParams.controller.connection.destroy()\n }\n\n // 20. Return response.\n return response\n\n function dispatch ({ body }) {\n const url = requestCurrentURL(request)\n /** @type {import('../..').Agent} */\n const agent = fetchParams.controller.dispatcher\n\n return new Promise((resolve, reject) => agent.dispatch(\n {\n path: url.pathname + url.search,\n origin: url.origin,\n method: request.method,\n body: agent.isMockActive ? request.body && (request.body.source || request.body.stream) : body,\n headers: request.headersList.entries,\n maxRedirections: 0,\n upgrade: request.mode === 'websocket' ? 'websocket' : undefined\n },\n {\n body: null,\n abort: null,\n\n onConnect (abort) {\n // TODO (fix): Do we need connection here?\n const { connection } = fetchParams.controller\n\n // Set timingInfo’s final connection timing info to the result of calling clamp and coarsen\n // connection timing info with connection’s timing info, timingInfo’s post-redirect start\n // time, and fetchParams’s cross-origin isolated capability.\n // TODO: implement connection timing\n timingInfo.finalConnectionTimingInfo = clampAndCoarsenConnectionTimingInfo(undefined, timingInfo.postRedirectStartTime, fetchParams.crossOriginIsolatedCapability)\n\n if (connection.destroyed) {\n abort(new DOMException('The operation was aborted.', 'AbortError'))\n } else {\n fetchParams.controller.on('terminated', abort)\n this.abort = connection.abort = abort\n }\n\n // Set timingInfo’s final network-request start time to the coarsened shared current time given\n // fetchParams’s cross-origin isolated capability.\n timingInfo.finalNetworkRequestStartTime = coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability)\n },\n\n onResponseStarted () {\n // Set timingInfo’s final network-response start time to the coarsened shared current\n // time given fetchParams’s cross-origin isolated capability, immediately after the\n // user agent’s HTTP parser receives the first byte of the response (e.g., frame header\n // bytes for HTTP/2 or response status line for HTTP/1.x).\n timingInfo.finalNetworkResponseStartTime = coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability)\n },\n\n onHeaders (status, rawHeaders, resume, statusText) {\n if (status < 200) {\n return\n }\n\n let location = ''\n\n const headersList = new HeadersList()\n\n for (let i = 0; i < rawHeaders.length; i += 2) {\n headersList.append(bufferToLowerCasedHeaderName(rawHeaders[i]), rawHeaders[i + 1].toString('latin1'), true)\n }\n location = headersList.get('location', true)\n\n this.body = new Readable({ read: resume })\n\n const decoders = []\n\n const willFollow = location && request.redirect === 'follow' &&\n redirectStatusSet.has(status)\n\n // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Encoding\n if (request.method !== 'HEAD' && request.method !== 'CONNECT' && !nullBodyStatus.includes(status) && !willFollow) {\n // https://www.rfc-editor.org/rfc/rfc7231#section-3.1.2.1\n const contentEncoding = headersList.get('content-encoding', true)\n // \"All content-coding values are case-insensitive...\"\n /** @type {string[]} */\n const codings = contentEncoding ? contentEncoding.toLowerCase().split(',') : []\n\n // Limit the number of content-encodings to prevent resource exhaustion.\n // CVE fix similar to urllib3 (GHSA-gm62-xv2j-4w53) and curl (CVE-2022-32206).\n const maxContentEncodings = 5\n if (codings.length > maxContentEncodings) {\n reject(new Error(`too many content-encodings in response: ${codings.length}, maximum allowed is ${maxContentEncodings}`))\n return true\n }\n\n for (let i = codings.length - 1; i >= 0; --i) {\n const coding = codings[i].trim()\n // https://www.rfc-editor.org/rfc/rfc9112.html#section-7.2\n if (coding === 'x-gzip' || coding === 'gzip') {\n decoders.push(zlib.createGunzip({\n // Be less strict when decoding compressed responses, since sometimes\n // servers send slightly invalid responses that are still accepted\n // by common browsers.\n // Always using Z_SYNC_FLUSH is what cURL does.\n flush: zlib.constants.Z_SYNC_FLUSH,\n finishFlush: zlib.constants.Z_SYNC_FLUSH\n }))\n } else if (coding === 'deflate') {\n decoders.push(createInflate({\n flush: zlib.constants.Z_SYNC_FLUSH,\n finishFlush: zlib.constants.Z_SYNC_FLUSH\n }))\n } else if (coding === 'br') {\n decoders.push(zlib.createBrotliDecompress({\n flush: zlib.constants.BROTLI_OPERATION_FLUSH,\n finishFlush: zlib.constants.BROTLI_OPERATION_FLUSH\n }))\n } else {\n decoders.length = 0\n break\n }\n }\n }\n\n const onError = this.onError.bind(this)\n\n resolve({\n status,\n statusText,\n headersList,\n body: decoders.length\n ? pipeline(this.body, ...decoders, (err) => {\n if (err) {\n this.onError(err)\n }\n }).on('error', onError)\n : this.body.on('error', onError)\n })\n\n return true\n },\n\n onData (chunk) {\n if (fetchParams.controller.dump) {\n return\n }\n\n // 1. If one or more bytes have been transmitted from response’s\n // message body, then:\n\n // 1. Let bytes be the transmitted bytes.\n const bytes = chunk\n\n // 2. Let codings be the result of extracting header list values\n // given `Content-Encoding` and response’s header list.\n // See pullAlgorithm.\n\n // 3. Increase timingInfo’s encoded body size by bytes’s length.\n timingInfo.encodedBodySize += bytes.byteLength\n\n // 4. See pullAlgorithm...\n\n return this.body.push(bytes)\n },\n\n onComplete () {\n if (this.abort) {\n fetchParams.controller.off('terminated', this.abort)\n }\n\n if (fetchParams.controller.onAborted) {\n fetchParams.controller.off('terminated', fetchParams.controller.onAborted)\n }\n\n fetchParams.controller.ended = true\n\n this.body.push(null)\n },\n\n onError (error) {\n if (this.abort) {\n fetchParams.controller.off('terminated', this.abort)\n }\n\n this.body?.destroy(error)\n\n fetchParams.controller.terminate(error)\n\n reject(error)\n },\n\n onUpgrade (status, rawHeaders, socket) {\n if (status !== 101) {\n return\n }\n\n const headersList = new HeadersList()\n\n for (let i = 0; i < rawHeaders.length; i += 2) {\n headersList.append(bufferToLowerCasedHeaderName(rawHeaders[i]), rawHeaders[i + 1].toString('latin1'), true)\n }\n\n resolve({\n status,\n statusText: STATUS_CODES[status],\n headersList,\n socket\n })\n\n return true\n }\n }\n ))\n }\n}\n\nmodule.exports = {\n fetch,\n Fetch,\n fetching,\n finalizeAndReportTiming\n}\n","/* globals AbortController */\n\n'use strict'\n\nconst { extractBody, mixinBody, cloneBody, bodyUnusable } = require('./body')\nconst { Headers, fill: fillHeaders, HeadersList, setHeadersGuard, getHeadersGuard, setHeadersList, getHeadersList } = require('./headers')\nconst { FinalizationRegistry } = require('./dispatcher-weakref')()\nconst util = require('../../core/util')\nconst nodeUtil = require('node:util')\nconst {\n isValidHTTPToken,\n sameOrigin,\n environmentSettingsObject\n} = require('./util')\nconst {\n forbiddenMethodsSet,\n corsSafeListedMethodsSet,\n referrerPolicy,\n requestRedirect,\n requestMode,\n requestCredentials,\n requestCache,\n requestDuplex\n} = require('./constants')\nconst { kEnumerableProperty, normalizedMethodRecordsBase, normalizedMethodRecords } = util\nconst { kHeaders, kSignal, kState, kDispatcher } = require('./symbols')\nconst { webidl } = require('./webidl')\nconst { URLSerializer } = require('./data-url')\nconst { kConstruct } = require('../../core/symbols')\nconst assert = require('node:assert')\nconst { getMaxListeners, setMaxListeners, getEventListeners, defaultMaxListeners } = require('node:events')\n\nconst kAbortController = Symbol('abortController')\n\nconst requestFinalizer = new FinalizationRegistry(({ signal, abort }) => {\n signal.removeEventListener('abort', abort)\n})\n\nconst dependentControllerMap = new WeakMap()\n\nfunction buildAbort (acRef) {\n return abort\n\n function abort () {\n const ac = acRef.deref()\n if (ac !== undefined) {\n // Currently, there is a problem with FinalizationRegistry.\n // https://github.com/nodejs/node/issues/49344\n // https://github.com/nodejs/node/issues/47748\n // In the case of abort, the first step is to unregister from it.\n // If the controller can refer to it, it is still registered.\n // It will be removed in the future.\n requestFinalizer.unregister(abort)\n\n // Unsubscribe a listener.\n // FinalizationRegistry will no longer be called, so this must be done.\n this.removeEventListener('abort', abort)\n\n ac.abort(this.reason)\n\n const controllerList = dependentControllerMap.get(ac.signal)\n\n if (controllerList !== undefined) {\n if (controllerList.size !== 0) {\n for (const ref of controllerList) {\n const ctrl = ref.deref()\n if (ctrl !== undefined) {\n ctrl.abort(this.reason)\n }\n }\n controllerList.clear()\n }\n dependentControllerMap.delete(ac.signal)\n }\n }\n }\n}\n\nlet patchMethodWarning = false\n\n// https://fetch.spec.whatwg.org/#request-class\nclass Request {\n // https://fetch.spec.whatwg.org/#dom-request\n constructor (input, init = {}) {\n webidl.util.markAsUncloneable(this)\n if (input === kConstruct) {\n return\n }\n\n const prefix = 'Request constructor'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n input = webidl.converters.RequestInfo(input, prefix, 'input')\n init = webidl.converters.RequestInit(init, prefix, 'init')\n\n // 1. Let request be null.\n let request = null\n\n // 2. Let fallbackMode be null.\n let fallbackMode = null\n\n // 3. Let baseURL be this’s relevant settings object’s API base URL.\n const baseUrl = environmentSettingsObject.settingsObject.baseUrl\n\n // 4. Let signal be null.\n let signal = null\n\n // 5. If input is a string, then:\n if (typeof input === 'string') {\n this[kDispatcher] = init.dispatcher\n\n // 1. Let parsedURL be the result of parsing input with baseURL.\n // 2. If parsedURL is failure, then throw a TypeError.\n let parsedURL\n try {\n parsedURL = new URL(input, baseUrl)\n } catch (err) {\n throw new TypeError('Failed to parse URL from ' + input, { cause: err })\n }\n\n // 3. If parsedURL includes credentials, then throw a TypeError.\n if (parsedURL.username || parsedURL.password) {\n throw new TypeError(\n 'Request cannot be constructed from a URL that includes credentials: ' +\n input\n )\n }\n\n // 4. Set request to a new request whose URL is parsedURL.\n request = makeRequest({ urlList: [parsedURL] })\n\n // 5. Set fallbackMode to \"cors\".\n fallbackMode = 'cors'\n } else {\n this[kDispatcher] = init.dispatcher || input[kDispatcher]\n\n // 6. Otherwise:\n\n // 7. Assert: input is a Request object.\n assert(input instanceof Request)\n\n // 8. Set request to input’s request.\n request = input[kState]\n\n // 9. Set signal to input’s signal.\n signal = input[kSignal]\n }\n\n // 7. Let origin be this’s relevant settings object’s origin.\n const origin = environmentSettingsObject.settingsObject.origin\n\n // 8. Let window be \"client\".\n let window = 'client'\n\n // 9. If request’s window is an environment settings object and its origin\n // is same origin with origin, then set window to request’s window.\n if (\n request.window?.constructor?.name === 'EnvironmentSettingsObject' &&\n sameOrigin(request.window, origin)\n ) {\n window = request.window\n }\n\n // 10. If init[\"window\"] exists and is non-null, then throw a TypeError.\n if (init.window != null) {\n throw new TypeError(`'window' option '${window}' must be null`)\n }\n\n // 11. If init[\"window\"] exists, then set window to \"no-window\".\n if ('window' in init) {\n window = 'no-window'\n }\n\n // 12. Set request to a new request with the following properties:\n request = makeRequest({\n // URL request’s URL.\n // undici implementation note: this is set as the first item in request's urlList in makeRequest\n // method request’s method.\n method: request.method,\n // header list A copy of request’s header list.\n // undici implementation note: headersList is cloned in makeRequest\n headersList: request.headersList,\n // unsafe-request flag Set.\n unsafeRequest: request.unsafeRequest,\n // client This’s relevant settings object.\n client: environmentSettingsObject.settingsObject,\n // window window.\n window,\n // priority request’s priority.\n priority: request.priority,\n // origin request’s origin. The propagation of the origin is only significant for navigation requests\n // being handled by a service worker. In this scenario a request can have an origin that is different\n // from the current client.\n origin: request.origin,\n // referrer request’s referrer.\n referrer: request.referrer,\n // referrer policy request’s referrer policy.\n referrerPolicy: request.referrerPolicy,\n // mode request’s mode.\n mode: request.mode,\n // credentials mode request’s credentials mode.\n credentials: request.credentials,\n // cache mode request’s cache mode.\n cache: request.cache,\n // redirect mode request’s redirect mode.\n redirect: request.redirect,\n // integrity metadata request’s integrity metadata.\n integrity: request.integrity,\n // keepalive request’s keepalive.\n keepalive: request.keepalive,\n // reload-navigation flag request’s reload-navigation flag.\n reloadNavigation: request.reloadNavigation,\n // history-navigation flag request’s history-navigation flag.\n historyNavigation: request.historyNavigation,\n // URL list A clone of request’s URL list.\n urlList: [...request.urlList]\n })\n\n const initHasKey = Object.keys(init).length !== 0\n\n // 13. If init is not empty, then:\n if (initHasKey) {\n // 1. If request’s mode is \"navigate\", then set it to \"same-origin\".\n if (request.mode === 'navigate') {\n request.mode = 'same-origin'\n }\n\n // 2. Unset request’s reload-navigation flag.\n request.reloadNavigation = false\n\n // 3. Unset request’s history-navigation flag.\n request.historyNavigation = false\n\n // 4. Set request’s origin to \"client\".\n request.origin = 'client'\n\n // 5. Set request’s referrer to \"client\"\n request.referrer = 'client'\n\n // 6. Set request’s referrer policy to the empty string.\n request.referrerPolicy = ''\n\n // 7. Set request’s URL to request’s current URL.\n request.url = request.urlList[request.urlList.length - 1]\n\n // 8. Set request’s URL list to « request’s URL ».\n request.urlList = [request.url]\n }\n\n // 14. If init[\"referrer\"] exists, then:\n if (init.referrer !== undefined) {\n // 1. Let referrer be init[\"referrer\"].\n const referrer = init.referrer\n\n // 2. If referrer is the empty string, then set request’s referrer to \"no-referrer\".\n if (referrer === '') {\n request.referrer = 'no-referrer'\n } else {\n // 1. Let parsedReferrer be the result of parsing referrer with\n // baseURL.\n // 2. If parsedReferrer is failure, then throw a TypeError.\n let parsedReferrer\n try {\n parsedReferrer = new URL(referrer, baseUrl)\n } catch (err) {\n throw new TypeError(`Referrer \"${referrer}\" is not a valid URL.`, { cause: err })\n }\n\n // 3. If one of the following is true\n // - parsedReferrer’s scheme is \"about\" and path is the string \"client\"\n // - parsedReferrer’s origin is not same origin with origin\n // then set request’s referrer to \"client\".\n if (\n (parsedReferrer.protocol === 'about:' && parsedReferrer.hostname === 'client') ||\n (origin && !sameOrigin(parsedReferrer, environmentSettingsObject.settingsObject.baseUrl))\n ) {\n request.referrer = 'client'\n } else {\n // 4. Otherwise, set request’s referrer to parsedReferrer.\n request.referrer = parsedReferrer\n }\n }\n }\n\n // 15. If init[\"referrerPolicy\"] exists, then set request’s referrer policy\n // to it.\n if (init.referrerPolicy !== undefined) {\n request.referrerPolicy = init.referrerPolicy\n }\n\n // 16. Let mode be init[\"mode\"] if it exists, and fallbackMode otherwise.\n let mode\n if (init.mode !== undefined) {\n mode = init.mode\n } else {\n mode = fallbackMode\n }\n\n // 17. If mode is \"navigate\", then throw a TypeError.\n if (mode === 'navigate') {\n throw webidl.errors.exception({\n header: 'Request constructor',\n message: 'invalid request mode navigate.'\n })\n }\n\n // 18. If mode is non-null, set request’s mode to mode.\n if (mode != null) {\n request.mode = mode\n }\n\n // 19. If init[\"credentials\"] exists, then set request’s credentials mode\n // to it.\n if (init.credentials !== undefined) {\n request.credentials = init.credentials\n }\n\n // 18. If init[\"cache\"] exists, then set request’s cache mode to it.\n if (init.cache !== undefined) {\n request.cache = init.cache\n }\n\n // 21. If request’s cache mode is \"only-if-cached\" and request’s mode is\n // not \"same-origin\", then throw a TypeError.\n if (request.cache === 'only-if-cached' && request.mode !== 'same-origin') {\n throw new TypeError(\n \"'only-if-cached' can be set only with 'same-origin' mode\"\n )\n }\n\n // 22. If init[\"redirect\"] exists, then set request’s redirect mode to it.\n if (init.redirect !== undefined) {\n request.redirect = init.redirect\n }\n\n // 23. If init[\"integrity\"] exists, then set request’s integrity metadata to it.\n if (init.integrity != null) {\n request.integrity = String(init.integrity)\n }\n\n // 24. If init[\"keepalive\"] exists, then set request’s keepalive to it.\n if (init.keepalive !== undefined) {\n request.keepalive = Boolean(init.keepalive)\n }\n\n // 25. If init[\"method\"] exists, then:\n if (init.method !== undefined) {\n // 1. Let method be init[\"method\"].\n let method = init.method\n\n const mayBeNormalized = normalizedMethodRecords[method]\n\n if (mayBeNormalized !== undefined) {\n // Note: Bypass validation DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH and these lowercase ones\n request.method = mayBeNormalized\n } else {\n // 2. If method is not a method or method is a forbidden method, then\n // throw a TypeError.\n if (!isValidHTTPToken(method)) {\n throw new TypeError(`'${method}' is not a valid HTTP method.`)\n }\n\n const upperCase = method.toUpperCase()\n\n if (forbiddenMethodsSet.has(upperCase)) {\n throw new TypeError(`'${method}' HTTP method is unsupported.`)\n }\n\n // 3. Normalize method.\n // https://fetch.spec.whatwg.org/#concept-method-normalize\n // Note: must be in uppercase\n method = normalizedMethodRecordsBase[upperCase] ?? method\n\n // 4. Set request’s method to method.\n request.method = method\n }\n\n if (!patchMethodWarning && request.method === 'patch') {\n process.emitWarning('Using `patch` is highly likely to result in a `405 Method Not Allowed`. `PATCH` is much more likely to succeed.', {\n code: 'UNDICI-FETCH-patch'\n })\n\n patchMethodWarning = true\n }\n }\n\n // 26. If init[\"signal\"] exists, then set signal to it.\n if (init.signal !== undefined) {\n signal = init.signal\n }\n\n // 27. Set this’s request to request.\n this[kState] = request\n\n // 28. Set this’s signal to a new AbortSignal object with this’s relevant\n // Realm.\n // TODO: could this be simplified with AbortSignal.any\n // (https://dom.spec.whatwg.org/#dom-abortsignal-any)\n const ac = new AbortController()\n this[kSignal] = ac.signal\n\n // 29. If signal is not null, then make this’s signal follow signal.\n if (signal != null) {\n if (\n !signal ||\n typeof signal.aborted !== 'boolean' ||\n typeof signal.addEventListener !== 'function'\n ) {\n throw new TypeError(\n \"Failed to construct 'Request': member signal is not of type AbortSignal.\"\n )\n }\n\n if (signal.aborted) {\n ac.abort(signal.reason)\n } else {\n // Keep a strong ref to ac while request object\n // is alive. This is needed to prevent AbortController\n // from being prematurely garbage collected.\n // See, https://github.com/nodejs/undici/issues/1926.\n this[kAbortController] = ac\n\n const acRef = new WeakRef(ac)\n const abort = buildAbort(acRef)\n\n // Third-party AbortControllers may not work with these.\n // See, https://github.com/nodejs/undici/pull/1910#issuecomment-1464495619.\n try {\n // If the max amount of listeners is equal to the default, increase it\n // This is only available in node >= v19.9.0\n if (typeof getMaxListeners === 'function' && getMaxListeners(signal) === defaultMaxListeners) {\n setMaxListeners(1500, signal)\n } else if (getEventListeners(signal, 'abort').length >= defaultMaxListeners) {\n setMaxListeners(1500, signal)\n }\n } catch {}\n\n util.addAbortListener(signal, abort)\n // The third argument must be a registry key to be unregistered.\n // Without it, you cannot unregister.\n // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/FinalizationRegistry\n // abort is used as the unregister key. (because it is unique)\n requestFinalizer.register(ac, { signal, abort }, abort)\n }\n }\n\n // 30. Set this’s headers to a new Headers object with this’s relevant\n // Realm, whose header list is request’s header list and guard is\n // \"request\".\n this[kHeaders] = new Headers(kConstruct)\n setHeadersList(this[kHeaders], request.headersList)\n setHeadersGuard(this[kHeaders], 'request')\n\n // 31. If this’s request’s mode is \"no-cors\", then:\n if (mode === 'no-cors') {\n // 1. If this’s request’s method is not a CORS-safelisted method,\n // then throw a TypeError.\n if (!corsSafeListedMethodsSet.has(request.method)) {\n throw new TypeError(\n `'${request.method} is unsupported in no-cors mode.`\n )\n }\n\n // 2. Set this’s headers’s guard to \"request-no-cors\".\n setHeadersGuard(this[kHeaders], 'request-no-cors')\n }\n\n // 32. If init is not empty, then:\n if (initHasKey) {\n /** @type {HeadersList} */\n const headersList = getHeadersList(this[kHeaders])\n // 1. Let headers be a copy of this’s headers and its associated header\n // list.\n // 2. If init[\"headers\"] exists, then set headers to init[\"headers\"].\n const headers = init.headers !== undefined ? init.headers : new HeadersList(headersList)\n\n // 3. Empty this’s headers’s header list.\n headersList.clear()\n\n // 4. If headers is a Headers object, then for each header in its header\n // list, append header’s name/header’s value to this’s headers.\n if (headers instanceof HeadersList) {\n for (const { name, value } of headers.rawValues()) {\n headersList.append(name, value, false)\n }\n // Note: Copy the `set-cookie` meta-data.\n headersList.cookies = headers.cookies\n } else {\n // 5. Otherwise, fill this’s headers with headers.\n fillHeaders(this[kHeaders], headers)\n }\n }\n\n // 33. Let inputBody be input’s request’s body if input is a Request\n // object; otherwise null.\n const inputBody = input instanceof Request ? input[kState].body : null\n\n // 34. If either init[\"body\"] exists and is non-null or inputBody is\n // non-null, and request’s method is `GET` or `HEAD`, then throw a\n // TypeError.\n if (\n (init.body != null || inputBody != null) &&\n (request.method === 'GET' || request.method === 'HEAD')\n ) {\n throw new TypeError('Request with GET/HEAD method cannot have body.')\n }\n\n // 35. Let initBody be null.\n let initBody = null\n\n // 36. If init[\"body\"] exists and is non-null, then:\n if (init.body != null) {\n // 1. Let Content-Type be null.\n // 2. Set initBody and Content-Type to the result of extracting\n // init[\"body\"], with keepalive set to request’s keepalive.\n const [extractedBody, contentType] = extractBody(\n init.body,\n request.keepalive\n )\n initBody = extractedBody\n\n // 3, If Content-Type is non-null and this’s headers’s header list does\n // not contain `Content-Type`, then append `Content-Type`/Content-Type to\n // this’s headers.\n if (contentType && !getHeadersList(this[kHeaders]).contains('content-type', true)) {\n this[kHeaders].append('content-type', contentType)\n }\n }\n\n // 37. Let inputOrInitBody be initBody if it is non-null; otherwise\n // inputBody.\n const inputOrInitBody = initBody ?? inputBody\n\n // 38. If inputOrInitBody is non-null and inputOrInitBody’s source is\n // null, then:\n if (inputOrInitBody != null && inputOrInitBody.source == null) {\n // 1. If initBody is non-null and init[\"duplex\"] does not exist,\n // then throw a TypeError.\n if (initBody != null && init.duplex == null) {\n throw new TypeError('RequestInit: duplex option is required when sending a body.')\n }\n\n // 2. If this’s request’s mode is neither \"same-origin\" nor \"cors\",\n // then throw a TypeError.\n if (request.mode !== 'same-origin' && request.mode !== 'cors') {\n throw new TypeError(\n 'If request is made from ReadableStream, mode should be \"same-origin\" or \"cors\"'\n )\n }\n\n // 3. Set this’s request’s use-CORS-preflight flag.\n request.useCORSPreflightFlag = true\n }\n\n // 39. Let finalBody be inputOrInitBody.\n let finalBody = inputOrInitBody\n\n // 40. If initBody is null and inputBody is non-null, then:\n if (initBody == null && inputBody != null) {\n // 1. If input is unusable, then throw a TypeError.\n if (bodyUnusable(input)) {\n throw new TypeError(\n 'Cannot construct a Request with a Request object that has already been used.'\n )\n }\n\n // 2. Set finalBody to the result of creating a proxy for inputBody.\n // https://streams.spec.whatwg.org/#readablestream-create-a-proxy\n const identityTransform = new TransformStream()\n inputBody.stream.pipeThrough(identityTransform)\n finalBody = {\n source: inputBody.source,\n length: inputBody.length,\n stream: identityTransform.readable\n }\n }\n\n // 41. Set this’s request’s body to finalBody.\n this[kState].body = finalBody\n }\n\n // Returns request’s HTTP method, which is \"GET\" by default.\n get method () {\n webidl.brandCheck(this, Request)\n\n // The method getter steps are to return this’s request’s method.\n return this[kState].method\n }\n\n // Returns the URL of request as a string.\n get url () {\n webidl.brandCheck(this, Request)\n\n // The url getter steps are to return this’s request’s URL, serialized.\n return URLSerializer(this[kState].url)\n }\n\n // Returns a Headers object consisting of the headers associated with request.\n // Note that headers added in the network layer by the user agent will not\n // be accounted for in this object, e.g., the \"Host\" header.\n get headers () {\n webidl.brandCheck(this, Request)\n\n // The headers getter steps are to return this’s headers.\n return this[kHeaders]\n }\n\n // Returns the kind of resource requested by request, e.g., \"document\"\n // or \"script\".\n get destination () {\n webidl.brandCheck(this, Request)\n\n // The destination getter are to return this’s request’s destination.\n return this[kState].destination\n }\n\n // Returns the referrer of request. Its value can be a same-origin URL if\n // explicitly set in init, the empty string to indicate no referrer, and\n // \"about:client\" when defaulting to the global’s default. This is used\n // during fetching to determine the value of the `Referer` header of the\n // request being made.\n get referrer () {\n webidl.brandCheck(this, Request)\n\n // 1. If this’s request’s referrer is \"no-referrer\", then return the\n // empty string.\n if (this[kState].referrer === 'no-referrer') {\n return ''\n }\n\n // 2. If this’s request’s referrer is \"client\", then return\n // \"about:client\".\n if (this[kState].referrer === 'client') {\n return 'about:client'\n }\n\n // Return this’s request’s referrer, serialized.\n return this[kState].referrer.toString()\n }\n\n // Returns the referrer policy associated with request.\n // This is used during fetching to compute the value of the request’s\n // referrer.\n get referrerPolicy () {\n webidl.brandCheck(this, Request)\n\n // The referrerPolicy getter steps are to return this’s request’s referrer policy.\n return this[kState].referrerPolicy\n }\n\n // Returns the mode associated with request, which is a string indicating\n // whether the request will use CORS, or will be restricted to same-origin\n // URLs.\n get mode () {\n webidl.brandCheck(this, Request)\n\n // The mode getter steps are to return this’s request’s mode.\n return this[kState].mode\n }\n\n // Returns the credentials mode associated with request,\n // which is a string indicating whether credentials will be sent with the\n // request always, never, or only when sent to a same-origin URL.\n get credentials () {\n // The credentials getter steps are to return this’s request’s credentials mode.\n return this[kState].credentials\n }\n\n // Returns the cache mode associated with request,\n // which is a string indicating how the request will\n // interact with the browser’s cache when fetching.\n get cache () {\n webidl.brandCheck(this, Request)\n\n // The cache getter steps are to return this’s request’s cache mode.\n return this[kState].cache\n }\n\n // Returns the redirect mode associated with request,\n // which is a string indicating how redirects for the\n // request will be handled during fetching. A request\n // will follow redirects by default.\n get redirect () {\n webidl.brandCheck(this, Request)\n\n // The redirect getter steps are to return this’s request’s redirect mode.\n return this[kState].redirect\n }\n\n // Returns request’s subresource integrity metadata, which is a\n // cryptographic hash of the resource being fetched. Its value\n // consists of multiple hashes separated by whitespace. [SRI]\n get integrity () {\n webidl.brandCheck(this, Request)\n\n // The integrity getter steps are to return this’s request’s integrity\n // metadata.\n return this[kState].integrity\n }\n\n // Returns a boolean indicating whether or not request can outlive the\n // global in which it was created.\n get keepalive () {\n webidl.brandCheck(this, Request)\n\n // The keepalive getter steps are to return this’s request’s keepalive.\n return this[kState].keepalive\n }\n\n // Returns a boolean indicating whether or not request is for a reload\n // navigation.\n get isReloadNavigation () {\n webidl.brandCheck(this, Request)\n\n // The isReloadNavigation getter steps are to return true if this’s\n // request’s reload-navigation flag is set; otherwise false.\n return this[kState].reloadNavigation\n }\n\n // Returns a boolean indicating whether or not request is for a history\n // navigation (a.k.a. back-forward navigation).\n get isHistoryNavigation () {\n webidl.brandCheck(this, Request)\n\n // The isHistoryNavigation getter steps are to return true if this’s request’s\n // history-navigation flag is set; otherwise false.\n return this[kState].historyNavigation\n }\n\n // Returns the signal associated with request, which is an AbortSignal\n // object indicating whether or not request has been aborted, and its\n // abort event handler.\n get signal () {\n webidl.brandCheck(this, Request)\n\n // The signal getter steps are to return this’s signal.\n return this[kSignal]\n }\n\n get body () {\n webidl.brandCheck(this, Request)\n\n return this[kState].body ? this[kState].body.stream : null\n }\n\n get bodyUsed () {\n webidl.brandCheck(this, Request)\n\n return !!this[kState].body && util.isDisturbed(this[kState].body.stream)\n }\n\n get duplex () {\n webidl.brandCheck(this, Request)\n\n return 'half'\n }\n\n // Returns a clone of request.\n clone () {\n webidl.brandCheck(this, Request)\n\n // 1. If this is unusable, then throw a TypeError.\n if (bodyUnusable(this)) {\n throw new TypeError('unusable')\n }\n\n // 2. Let clonedRequest be the result of cloning this’s request.\n const clonedRequest = cloneRequest(this[kState])\n\n // 3. Let clonedRequestObject be the result of creating a Request object,\n // given clonedRequest, this’s headers’s guard, and this’s relevant Realm.\n // 4. Make clonedRequestObject’s signal follow this’s signal.\n const ac = new AbortController()\n if (this.signal.aborted) {\n ac.abort(this.signal.reason)\n } else {\n let list = dependentControllerMap.get(this.signal)\n if (list === undefined) {\n list = new Set()\n dependentControllerMap.set(this.signal, list)\n }\n const acRef = new WeakRef(ac)\n list.add(acRef)\n util.addAbortListener(\n ac.signal,\n buildAbort(acRef)\n )\n }\n\n // 4. Return clonedRequestObject.\n return fromInnerRequest(clonedRequest, ac.signal, getHeadersGuard(this[kHeaders]))\n }\n\n [nodeUtil.inspect.custom] (depth, options) {\n if (options.depth === null) {\n options.depth = 2\n }\n\n options.colors ??= true\n\n const properties = {\n method: this.method,\n url: this.url,\n headers: this.headers,\n destination: this.destination,\n referrer: this.referrer,\n referrerPolicy: this.referrerPolicy,\n mode: this.mode,\n credentials: this.credentials,\n cache: this.cache,\n redirect: this.redirect,\n integrity: this.integrity,\n keepalive: this.keepalive,\n isReloadNavigation: this.isReloadNavigation,\n isHistoryNavigation: this.isHistoryNavigation,\n signal: this.signal\n }\n\n return `Request ${nodeUtil.formatWithOptions(options, properties)}`\n }\n}\n\nmixinBody(Request)\n\n// https://fetch.spec.whatwg.org/#requests\nfunction makeRequest (init) {\n return {\n method: init.method ?? 'GET',\n localURLsOnly: init.localURLsOnly ?? false,\n unsafeRequest: init.unsafeRequest ?? false,\n body: init.body ?? null,\n client: init.client ?? null,\n reservedClient: init.reservedClient ?? null,\n replacesClientId: init.replacesClientId ?? '',\n window: init.window ?? 'client',\n keepalive: init.keepalive ?? false,\n serviceWorkers: init.serviceWorkers ?? 'all',\n initiator: init.initiator ?? '',\n destination: init.destination ?? '',\n priority: init.priority ?? null,\n origin: init.origin ?? 'client',\n policyContainer: init.policyContainer ?? 'client',\n referrer: init.referrer ?? 'client',\n referrerPolicy: init.referrerPolicy ?? '',\n mode: init.mode ?? 'no-cors',\n useCORSPreflightFlag: init.useCORSPreflightFlag ?? false,\n credentials: init.credentials ?? 'same-origin',\n useCredentials: init.useCredentials ?? false,\n cache: init.cache ?? 'default',\n redirect: init.redirect ?? 'follow',\n integrity: init.integrity ?? '',\n cryptoGraphicsNonceMetadata: init.cryptoGraphicsNonceMetadata ?? '',\n parserMetadata: init.parserMetadata ?? '',\n reloadNavigation: init.reloadNavigation ?? false,\n historyNavigation: init.historyNavigation ?? false,\n userActivation: init.userActivation ?? false,\n taintedOrigin: init.taintedOrigin ?? false,\n redirectCount: init.redirectCount ?? 0,\n responseTainting: init.responseTainting ?? 'basic',\n preventNoCacheCacheControlHeaderModification: init.preventNoCacheCacheControlHeaderModification ?? false,\n done: init.done ?? false,\n timingAllowFailed: init.timingAllowFailed ?? false,\n urlList: init.urlList,\n url: init.urlList[0],\n headersList: init.headersList\n ? new HeadersList(init.headersList)\n : new HeadersList()\n }\n}\n\n// https://fetch.spec.whatwg.org/#concept-request-clone\nfunction cloneRequest (request) {\n // To clone a request request, run these steps:\n\n // 1. Let newRequest be a copy of request, except for its body.\n const newRequest = makeRequest({ ...request, body: null })\n\n // 2. If request’s body is non-null, set newRequest’s body to the\n // result of cloning request’s body.\n if (request.body != null) {\n newRequest.body = cloneBody(newRequest, request.body)\n }\n\n // 3. Return newRequest.\n return newRequest\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#request-create\n * @param {any} innerRequest\n * @param {AbortSignal} signal\n * @param {'request' | 'immutable' | 'request-no-cors' | 'response' | 'none'} guard\n * @returns {Request}\n */\nfunction fromInnerRequest (innerRequest, signal, guard) {\n const request = new Request(kConstruct)\n request[kState] = innerRequest\n request[kSignal] = signal\n request[kHeaders] = new Headers(kConstruct)\n setHeadersList(request[kHeaders], innerRequest.headersList)\n setHeadersGuard(request[kHeaders], guard)\n return request\n}\n\nObject.defineProperties(Request.prototype, {\n method: kEnumerableProperty,\n url: kEnumerableProperty,\n headers: kEnumerableProperty,\n redirect: kEnumerableProperty,\n clone: kEnumerableProperty,\n signal: kEnumerableProperty,\n duplex: kEnumerableProperty,\n destination: kEnumerableProperty,\n body: kEnumerableProperty,\n bodyUsed: kEnumerableProperty,\n isHistoryNavigation: kEnumerableProperty,\n isReloadNavigation: kEnumerableProperty,\n keepalive: kEnumerableProperty,\n integrity: kEnumerableProperty,\n cache: kEnumerableProperty,\n credentials: kEnumerableProperty,\n attribute: kEnumerableProperty,\n referrerPolicy: kEnumerableProperty,\n referrer: kEnumerableProperty,\n mode: kEnumerableProperty,\n [Symbol.toStringTag]: {\n value: 'Request',\n configurable: true\n }\n})\n\nwebidl.converters.Request = webidl.interfaceConverter(\n Request\n)\n\n// https://fetch.spec.whatwg.org/#requestinfo\nwebidl.converters.RequestInfo = function (V, prefix, argument) {\n if (typeof V === 'string') {\n return webidl.converters.USVString(V, prefix, argument)\n }\n\n if (V instanceof Request) {\n return webidl.converters.Request(V, prefix, argument)\n }\n\n return webidl.converters.USVString(V, prefix, argument)\n}\n\nwebidl.converters.AbortSignal = webidl.interfaceConverter(\n AbortSignal\n)\n\n// https://fetch.spec.whatwg.org/#requestinit\nwebidl.converters.RequestInit = webidl.dictionaryConverter([\n {\n key: 'method',\n converter: webidl.converters.ByteString\n },\n {\n key: 'headers',\n converter: webidl.converters.HeadersInit\n },\n {\n key: 'body',\n converter: webidl.nullableConverter(\n webidl.converters.BodyInit\n )\n },\n {\n key: 'referrer',\n converter: webidl.converters.USVString\n },\n {\n key: 'referrerPolicy',\n converter: webidl.converters.DOMString,\n // https://w3c.github.io/webappsec-referrer-policy/#referrer-policy\n allowedValues: referrerPolicy\n },\n {\n key: 'mode',\n converter: webidl.converters.DOMString,\n // https://fetch.spec.whatwg.org/#concept-request-mode\n allowedValues: requestMode\n },\n {\n key: 'credentials',\n converter: webidl.converters.DOMString,\n // https://fetch.spec.whatwg.org/#requestcredentials\n allowedValues: requestCredentials\n },\n {\n key: 'cache',\n converter: webidl.converters.DOMString,\n // https://fetch.spec.whatwg.org/#requestcache\n allowedValues: requestCache\n },\n {\n key: 'redirect',\n converter: webidl.converters.DOMString,\n // https://fetch.spec.whatwg.org/#requestredirect\n allowedValues: requestRedirect\n },\n {\n key: 'integrity',\n converter: webidl.converters.DOMString\n },\n {\n key: 'keepalive',\n converter: webidl.converters.boolean\n },\n {\n key: 'signal',\n converter: webidl.nullableConverter(\n (signal) => webidl.converters.AbortSignal(\n signal,\n 'RequestInit',\n 'signal',\n { strict: false }\n )\n )\n },\n {\n key: 'window',\n converter: webidl.converters.any\n },\n {\n key: 'duplex',\n converter: webidl.converters.DOMString,\n allowedValues: requestDuplex\n },\n {\n key: 'dispatcher', // undici specific option\n converter: webidl.converters.any\n }\n])\n\nmodule.exports = { Request, makeRequest, fromInnerRequest, cloneRequest }\n","'use strict'\n\nconst { Headers, HeadersList, fill, getHeadersGuard, setHeadersGuard, setHeadersList } = require('./headers')\nconst { extractBody, cloneBody, mixinBody, hasFinalizationRegistry, streamRegistry, bodyUnusable } = require('./body')\nconst util = require('../../core/util')\nconst nodeUtil = require('node:util')\nconst { kEnumerableProperty } = util\nconst {\n isValidReasonPhrase,\n isCancelled,\n isAborted,\n isBlobLike,\n serializeJavascriptValueToJSONString,\n isErrorLike,\n isomorphicEncode,\n environmentSettingsObject: relevantRealm\n} = require('./util')\nconst {\n redirectStatusSet,\n nullBodyStatus\n} = require('./constants')\nconst { kState, kHeaders } = require('./symbols')\nconst { webidl } = require('./webidl')\nconst { FormData } = require('./formdata')\nconst { URLSerializer } = require('./data-url')\nconst { kConstruct } = require('../../core/symbols')\nconst assert = require('node:assert')\nconst { types } = require('node:util')\n\nconst textEncoder = new TextEncoder('utf-8')\n\n// https://fetch.spec.whatwg.org/#response-class\nclass Response {\n // Creates network error Response.\n static error () {\n // The static error() method steps are to return the result of creating a\n // Response object, given a new network error, \"immutable\", and this’s\n // relevant Realm.\n const responseObject = fromInnerResponse(makeNetworkError(), 'immutable')\n\n return responseObject\n }\n\n // https://fetch.spec.whatwg.org/#dom-response-json\n static json (data, init = {}) {\n webidl.argumentLengthCheck(arguments, 1, 'Response.json')\n\n if (init !== null) {\n init = webidl.converters.ResponseInit(init)\n }\n\n // 1. Let bytes the result of running serialize a JavaScript value to JSON bytes on data.\n const bytes = textEncoder.encode(\n serializeJavascriptValueToJSONString(data)\n )\n\n // 2. Let body be the result of extracting bytes.\n const body = extractBody(bytes)\n\n // 3. Let responseObject be the result of creating a Response object, given a new response,\n // \"response\", and this’s relevant Realm.\n const responseObject = fromInnerResponse(makeResponse({}), 'response')\n\n // 4. Perform initialize a response given responseObject, init, and (body, \"application/json\").\n initializeResponse(responseObject, init, { body: body[0], type: 'application/json' })\n\n // 5. Return responseObject.\n return responseObject\n }\n\n // Creates a redirect Response that redirects to url with status status.\n static redirect (url, status = 302) {\n webidl.argumentLengthCheck(arguments, 1, 'Response.redirect')\n\n url = webidl.converters.USVString(url)\n status = webidl.converters['unsigned short'](status)\n\n // 1. Let parsedURL be the result of parsing url with current settings\n // object’s API base URL.\n // 2. If parsedURL is failure, then throw a TypeError.\n // TODO: base-URL?\n let parsedURL\n try {\n parsedURL = new URL(url, relevantRealm.settingsObject.baseUrl)\n } catch (err) {\n throw new TypeError(`Failed to parse URL from ${url}`, { cause: err })\n }\n\n // 3. If status is not a redirect status, then throw a RangeError.\n if (!redirectStatusSet.has(status)) {\n throw new RangeError(`Invalid status code ${status}`)\n }\n\n // 4. Let responseObject be the result of creating a Response object,\n // given a new response, \"immutable\", and this’s relevant Realm.\n const responseObject = fromInnerResponse(makeResponse({}), 'immutable')\n\n // 5. Set responseObject’s response’s status to status.\n responseObject[kState].status = status\n\n // 6. Let value be parsedURL, serialized and isomorphic encoded.\n const value = isomorphicEncode(URLSerializer(parsedURL))\n\n // 7. Append `Location`/value to responseObject’s response’s header list.\n responseObject[kState].headersList.append('location', value, true)\n\n // 8. Return responseObject.\n return responseObject\n }\n\n // https://fetch.spec.whatwg.org/#dom-response\n constructor (body = null, init = {}) {\n webidl.util.markAsUncloneable(this)\n if (body === kConstruct) {\n return\n }\n\n if (body !== null) {\n body = webidl.converters.BodyInit(body)\n }\n\n init = webidl.converters.ResponseInit(init)\n\n // 1. Set this’s response to a new response.\n this[kState] = makeResponse({})\n\n // 2. Set this’s headers to a new Headers object with this’s relevant\n // Realm, whose header list is this’s response’s header list and guard\n // is \"response\".\n this[kHeaders] = new Headers(kConstruct)\n setHeadersGuard(this[kHeaders], 'response')\n setHeadersList(this[kHeaders], this[kState].headersList)\n\n // 3. Let bodyWithType be null.\n let bodyWithType = null\n\n // 4. If body is non-null, then set bodyWithType to the result of extracting body.\n if (body != null) {\n const [extractedBody, type] = extractBody(body)\n bodyWithType = { body: extractedBody, type }\n }\n\n // 5. Perform initialize a response given this, init, and bodyWithType.\n initializeResponse(this, init, bodyWithType)\n }\n\n // Returns response’s type, e.g., \"cors\".\n get type () {\n webidl.brandCheck(this, Response)\n\n // The type getter steps are to return this’s response’s type.\n return this[kState].type\n }\n\n // Returns response’s URL, if it has one; otherwise the empty string.\n get url () {\n webidl.brandCheck(this, Response)\n\n const urlList = this[kState].urlList\n\n // The url getter steps are to return the empty string if this’s\n // response’s URL is null; otherwise this’s response’s URL,\n // serialized with exclude fragment set to true.\n const url = urlList[urlList.length - 1] ?? null\n\n if (url === null) {\n return ''\n }\n\n return URLSerializer(url, true)\n }\n\n // Returns whether response was obtained through a redirect.\n get redirected () {\n webidl.brandCheck(this, Response)\n\n // The redirected getter steps are to return true if this’s response’s URL\n // list has more than one item; otherwise false.\n return this[kState].urlList.length > 1\n }\n\n // Returns response’s status.\n get status () {\n webidl.brandCheck(this, Response)\n\n // The status getter steps are to return this’s response’s status.\n return this[kState].status\n }\n\n // Returns whether response’s status is an ok status.\n get ok () {\n webidl.brandCheck(this, Response)\n\n // The ok getter steps are to return true if this’s response’s status is an\n // ok status; otherwise false.\n return this[kState].status >= 200 && this[kState].status <= 299\n }\n\n // Returns response’s status message.\n get statusText () {\n webidl.brandCheck(this, Response)\n\n // The statusText getter steps are to return this’s response’s status\n // message.\n return this[kState].statusText\n }\n\n // Returns response’s headers as Headers.\n get headers () {\n webidl.brandCheck(this, Response)\n\n // The headers getter steps are to return this’s headers.\n return this[kHeaders]\n }\n\n get body () {\n webidl.brandCheck(this, Response)\n\n return this[kState].body ? this[kState].body.stream : null\n }\n\n get bodyUsed () {\n webidl.brandCheck(this, Response)\n\n return !!this[kState].body && util.isDisturbed(this[kState].body.stream)\n }\n\n // Returns a clone of response.\n clone () {\n webidl.brandCheck(this, Response)\n\n // 1. If this is unusable, then throw a TypeError.\n if (bodyUnusable(this)) {\n throw webidl.errors.exception({\n header: 'Response.clone',\n message: 'Body has already been consumed.'\n })\n }\n\n // 2. Let clonedResponse be the result of cloning this’s response.\n const clonedResponse = cloneResponse(this[kState])\n\n // Note: To re-register because of a new stream.\n if (hasFinalizationRegistry && this[kState].body?.stream) {\n streamRegistry.register(this, new WeakRef(this[kState].body.stream))\n }\n\n // 3. Return the result of creating a Response object, given\n // clonedResponse, this’s headers’s guard, and this’s relevant Realm.\n return fromInnerResponse(clonedResponse, getHeadersGuard(this[kHeaders]))\n }\n\n [nodeUtil.inspect.custom] (depth, options) {\n if (options.depth === null) {\n options.depth = 2\n }\n\n options.colors ??= true\n\n const properties = {\n status: this.status,\n statusText: this.statusText,\n headers: this.headers,\n body: this.body,\n bodyUsed: this.bodyUsed,\n ok: this.ok,\n redirected: this.redirected,\n type: this.type,\n url: this.url\n }\n\n return `Response ${nodeUtil.formatWithOptions(options, properties)}`\n }\n}\n\nmixinBody(Response)\n\nObject.defineProperties(Response.prototype, {\n type: kEnumerableProperty,\n url: kEnumerableProperty,\n status: kEnumerableProperty,\n ok: kEnumerableProperty,\n redirected: kEnumerableProperty,\n statusText: kEnumerableProperty,\n headers: kEnumerableProperty,\n clone: kEnumerableProperty,\n body: kEnumerableProperty,\n bodyUsed: kEnumerableProperty,\n [Symbol.toStringTag]: {\n value: 'Response',\n configurable: true\n }\n})\n\nObject.defineProperties(Response, {\n json: kEnumerableProperty,\n redirect: kEnumerableProperty,\n error: kEnumerableProperty\n})\n\n// https://fetch.spec.whatwg.org/#concept-response-clone\nfunction cloneResponse (response) {\n // To clone a response response, run these steps:\n\n // 1. If response is a filtered response, then return a new identical\n // filtered response whose internal response is a clone of response’s\n // internal response.\n if (response.internalResponse) {\n return filterResponse(\n cloneResponse(response.internalResponse),\n response.type\n )\n }\n\n // 2. Let newResponse be a copy of response, except for its body.\n const newResponse = makeResponse({ ...response, body: null })\n\n // 3. If response’s body is non-null, then set newResponse’s body to the\n // result of cloning response’s body.\n if (response.body != null) {\n newResponse.body = cloneBody(newResponse, response.body)\n }\n\n // 4. Return newResponse.\n return newResponse\n}\n\nfunction makeResponse (init) {\n return {\n aborted: false,\n rangeRequested: false,\n timingAllowPassed: false,\n requestIncludesCredentials: false,\n type: 'default',\n status: 200,\n timingInfo: null,\n cacheState: '',\n statusText: '',\n ...init,\n headersList: init?.headersList\n ? new HeadersList(init?.headersList)\n : new HeadersList(),\n urlList: init?.urlList ? [...init.urlList] : []\n }\n}\n\nfunction makeNetworkError (reason) {\n const isError = isErrorLike(reason)\n return makeResponse({\n type: 'error',\n status: 0,\n error: isError\n ? reason\n : new Error(reason ? String(reason) : reason),\n aborted: reason && reason.name === 'AbortError'\n })\n}\n\n// @see https://fetch.spec.whatwg.org/#concept-network-error\nfunction isNetworkError (response) {\n return (\n // A network error is a response whose type is \"error\",\n response.type === 'error' &&\n // status is 0\n response.status === 0\n )\n}\n\nfunction makeFilteredResponse (response, state) {\n state = {\n internalResponse: response,\n ...state\n }\n\n return new Proxy(response, {\n get (target, p) {\n return p in state ? state[p] : target[p]\n },\n set (target, p, value) {\n assert(!(p in state))\n target[p] = value\n return true\n }\n })\n}\n\n// https://fetch.spec.whatwg.org/#concept-filtered-response\nfunction filterResponse (response, type) {\n // Set response to the following filtered response with response as its\n // internal response, depending on request’s response tainting:\n if (type === 'basic') {\n // A basic filtered response is a filtered response whose type is \"basic\"\n // and header list excludes any headers in internal response’s header list\n // whose name is a forbidden response-header name.\n\n // Note: undici does not implement forbidden response-header names\n return makeFilteredResponse(response, {\n type: 'basic',\n headersList: response.headersList\n })\n } else if (type === 'cors') {\n // A CORS filtered response is a filtered response whose type is \"cors\"\n // and header list excludes any headers in internal response’s header\n // list whose name is not a CORS-safelisted response-header name, given\n // internal response’s CORS-exposed header-name list.\n\n // Note: undici does not implement CORS-safelisted response-header names\n return makeFilteredResponse(response, {\n type: 'cors',\n headersList: response.headersList\n })\n } else if (type === 'opaque') {\n // An opaque filtered response is a filtered response whose type is\n // \"opaque\", URL list is the empty list, status is 0, status message\n // is the empty byte sequence, header list is empty, and body is null.\n\n return makeFilteredResponse(response, {\n type: 'opaque',\n urlList: Object.freeze([]),\n status: 0,\n statusText: '',\n body: null\n })\n } else if (type === 'opaqueredirect') {\n // An opaque-redirect filtered response is a filtered response whose type\n // is \"opaqueredirect\", status is 0, status message is the empty byte\n // sequence, header list is empty, and body is null.\n\n return makeFilteredResponse(response, {\n type: 'opaqueredirect',\n status: 0,\n statusText: '',\n headersList: [],\n body: null\n })\n } else {\n assert(false)\n }\n}\n\n// https://fetch.spec.whatwg.org/#appropriate-network-error\nfunction makeAppropriateNetworkError (fetchParams, err = null) {\n // 1. Assert: fetchParams is canceled.\n assert(isCancelled(fetchParams))\n\n // 2. Return an aborted network error if fetchParams is aborted;\n // otherwise return a network error.\n return isAborted(fetchParams)\n ? makeNetworkError(Object.assign(new DOMException('The operation was aborted.', 'AbortError'), { cause: err }))\n : makeNetworkError(Object.assign(new DOMException('Request was cancelled.'), { cause: err }))\n}\n\n// https://whatpr.org/fetch/1392.html#initialize-a-response\nfunction initializeResponse (response, init, body) {\n // 1. If init[\"status\"] is not in the range 200 to 599, inclusive, then\n // throw a RangeError.\n if (init.status !== null && (init.status < 200 || init.status > 599)) {\n throw new RangeError('init[\"status\"] must be in the range of 200 to 599, inclusive.')\n }\n\n // 2. If init[\"statusText\"] does not match the reason-phrase token production,\n // then throw a TypeError.\n if ('statusText' in init && init.statusText != null) {\n // See, https://datatracker.ietf.org/doc/html/rfc7230#section-3.1.2:\n // reason-phrase = *( HTAB / SP / VCHAR / obs-text )\n if (!isValidReasonPhrase(String(init.statusText))) {\n throw new TypeError('Invalid statusText')\n }\n }\n\n // 3. Set response’s response’s status to init[\"status\"].\n if ('status' in init && init.status != null) {\n response[kState].status = init.status\n }\n\n // 4. Set response’s response’s status message to init[\"statusText\"].\n if ('statusText' in init && init.statusText != null) {\n response[kState].statusText = init.statusText\n }\n\n // 5. If init[\"headers\"] exists, then fill response’s headers with init[\"headers\"].\n if ('headers' in init && init.headers != null) {\n fill(response[kHeaders], init.headers)\n }\n\n // 6. If body was given, then:\n if (body) {\n // 1. If response's status is a null body status, then throw a TypeError.\n if (nullBodyStatus.includes(response.status)) {\n throw webidl.errors.exception({\n header: 'Response constructor',\n message: `Invalid response status code ${response.status}`\n })\n }\n\n // 2. Set response's body to body's body.\n response[kState].body = body.body\n\n // 3. If body's type is non-null and response's header list does not contain\n // `Content-Type`, then append (`Content-Type`, body's type) to response's header list.\n if (body.type != null && !response[kState].headersList.contains('content-type', true)) {\n response[kState].headersList.append('content-type', body.type, true)\n }\n }\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#response-create\n * @param {any} innerResponse\n * @param {'request' | 'immutable' | 'request-no-cors' | 'response' | 'none'} guard\n * @returns {Response}\n */\nfunction fromInnerResponse (innerResponse, guard) {\n const response = new Response(kConstruct)\n response[kState] = innerResponse\n response[kHeaders] = new Headers(kConstruct)\n setHeadersList(response[kHeaders], innerResponse.headersList)\n setHeadersGuard(response[kHeaders], guard)\n\n if (hasFinalizationRegistry && innerResponse.body?.stream) {\n // If the target (response) is reclaimed, the cleanup callback may be called at some point with\n // the held value provided for it (innerResponse.body.stream). The held value can be any value:\n // a primitive or an object, even undefined. If the held value is an object, the registry keeps\n // a strong reference to it (so it can pass it to the cleanup callback later). Reworded from\n // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/FinalizationRegistry\n streamRegistry.register(response, new WeakRef(innerResponse.body.stream))\n }\n\n return response\n}\n\nwebidl.converters.ReadableStream = webidl.interfaceConverter(\n ReadableStream\n)\n\nwebidl.converters.FormData = webidl.interfaceConverter(\n FormData\n)\n\nwebidl.converters.URLSearchParams = webidl.interfaceConverter(\n URLSearchParams\n)\n\n// https://fetch.spec.whatwg.org/#typedefdef-xmlhttprequestbodyinit\nwebidl.converters.XMLHttpRequestBodyInit = function (V, prefix, name) {\n if (typeof V === 'string') {\n return webidl.converters.USVString(V, prefix, name)\n }\n\n if (isBlobLike(V)) {\n return webidl.converters.Blob(V, prefix, name, { strict: false })\n }\n\n if (ArrayBuffer.isView(V) || types.isArrayBuffer(V)) {\n return webidl.converters.BufferSource(V, prefix, name)\n }\n\n if (util.isFormDataLike(V)) {\n return webidl.converters.FormData(V, prefix, name, { strict: false })\n }\n\n if (V instanceof URLSearchParams) {\n return webidl.converters.URLSearchParams(V, prefix, name)\n }\n\n return webidl.converters.DOMString(V, prefix, name)\n}\n\n// https://fetch.spec.whatwg.org/#bodyinit\nwebidl.converters.BodyInit = function (V, prefix, argument) {\n if (V instanceof ReadableStream) {\n return webidl.converters.ReadableStream(V, prefix, argument)\n }\n\n // Note: the spec doesn't include async iterables,\n // this is an undici extension.\n if (V?.[Symbol.asyncIterator]) {\n return V\n }\n\n return webidl.converters.XMLHttpRequestBodyInit(V, prefix, argument)\n}\n\nwebidl.converters.ResponseInit = webidl.dictionaryConverter([\n {\n key: 'status',\n converter: webidl.converters['unsigned short'],\n defaultValue: () => 200\n },\n {\n key: 'statusText',\n converter: webidl.converters.ByteString,\n defaultValue: () => ''\n },\n {\n key: 'headers',\n converter: webidl.converters.HeadersInit\n }\n])\n\nmodule.exports = {\n isNetworkError,\n makeNetworkError,\n makeResponse,\n makeAppropriateNetworkError,\n filterResponse,\n Response,\n cloneResponse,\n fromInnerResponse\n}\n","'use strict'\n\nmodule.exports = {\n kUrl: Symbol('url'),\n kHeaders: Symbol('headers'),\n kSignal: Symbol('signal'),\n kState: Symbol('state'),\n kDispatcher: Symbol('dispatcher')\n}\n","'use strict'\n\nconst { Transform } = require('node:stream')\nconst zlib = require('node:zlib')\nconst { redirectStatusSet, referrerPolicySet: referrerPolicyTokens, badPortsSet } = require('./constants')\nconst { getGlobalOrigin } = require('./global')\nconst { collectASequenceOfCodePoints, collectAnHTTPQuotedString, removeChars, parseMIMEType } = require('./data-url')\nconst { performance } = require('node:perf_hooks')\nconst { isBlobLike, ReadableStreamFrom, isValidHTTPToken, normalizedMethodRecordsBase } = require('../../core/util')\nconst assert = require('node:assert')\nconst { isUint8Array } = require('node:util/types')\nconst { webidl } = require('./webidl')\n\nlet supportedHashes = []\n\n// https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable\n/** @type {import('crypto')} */\nlet crypto\ntry {\n crypto = require('node:crypto')\n const possibleRelevantHashes = ['sha256', 'sha384', 'sha512']\n supportedHashes = crypto.getHashes().filter((hash) => possibleRelevantHashes.includes(hash))\n/* c8 ignore next 3 */\n} catch {\n\n}\n\nfunction responseURL (response) {\n // https://fetch.spec.whatwg.org/#responses\n // A response has an associated URL. It is a pointer to the last URL\n // in response’s URL list and null if response’s URL list is empty.\n const urlList = response.urlList\n const length = urlList.length\n return length === 0 ? null : urlList[length - 1].toString()\n}\n\n// https://fetch.spec.whatwg.org/#concept-response-location-url\nfunction responseLocationURL (response, requestFragment) {\n // 1. If response’s status is not a redirect status, then return null.\n if (!redirectStatusSet.has(response.status)) {\n return null\n }\n\n // 2. Let location be the result of extracting header list values given\n // `Location` and response’s header list.\n let location = response.headersList.get('location', true)\n\n // 3. If location is a header value, then set location to the result of\n // parsing location with response’s URL.\n if (location !== null && isValidHeaderValue(location)) {\n if (!isValidEncodedURL(location)) {\n // Some websites respond location header in UTF-8 form without encoding them as ASCII\n // and major browsers redirect them to correctly UTF-8 encoded addresses.\n // Here, we handle that behavior in the same way.\n location = normalizeBinaryStringToUtf8(location)\n }\n location = new URL(location, responseURL(response))\n }\n\n // 4. If location is a URL whose fragment is null, then set location’s\n // fragment to requestFragment.\n if (location && !location.hash) {\n location.hash = requestFragment\n }\n\n // 5. Return location.\n return location\n}\n\n/**\n * @see https://www.rfc-editor.org/rfc/rfc1738#section-2.2\n * @param {string} url\n * @returns {boolean}\n */\nfunction isValidEncodedURL (url) {\n for (let i = 0; i < url.length; ++i) {\n const code = url.charCodeAt(i)\n\n if (\n code > 0x7E || // Non-US-ASCII + DEL\n code < 0x20 // Control characters NUL - US\n ) {\n return false\n }\n }\n return true\n}\n\n/**\n * If string contains non-ASCII characters, assumes it's UTF-8 encoded and decodes it.\n * Since UTF-8 is a superset of ASCII, this will work for ASCII strings as well.\n * @param {string} value\n * @returns {string}\n */\nfunction normalizeBinaryStringToUtf8 (value) {\n return Buffer.from(value, 'binary').toString('utf8')\n}\n\n/** @returns {URL} */\nfunction requestCurrentURL (request) {\n return request.urlList[request.urlList.length - 1]\n}\n\nfunction requestBadPort (request) {\n // 1. Let url be request’s current URL.\n const url = requestCurrentURL(request)\n\n // 2. If url’s scheme is an HTTP(S) scheme and url’s port is a bad port,\n // then return blocked.\n if (urlIsHttpHttpsScheme(url) && badPortsSet.has(url.port)) {\n return 'blocked'\n }\n\n // 3. Return allowed.\n return 'allowed'\n}\n\nfunction isErrorLike (object) {\n return object instanceof Error || (\n object?.constructor?.name === 'Error' ||\n object?.constructor?.name === 'DOMException'\n )\n}\n\n// Check whether |statusText| is a ByteString and\n// matches the Reason-Phrase token production.\n// RFC 2616: https://tools.ietf.org/html/rfc2616\n// RFC 7230: https://tools.ietf.org/html/rfc7230\n// \"reason-phrase = *( HTAB / SP / VCHAR / obs-text )\"\n// https://github.com/chromium/chromium/blob/94.0.4604.1/third_party/blink/renderer/core/fetch/response.cc#L116\nfunction isValidReasonPhrase (statusText) {\n for (let i = 0; i < statusText.length; ++i) {\n const c = statusText.charCodeAt(i)\n if (\n !(\n (\n c === 0x09 || // HTAB\n (c >= 0x20 && c <= 0x7e) || // SP / VCHAR\n (c >= 0x80 && c <= 0xff)\n ) // obs-text\n )\n ) {\n return false\n }\n }\n return true\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#header-name\n * @param {string} potentialValue\n */\nconst isValidHeaderName = isValidHTTPToken\n\n/**\n * @see https://fetch.spec.whatwg.org/#header-value\n * @param {string} potentialValue\n */\nfunction isValidHeaderValue (potentialValue) {\n // - Has no leading or trailing HTTP tab or space bytes.\n // - Contains no 0x00 (NUL) or HTTP newline bytes.\n return (\n potentialValue[0] === '\\t' ||\n potentialValue[0] === ' ' ||\n potentialValue[potentialValue.length - 1] === '\\t' ||\n potentialValue[potentialValue.length - 1] === ' ' ||\n potentialValue.includes('\\n') ||\n potentialValue.includes('\\r') ||\n potentialValue.includes('\\0')\n ) === false\n}\n\n// https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect\nfunction setRequestReferrerPolicyOnRedirect (request, actualResponse) {\n // Given a request request and a response actualResponse, this algorithm\n // updates request’s referrer policy according to the Referrer-Policy\n // header (if any) in actualResponse.\n\n // 1. Let policy be the result of executing § 8.1 Parse a referrer policy\n // from a Referrer-Policy header on actualResponse.\n\n // 8.1 Parse a referrer policy from a Referrer-Policy header\n // 1. Let policy-tokens be the result of extracting header list values given `Referrer-Policy` and response’s header list.\n const { headersList } = actualResponse\n // 2. Let policy be the empty string.\n // 3. For each token in policy-tokens, if token is a referrer policy and token is not the empty string, then set policy to token.\n // 4. Return policy.\n const policyHeader = (headersList.get('referrer-policy', true) ?? '').split(',')\n\n // Note: As the referrer-policy can contain multiple policies\n // separated by comma, we need to loop through all of them\n // and pick the first valid one.\n // Ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy#specify_a_fallback_policy\n let policy = ''\n if (policyHeader.length > 0) {\n // The right-most policy takes precedence.\n // The left-most policy is the fallback.\n for (let i = policyHeader.length; i !== 0; i--) {\n const token = policyHeader[i - 1].trim()\n if (referrerPolicyTokens.has(token)) {\n policy = token\n break\n }\n }\n }\n\n // 2. If policy is not the empty string, then set request’s referrer policy to policy.\n if (policy !== '') {\n request.referrerPolicy = policy\n }\n}\n\n// https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check\nfunction crossOriginResourcePolicyCheck () {\n // TODO\n return 'allowed'\n}\n\n// https://fetch.spec.whatwg.org/#concept-cors-check\nfunction corsCheck () {\n // TODO\n return 'success'\n}\n\n// https://fetch.spec.whatwg.org/#concept-tao-check\nfunction TAOCheck () {\n // TODO\n return 'success'\n}\n\nfunction appendFetchMetadata (httpRequest) {\n // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-dest-header\n // TODO\n\n // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-mode-header\n\n // 1. Assert: r’s url is a potentially trustworthy URL.\n // TODO\n\n // 2. Let header be a Structured Header whose value is a token.\n let header = null\n\n // 3. Set header’s value to r’s mode.\n header = httpRequest.mode\n\n // 4. Set a structured field value `Sec-Fetch-Mode`/header in r’s header list.\n httpRequest.headersList.set('sec-fetch-mode', header, true)\n\n // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-site-header\n // TODO\n\n // https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-user-header\n // TODO\n}\n\n// https://fetch.spec.whatwg.org/#append-a-request-origin-header\nfunction appendRequestOriginHeader (request) {\n // 1. Let serializedOrigin be the result of byte-serializing a request origin\n // with request.\n // TODO: implement \"byte-serializing a request origin\"\n let serializedOrigin = request.origin\n\n // - \"'client' is changed to an origin during fetching.\"\n // This doesn't happen in undici (in most cases) because undici, by default,\n // has no concept of origin.\n // - request.origin can also be set to request.client.origin (client being\n // an environment settings object), which is undefined without using\n // setGlobalOrigin.\n if (serializedOrigin === 'client' || serializedOrigin === undefined) {\n return\n }\n\n // 2. If request’s response tainting is \"cors\" or request’s mode is \"websocket\",\n // then append (`Origin`, serializedOrigin) to request’s header list.\n // 3. Otherwise, if request’s method is neither `GET` nor `HEAD`, then:\n if (request.responseTainting === 'cors' || request.mode === 'websocket') {\n request.headersList.append('origin', serializedOrigin, true)\n } else if (request.method !== 'GET' && request.method !== 'HEAD') {\n // 1. Switch on request’s referrer policy:\n switch (request.referrerPolicy) {\n case 'no-referrer':\n // Set serializedOrigin to `null`.\n serializedOrigin = null\n break\n case 'no-referrer-when-downgrade':\n case 'strict-origin':\n case 'strict-origin-when-cross-origin':\n // If request’s origin is a tuple origin, its scheme is \"https\", and\n // request’s current URL’s scheme is not \"https\", then set\n // serializedOrigin to `null`.\n if (request.origin && urlHasHttpsScheme(request.origin) && !urlHasHttpsScheme(requestCurrentURL(request))) {\n serializedOrigin = null\n }\n break\n case 'same-origin':\n // If request’s origin is not same origin with request’s current URL’s\n // origin, then set serializedOrigin to `null`.\n if (!sameOrigin(request, requestCurrentURL(request))) {\n serializedOrigin = null\n }\n break\n default:\n // Do nothing.\n }\n\n // 2. Append (`Origin`, serializedOrigin) to request’s header list.\n request.headersList.append('origin', serializedOrigin, true)\n }\n}\n\n// https://w3c.github.io/hr-time/#dfn-coarsen-time\nfunction coarsenTime (timestamp, crossOriginIsolatedCapability) {\n // TODO\n return timestamp\n}\n\n// https://fetch.spec.whatwg.org/#clamp-and-coarsen-connection-timing-info\nfunction clampAndCoarsenConnectionTimingInfo (connectionTimingInfo, defaultStartTime, crossOriginIsolatedCapability) {\n if (!connectionTimingInfo?.startTime || connectionTimingInfo.startTime < defaultStartTime) {\n return {\n domainLookupStartTime: defaultStartTime,\n domainLookupEndTime: defaultStartTime,\n connectionStartTime: defaultStartTime,\n connectionEndTime: defaultStartTime,\n secureConnectionStartTime: defaultStartTime,\n ALPNNegotiatedProtocol: connectionTimingInfo?.ALPNNegotiatedProtocol\n }\n }\n\n return {\n domainLookupStartTime: coarsenTime(connectionTimingInfo.domainLookupStartTime, crossOriginIsolatedCapability),\n domainLookupEndTime: coarsenTime(connectionTimingInfo.domainLookupEndTime, crossOriginIsolatedCapability),\n connectionStartTime: coarsenTime(connectionTimingInfo.connectionStartTime, crossOriginIsolatedCapability),\n connectionEndTime: coarsenTime(connectionTimingInfo.connectionEndTime, crossOriginIsolatedCapability),\n secureConnectionStartTime: coarsenTime(connectionTimingInfo.secureConnectionStartTime, crossOriginIsolatedCapability),\n ALPNNegotiatedProtocol: connectionTimingInfo.ALPNNegotiatedProtocol\n }\n}\n\n// https://w3c.github.io/hr-time/#dfn-coarsened-shared-current-time\nfunction coarsenedSharedCurrentTime (crossOriginIsolatedCapability) {\n return coarsenTime(performance.now(), crossOriginIsolatedCapability)\n}\n\n// https://fetch.spec.whatwg.org/#create-an-opaque-timing-info\nfunction createOpaqueTimingInfo (timingInfo) {\n return {\n startTime: timingInfo.startTime ?? 0,\n redirectStartTime: 0,\n redirectEndTime: 0,\n postRedirectStartTime: timingInfo.startTime ?? 0,\n finalServiceWorkerStartTime: 0,\n finalNetworkResponseStartTime: 0,\n finalNetworkRequestStartTime: 0,\n endTime: 0,\n encodedBodySize: 0,\n decodedBodySize: 0,\n finalConnectionTimingInfo: null\n }\n}\n\n// https://html.spec.whatwg.org/multipage/origin.html#policy-container\nfunction makePolicyContainer () {\n // Note: the fetch spec doesn't make use of embedder policy or CSP list\n return {\n referrerPolicy: 'strict-origin-when-cross-origin'\n }\n}\n\n// https://html.spec.whatwg.org/multipage/origin.html#clone-a-policy-container\nfunction clonePolicyContainer (policyContainer) {\n return {\n referrerPolicy: policyContainer.referrerPolicy\n }\n}\n\n// https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer\nfunction determineRequestsReferrer (request) {\n // 1. Let policy be request's referrer policy.\n const policy = request.referrerPolicy\n\n // Note: policy cannot (shouldn't) be null or an empty string.\n assert(policy)\n\n // 2. Let environment be request’s client.\n\n let referrerSource = null\n\n // 3. Switch on request’s referrer:\n if (request.referrer === 'client') {\n // Note: node isn't a browser and doesn't implement document/iframes,\n // so we bypass this step and replace it with our own.\n\n const globalOrigin = getGlobalOrigin()\n\n if (!globalOrigin || globalOrigin.origin === 'null') {\n return 'no-referrer'\n }\n\n // note: we need to clone it as it's mutated\n referrerSource = new URL(globalOrigin)\n } else if (request.referrer instanceof URL) {\n // Let referrerSource be request’s referrer.\n referrerSource = request.referrer\n }\n\n // 4. Let request’s referrerURL be the result of stripping referrerSource for\n // use as a referrer.\n let referrerURL = stripURLForReferrer(referrerSource)\n\n // 5. Let referrerOrigin be the result of stripping referrerSource for use as\n // a referrer, with the origin-only flag set to true.\n const referrerOrigin = stripURLForReferrer(referrerSource, true)\n\n // 6. If the result of serializing referrerURL is a string whose length is\n // greater than 4096, set referrerURL to referrerOrigin.\n if (referrerURL.toString().length > 4096) {\n referrerURL = referrerOrigin\n }\n\n const areSameOrigin = sameOrigin(request, referrerURL)\n const isNonPotentiallyTrustWorthy = isURLPotentiallyTrustworthy(referrerURL) &&\n !isURLPotentiallyTrustworthy(request.url)\n\n // 8. Execute the switch statements corresponding to the value of policy:\n switch (policy) {\n case 'origin': return referrerOrigin != null ? referrerOrigin : stripURLForReferrer(referrerSource, true)\n case 'unsafe-url': return referrerURL\n case 'same-origin':\n return areSameOrigin ? referrerOrigin : 'no-referrer'\n case 'origin-when-cross-origin':\n return areSameOrigin ? referrerURL : referrerOrigin\n case 'strict-origin-when-cross-origin': {\n const currentURL = requestCurrentURL(request)\n\n // 1. If the origin of referrerURL and the origin of request’s current\n // URL are the same, then return referrerURL.\n if (sameOrigin(referrerURL, currentURL)) {\n return referrerURL\n }\n\n // 2. If referrerURL is a potentially trustworthy URL and request’s\n // current URL is not a potentially trustworthy URL, then return no\n // referrer.\n if (isURLPotentiallyTrustworthy(referrerURL) && !isURLPotentiallyTrustworthy(currentURL)) {\n return 'no-referrer'\n }\n\n // 3. Return referrerOrigin.\n return referrerOrigin\n }\n case 'strict-origin': // eslint-disable-line\n /**\n * 1. If referrerURL is a potentially trustworthy URL and\n * request’s current URL is not a potentially trustworthy URL,\n * then return no referrer.\n * 2. Return referrerOrigin\n */\n case 'no-referrer-when-downgrade': // eslint-disable-line\n /**\n * 1. If referrerURL is a potentially trustworthy URL and\n * request’s current URL is not a potentially trustworthy URL,\n * then return no referrer.\n * 2. Return referrerOrigin\n */\n\n default: // eslint-disable-line\n return isNonPotentiallyTrustWorthy ? 'no-referrer' : referrerOrigin\n }\n}\n\n/**\n * @see https://w3c.github.io/webappsec-referrer-policy/#strip-url\n * @param {URL} url\n * @param {boolean|undefined} originOnly\n */\nfunction stripURLForReferrer (url, originOnly) {\n // 1. Assert: url is a URL.\n assert(url instanceof URL)\n\n url = new URL(url)\n\n // 2. If url’s scheme is a local scheme, then return no referrer.\n if (url.protocol === 'file:' || url.protocol === 'about:' || url.protocol === 'blank:') {\n return 'no-referrer'\n }\n\n // 3. Set url’s username to the empty string.\n url.username = ''\n\n // 4. Set url’s password to the empty string.\n url.password = ''\n\n // 5. Set url’s fragment to null.\n url.hash = ''\n\n // 6. If the origin-only flag is true, then:\n if (originOnly) {\n // 1. Set url’s path to « the empty string ».\n url.pathname = ''\n\n // 2. Set url’s query to null.\n url.search = ''\n }\n\n // 7. Return url.\n return url\n}\n\nfunction isURLPotentiallyTrustworthy (url) {\n if (!(url instanceof URL)) {\n return false\n }\n\n // If child of about, return true\n if (url.href === 'about:blank' || url.href === 'about:srcdoc') {\n return true\n }\n\n // If scheme is data, return true\n if (url.protocol === 'data:') return true\n\n // If file, return true\n if (url.protocol === 'file:') return true\n\n return isOriginPotentiallyTrustworthy(url.origin)\n\n function isOriginPotentiallyTrustworthy (origin) {\n // If origin is explicitly null, return false\n if (origin == null || origin === 'null') return false\n\n const originAsURL = new URL(origin)\n\n // If secure, return true\n if (originAsURL.protocol === 'https:' || originAsURL.protocol === 'wss:') {\n return true\n }\n\n // If localhost or variants, return true\n if (/^127(?:\\.[0-9]+){0,2}\\.[0-9]+$|^\\[(?:0*:)*?:?0*1\\]$/.test(originAsURL.hostname) ||\n (originAsURL.hostname === 'localhost' || originAsURL.hostname.includes('localhost.')) ||\n (originAsURL.hostname.endsWith('.localhost'))) {\n return true\n }\n\n // If any other, return false\n return false\n }\n}\n\n/**\n * @see https://w3c.github.io/webappsec-subresource-integrity/#does-response-match-metadatalist\n * @param {Uint8Array} bytes\n * @param {string} metadataList\n */\nfunction bytesMatch (bytes, metadataList) {\n // If node is not built with OpenSSL support, we cannot check\n // a request's integrity, so allow it by default (the spec will\n // allow requests if an invalid hash is given, as precedence).\n /* istanbul ignore if: only if node is built with --without-ssl */\n if (crypto === undefined) {\n return true\n }\n\n // 1. Let parsedMetadata be the result of parsing metadataList.\n const parsedMetadata = parseMetadata(metadataList)\n\n // 2. If parsedMetadata is no metadata, return true.\n if (parsedMetadata === 'no metadata') {\n return true\n }\n\n // 3. If response is not eligible for integrity validation, return false.\n // TODO\n\n // 4. If parsedMetadata is the empty set, return true.\n if (parsedMetadata.length === 0) {\n return true\n }\n\n // 5. Let metadata be the result of getting the strongest\n // metadata from parsedMetadata.\n const strongest = getStrongestMetadata(parsedMetadata)\n const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest)\n\n // 6. For each item in metadata:\n for (const item of metadata) {\n // 1. Let algorithm be the alg component of item.\n const algorithm = item.algo\n\n // 2. Let expectedValue be the val component of item.\n const expectedValue = item.hash\n\n // See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e\n // \"be liberal with padding\". This is annoying, and it's not even in the spec.\n\n // 3. Let actualValue be the result of applying algorithm to bytes.\n let actualValue = crypto.createHash(algorithm).update(bytes).digest('base64')\n\n if (actualValue[actualValue.length - 1] === '=') {\n if (actualValue[actualValue.length - 2] === '=') {\n actualValue = actualValue.slice(0, -2)\n } else {\n actualValue = actualValue.slice(0, -1)\n }\n }\n\n // 4. If actualValue is a case-sensitive match for expectedValue,\n // return true.\n if (compareBase64Mixed(actualValue, expectedValue)) {\n return true\n }\n }\n\n // 7. Return false.\n return false\n}\n\n// https://w3c.github.io/webappsec-subresource-integrity/#grammardef-hash-with-options\n// https://www.w3.org/TR/CSP2/#source-list-syntax\n// https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1\nconst parseHashWithOptions = /(?sha256|sha384|sha512)-((?[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\\s|$)( +[!-~]*)?)?/i\n\n/**\n * @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata\n * @param {string} metadata\n */\nfunction parseMetadata (metadata) {\n // 1. Let result be the empty set.\n /** @type {{ algo: string, hash: string }[]} */\n const result = []\n\n // 2. Let empty be equal to true.\n let empty = true\n\n // 3. For each token returned by splitting metadata on spaces:\n for (const token of metadata.split(' ')) {\n // 1. Set empty to false.\n empty = false\n\n // 2. Parse token as a hash-with-options.\n const parsedToken = parseHashWithOptions.exec(token)\n\n // 3. If token does not parse, continue to the next token.\n if (\n parsedToken === null ||\n parsedToken.groups === undefined ||\n parsedToken.groups.algo === undefined\n ) {\n // Note: Chromium blocks the request at this point, but Firefox\n // gives a warning that an invalid integrity was given. The\n // correct behavior is to ignore these, and subsequently not\n // check the integrity of the resource.\n continue\n }\n\n // 4. Let algorithm be the hash-algo component of token.\n const algorithm = parsedToken.groups.algo.toLowerCase()\n\n // 5. If algorithm is a hash function recognized by the user\n // agent, add the parsed token to result.\n if (supportedHashes.includes(algorithm)) {\n result.push(parsedToken.groups)\n }\n }\n\n // 4. Return no metadata if empty is true, otherwise return result.\n if (empty === true) {\n return 'no metadata'\n }\n\n return result\n}\n\n/**\n * @param {{ algo: 'sha256' | 'sha384' | 'sha512' }[]} metadataList\n */\nfunction getStrongestMetadata (metadataList) {\n // Let algorithm be the algo component of the first item in metadataList.\n // Can be sha256\n let algorithm = metadataList[0].algo\n // If the algorithm is sha512, then it is the strongest\n // and we can return immediately\n if (algorithm[3] === '5') {\n return algorithm\n }\n\n for (let i = 1; i < metadataList.length; ++i) {\n const metadata = metadataList[i]\n // If the algorithm is sha512, then it is the strongest\n // and we can break the loop immediately\n if (metadata.algo[3] === '5') {\n algorithm = 'sha512'\n break\n // If the algorithm is sha384, then a potential sha256 or sha384 is ignored\n } else if (algorithm[3] === '3') {\n continue\n // algorithm is sha256, check if algorithm is sha384 and if so, set it as\n // the strongest\n } else if (metadata.algo[3] === '3') {\n algorithm = 'sha384'\n }\n }\n return algorithm\n}\n\nfunction filterMetadataListByAlgorithm (metadataList, algorithm) {\n if (metadataList.length === 1) {\n return metadataList\n }\n\n let pos = 0\n for (let i = 0; i < metadataList.length; ++i) {\n if (metadataList[i].algo === algorithm) {\n metadataList[pos++] = metadataList[i]\n }\n }\n\n metadataList.length = pos\n\n return metadataList\n}\n\n/**\n * Compares two base64 strings, allowing for base64url\n * in the second string.\n *\n* @param {string} actualValue always base64\n * @param {string} expectedValue base64 or base64url\n * @returns {boolean}\n */\nfunction compareBase64Mixed (actualValue, expectedValue) {\n if (actualValue.length !== expectedValue.length) {\n return false\n }\n for (let i = 0; i < actualValue.length; ++i) {\n if (actualValue[i] !== expectedValue[i]) {\n if (\n (actualValue[i] === '+' && expectedValue[i] === '-') ||\n (actualValue[i] === '/' && expectedValue[i] === '_')\n ) {\n continue\n }\n return false\n }\n }\n\n return true\n}\n\n// https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request\nfunction tryUpgradeRequestToAPotentiallyTrustworthyURL (request) {\n // TODO\n}\n\n/**\n * @link {https://html.spec.whatwg.org/multipage/origin.html#same-origin}\n * @param {URL} A\n * @param {URL} B\n */\nfunction sameOrigin (A, B) {\n // 1. If A and B are the same opaque origin, then return true.\n if (A.origin === B.origin && A.origin === 'null') {\n return true\n }\n\n // 2. If A and B are both tuple origins and their schemes,\n // hosts, and port are identical, then return true.\n if (A.protocol === B.protocol && A.hostname === B.hostname && A.port === B.port) {\n return true\n }\n\n // 3. Return false.\n return false\n}\n\nfunction createDeferredPromise () {\n let res\n let rej\n const promise = new Promise((resolve, reject) => {\n res = resolve\n rej = reject\n })\n\n return { promise, resolve: res, reject: rej }\n}\n\nfunction isAborted (fetchParams) {\n return fetchParams.controller.state === 'aborted'\n}\n\nfunction isCancelled (fetchParams) {\n return fetchParams.controller.state === 'aborted' ||\n fetchParams.controller.state === 'terminated'\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-method-normalize\n * @param {string} method\n */\nfunction normalizeMethod (method) {\n return normalizedMethodRecordsBase[method.toLowerCase()] ?? method\n}\n\n// https://infra.spec.whatwg.org/#serialize-a-javascript-value-to-a-json-string\nfunction serializeJavascriptValueToJSONString (value) {\n // 1. Let result be ? Call(%JSON.stringify%, undefined, « value »).\n const result = JSON.stringify(value)\n\n // 2. If result is undefined, then throw a TypeError.\n if (result === undefined) {\n throw new TypeError('Value is not JSON serializable')\n }\n\n // 3. Assert: result is a string.\n assert(typeof result === 'string')\n\n // 4. Return result.\n return result\n}\n\n// https://tc39.es/ecma262/#sec-%25iteratorprototype%25-object\nconst esIteratorPrototype = Object.getPrototypeOf(Object.getPrototypeOf([][Symbol.iterator]()))\n\n/**\n * @see https://webidl.spec.whatwg.org/#dfn-iterator-prototype-object\n * @param {string} name name of the instance\n * @param {symbol} kInternalIterator\n * @param {string | number} [keyIndex]\n * @param {string | number} [valueIndex]\n */\nfunction createIterator (name, kInternalIterator, keyIndex = 0, valueIndex = 1) {\n class FastIterableIterator {\n /** @type {any} */\n #target\n /** @type {'key' | 'value' | 'key+value'} */\n #kind\n /** @type {number} */\n #index\n\n /**\n * @see https://webidl.spec.whatwg.org/#dfn-default-iterator-object\n * @param {unknown} target\n * @param {'key' | 'value' | 'key+value'} kind\n */\n constructor (target, kind) {\n this.#target = target\n this.#kind = kind\n this.#index = 0\n }\n\n next () {\n // 1. Let interface be the interface for which the iterator prototype object exists.\n // 2. Let thisValue be the this value.\n // 3. Let object be ? ToObject(thisValue).\n // 4. If object is a platform object, then perform a security\n // check, passing:\n // 5. If object is not a default iterator object for interface,\n // then throw a TypeError.\n if (typeof this !== 'object' || this === null || !(#target in this)) {\n throw new TypeError(\n `'next' called on an object that does not implement interface ${name} Iterator.`\n )\n }\n\n // 6. Let index be object’s index.\n // 7. Let kind be object’s kind.\n // 8. Let values be object’s target's value pairs to iterate over.\n const index = this.#index\n const values = this.#target[kInternalIterator]\n\n // 9. Let len be the length of values.\n const len = values.length\n\n // 10. If index is greater than or equal to len, then return\n // CreateIterResultObject(undefined, true).\n if (index >= len) {\n return {\n value: undefined,\n done: true\n }\n }\n\n // 11. Let pair be the entry in values at index index.\n const { [keyIndex]: key, [valueIndex]: value } = values[index]\n\n // 12. Set object’s index to index + 1.\n this.#index = index + 1\n\n // 13. Return the iterator result for pair and kind.\n\n // https://webidl.spec.whatwg.org/#iterator-result\n\n // 1. Let result be a value determined by the value of kind:\n let result\n switch (this.#kind) {\n case 'key':\n // 1. Let idlKey be pair’s key.\n // 2. Let key be the result of converting idlKey to an\n // ECMAScript value.\n // 3. result is key.\n result = key\n break\n case 'value':\n // 1. Let idlValue be pair’s value.\n // 2. Let value be the result of converting idlValue to\n // an ECMAScript value.\n // 3. result is value.\n result = value\n break\n case 'key+value':\n // 1. Let idlKey be pair’s key.\n // 2. Let idlValue be pair’s value.\n // 3. Let key be the result of converting idlKey to an\n // ECMAScript value.\n // 4. Let value be the result of converting idlValue to\n // an ECMAScript value.\n // 5. Let array be ! ArrayCreate(2).\n // 6. Call ! CreateDataProperty(array, \"0\", key).\n // 7. Call ! CreateDataProperty(array, \"1\", value).\n // 8. result is array.\n result = [key, value]\n break\n }\n\n // 2. Return CreateIterResultObject(result, false).\n return {\n value: result,\n done: false\n }\n }\n }\n\n // https://webidl.spec.whatwg.org/#dfn-iterator-prototype-object\n // @ts-ignore\n delete FastIterableIterator.prototype.constructor\n\n Object.setPrototypeOf(FastIterableIterator.prototype, esIteratorPrototype)\n\n Object.defineProperties(FastIterableIterator.prototype, {\n [Symbol.toStringTag]: {\n writable: false,\n enumerable: false,\n configurable: true,\n value: `${name} Iterator`\n },\n next: { writable: true, enumerable: true, configurable: true }\n })\n\n /**\n * @param {unknown} target\n * @param {'key' | 'value' | 'key+value'} kind\n * @returns {IterableIterator}\n */\n return function (target, kind) {\n return new FastIterableIterator(target, kind)\n }\n}\n\n/**\n * @see https://webidl.spec.whatwg.org/#dfn-iterator-prototype-object\n * @param {string} name name of the instance\n * @param {any} object class\n * @param {symbol} kInternalIterator\n * @param {string | number} [keyIndex]\n * @param {string | number} [valueIndex]\n */\nfunction iteratorMixin (name, object, kInternalIterator, keyIndex = 0, valueIndex = 1) {\n const makeIterator = createIterator(name, kInternalIterator, keyIndex, valueIndex)\n\n const properties = {\n keys: {\n writable: true,\n enumerable: true,\n configurable: true,\n value: function keys () {\n webidl.brandCheck(this, object)\n return makeIterator(this, 'key')\n }\n },\n values: {\n writable: true,\n enumerable: true,\n configurable: true,\n value: function values () {\n webidl.brandCheck(this, object)\n return makeIterator(this, 'value')\n }\n },\n entries: {\n writable: true,\n enumerable: true,\n configurable: true,\n value: function entries () {\n webidl.brandCheck(this, object)\n return makeIterator(this, 'key+value')\n }\n },\n forEach: {\n writable: true,\n enumerable: true,\n configurable: true,\n value: function forEach (callbackfn, thisArg = globalThis) {\n webidl.brandCheck(this, object)\n webidl.argumentLengthCheck(arguments, 1, `${name}.forEach`)\n if (typeof callbackfn !== 'function') {\n throw new TypeError(\n `Failed to execute 'forEach' on '${name}': parameter 1 is not of type 'Function'.`\n )\n }\n for (const { 0: key, 1: value } of makeIterator(this, 'key+value')) {\n callbackfn.call(thisArg, value, key, this)\n }\n }\n }\n }\n\n return Object.defineProperties(object.prototype, {\n ...properties,\n [Symbol.iterator]: {\n writable: true,\n enumerable: false,\n configurable: true,\n value: properties.entries.value\n }\n })\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#body-fully-read\n */\nasync function fullyReadBody (body, processBody, processBodyError) {\n // 1. If taskDestination is null, then set taskDestination to\n // the result of starting a new parallel queue.\n\n // 2. Let successSteps given a byte sequence bytes be to queue a\n // fetch task to run processBody given bytes, with taskDestination.\n const successSteps = processBody\n\n // 3. Let errorSteps be to queue a fetch task to run processBodyError,\n // with taskDestination.\n const errorSteps = processBodyError\n\n // 4. Let reader be the result of getting a reader for body’s stream.\n // If that threw an exception, then run errorSteps with that\n // exception and return.\n let reader\n\n try {\n reader = body.stream.getReader()\n } catch (e) {\n errorSteps(e)\n return\n }\n\n // 5. Read all bytes from reader, given successSteps and errorSteps.\n try {\n successSteps(await readAllBytes(reader))\n } catch (e) {\n errorSteps(e)\n }\n}\n\nfunction isReadableStreamLike (stream) {\n return stream instanceof ReadableStream || (\n stream[Symbol.toStringTag] === 'ReadableStream' &&\n typeof stream.tee === 'function'\n )\n}\n\n/**\n * @param {ReadableStreamController} controller\n */\nfunction readableStreamClose (controller) {\n try {\n controller.close()\n controller.byobRequest?.respond(0)\n } catch (err) {\n // TODO: add comment explaining why this error occurs.\n if (!err.message.includes('Controller is already closed') && !err.message.includes('ReadableStream is already closed')) {\n throw err\n }\n }\n}\n\nconst invalidIsomorphicEncodeValueRegex = /[^\\x00-\\xFF]/ // eslint-disable-line\n\n/**\n * @see https://infra.spec.whatwg.org/#isomorphic-encode\n * @param {string} input\n */\nfunction isomorphicEncode (input) {\n // 1. Assert: input contains no code points greater than U+00FF.\n assert(!invalidIsomorphicEncodeValueRegex.test(input))\n\n // 2. Return a byte sequence whose length is equal to input’s code\n // point length and whose bytes have the same values as the\n // values of input’s code points, in the same order\n return input\n}\n\n/**\n * @see https://streams.spec.whatwg.org/#readablestreamdefaultreader-read-all-bytes\n * @see https://streams.spec.whatwg.org/#read-loop\n * @param {ReadableStreamDefaultReader} reader\n */\nasync function readAllBytes (reader) {\n const bytes = []\n let byteLength = 0\n\n while (true) {\n const { done, value: chunk } = await reader.read()\n\n if (done) {\n // 1. Call successSteps with bytes.\n return Buffer.concat(bytes, byteLength)\n }\n\n // 1. If chunk is not a Uint8Array object, call failureSteps\n // with a TypeError and abort these steps.\n if (!isUint8Array(chunk)) {\n throw new TypeError('Received non-Uint8Array chunk')\n }\n\n // 2. Append the bytes represented by chunk to bytes.\n bytes.push(chunk)\n byteLength += chunk.length\n\n // 3. Read-loop given reader, bytes, successSteps, and failureSteps.\n }\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#is-local\n * @param {URL} url\n */\nfunction urlIsLocal (url) {\n assert('protocol' in url) // ensure it's a url object\n\n const protocol = url.protocol\n\n return protocol === 'about:' || protocol === 'blob:' || protocol === 'data:'\n}\n\n/**\n * @param {string|URL} url\n * @returns {boolean}\n */\nfunction urlHasHttpsScheme (url) {\n return (\n (\n typeof url === 'string' &&\n url[5] === ':' &&\n url[0] === 'h' &&\n url[1] === 't' &&\n url[2] === 't' &&\n url[3] === 'p' &&\n url[4] === 's'\n ) ||\n url.protocol === 'https:'\n )\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#http-scheme\n * @param {URL} url\n */\nfunction urlIsHttpHttpsScheme (url) {\n assert('protocol' in url) // ensure it's a url object\n\n const protocol = url.protocol\n\n return protocol === 'http:' || protocol === 'https:'\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#simple-range-header-value\n * @param {string} value\n * @param {boolean} allowWhitespace\n */\nfunction simpleRangeHeaderValue (value, allowWhitespace) {\n // 1. Let data be the isomorphic decoding of value.\n // Note: isomorphic decoding takes a sequence of bytes (ie. a Uint8Array) and turns it into a string,\n // nothing more. We obviously don't need to do that if value is a string already.\n const data = value\n\n // 2. If data does not start with \"bytes\", then return failure.\n if (!data.startsWith('bytes')) {\n return 'failure'\n }\n\n // 3. Let position be a position variable for data, initially pointing at the 5th code point of data.\n const position = { position: 5 }\n\n // 4. If allowWhitespace is true, collect a sequence of code points that are HTTP tab or space,\n // from data given position.\n if (allowWhitespace) {\n collectASequenceOfCodePoints(\n (char) => char === '\\t' || char === ' ',\n data,\n position\n )\n }\n\n // 5. If the code point at position within data is not U+003D (=), then return failure.\n if (data.charCodeAt(position.position) !== 0x3D) {\n return 'failure'\n }\n\n // 6. Advance position by 1.\n position.position++\n\n // 7. If allowWhitespace is true, collect a sequence of code points that are HTTP tab or space, from\n // data given position.\n if (allowWhitespace) {\n collectASequenceOfCodePoints(\n (char) => char === '\\t' || char === ' ',\n data,\n position\n )\n }\n\n // 8. Let rangeStart be the result of collecting a sequence of code points that are ASCII digits,\n // from data given position.\n const rangeStart = collectASequenceOfCodePoints(\n (char) => {\n const code = char.charCodeAt(0)\n\n return code >= 0x30 && code <= 0x39\n },\n data,\n position\n )\n\n // 9. Let rangeStartValue be rangeStart, interpreted as decimal number, if rangeStart is not the\n // empty string; otherwise null.\n const rangeStartValue = rangeStart.length ? Number(rangeStart) : null\n\n // 10. If allowWhitespace is true, collect a sequence of code points that are HTTP tab or space,\n // from data given position.\n if (allowWhitespace) {\n collectASequenceOfCodePoints(\n (char) => char === '\\t' || char === ' ',\n data,\n position\n )\n }\n\n // 11. If the code point at position within data is not U+002D (-), then return failure.\n if (data.charCodeAt(position.position) !== 0x2D) {\n return 'failure'\n }\n\n // 12. Advance position by 1.\n position.position++\n\n // 13. If allowWhitespace is true, collect a sequence of code points that are HTTP tab\n // or space, from data given position.\n // Note from Khafra: its the same step as in #8 again lol\n if (allowWhitespace) {\n collectASequenceOfCodePoints(\n (char) => char === '\\t' || char === ' ',\n data,\n position\n )\n }\n\n // 14. Let rangeEnd be the result of collecting a sequence of code points that are\n // ASCII digits, from data given position.\n // Note from Khafra: you wouldn't guess it, but this is also the same step as #8\n const rangeEnd = collectASequenceOfCodePoints(\n (char) => {\n const code = char.charCodeAt(0)\n\n return code >= 0x30 && code <= 0x39\n },\n data,\n position\n )\n\n // 15. Let rangeEndValue be rangeEnd, interpreted as decimal number, if rangeEnd\n // is not the empty string; otherwise null.\n // Note from Khafra: THE SAME STEP, AGAIN!!!\n // Note: why interpret as a decimal if we only collect ascii digits?\n const rangeEndValue = rangeEnd.length ? Number(rangeEnd) : null\n\n // 16. If position is not past the end of data, then return failure.\n if (position.position < data.length) {\n return 'failure'\n }\n\n // 17. If rangeEndValue and rangeStartValue are null, then return failure.\n if (rangeEndValue === null && rangeStartValue === null) {\n return 'failure'\n }\n\n // 18. If rangeStartValue and rangeEndValue are numbers, and rangeStartValue is\n // greater than rangeEndValue, then return failure.\n // Note: ... when can they not be numbers?\n if (rangeStartValue > rangeEndValue) {\n return 'failure'\n }\n\n // 19. Return (rangeStartValue, rangeEndValue).\n return { rangeStartValue, rangeEndValue }\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#build-a-content-range\n * @param {number} rangeStart\n * @param {number} rangeEnd\n * @param {number} fullLength\n */\nfunction buildContentRange (rangeStart, rangeEnd, fullLength) {\n // 1. Let contentRange be `bytes `.\n let contentRange = 'bytes '\n\n // 2. Append rangeStart, serialized and isomorphic encoded, to contentRange.\n contentRange += isomorphicEncode(`${rangeStart}`)\n\n // 3. Append 0x2D (-) to contentRange.\n contentRange += '-'\n\n // 4. Append rangeEnd, serialized and isomorphic encoded to contentRange.\n contentRange += isomorphicEncode(`${rangeEnd}`)\n\n // 5. Append 0x2F (/) to contentRange.\n contentRange += '/'\n\n // 6. Append fullLength, serialized and isomorphic encoded to contentRange.\n contentRange += isomorphicEncode(`${fullLength}`)\n\n // 7. Return contentRange.\n return contentRange\n}\n\n// A Stream, which pipes the response to zlib.createInflate() or\n// zlib.createInflateRaw() depending on the first byte of the Buffer.\n// If the lower byte of the first byte is 0x08, then the stream is\n// interpreted as a zlib stream, otherwise it's interpreted as a\n// raw deflate stream.\nclass InflateStream extends Transform {\n #zlibOptions\n\n /** @param {zlib.ZlibOptions} [zlibOptions] */\n constructor (zlibOptions) {\n super()\n this.#zlibOptions = zlibOptions\n }\n\n _transform (chunk, encoding, callback) {\n if (!this._inflateStream) {\n if (chunk.length === 0) {\n callback()\n return\n }\n this._inflateStream = (chunk[0] & 0x0F) === 0x08\n ? zlib.createInflate(this.#zlibOptions)\n : zlib.createInflateRaw(this.#zlibOptions)\n\n this._inflateStream.on('data', this.push.bind(this))\n this._inflateStream.on('end', () => this.push(null))\n this._inflateStream.on('error', (err) => this.destroy(err))\n }\n\n this._inflateStream.write(chunk, encoding, callback)\n }\n\n _final (callback) {\n if (this._inflateStream) {\n this._inflateStream.end()\n this._inflateStream = null\n }\n callback()\n }\n}\n\n/**\n * @param {zlib.ZlibOptions} [zlibOptions]\n * @returns {InflateStream}\n */\nfunction createInflate (zlibOptions) {\n return new InflateStream(zlibOptions)\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-header-extract-mime-type\n * @param {import('./headers').HeadersList} headers\n */\nfunction extractMimeType (headers) {\n // 1. Let charset be null.\n let charset = null\n\n // 2. Let essence be null.\n let essence = null\n\n // 3. Let mimeType be null.\n let mimeType = null\n\n // 4. Let values be the result of getting, decoding, and splitting `Content-Type` from headers.\n const values = getDecodeSplit('content-type', headers)\n\n // 5. If values is null, then return failure.\n if (values === null) {\n return 'failure'\n }\n\n // 6. For each value of values:\n for (const value of values) {\n // 6.1. Let temporaryMimeType be the result of parsing value.\n const temporaryMimeType = parseMIMEType(value)\n\n // 6.2. If temporaryMimeType is failure or its essence is \"*/*\", then continue.\n if (temporaryMimeType === 'failure' || temporaryMimeType.essence === '*/*') {\n continue\n }\n\n // 6.3. Set mimeType to temporaryMimeType.\n mimeType = temporaryMimeType\n\n // 6.4. If mimeType’s essence is not essence, then:\n if (mimeType.essence !== essence) {\n // 6.4.1. Set charset to null.\n charset = null\n\n // 6.4.2. If mimeType’s parameters[\"charset\"] exists, then set charset to\n // mimeType’s parameters[\"charset\"].\n if (mimeType.parameters.has('charset')) {\n charset = mimeType.parameters.get('charset')\n }\n\n // 6.4.3. Set essence to mimeType’s essence.\n essence = mimeType.essence\n } else if (!mimeType.parameters.has('charset') && charset !== null) {\n // 6.5. Otherwise, if mimeType’s parameters[\"charset\"] does not exist, and\n // charset is non-null, set mimeType’s parameters[\"charset\"] to charset.\n mimeType.parameters.set('charset', charset)\n }\n }\n\n // 7. If mimeType is null, then return failure.\n if (mimeType == null) {\n return 'failure'\n }\n\n // 8. Return mimeType.\n return mimeType\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#header-value-get-decode-and-split\n * @param {string|null} value\n */\nfunction gettingDecodingSplitting (value) {\n // 1. Let input be the result of isomorphic decoding value.\n const input = value\n\n // 2. Let position be a position variable for input, initially pointing at the start of input.\n const position = { position: 0 }\n\n // 3. Let values be a list of strings, initially empty.\n const values = []\n\n // 4. Let temporaryValue be the empty string.\n let temporaryValue = ''\n\n // 5. While position is not past the end of input:\n while (position.position < input.length) {\n // 5.1. Append the result of collecting a sequence of code points that are not U+0022 (\")\n // or U+002C (,) from input, given position, to temporaryValue.\n temporaryValue += collectASequenceOfCodePoints(\n (char) => char !== '\"' && char !== ',',\n input,\n position\n )\n\n // 5.2. If position is not past the end of input, then:\n if (position.position < input.length) {\n // 5.2.1. If the code point at position within input is U+0022 (\"), then:\n if (input.charCodeAt(position.position) === 0x22) {\n // 5.2.1.1. Append the result of collecting an HTTP quoted string from input, given position, to temporaryValue.\n temporaryValue += collectAnHTTPQuotedString(\n input,\n position\n )\n\n // 5.2.1.2. If position is not past the end of input, then continue.\n if (position.position < input.length) {\n continue\n }\n } else {\n // 5.2.2. Otherwise:\n\n // 5.2.2.1. Assert: the code point at position within input is U+002C (,).\n assert(input.charCodeAt(position.position) === 0x2C)\n\n // 5.2.2.2. Advance position by 1.\n position.position++\n }\n }\n\n // 5.3. Remove all HTTP tab or space from the start and end of temporaryValue.\n temporaryValue = removeChars(temporaryValue, true, true, (char) => char === 0x9 || char === 0x20)\n\n // 5.4. Append temporaryValue to values.\n values.push(temporaryValue)\n\n // 5.6. Set temporaryValue to the empty string.\n temporaryValue = ''\n }\n\n // 6. Return values.\n return values\n}\n\n/**\n * @see https://fetch.spec.whatwg.org/#concept-header-list-get-decode-split\n * @param {string} name lowercase header name\n * @param {import('./headers').HeadersList} list\n */\nfunction getDecodeSplit (name, list) {\n // 1. Let value be the result of getting name from list.\n const value = list.get(name, true)\n\n // 2. If value is null, then return null.\n if (value === null) {\n return null\n }\n\n // 3. Return the result of getting, decoding, and splitting value.\n return gettingDecodingSplitting(value)\n}\n\nconst textDecoder = new TextDecoder()\n\n/**\n * @see https://encoding.spec.whatwg.org/#utf-8-decode\n * @param {Buffer} buffer\n */\nfunction utf8DecodeBytes (buffer) {\n if (buffer.length === 0) {\n return ''\n }\n\n // 1. Let buffer be the result of peeking three bytes from\n // ioQueue, converted to a byte sequence.\n\n // 2. If buffer is 0xEF 0xBB 0xBF, then read three\n // bytes from ioQueue. (Do nothing with those bytes.)\n if (buffer[0] === 0xEF && buffer[1] === 0xBB && buffer[2] === 0xBF) {\n buffer = buffer.subarray(3)\n }\n\n // 3. Process a queue with an instance of UTF-8’s\n // decoder, ioQueue, output, and \"replacement\".\n const output = textDecoder.decode(buffer)\n\n // 4. Return output.\n return output\n}\n\nclass EnvironmentSettingsObjectBase {\n get baseUrl () {\n return getGlobalOrigin()\n }\n\n get origin () {\n return this.baseUrl?.origin\n }\n\n policyContainer = makePolicyContainer()\n}\n\nclass EnvironmentSettingsObject {\n settingsObject = new EnvironmentSettingsObjectBase()\n}\n\nconst environmentSettingsObject = new EnvironmentSettingsObject()\n\nmodule.exports = {\n isAborted,\n isCancelled,\n isValidEncodedURL,\n createDeferredPromise,\n ReadableStreamFrom,\n tryUpgradeRequestToAPotentiallyTrustworthyURL,\n clampAndCoarsenConnectionTimingInfo,\n coarsenedSharedCurrentTime,\n determineRequestsReferrer,\n makePolicyContainer,\n clonePolicyContainer,\n appendFetchMetadata,\n appendRequestOriginHeader,\n TAOCheck,\n corsCheck,\n crossOriginResourcePolicyCheck,\n createOpaqueTimingInfo,\n setRequestReferrerPolicyOnRedirect,\n isValidHTTPToken,\n requestBadPort,\n requestCurrentURL,\n responseURL,\n responseLocationURL,\n isBlobLike,\n isURLPotentiallyTrustworthy,\n isValidReasonPhrase,\n sameOrigin,\n normalizeMethod,\n serializeJavascriptValueToJSONString,\n iteratorMixin,\n createIterator,\n isValidHeaderName,\n isValidHeaderValue,\n isErrorLike,\n fullyReadBody,\n bytesMatch,\n isReadableStreamLike,\n readableStreamClose,\n isomorphicEncode,\n urlIsLocal,\n urlHasHttpsScheme,\n urlIsHttpHttpsScheme,\n readAllBytes,\n simpleRangeHeaderValue,\n buildContentRange,\n parseMetadata,\n createInflate,\n extractMimeType,\n getDecodeSplit,\n utf8DecodeBytes,\n environmentSettingsObject\n}\n","'use strict'\n\nconst { types, inspect } = require('node:util')\nconst { markAsUncloneable } = require('node:worker_threads')\nconst { toUSVString } = require('../../core/util')\n\n/** @type {import('../../../types/webidl').Webidl} */\nconst webidl = {}\nwebidl.converters = {}\nwebidl.util = {}\nwebidl.errors = {}\n\nwebidl.errors.exception = function (message) {\n return new TypeError(`${message.header}: ${message.message}`)\n}\n\nwebidl.errors.conversionFailed = function (context) {\n const plural = context.types.length === 1 ? '' : ' one of'\n const message =\n `${context.argument} could not be converted to` +\n `${plural}: ${context.types.join(', ')}.`\n\n return webidl.errors.exception({\n header: context.prefix,\n message\n })\n}\n\nwebidl.errors.invalidArgument = function (context) {\n return webidl.errors.exception({\n header: context.prefix,\n message: `\"${context.value}\" is an invalid ${context.type}.`\n })\n}\n\n// https://webidl.spec.whatwg.org/#implements\nwebidl.brandCheck = function (V, I, opts) {\n if (opts?.strict !== false) {\n if (!(V instanceof I)) {\n const err = new TypeError('Illegal invocation')\n err.code = 'ERR_INVALID_THIS' // node compat.\n throw err\n }\n } else {\n if (V?.[Symbol.toStringTag] !== I.prototype[Symbol.toStringTag]) {\n const err = new TypeError('Illegal invocation')\n err.code = 'ERR_INVALID_THIS' // node compat.\n throw err\n }\n }\n}\n\nwebidl.argumentLengthCheck = function ({ length }, min, ctx) {\n if (length < min) {\n throw webidl.errors.exception({\n message: `${min} argument${min !== 1 ? 's' : ''} required, ` +\n `but${length ? ' only' : ''} ${length} found.`,\n header: ctx\n })\n }\n}\n\nwebidl.illegalConstructor = function () {\n throw webidl.errors.exception({\n header: 'TypeError',\n message: 'Illegal constructor'\n })\n}\n\n// https://tc39.es/ecma262/#sec-ecmascript-data-types-and-values\nwebidl.util.Type = function (V) {\n switch (typeof V) {\n case 'undefined': return 'Undefined'\n case 'boolean': return 'Boolean'\n case 'string': return 'String'\n case 'symbol': return 'Symbol'\n case 'number': return 'Number'\n case 'bigint': return 'BigInt'\n case 'function':\n case 'object': {\n if (V === null) {\n return 'Null'\n }\n\n return 'Object'\n }\n }\n}\n\nwebidl.util.markAsUncloneable = markAsUncloneable || (() => {})\n// https://webidl.spec.whatwg.org/#abstract-opdef-converttoint\nwebidl.util.ConvertToInt = function (V, bitLength, signedness, opts) {\n let upperBound\n let lowerBound\n\n // 1. If bitLength is 64, then:\n if (bitLength === 64) {\n // 1. Let upperBound be 2^53 − 1.\n upperBound = Math.pow(2, 53) - 1\n\n // 2. If signedness is \"unsigned\", then let lowerBound be 0.\n if (signedness === 'unsigned') {\n lowerBound = 0\n } else {\n // 3. Otherwise let lowerBound be −2^53 + 1.\n lowerBound = Math.pow(-2, 53) + 1\n }\n } else if (signedness === 'unsigned') {\n // 2. Otherwise, if signedness is \"unsigned\", then:\n\n // 1. Let lowerBound be 0.\n lowerBound = 0\n\n // 2. Let upperBound be 2^bitLength − 1.\n upperBound = Math.pow(2, bitLength) - 1\n } else {\n // 3. Otherwise:\n\n // 1. Let lowerBound be -2^bitLength − 1.\n lowerBound = Math.pow(-2, bitLength) - 1\n\n // 2. Let upperBound be 2^bitLength − 1 − 1.\n upperBound = Math.pow(2, bitLength - 1) - 1\n }\n\n // 4. Let x be ? ToNumber(V).\n let x = Number(V)\n\n // 5. If x is −0, then set x to +0.\n if (x === 0) {\n x = 0\n }\n\n // 6. If the conversion is to an IDL type associated\n // with the [EnforceRange] extended attribute, then:\n if (opts?.enforceRange === true) {\n // 1. If x is NaN, +∞, or −∞, then throw a TypeError.\n if (\n Number.isNaN(x) ||\n x === Number.POSITIVE_INFINITY ||\n x === Number.NEGATIVE_INFINITY\n ) {\n throw webidl.errors.exception({\n header: 'Integer conversion',\n message: `Could not convert ${webidl.util.Stringify(V)} to an integer.`\n })\n }\n\n // 2. Set x to IntegerPart(x).\n x = webidl.util.IntegerPart(x)\n\n // 3. If x < lowerBound or x > upperBound, then\n // throw a TypeError.\n if (x < lowerBound || x > upperBound) {\n throw webidl.errors.exception({\n header: 'Integer conversion',\n message: `Value must be between ${lowerBound}-${upperBound}, got ${x}.`\n })\n }\n\n // 4. Return x.\n return x\n }\n\n // 7. If x is not NaN and the conversion is to an IDL\n // type associated with the [Clamp] extended\n // attribute, then:\n if (!Number.isNaN(x) && opts?.clamp === true) {\n // 1. Set x to min(max(x, lowerBound), upperBound).\n x = Math.min(Math.max(x, lowerBound), upperBound)\n\n // 2. Round x to the nearest integer, choosing the\n // even integer if it lies halfway between two,\n // and choosing +0 rather than −0.\n if (Math.floor(x) % 2 === 0) {\n x = Math.floor(x)\n } else {\n x = Math.ceil(x)\n }\n\n // 3. Return x.\n return x\n }\n\n // 8. If x is NaN, +0, +∞, or −∞, then return +0.\n if (\n Number.isNaN(x) ||\n (x === 0 && Object.is(0, x)) ||\n x === Number.POSITIVE_INFINITY ||\n x === Number.NEGATIVE_INFINITY\n ) {\n return 0\n }\n\n // 9. Set x to IntegerPart(x).\n x = webidl.util.IntegerPart(x)\n\n // 10. Set x to x modulo 2^bitLength.\n x = x % Math.pow(2, bitLength)\n\n // 11. If signedness is \"signed\" and x ≥ 2^bitLength − 1,\n // then return x − 2^bitLength.\n if (signedness === 'signed' && x >= Math.pow(2, bitLength) - 1) {\n return x - Math.pow(2, bitLength)\n }\n\n // 12. Otherwise, return x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#abstract-opdef-integerpart\nwebidl.util.IntegerPart = function (n) {\n // 1. Let r be floor(abs(n)).\n const r = Math.floor(Math.abs(n))\n\n // 2. If n < 0, then return -1 × r.\n if (n < 0) {\n return -1 * r\n }\n\n // 3. Otherwise, return r.\n return r\n}\n\nwebidl.util.Stringify = function (V) {\n const type = webidl.util.Type(V)\n\n switch (type) {\n case 'Symbol':\n return `Symbol(${V.description})`\n case 'Object':\n return inspect(V)\n case 'String':\n return `\"${V}\"`\n default:\n return `${V}`\n }\n}\n\n// https://webidl.spec.whatwg.org/#es-sequence\nwebidl.sequenceConverter = function (converter) {\n return (V, prefix, argument, Iterable) => {\n // 1. If Type(V) is not Object, throw a TypeError.\n if (webidl.util.Type(V) !== 'Object') {\n throw webidl.errors.exception({\n header: prefix,\n message: `${argument} (${webidl.util.Stringify(V)}) is not iterable.`\n })\n }\n\n // 2. Let method be ? GetMethod(V, @@iterator).\n /** @type {Generator} */\n const method = typeof Iterable === 'function' ? Iterable() : V?.[Symbol.iterator]?.()\n const seq = []\n let index = 0\n\n // 3. If method is undefined, throw a TypeError.\n if (\n method === undefined ||\n typeof method.next !== 'function'\n ) {\n throw webidl.errors.exception({\n header: prefix,\n message: `${argument} is not iterable.`\n })\n }\n\n // https://webidl.spec.whatwg.org/#create-sequence-from-iterable\n while (true) {\n const { done, value } = method.next()\n\n if (done) {\n break\n }\n\n seq.push(converter(value, prefix, `${argument}[${index++}]`))\n }\n\n return seq\n }\n}\n\n// https://webidl.spec.whatwg.org/#es-to-record\nwebidl.recordConverter = function (keyConverter, valueConverter) {\n return (O, prefix, argument) => {\n // 1. If Type(O) is not Object, throw a TypeError.\n if (webidl.util.Type(O) !== 'Object') {\n throw webidl.errors.exception({\n header: prefix,\n message: `${argument} (\"${webidl.util.Type(O)}\") is not an Object.`\n })\n }\n\n // 2. Let result be a new empty instance of record.\n const result = {}\n\n if (!types.isProxy(O)) {\n // 1. Let desc be ? O.[[GetOwnProperty]](key).\n const keys = [...Object.getOwnPropertyNames(O), ...Object.getOwnPropertySymbols(O)]\n\n for (const key of keys) {\n // 1. Let typedKey be key converted to an IDL value of type K.\n const typedKey = keyConverter(key, prefix, argument)\n\n // 2. Let value be ? Get(O, key).\n // 3. Let typedValue be value converted to an IDL value of type V.\n const typedValue = valueConverter(O[key], prefix, argument)\n\n // 4. Set result[typedKey] to typedValue.\n result[typedKey] = typedValue\n }\n\n // 5. Return result.\n return result\n }\n\n // 3. Let keys be ? O.[[OwnPropertyKeys]]().\n const keys = Reflect.ownKeys(O)\n\n // 4. For each key of keys.\n for (const key of keys) {\n // 1. Let desc be ? O.[[GetOwnProperty]](key).\n const desc = Reflect.getOwnPropertyDescriptor(O, key)\n\n // 2. If desc is not undefined and desc.[[Enumerable]] is true:\n if (desc?.enumerable) {\n // 1. Let typedKey be key converted to an IDL value of type K.\n const typedKey = keyConverter(key, prefix, argument)\n\n // 2. Let value be ? Get(O, key).\n // 3. Let typedValue be value converted to an IDL value of type V.\n const typedValue = valueConverter(O[key], prefix, argument)\n\n // 4. Set result[typedKey] to typedValue.\n result[typedKey] = typedValue\n }\n }\n\n // 5. Return result.\n return result\n }\n}\n\nwebidl.interfaceConverter = function (i) {\n return (V, prefix, argument, opts) => {\n if (opts?.strict !== false && !(V instanceof i)) {\n throw webidl.errors.exception({\n header: prefix,\n message: `Expected ${argument} (\"${webidl.util.Stringify(V)}\") to be an instance of ${i.name}.`\n })\n }\n\n return V\n }\n}\n\nwebidl.dictionaryConverter = function (converters) {\n return (dictionary, prefix, argument) => {\n const type = webidl.util.Type(dictionary)\n const dict = {}\n\n if (type === 'Null' || type === 'Undefined') {\n return dict\n } else if (type !== 'Object') {\n throw webidl.errors.exception({\n header: prefix,\n message: `Expected ${dictionary} to be one of: Null, Undefined, Object.`\n })\n }\n\n for (const options of converters) {\n const { key, defaultValue, required, converter } = options\n\n if (required === true) {\n if (!Object.hasOwn(dictionary, key)) {\n throw webidl.errors.exception({\n header: prefix,\n message: `Missing required key \"${key}\".`\n })\n }\n }\n\n let value = dictionary[key]\n const hasDefault = Object.hasOwn(options, 'defaultValue')\n\n // Only use defaultValue if value is undefined and\n // a defaultValue options was provided.\n if (hasDefault && value !== null) {\n value ??= defaultValue()\n }\n\n // A key can be optional and have no default value.\n // When this happens, do not perform a conversion,\n // and do not assign the key a value.\n if (required || hasDefault || value !== undefined) {\n value = converter(value, prefix, `${argument}.${key}`)\n\n if (\n options.allowedValues &&\n !options.allowedValues.includes(value)\n ) {\n throw webidl.errors.exception({\n header: prefix,\n message: `${value} is not an accepted type. Expected one of ${options.allowedValues.join(', ')}.`\n })\n }\n\n dict[key] = value\n }\n }\n\n return dict\n }\n}\n\nwebidl.nullableConverter = function (converter) {\n return (V, prefix, argument) => {\n if (V === null) {\n return V\n }\n\n return converter(V, prefix, argument)\n }\n}\n\n// https://webidl.spec.whatwg.org/#es-DOMString\nwebidl.converters.DOMString = function (V, prefix, argument, opts) {\n // 1. If V is null and the conversion is to an IDL type\n // associated with the [LegacyNullToEmptyString]\n // extended attribute, then return the DOMString value\n // that represents the empty string.\n if (V === null && opts?.legacyNullToEmptyString) {\n return ''\n }\n\n // 2. Let x be ? ToString(V).\n if (typeof V === 'symbol') {\n throw webidl.errors.exception({\n header: prefix,\n message: `${argument} is a symbol, which cannot be converted to a DOMString.`\n })\n }\n\n // 3. Return the IDL DOMString value that represents the\n // same sequence of code units as the one the\n // ECMAScript String value x represents.\n return String(V)\n}\n\n// https://webidl.spec.whatwg.org/#es-ByteString\nwebidl.converters.ByteString = function (V, prefix, argument) {\n // 1. Let x be ? ToString(V).\n // Note: DOMString converter perform ? ToString(V)\n const x = webidl.converters.DOMString(V, prefix, argument)\n\n // 2. If the value of any element of x is greater than\n // 255, then throw a TypeError.\n for (let index = 0; index < x.length; index++) {\n if (x.charCodeAt(index) > 255) {\n throw new TypeError(\n 'Cannot convert argument to a ByteString because the character at ' +\n `index ${index} has a value of ${x.charCodeAt(index)} which is greater than 255.`\n )\n }\n }\n\n // 3. Return an IDL ByteString value whose length is the\n // length of x, and where the value of each element is\n // the value of the corresponding element of x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#es-USVString\n// TODO: rewrite this so we can control the errors thrown\nwebidl.converters.USVString = toUSVString\n\n// https://webidl.spec.whatwg.org/#es-boolean\nwebidl.converters.boolean = function (V) {\n // 1. Let x be the result of computing ToBoolean(V).\n const x = Boolean(V)\n\n // 2. Return the IDL boolean value that is the one that represents\n // the same truth value as the ECMAScript Boolean value x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#es-any\nwebidl.converters.any = function (V) {\n return V\n}\n\n// https://webidl.spec.whatwg.org/#es-long-long\nwebidl.converters['long long'] = function (V, prefix, argument) {\n // 1. Let x be ? ConvertToInt(V, 64, \"signed\").\n const x = webidl.util.ConvertToInt(V, 64, 'signed', undefined, prefix, argument)\n\n // 2. Return the IDL long long value that represents\n // the same numeric value as x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#es-unsigned-long-long\nwebidl.converters['unsigned long long'] = function (V, prefix, argument) {\n // 1. Let x be ? ConvertToInt(V, 64, \"unsigned\").\n const x = webidl.util.ConvertToInt(V, 64, 'unsigned', undefined, prefix, argument)\n\n // 2. Return the IDL unsigned long long value that\n // represents the same numeric value as x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#es-unsigned-long\nwebidl.converters['unsigned long'] = function (V, prefix, argument) {\n // 1. Let x be ? ConvertToInt(V, 32, \"unsigned\").\n const x = webidl.util.ConvertToInt(V, 32, 'unsigned', undefined, prefix, argument)\n\n // 2. Return the IDL unsigned long value that\n // represents the same numeric value as x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#es-unsigned-short\nwebidl.converters['unsigned short'] = function (V, prefix, argument, opts) {\n // 1. Let x be ? ConvertToInt(V, 16, \"unsigned\").\n const x = webidl.util.ConvertToInt(V, 16, 'unsigned', opts, prefix, argument)\n\n // 2. Return the IDL unsigned short value that represents\n // the same numeric value as x.\n return x\n}\n\n// https://webidl.spec.whatwg.org/#idl-ArrayBuffer\nwebidl.converters.ArrayBuffer = function (V, prefix, argument, opts) {\n // 1. If Type(V) is not Object, or V does not have an\n // [[ArrayBufferData]] internal slot, then throw a\n // TypeError.\n // see: https://tc39.es/ecma262/#sec-properties-of-the-arraybuffer-instances\n // see: https://tc39.es/ecma262/#sec-properties-of-the-sharedarraybuffer-instances\n if (\n webidl.util.Type(V) !== 'Object' ||\n !types.isAnyArrayBuffer(V)\n ) {\n throw webidl.errors.conversionFailed({\n prefix,\n argument: `${argument} (\"${webidl.util.Stringify(V)}\")`,\n types: ['ArrayBuffer']\n })\n }\n\n // 2. If the conversion is not to an IDL type associated\n // with the [AllowShared] extended attribute, and\n // IsSharedArrayBuffer(V) is true, then throw a\n // TypeError.\n if (opts?.allowShared === false && types.isSharedArrayBuffer(V)) {\n throw webidl.errors.exception({\n header: 'ArrayBuffer',\n message: 'SharedArrayBuffer is not allowed.'\n })\n }\n\n // 3. If the conversion is not to an IDL type associated\n // with the [AllowResizable] extended attribute, and\n // IsResizableArrayBuffer(V) is true, then throw a\n // TypeError.\n if (V.resizable || V.growable) {\n throw webidl.errors.exception({\n header: 'ArrayBuffer',\n message: 'Received a resizable ArrayBuffer.'\n })\n }\n\n // 4. Return the IDL ArrayBuffer value that is a\n // reference to the same object as V.\n return V\n}\n\nwebidl.converters.TypedArray = function (V, T, prefix, name, opts) {\n // 1. Let T be the IDL type V is being converted to.\n\n // 2. If Type(V) is not Object, or V does not have a\n // [[TypedArrayName]] internal slot with a value\n // equal to T’s name, then throw a TypeError.\n if (\n webidl.util.Type(V) !== 'Object' ||\n !types.isTypedArray(V) ||\n V.constructor.name !== T.name\n ) {\n throw webidl.errors.conversionFailed({\n prefix,\n argument: `${name} (\"${webidl.util.Stringify(V)}\")`,\n types: [T.name]\n })\n }\n\n // 3. If the conversion is not to an IDL type associated\n // with the [AllowShared] extended attribute, and\n // IsSharedArrayBuffer(V.[[ViewedArrayBuffer]]) is\n // true, then throw a TypeError.\n if (opts?.allowShared === false && types.isSharedArrayBuffer(V.buffer)) {\n throw webidl.errors.exception({\n header: 'ArrayBuffer',\n message: 'SharedArrayBuffer is not allowed.'\n })\n }\n\n // 4. If the conversion is not to an IDL type associated\n // with the [AllowResizable] extended attribute, and\n // IsResizableArrayBuffer(V.[[ViewedArrayBuffer]]) is\n // true, then throw a TypeError.\n if (V.buffer.resizable || V.buffer.growable) {\n throw webidl.errors.exception({\n header: 'ArrayBuffer',\n message: 'Received a resizable ArrayBuffer.'\n })\n }\n\n // 5. Return the IDL value of type T that is a reference\n // to the same object as V.\n return V\n}\n\nwebidl.converters.DataView = function (V, prefix, name, opts) {\n // 1. If Type(V) is not Object, or V does not have a\n // [[DataView]] internal slot, then throw a TypeError.\n if (webidl.util.Type(V) !== 'Object' || !types.isDataView(V)) {\n throw webidl.errors.exception({\n header: prefix,\n message: `${name} is not a DataView.`\n })\n }\n\n // 2. If the conversion is not to an IDL type associated\n // with the [AllowShared] extended attribute, and\n // IsSharedArrayBuffer(V.[[ViewedArrayBuffer]]) is true,\n // then throw a TypeError.\n if (opts?.allowShared === false && types.isSharedArrayBuffer(V.buffer)) {\n throw webidl.errors.exception({\n header: 'ArrayBuffer',\n message: 'SharedArrayBuffer is not allowed.'\n })\n }\n\n // 3. If the conversion is not to an IDL type associated\n // with the [AllowResizable] extended attribute, and\n // IsResizableArrayBuffer(V.[[ViewedArrayBuffer]]) is\n // true, then throw a TypeError.\n if (V.buffer.resizable || V.buffer.growable) {\n throw webidl.errors.exception({\n header: 'ArrayBuffer',\n message: 'Received a resizable ArrayBuffer.'\n })\n }\n\n // 4. Return the IDL DataView value that is a reference\n // to the same object as V.\n return V\n}\n\n// https://webidl.spec.whatwg.org/#BufferSource\nwebidl.converters.BufferSource = function (V, prefix, name, opts) {\n if (types.isAnyArrayBuffer(V)) {\n return webidl.converters.ArrayBuffer(V, prefix, name, { ...opts, allowShared: false })\n }\n\n if (types.isTypedArray(V)) {\n return webidl.converters.TypedArray(V, V.constructor, prefix, name, { ...opts, allowShared: false })\n }\n\n if (types.isDataView(V)) {\n return webidl.converters.DataView(V, prefix, name, { ...opts, allowShared: false })\n }\n\n throw webidl.errors.conversionFailed({\n prefix,\n argument: `${name} (\"${webidl.util.Stringify(V)}\")`,\n types: ['BufferSource']\n })\n}\n\nwebidl.converters['sequence'] = webidl.sequenceConverter(\n webidl.converters.ByteString\n)\n\nwebidl.converters['sequence>'] = webidl.sequenceConverter(\n webidl.converters['sequence']\n)\n\nwebidl.converters['record'] = webidl.recordConverter(\n webidl.converters.ByteString,\n webidl.converters.ByteString\n)\n\nmodule.exports = {\n webidl\n}\n","'use strict'\n\n/**\n * @see https://encoding.spec.whatwg.org/#concept-encoding-get\n * @param {string|undefined} label\n */\nfunction getEncoding (label) {\n if (!label) {\n return 'failure'\n }\n\n // 1. Remove any leading and trailing ASCII whitespace from label.\n // 2. If label is an ASCII case-insensitive match for any of the\n // labels listed in the table below, then return the\n // corresponding encoding; otherwise return failure.\n switch (label.trim().toLowerCase()) {\n case 'unicode-1-1-utf-8':\n case 'unicode11utf8':\n case 'unicode20utf8':\n case 'utf-8':\n case 'utf8':\n case 'x-unicode20utf8':\n return 'UTF-8'\n case '866':\n case 'cp866':\n case 'csibm866':\n case 'ibm866':\n return 'IBM866'\n case 'csisolatin2':\n case 'iso-8859-2':\n case 'iso-ir-101':\n case 'iso8859-2':\n case 'iso88592':\n case 'iso_8859-2':\n case 'iso_8859-2:1987':\n case 'l2':\n case 'latin2':\n return 'ISO-8859-2'\n case 'csisolatin3':\n case 'iso-8859-3':\n case 'iso-ir-109':\n case 'iso8859-3':\n case 'iso88593':\n case 'iso_8859-3':\n case 'iso_8859-3:1988':\n case 'l3':\n case 'latin3':\n return 'ISO-8859-3'\n case 'csisolatin4':\n case 'iso-8859-4':\n case 'iso-ir-110':\n case 'iso8859-4':\n case 'iso88594':\n case 'iso_8859-4':\n case 'iso_8859-4:1988':\n case 'l4':\n case 'latin4':\n return 'ISO-8859-4'\n case 'csisolatincyrillic':\n case 'cyrillic':\n case 'iso-8859-5':\n case 'iso-ir-144':\n case 'iso8859-5':\n case 'iso88595':\n case 'iso_8859-5':\n case 'iso_8859-5:1988':\n return 'ISO-8859-5'\n case 'arabic':\n case 'asmo-708':\n case 'csiso88596e':\n case 'csiso88596i':\n case 'csisolatinarabic':\n case 'ecma-114':\n case 'iso-8859-6':\n case 'iso-8859-6-e':\n case 'iso-8859-6-i':\n case 'iso-ir-127':\n case 'iso8859-6':\n case 'iso88596':\n case 'iso_8859-6':\n case 'iso_8859-6:1987':\n return 'ISO-8859-6'\n case 'csisolatingreek':\n case 'ecma-118':\n case 'elot_928':\n case 'greek':\n case 'greek8':\n case 'iso-8859-7':\n case 'iso-ir-126':\n case 'iso8859-7':\n case 'iso88597':\n case 'iso_8859-7':\n case 'iso_8859-7:1987':\n case 'sun_eu_greek':\n return 'ISO-8859-7'\n case 'csiso88598e':\n case 'csisolatinhebrew':\n case 'hebrew':\n case 'iso-8859-8':\n case 'iso-8859-8-e':\n case 'iso-ir-138':\n case 'iso8859-8':\n case 'iso88598':\n case 'iso_8859-8':\n case 'iso_8859-8:1988':\n case 'visual':\n return 'ISO-8859-8'\n case 'csiso88598i':\n case 'iso-8859-8-i':\n case 'logical':\n return 'ISO-8859-8-I'\n case 'csisolatin6':\n case 'iso-8859-10':\n case 'iso-ir-157':\n case 'iso8859-10':\n case 'iso885910':\n case 'l6':\n case 'latin6':\n return 'ISO-8859-10'\n case 'iso-8859-13':\n case 'iso8859-13':\n case 'iso885913':\n return 'ISO-8859-13'\n case 'iso-8859-14':\n case 'iso8859-14':\n case 'iso885914':\n return 'ISO-8859-14'\n case 'csisolatin9':\n case 'iso-8859-15':\n case 'iso8859-15':\n case 'iso885915':\n case 'iso_8859-15':\n case 'l9':\n return 'ISO-8859-15'\n case 'iso-8859-16':\n return 'ISO-8859-16'\n case 'cskoi8r':\n case 'koi':\n case 'koi8':\n case 'koi8-r':\n case 'koi8_r':\n return 'KOI8-R'\n case 'koi8-ru':\n case 'koi8-u':\n return 'KOI8-U'\n case 'csmacintosh':\n case 'mac':\n case 'macintosh':\n case 'x-mac-roman':\n return 'macintosh'\n case 'iso-8859-11':\n case 'iso8859-11':\n case 'iso885911':\n case 'tis-620':\n case 'windows-874':\n return 'windows-874'\n case 'cp1250':\n case 'windows-1250':\n case 'x-cp1250':\n return 'windows-1250'\n case 'cp1251':\n case 'windows-1251':\n case 'x-cp1251':\n return 'windows-1251'\n case 'ansi_x3.4-1968':\n case 'ascii':\n case 'cp1252':\n case 'cp819':\n case 'csisolatin1':\n case 'ibm819':\n case 'iso-8859-1':\n case 'iso-ir-100':\n case 'iso8859-1':\n case 'iso88591':\n case 'iso_8859-1':\n case 'iso_8859-1:1987':\n case 'l1':\n case 'latin1':\n case 'us-ascii':\n case 'windows-1252':\n case 'x-cp1252':\n return 'windows-1252'\n case 'cp1253':\n case 'windows-1253':\n case 'x-cp1253':\n return 'windows-1253'\n case 'cp1254':\n case 'csisolatin5':\n case 'iso-8859-9':\n case 'iso-ir-148':\n case 'iso8859-9':\n case 'iso88599':\n case 'iso_8859-9':\n case 'iso_8859-9:1989':\n case 'l5':\n case 'latin5':\n case 'windows-1254':\n case 'x-cp1254':\n return 'windows-1254'\n case 'cp1255':\n case 'windows-1255':\n case 'x-cp1255':\n return 'windows-1255'\n case 'cp1256':\n case 'windows-1256':\n case 'x-cp1256':\n return 'windows-1256'\n case 'cp1257':\n case 'windows-1257':\n case 'x-cp1257':\n return 'windows-1257'\n case 'cp1258':\n case 'windows-1258':\n case 'x-cp1258':\n return 'windows-1258'\n case 'x-mac-cyrillic':\n case 'x-mac-ukrainian':\n return 'x-mac-cyrillic'\n case 'chinese':\n case 'csgb2312':\n case 'csiso58gb231280':\n case 'gb2312':\n case 'gb_2312':\n case 'gb_2312-80':\n case 'gbk':\n case 'iso-ir-58':\n case 'x-gbk':\n return 'GBK'\n case 'gb18030':\n return 'gb18030'\n case 'big5':\n case 'big5-hkscs':\n case 'cn-big5':\n case 'csbig5':\n case 'x-x-big5':\n return 'Big5'\n case 'cseucpkdfmtjapanese':\n case 'euc-jp':\n case 'x-euc-jp':\n return 'EUC-JP'\n case 'csiso2022jp':\n case 'iso-2022-jp':\n return 'ISO-2022-JP'\n case 'csshiftjis':\n case 'ms932':\n case 'ms_kanji':\n case 'shift-jis':\n case 'shift_jis':\n case 'sjis':\n case 'windows-31j':\n case 'x-sjis':\n return 'Shift_JIS'\n case 'cseuckr':\n case 'csksc56011987':\n case 'euc-kr':\n case 'iso-ir-149':\n case 'korean':\n case 'ks_c_5601-1987':\n case 'ks_c_5601-1989':\n case 'ksc5601':\n case 'ksc_5601':\n case 'windows-949':\n return 'EUC-KR'\n case 'csiso2022kr':\n case 'hz-gb-2312':\n case 'iso-2022-cn':\n case 'iso-2022-cn-ext':\n case 'iso-2022-kr':\n case 'replacement':\n return 'replacement'\n case 'unicodefffe':\n case 'utf-16be':\n return 'UTF-16BE'\n case 'csunicode':\n case 'iso-10646-ucs-2':\n case 'ucs-2':\n case 'unicode':\n case 'unicodefeff':\n case 'utf-16':\n case 'utf-16le':\n return 'UTF-16LE'\n case 'x-user-defined':\n return 'x-user-defined'\n default: return 'failure'\n }\n}\n\nmodule.exports = {\n getEncoding\n}\n","'use strict'\n\nconst {\n staticPropertyDescriptors,\n readOperation,\n fireAProgressEvent\n} = require('./util')\nconst {\n kState,\n kError,\n kResult,\n kEvents,\n kAborted\n} = require('./symbols')\nconst { webidl } = require('../fetch/webidl')\nconst { kEnumerableProperty } = require('../../core/util')\n\nclass FileReader extends EventTarget {\n constructor () {\n super()\n\n this[kState] = 'empty'\n this[kResult] = null\n this[kError] = null\n this[kEvents] = {\n loadend: null,\n error: null,\n abort: null,\n load: null,\n progress: null,\n loadstart: null\n }\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#dfn-readAsArrayBuffer\n * @param {import('buffer').Blob} blob\n */\n readAsArrayBuffer (blob) {\n webidl.brandCheck(this, FileReader)\n\n webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsArrayBuffer')\n\n blob = webidl.converters.Blob(blob, { strict: false })\n\n // The readAsArrayBuffer(blob) method, when invoked,\n // must initiate a read operation for blob with ArrayBuffer.\n readOperation(this, blob, 'ArrayBuffer')\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#readAsBinaryString\n * @param {import('buffer').Blob} blob\n */\n readAsBinaryString (blob) {\n webidl.brandCheck(this, FileReader)\n\n webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsBinaryString')\n\n blob = webidl.converters.Blob(blob, { strict: false })\n\n // The readAsBinaryString(blob) method, when invoked,\n // must initiate a read operation for blob with BinaryString.\n readOperation(this, blob, 'BinaryString')\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#readAsDataText\n * @param {import('buffer').Blob} blob\n * @param {string?} encoding\n */\n readAsText (blob, encoding = undefined) {\n webidl.brandCheck(this, FileReader)\n\n webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsText')\n\n blob = webidl.converters.Blob(blob, { strict: false })\n\n if (encoding !== undefined) {\n encoding = webidl.converters.DOMString(encoding, 'FileReader.readAsText', 'encoding')\n }\n\n // The readAsText(blob, encoding) method, when invoked,\n // must initiate a read operation for blob with Text and encoding.\n readOperation(this, blob, 'Text', encoding)\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#dfn-readAsDataURL\n * @param {import('buffer').Blob} blob\n */\n readAsDataURL (blob) {\n webidl.brandCheck(this, FileReader)\n\n webidl.argumentLengthCheck(arguments, 1, 'FileReader.readAsDataURL')\n\n blob = webidl.converters.Blob(blob, { strict: false })\n\n // The readAsDataURL(blob) method, when invoked, must\n // initiate a read operation for blob with DataURL.\n readOperation(this, blob, 'DataURL')\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#dfn-abort\n */\n abort () {\n // 1. If this's state is \"empty\" or if this's state is\n // \"done\" set this's result to null and terminate\n // this algorithm.\n if (this[kState] === 'empty' || this[kState] === 'done') {\n this[kResult] = null\n return\n }\n\n // 2. If this's state is \"loading\" set this's state to\n // \"done\" and set this's result to null.\n if (this[kState] === 'loading') {\n this[kState] = 'done'\n this[kResult] = null\n }\n\n // 3. If there are any tasks from this on the file reading\n // task source in an affiliated task queue, then remove\n // those tasks from that task queue.\n this[kAborted] = true\n\n // 4. Terminate the algorithm for the read method being processed.\n // TODO\n\n // 5. Fire a progress event called abort at this.\n fireAProgressEvent('abort', this)\n\n // 6. If this's state is not \"loading\", fire a progress\n // event called loadend at this.\n if (this[kState] !== 'loading') {\n fireAProgressEvent('loadend', this)\n }\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#dom-filereader-readystate\n */\n get readyState () {\n webidl.brandCheck(this, FileReader)\n\n switch (this[kState]) {\n case 'empty': return this.EMPTY\n case 'loading': return this.LOADING\n case 'done': return this.DONE\n }\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#dom-filereader-result\n */\n get result () {\n webidl.brandCheck(this, FileReader)\n\n // The result attribute’s getter, when invoked, must return\n // this's result.\n return this[kResult]\n }\n\n /**\n * @see https://w3c.github.io/FileAPI/#dom-filereader-error\n */\n get error () {\n webidl.brandCheck(this, FileReader)\n\n // The error attribute’s getter, when invoked, must return\n // this's error.\n return this[kError]\n }\n\n get onloadend () {\n webidl.brandCheck(this, FileReader)\n\n return this[kEvents].loadend\n }\n\n set onloadend (fn) {\n webidl.brandCheck(this, FileReader)\n\n if (this[kEvents].loadend) {\n this.removeEventListener('loadend', this[kEvents].loadend)\n }\n\n if (typeof fn === 'function') {\n this[kEvents].loadend = fn\n this.addEventListener('loadend', fn)\n } else {\n this[kEvents].loadend = null\n }\n }\n\n get onerror () {\n webidl.brandCheck(this, FileReader)\n\n return this[kEvents].error\n }\n\n set onerror (fn) {\n webidl.brandCheck(this, FileReader)\n\n if (this[kEvents].error) {\n this.removeEventListener('error', this[kEvents].error)\n }\n\n if (typeof fn === 'function') {\n this[kEvents].error = fn\n this.addEventListener('error', fn)\n } else {\n this[kEvents].error = null\n }\n }\n\n get onloadstart () {\n webidl.brandCheck(this, FileReader)\n\n return this[kEvents].loadstart\n }\n\n set onloadstart (fn) {\n webidl.brandCheck(this, FileReader)\n\n if (this[kEvents].loadstart) {\n this.removeEventListener('loadstart', this[kEvents].loadstart)\n }\n\n if (typeof fn === 'function') {\n this[kEvents].loadstart = fn\n this.addEventListener('loadstart', fn)\n } else {\n this[kEvents].loadstart = null\n }\n }\n\n get onprogress () {\n webidl.brandCheck(this, FileReader)\n\n return this[kEvents].progress\n }\n\n set onprogress (fn) {\n webidl.brandCheck(this, FileReader)\n\n if (this[kEvents].progress) {\n this.removeEventListener('progress', this[kEvents].progress)\n }\n\n if (typeof fn === 'function') {\n this[kEvents].progress = fn\n this.addEventListener('progress', fn)\n } else {\n this[kEvents].progress = null\n }\n }\n\n get onload () {\n webidl.brandCheck(this, FileReader)\n\n return this[kEvents].load\n }\n\n set onload (fn) {\n webidl.brandCheck(this, FileReader)\n\n if (this[kEvents].load) {\n this.removeEventListener('load', this[kEvents].load)\n }\n\n if (typeof fn === 'function') {\n this[kEvents].load = fn\n this.addEventListener('load', fn)\n } else {\n this[kEvents].load = null\n }\n }\n\n get onabort () {\n webidl.brandCheck(this, FileReader)\n\n return this[kEvents].abort\n }\n\n set onabort (fn) {\n webidl.brandCheck(this, FileReader)\n\n if (this[kEvents].abort) {\n this.removeEventListener('abort', this[kEvents].abort)\n }\n\n if (typeof fn === 'function') {\n this[kEvents].abort = fn\n this.addEventListener('abort', fn)\n } else {\n this[kEvents].abort = null\n }\n }\n}\n\n// https://w3c.github.io/FileAPI/#dom-filereader-empty\nFileReader.EMPTY = FileReader.prototype.EMPTY = 0\n// https://w3c.github.io/FileAPI/#dom-filereader-loading\nFileReader.LOADING = FileReader.prototype.LOADING = 1\n// https://w3c.github.io/FileAPI/#dom-filereader-done\nFileReader.DONE = FileReader.prototype.DONE = 2\n\nObject.defineProperties(FileReader.prototype, {\n EMPTY: staticPropertyDescriptors,\n LOADING: staticPropertyDescriptors,\n DONE: staticPropertyDescriptors,\n readAsArrayBuffer: kEnumerableProperty,\n readAsBinaryString: kEnumerableProperty,\n readAsText: kEnumerableProperty,\n readAsDataURL: kEnumerableProperty,\n abort: kEnumerableProperty,\n readyState: kEnumerableProperty,\n result: kEnumerableProperty,\n error: kEnumerableProperty,\n onloadstart: kEnumerableProperty,\n onprogress: kEnumerableProperty,\n onload: kEnumerableProperty,\n onabort: kEnumerableProperty,\n onerror: kEnumerableProperty,\n onloadend: kEnumerableProperty,\n [Symbol.toStringTag]: {\n value: 'FileReader',\n writable: false,\n enumerable: false,\n configurable: true\n }\n})\n\nObject.defineProperties(FileReader, {\n EMPTY: staticPropertyDescriptors,\n LOADING: staticPropertyDescriptors,\n DONE: staticPropertyDescriptors\n})\n\nmodule.exports = {\n FileReader\n}\n","'use strict'\n\nconst { webidl } = require('../fetch/webidl')\n\nconst kState = Symbol('ProgressEvent state')\n\n/**\n * @see https://xhr.spec.whatwg.org/#progressevent\n */\nclass ProgressEvent extends Event {\n constructor (type, eventInitDict = {}) {\n type = webidl.converters.DOMString(type, 'ProgressEvent constructor', 'type')\n eventInitDict = webidl.converters.ProgressEventInit(eventInitDict ?? {})\n\n super(type, eventInitDict)\n\n this[kState] = {\n lengthComputable: eventInitDict.lengthComputable,\n loaded: eventInitDict.loaded,\n total: eventInitDict.total\n }\n }\n\n get lengthComputable () {\n webidl.brandCheck(this, ProgressEvent)\n\n return this[kState].lengthComputable\n }\n\n get loaded () {\n webidl.brandCheck(this, ProgressEvent)\n\n return this[kState].loaded\n }\n\n get total () {\n webidl.brandCheck(this, ProgressEvent)\n\n return this[kState].total\n }\n}\n\nwebidl.converters.ProgressEventInit = webidl.dictionaryConverter([\n {\n key: 'lengthComputable',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'loaded',\n converter: webidl.converters['unsigned long long'],\n defaultValue: () => 0\n },\n {\n key: 'total',\n converter: webidl.converters['unsigned long long'],\n defaultValue: () => 0\n },\n {\n key: 'bubbles',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'cancelable',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'composed',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n }\n])\n\nmodule.exports = {\n ProgressEvent\n}\n","'use strict'\n\nmodule.exports = {\n kState: Symbol('FileReader state'),\n kResult: Symbol('FileReader result'),\n kError: Symbol('FileReader error'),\n kLastProgressEventFired: Symbol('FileReader last progress event fired timestamp'),\n kEvents: Symbol('FileReader events'),\n kAborted: Symbol('FileReader aborted')\n}\n","'use strict'\n\nconst {\n kState,\n kError,\n kResult,\n kAborted,\n kLastProgressEventFired\n} = require('./symbols')\nconst { ProgressEvent } = require('./progressevent')\nconst { getEncoding } = require('./encoding')\nconst { serializeAMimeType, parseMIMEType } = require('../fetch/data-url')\nconst { types } = require('node:util')\nconst { StringDecoder } = require('string_decoder')\nconst { btoa } = require('node:buffer')\n\n/** @type {PropertyDescriptor} */\nconst staticPropertyDescriptors = {\n enumerable: true,\n writable: false,\n configurable: false\n}\n\n/**\n * @see https://w3c.github.io/FileAPI/#readOperation\n * @param {import('./filereader').FileReader} fr\n * @param {import('buffer').Blob} blob\n * @param {string} type\n * @param {string?} encodingName\n */\nfunction readOperation (fr, blob, type, encodingName) {\n // 1. If fr’s state is \"loading\", throw an InvalidStateError\n // DOMException.\n if (fr[kState] === 'loading') {\n throw new DOMException('Invalid state', 'InvalidStateError')\n }\n\n // 2. Set fr’s state to \"loading\".\n fr[kState] = 'loading'\n\n // 3. Set fr’s result to null.\n fr[kResult] = null\n\n // 4. Set fr’s error to null.\n fr[kError] = null\n\n // 5. Let stream be the result of calling get stream on blob.\n /** @type {import('stream/web').ReadableStream} */\n const stream = blob.stream()\n\n // 6. Let reader be the result of getting a reader from stream.\n const reader = stream.getReader()\n\n // 7. Let bytes be an empty byte sequence.\n /** @type {Uint8Array[]} */\n const bytes = []\n\n // 8. Let chunkPromise be the result of reading a chunk from\n // stream with reader.\n let chunkPromise = reader.read()\n\n // 9. Let isFirstChunk be true.\n let isFirstChunk = true\n\n // 10. In parallel, while true:\n // Note: \"In parallel\" just means non-blocking\n // Note 2: readOperation itself cannot be async as double\n // reading the body would then reject the promise, instead\n // of throwing an error.\n ;(async () => {\n while (!fr[kAborted]) {\n // 1. Wait for chunkPromise to be fulfilled or rejected.\n try {\n const { done, value } = await chunkPromise\n\n // 2. If chunkPromise is fulfilled, and isFirstChunk is\n // true, queue a task to fire a progress event called\n // loadstart at fr.\n if (isFirstChunk && !fr[kAborted]) {\n queueMicrotask(() => {\n fireAProgressEvent('loadstart', fr)\n })\n }\n\n // 3. Set isFirstChunk to false.\n isFirstChunk = false\n\n // 4. If chunkPromise is fulfilled with an object whose\n // done property is false and whose value property is\n // a Uint8Array object, run these steps:\n if (!done && types.isUint8Array(value)) {\n // 1. Let bs be the byte sequence represented by the\n // Uint8Array object.\n\n // 2. Append bs to bytes.\n bytes.push(value)\n\n // 3. If roughly 50ms have passed since these steps\n // were last invoked, queue a task to fire a\n // progress event called progress at fr.\n if (\n (\n fr[kLastProgressEventFired] === undefined ||\n Date.now() - fr[kLastProgressEventFired] >= 50\n ) &&\n !fr[kAborted]\n ) {\n fr[kLastProgressEventFired] = Date.now()\n queueMicrotask(() => {\n fireAProgressEvent('progress', fr)\n })\n }\n\n // 4. Set chunkPromise to the result of reading a\n // chunk from stream with reader.\n chunkPromise = reader.read()\n } else if (done) {\n // 5. Otherwise, if chunkPromise is fulfilled with an\n // object whose done property is true, queue a task\n // to run the following steps and abort this algorithm:\n queueMicrotask(() => {\n // 1. Set fr’s state to \"done\".\n fr[kState] = 'done'\n\n // 2. Let result be the result of package data given\n // bytes, type, blob’s type, and encodingName.\n try {\n const result = packageData(bytes, type, blob.type, encodingName)\n\n // 4. Else:\n\n if (fr[kAborted]) {\n return\n }\n\n // 1. Set fr’s result to result.\n fr[kResult] = result\n\n // 2. Fire a progress event called load at the fr.\n fireAProgressEvent('load', fr)\n } catch (error) {\n // 3. If package data threw an exception error:\n\n // 1. Set fr’s error to error.\n fr[kError] = error\n\n // 2. Fire a progress event called error at fr.\n fireAProgressEvent('error', fr)\n }\n\n // 5. If fr’s state is not \"loading\", fire a progress\n // event called loadend at the fr.\n if (fr[kState] !== 'loading') {\n fireAProgressEvent('loadend', fr)\n }\n })\n\n break\n }\n } catch (error) {\n if (fr[kAborted]) {\n return\n }\n\n // 6. Otherwise, if chunkPromise is rejected with an\n // error error, queue a task to run the following\n // steps and abort this algorithm:\n queueMicrotask(() => {\n // 1. Set fr’s state to \"done\".\n fr[kState] = 'done'\n\n // 2. Set fr’s error to error.\n fr[kError] = error\n\n // 3. Fire a progress event called error at fr.\n fireAProgressEvent('error', fr)\n\n // 4. If fr’s state is not \"loading\", fire a progress\n // event called loadend at fr.\n if (fr[kState] !== 'loading') {\n fireAProgressEvent('loadend', fr)\n }\n })\n\n break\n }\n }\n })()\n}\n\n/**\n * @see https://w3c.github.io/FileAPI/#fire-a-progress-event\n * @see https://dom.spec.whatwg.org/#concept-event-fire\n * @param {string} e The name of the event\n * @param {import('./filereader').FileReader} reader\n */\nfunction fireAProgressEvent (e, reader) {\n // The progress event e does not bubble. e.bubbles must be false\n // The progress event e is NOT cancelable. e.cancelable must be false\n const event = new ProgressEvent(e, {\n bubbles: false,\n cancelable: false\n })\n\n reader.dispatchEvent(event)\n}\n\n/**\n * @see https://w3c.github.io/FileAPI/#blob-package-data\n * @param {Uint8Array[]} bytes\n * @param {string} type\n * @param {string?} mimeType\n * @param {string?} encodingName\n */\nfunction packageData (bytes, type, mimeType, encodingName) {\n // 1. A Blob has an associated package data algorithm, given\n // bytes, a type, a optional mimeType, and a optional\n // encodingName, which switches on type and runs the\n // associated steps:\n\n switch (type) {\n case 'DataURL': {\n // 1. Return bytes as a DataURL [RFC2397] subject to\n // the considerations below:\n // * Use mimeType as part of the Data URL if it is\n // available in keeping with the Data URL\n // specification [RFC2397].\n // * If mimeType is not available return a Data URL\n // without a media-type. [RFC2397].\n\n // https://datatracker.ietf.org/doc/html/rfc2397#section-3\n // dataurl := \"data:\" [ mediatype ] [ \";base64\" ] \",\" data\n // mediatype := [ type \"/\" subtype ] *( \";\" parameter )\n // data := *urlchar\n // parameter := attribute \"=\" value\n let dataURL = 'data:'\n\n const parsed = parseMIMEType(mimeType || 'application/octet-stream')\n\n if (parsed !== 'failure') {\n dataURL += serializeAMimeType(parsed)\n }\n\n dataURL += ';base64,'\n\n const decoder = new StringDecoder('latin1')\n\n for (const chunk of bytes) {\n dataURL += btoa(decoder.write(chunk))\n }\n\n dataURL += btoa(decoder.end())\n\n return dataURL\n }\n case 'Text': {\n // 1. Let encoding be failure\n let encoding = 'failure'\n\n // 2. If the encodingName is present, set encoding to the\n // result of getting an encoding from encodingName.\n if (encodingName) {\n encoding = getEncoding(encodingName)\n }\n\n // 3. If encoding is failure, and mimeType is present:\n if (encoding === 'failure' && mimeType) {\n // 1. Let type be the result of parse a MIME type\n // given mimeType.\n const type = parseMIMEType(mimeType)\n\n // 2. If type is not failure, set encoding to the result\n // of getting an encoding from type’s parameters[\"charset\"].\n if (type !== 'failure') {\n encoding = getEncoding(type.parameters.get('charset'))\n }\n }\n\n // 4. If encoding is failure, then set encoding to UTF-8.\n if (encoding === 'failure') {\n encoding = 'UTF-8'\n }\n\n // 5. Decode bytes using fallback encoding encoding, and\n // return the result.\n return decode(bytes, encoding)\n }\n case 'ArrayBuffer': {\n // Return a new ArrayBuffer whose contents are bytes.\n const sequence = combineByteSequences(bytes)\n\n return sequence.buffer\n }\n case 'BinaryString': {\n // Return bytes as a binary string, in which every byte\n // is represented by a code unit of equal value [0..255].\n let binaryString = ''\n\n const decoder = new StringDecoder('latin1')\n\n for (const chunk of bytes) {\n binaryString += decoder.write(chunk)\n }\n\n binaryString += decoder.end()\n\n return binaryString\n }\n }\n}\n\n/**\n * @see https://encoding.spec.whatwg.org/#decode\n * @param {Uint8Array[]} ioQueue\n * @param {string} encoding\n */\nfunction decode (ioQueue, encoding) {\n const bytes = combineByteSequences(ioQueue)\n\n // 1. Let BOMEncoding be the result of BOM sniffing ioQueue.\n const BOMEncoding = BOMSniffing(bytes)\n\n let slice = 0\n\n // 2. If BOMEncoding is non-null:\n if (BOMEncoding !== null) {\n // 1. Set encoding to BOMEncoding.\n encoding = BOMEncoding\n\n // 2. Read three bytes from ioQueue, if BOMEncoding is\n // UTF-8; otherwise read two bytes.\n // (Do nothing with those bytes.)\n slice = BOMEncoding === 'UTF-8' ? 3 : 2\n }\n\n // 3. Process a queue with an instance of encoding’s\n // decoder, ioQueue, output, and \"replacement\".\n\n // 4. Return output.\n\n const sliced = bytes.slice(slice)\n return new TextDecoder(encoding).decode(sliced)\n}\n\n/**\n * @see https://encoding.spec.whatwg.org/#bom-sniff\n * @param {Uint8Array} ioQueue\n */\nfunction BOMSniffing (ioQueue) {\n // 1. Let BOM be the result of peeking 3 bytes from ioQueue,\n // converted to a byte sequence.\n const [a, b, c] = ioQueue\n\n // 2. For each of the rows in the table below, starting with\n // the first one and going down, if BOM starts with the\n // bytes given in the first column, then return the\n // encoding given in the cell in the second column of that\n // row. Otherwise, return null.\n if (a === 0xEF && b === 0xBB && c === 0xBF) {\n return 'UTF-8'\n } else if (a === 0xFE && b === 0xFF) {\n return 'UTF-16BE'\n } else if (a === 0xFF && b === 0xFE) {\n return 'UTF-16LE'\n }\n\n return null\n}\n\n/**\n * @param {Uint8Array[]} sequences\n */\nfunction combineByteSequences (sequences) {\n const size = sequences.reduce((a, b) => {\n return a + b.byteLength\n }, 0)\n\n let offset = 0\n\n return sequences.reduce((a, b) => {\n a.set(b, offset)\n offset += b.byteLength\n return a\n }, new Uint8Array(size))\n}\n\nmodule.exports = {\n staticPropertyDescriptors,\n readOperation,\n fireAProgressEvent\n}\n","'use strict'\n\nconst { uid, states, sentCloseFrameState, emptyBuffer, opcodes } = require('./constants')\nconst {\n kReadyState,\n kSentClose,\n kByteParser,\n kReceivedClose,\n kResponse\n} = require('./symbols')\nconst { fireEvent, failWebsocketConnection, isClosing, isClosed, isEstablished, parseExtensions } = require('./util')\nconst { channels } = require('../../core/diagnostics')\nconst { CloseEvent } = require('./events')\nconst { makeRequest } = require('../fetch/request')\nconst { fetching } = require('../fetch/index')\nconst { Headers, getHeadersList } = require('../fetch/headers')\nconst { getDecodeSplit } = require('../fetch/util')\nconst { WebsocketFrameSend } = require('./frame')\n\n/** @type {import('crypto')} */\nlet crypto\ntry {\n crypto = require('node:crypto')\n/* c8 ignore next 3 */\n} catch {\n\n}\n\n/**\n * @see https://websockets.spec.whatwg.org/#concept-websocket-establish\n * @param {URL} url\n * @param {string|string[]} protocols\n * @param {import('./websocket').WebSocket} ws\n * @param {(response: any, extensions: string[] | undefined) => void} onEstablish\n * @param {Partial} options\n */\nfunction establishWebSocketConnection (url, protocols, client, ws, onEstablish, options) {\n // 1. Let requestURL be a copy of url, with its scheme set to \"http\", if url’s\n // scheme is \"ws\", and to \"https\" otherwise.\n const requestURL = url\n\n requestURL.protocol = url.protocol === 'ws:' ? 'http:' : 'https:'\n\n // 2. Let request be a new request, whose URL is requestURL, client is client,\n // service-workers mode is \"none\", referrer is \"no-referrer\", mode is\n // \"websocket\", credentials mode is \"include\", cache mode is \"no-store\" ,\n // and redirect mode is \"error\".\n const request = makeRequest({\n urlList: [requestURL],\n client,\n serviceWorkers: 'none',\n referrer: 'no-referrer',\n mode: 'websocket',\n credentials: 'include',\n cache: 'no-store',\n redirect: 'error'\n })\n\n // Note: undici extension, allow setting custom headers.\n if (options.headers) {\n const headersList = getHeadersList(new Headers(options.headers))\n\n request.headersList = headersList\n }\n\n // 3. Append (`Upgrade`, `websocket`) to request’s header list.\n // 4. Append (`Connection`, `Upgrade`) to request’s header list.\n // Note: both of these are handled by undici currently.\n // https://github.com/nodejs/undici/blob/68c269c4144c446f3f1220951338daef4a6b5ec4/lib/client.js#L1397\n\n // 5. Let keyValue be a nonce consisting of a randomly selected\n // 16-byte value that has been forgiving-base64-encoded and\n // isomorphic encoded.\n const keyValue = crypto.randomBytes(16).toString('base64')\n\n // 6. Append (`Sec-WebSocket-Key`, keyValue) to request’s\n // header list.\n request.headersList.append('sec-websocket-key', keyValue)\n\n // 7. Append (`Sec-WebSocket-Version`, `13`) to request’s\n // header list.\n request.headersList.append('sec-websocket-version', '13')\n\n // 8. For each protocol in protocols, combine\n // (`Sec-WebSocket-Protocol`, protocol) in request’s header\n // list.\n for (const protocol of protocols) {\n request.headersList.append('sec-websocket-protocol', protocol)\n }\n\n // 9. Let permessageDeflate be a user-agent defined\n // \"permessage-deflate\" extension header value.\n // https://github.com/mozilla/gecko-dev/blob/ce78234f5e653a5d3916813ff990f053510227bc/netwerk/protocol/websocket/WebSocketChannel.cpp#L2673\n const permessageDeflate = 'permessage-deflate; client_max_window_bits'\n\n // 10. Append (`Sec-WebSocket-Extensions`, permessageDeflate) to\n // request’s header list.\n request.headersList.append('sec-websocket-extensions', permessageDeflate)\n\n // 11. Fetch request with useParallelQueue set to true, and\n // processResponse given response being these steps:\n const controller = fetching({\n request,\n useParallelQueue: true,\n dispatcher: options.dispatcher,\n processResponse (response) {\n // 1. If response is a network error or its status is not 101,\n // fail the WebSocket connection.\n if (response.type === 'error' || response.status !== 101) {\n failWebsocketConnection(ws, 'Received network error or non-101 status code.')\n return\n }\n\n // 2. If protocols is not the empty list and extracting header\n // list values given `Sec-WebSocket-Protocol` and response’s\n // header list results in null, failure, or the empty byte\n // sequence, then fail the WebSocket connection.\n if (protocols.length !== 0 && !response.headersList.get('Sec-WebSocket-Protocol')) {\n failWebsocketConnection(ws, 'Server did not respond with sent protocols.')\n return\n }\n\n // 3. Follow the requirements stated step 2 to step 6, inclusive,\n // of the last set of steps in section 4.1 of The WebSocket\n // Protocol to validate response. This either results in fail\n // the WebSocket connection or the WebSocket connection is\n // established.\n\n // 2. If the response lacks an |Upgrade| header field or the |Upgrade|\n // header field contains a value that is not an ASCII case-\n // insensitive match for the value \"websocket\", the client MUST\n // _Fail the WebSocket Connection_.\n if (response.headersList.get('Upgrade')?.toLowerCase() !== 'websocket') {\n failWebsocketConnection(ws, 'Server did not set Upgrade header to \"websocket\".')\n return\n }\n\n // 3. If the response lacks a |Connection| header field or the\n // |Connection| header field doesn't contain a token that is an\n // ASCII case-insensitive match for the value \"Upgrade\", the client\n // MUST _Fail the WebSocket Connection_.\n if (response.headersList.get('Connection')?.toLowerCase() !== 'upgrade') {\n failWebsocketConnection(ws, 'Server did not set Connection header to \"upgrade\".')\n return\n }\n\n // 4. If the response lacks a |Sec-WebSocket-Accept| header field or\n // the |Sec-WebSocket-Accept| contains a value other than the\n // base64-encoded SHA-1 of the concatenation of the |Sec-WebSocket-\n // Key| (as a string, not base64-decoded) with the string \"258EAFA5-\n // E914-47DA-95CA-C5AB0DC85B11\" but ignoring any leading and\n // trailing whitespace, the client MUST _Fail the WebSocket\n // Connection_.\n const secWSAccept = response.headersList.get('Sec-WebSocket-Accept')\n const digest = crypto.createHash('sha1').update(keyValue + uid).digest('base64')\n if (secWSAccept !== digest) {\n failWebsocketConnection(ws, 'Incorrect hash received in Sec-WebSocket-Accept header.')\n return\n }\n\n // 5. If the response includes a |Sec-WebSocket-Extensions| header\n // field and this header field indicates the use of an extension\n // that was not present in the client's handshake (the server has\n // indicated an extension not requested by the client), the client\n // MUST _Fail the WebSocket Connection_. (The parsing of this\n // header field to determine which extensions are requested is\n // discussed in Section 9.1.)\n const secExtension = response.headersList.get('Sec-WebSocket-Extensions')\n let extensions\n\n if (secExtension !== null) {\n extensions = parseExtensions(secExtension)\n\n if (!extensions.has('permessage-deflate')) {\n failWebsocketConnection(ws, 'Sec-WebSocket-Extensions header does not match.')\n return\n }\n }\n\n // 6. If the response includes a |Sec-WebSocket-Protocol| header field\n // and this header field indicates the use of a subprotocol that was\n // not present in the client's handshake (the server has indicated a\n // subprotocol not requested by the client), the client MUST _Fail\n // the WebSocket Connection_.\n const secProtocol = response.headersList.get('Sec-WebSocket-Protocol')\n\n if (secProtocol !== null) {\n const requestProtocols = getDecodeSplit('sec-websocket-protocol', request.headersList)\n\n // The client can request that the server use a specific subprotocol by\n // including the |Sec-WebSocket-Protocol| field in its handshake. If it\n // is specified, the server needs to include the same field and one of\n // the selected subprotocol values in its response for the connection to\n // be established.\n if (!requestProtocols.includes(secProtocol)) {\n failWebsocketConnection(ws, 'Protocol was not set in the opening handshake.')\n return\n }\n }\n\n response.socket.on('data', onSocketData)\n response.socket.on('close', onSocketClose)\n response.socket.on('error', onSocketError)\n\n if (channels.open.hasSubscribers) {\n channels.open.publish({\n address: response.socket.address(),\n protocol: secProtocol,\n extensions: secExtension\n })\n }\n\n onEstablish(response, extensions)\n }\n })\n\n return controller\n}\n\nfunction closeWebSocketConnection (ws, code, reason, reasonByteLength) {\n if (isClosing(ws) || isClosed(ws)) {\n // If this's ready state is CLOSING (2) or CLOSED (3)\n // Do nothing.\n } else if (!isEstablished(ws)) {\n // If the WebSocket connection is not yet established\n // Fail the WebSocket connection and set this's ready state\n // to CLOSING (2).\n failWebsocketConnection(ws, 'Connection was closed before it was established.')\n ws[kReadyState] = states.CLOSING\n } else if (ws[kSentClose] === sentCloseFrameState.NOT_SENT) {\n // If the WebSocket closing handshake has not yet been started\n // Start the WebSocket closing handshake and set this's ready\n // state to CLOSING (2).\n // - If neither code nor reason is present, the WebSocket Close\n // message must not have a body.\n // - If code is present, then the status code to use in the\n // WebSocket Close message must be the integer given by code.\n // - If reason is also present, then reasonBytes must be\n // provided in the Close message after the status code.\n\n ws[kSentClose] = sentCloseFrameState.PROCESSING\n\n const frame = new WebsocketFrameSend()\n\n // If neither code nor reason is present, the WebSocket Close\n // message must not have a body.\n\n // If code is present, then the status code to use in the\n // WebSocket Close message must be the integer given by code.\n if (code !== undefined && reason === undefined) {\n frame.frameData = Buffer.allocUnsafe(2)\n frame.frameData.writeUInt16BE(code, 0)\n } else if (code !== undefined && reason !== undefined) {\n // If reason is also present, then reasonBytes must be\n // provided in the Close message after the status code.\n frame.frameData = Buffer.allocUnsafe(2 + reasonByteLength)\n frame.frameData.writeUInt16BE(code, 0)\n // the body MAY contain UTF-8-encoded data with value /reason/\n frame.frameData.write(reason, 2, 'utf-8')\n } else {\n frame.frameData = emptyBuffer\n }\n\n /** @type {import('stream').Duplex} */\n const socket = ws[kResponse].socket\n\n socket.write(frame.createFrame(opcodes.CLOSE))\n\n ws[kSentClose] = sentCloseFrameState.SENT\n\n // Upon either sending or receiving a Close control frame, it is said\n // that _The WebSocket Closing Handshake is Started_ and that the\n // WebSocket connection is in the CLOSING state.\n ws[kReadyState] = states.CLOSING\n } else {\n // Otherwise\n // Set this's ready state to CLOSING (2).\n ws[kReadyState] = states.CLOSING\n }\n}\n\n/**\n * @param {Buffer} chunk\n */\nfunction onSocketData (chunk) {\n if (!this.ws[kByteParser].write(chunk)) {\n this.pause()\n }\n}\n\n/**\n * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol\n * @see https://datatracker.ietf.org/doc/html/rfc6455#section-7.1.4\n */\nfunction onSocketClose () {\n const { ws } = this\n const { [kResponse]: response } = ws\n\n response.socket.off('data', onSocketData)\n response.socket.off('close', onSocketClose)\n response.socket.off('error', onSocketError)\n\n // If the TCP connection was closed after the\n // WebSocket closing handshake was completed, the WebSocket connection\n // is said to have been closed _cleanly_.\n const wasClean = ws[kSentClose] === sentCloseFrameState.SENT && ws[kReceivedClose]\n\n let code = 1005\n let reason = ''\n\n const result = ws[kByteParser].closingInfo\n\n if (result && !result.error) {\n code = result.code ?? 1005\n reason = result.reason\n } else if (!ws[kReceivedClose]) {\n // If _The WebSocket\n // Connection is Closed_ and no Close control frame was received by the\n // endpoint (such as could occur if the underlying transport connection\n // is lost), _The WebSocket Connection Close Code_ is considered to be\n // 1006.\n code = 1006\n }\n\n // 1. Change the ready state to CLOSED (3).\n ws[kReadyState] = states.CLOSED\n\n // 2. If the user agent was required to fail the WebSocket\n // connection, or if the WebSocket connection was closed\n // after being flagged as full, fire an event named error\n // at the WebSocket object.\n // TODO\n\n // 3. Fire an event named close at the WebSocket object,\n // using CloseEvent, with the wasClean attribute\n // initialized to true if the connection closed cleanly\n // and false otherwise, the code attribute initialized to\n // the WebSocket connection close code, and the reason\n // attribute initialized to the result of applying UTF-8\n // decode without BOM to the WebSocket connection close\n // reason.\n // TODO: process.nextTick\n fireEvent('close', ws, (type, init) => new CloseEvent(type, init), {\n wasClean, code, reason\n })\n\n if (channels.close.hasSubscribers) {\n channels.close.publish({\n websocket: ws,\n code,\n reason\n })\n }\n}\n\nfunction onSocketError (error) {\n const { ws } = this\n\n ws[kReadyState] = states.CLOSING\n\n if (channels.socketError.hasSubscribers) {\n channels.socketError.publish(error)\n }\n\n this.destroy()\n}\n\nmodule.exports = {\n establishWebSocketConnection,\n closeWebSocketConnection\n}\n","'use strict'\n\n// This is a Globally Unique Identifier unique used\n// to validate that the endpoint accepts websocket\n// connections.\n// See https://www.rfc-editor.org/rfc/rfc6455.html#section-1.3\nconst uid = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11'\n\n/** @type {PropertyDescriptor} */\nconst staticPropertyDescriptors = {\n enumerable: true,\n writable: false,\n configurable: false\n}\n\nconst states = {\n CONNECTING: 0,\n OPEN: 1,\n CLOSING: 2,\n CLOSED: 3\n}\n\nconst sentCloseFrameState = {\n NOT_SENT: 0,\n PROCESSING: 1,\n SENT: 2\n}\n\nconst opcodes = {\n CONTINUATION: 0x0,\n TEXT: 0x1,\n BINARY: 0x2,\n CLOSE: 0x8,\n PING: 0x9,\n PONG: 0xA\n}\n\nconst maxUnsigned16Bit = 2 ** 16 - 1 // 65535\n\nconst parserStates = {\n INFO: 0,\n PAYLOADLENGTH_16: 2,\n PAYLOADLENGTH_64: 3,\n READ_DATA: 4\n}\n\nconst emptyBuffer = Buffer.allocUnsafe(0)\n\nconst sendHints = {\n string: 1,\n typedArray: 2,\n arrayBuffer: 3,\n blob: 4\n}\n\nmodule.exports = {\n uid,\n sentCloseFrameState,\n staticPropertyDescriptors,\n states,\n opcodes,\n maxUnsigned16Bit,\n parserStates,\n emptyBuffer,\n sendHints\n}\n","'use strict'\n\nconst { webidl } = require('../fetch/webidl')\nconst { kEnumerableProperty } = require('../../core/util')\nconst { kConstruct } = require('../../core/symbols')\nconst { MessagePort } = require('node:worker_threads')\n\n/**\n * @see https://html.spec.whatwg.org/multipage/comms.html#messageevent\n */\nclass MessageEvent extends Event {\n #eventInit\n\n constructor (type, eventInitDict = {}) {\n if (type === kConstruct) {\n super(arguments[1], arguments[2])\n webidl.util.markAsUncloneable(this)\n return\n }\n\n const prefix = 'MessageEvent constructor'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n type = webidl.converters.DOMString(type, prefix, 'type')\n eventInitDict = webidl.converters.MessageEventInit(eventInitDict, prefix, 'eventInitDict')\n\n super(type, eventInitDict)\n\n this.#eventInit = eventInitDict\n webidl.util.markAsUncloneable(this)\n }\n\n get data () {\n webidl.brandCheck(this, MessageEvent)\n\n return this.#eventInit.data\n }\n\n get origin () {\n webidl.brandCheck(this, MessageEvent)\n\n return this.#eventInit.origin\n }\n\n get lastEventId () {\n webidl.brandCheck(this, MessageEvent)\n\n return this.#eventInit.lastEventId\n }\n\n get source () {\n webidl.brandCheck(this, MessageEvent)\n\n return this.#eventInit.source\n }\n\n get ports () {\n webidl.brandCheck(this, MessageEvent)\n\n if (!Object.isFrozen(this.#eventInit.ports)) {\n Object.freeze(this.#eventInit.ports)\n }\n\n return this.#eventInit.ports\n }\n\n initMessageEvent (\n type,\n bubbles = false,\n cancelable = false,\n data = null,\n origin = '',\n lastEventId = '',\n source = null,\n ports = []\n ) {\n webidl.brandCheck(this, MessageEvent)\n\n webidl.argumentLengthCheck(arguments, 1, 'MessageEvent.initMessageEvent')\n\n return new MessageEvent(type, {\n bubbles, cancelable, data, origin, lastEventId, source, ports\n })\n }\n\n static createFastMessageEvent (type, init) {\n const messageEvent = new MessageEvent(kConstruct, type, init)\n messageEvent.#eventInit = init\n messageEvent.#eventInit.data ??= null\n messageEvent.#eventInit.origin ??= ''\n messageEvent.#eventInit.lastEventId ??= ''\n messageEvent.#eventInit.source ??= null\n messageEvent.#eventInit.ports ??= []\n return messageEvent\n }\n}\n\nconst { createFastMessageEvent } = MessageEvent\ndelete MessageEvent.createFastMessageEvent\n\n/**\n * @see https://websockets.spec.whatwg.org/#the-closeevent-interface\n */\nclass CloseEvent extends Event {\n #eventInit\n\n constructor (type, eventInitDict = {}) {\n const prefix = 'CloseEvent constructor'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n type = webidl.converters.DOMString(type, prefix, 'type')\n eventInitDict = webidl.converters.CloseEventInit(eventInitDict)\n\n super(type, eventInitDict)\n\n this.#eventInit = eventInitDict\n webidl.util.markAsUncloneable(this)\n }\n\n get wasClean () {\n webidl.brandCheck(this, CloseEvent)\n\n return this.#eventInit.wasClean\n }\n\n get code () {\n webidl.brandCheck(this, CloseEvent)\n\n return this.#eventInit.code\n }\n\n get reason () {\n webidl.brandCheck(this, CloseEvent)\n\n return this.#eventInit.reason\n }\n}\n\n// https://html.spec.whatwg.org/multipage/webappapis.html#the-errorevent-interface\nclass ErrorEvent extends Event {\n #eventInit\n\n constructor (type, eventInitDict) {\n const prefix = 'ErrorEvent constructor'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n super(type, eventInitDict)\n webidl.util.markAsUncloneable(this)\n\n type = webidl.converters.DOMString(type, prefix, 'type')\n eventInitDict = webidl.converters.ErrorEventInit(eventInitDict ?? {})\n\n this.#eventInit = eventInitDict\n }\n\n get message () {\n webidl.brandCheck(this, ErrorEvent)\n\n return this.#eventInit.message\n }\n\n get filename () {\n webidl.brandCheck(this, ErrorEvent)\n\n return this.#eventInit.filename\n }\n\n get lineno () {\n webidl.brandCheck(this, ErrorEvent)\n\n return this.#eventInit.lineno\n }\n\n get colno () {\n webidl.brandCheck(this, ErrorEvent)\n\n return this.#eventInit.colno\n }\n\n get error () {\n webidl.brandCheck(this, ErrorEvent)\n\n return this.#eventInit.error\n }\n}\n\nObject.defineProperties(MessageEvent.prototype, {\n [Symbol.toStringTag]: {\n value: 'MessageEvent',\n configurable: true\n },\n data: kEnumerableProperty,\n origin: kEnumerableProperty,\n lastEventId: kEnumerableProperty,\n source: kEnumerableProperty,\n ports: kEnumerableProperty,\n initMessageEvent: kEnumerableProperty\n})\n\nObject.defineProperties(CloseEvent.prototype, {\n [Symbol.toStringTag]: {\n value: 'CloseEvent',\n configurable: true\n },\n reason: kEnumerableProperty,\n code: kEnumerableProperty,\n wasClean: kEnumerableProperty\n})\n\nObject.defineProperties(ErrorEvent.prototype, {\n [Symbol.toStringTag]: {\n value: 'ErrorEvent',\n configurable: true\n },\n message: kEnumerableProperty,\n filename: kEnumerableProperty,\n lineno: kEnumerableProperty,\n colno: kEnumerableProperty,\n error: kEnumerableProperty\n})\n\nwebidl.converters.MessagePort = webidl.interfaceConverter(MessagePort)\n\nwebidl.converters['sequence'] = webidl.sequenceConverter(\n webidl.converters.MessagePort\n)\n\nconst eventInit = [\n {\n key: 'bubbles',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'cancelable',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'composed',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n }\n]\n\nwebidl.converters.MessageEventInit = webidl.dictionaryConverter([\n ...eventInit,\n {\n key: 'data',\n converter: webidl.converters.any,\n defaultValue: () => null\n },\n {\n key: 'origin',\n converter: webidl.converters.USVString,\n defaultValue: () => ''\n },\n {\n key: 'lastEventId',\n converter: webidl.converters.DOMString,\n defaultValue: () => ''\n },\n {\n key: 'source',\n // Node doesn't implement WindowProxy or ServiceWorker, so the only\n // valid value for source is a MessagePort.\n converter: webidl.nullableConverter(webidl.converters.MessagePort),\n defaultValue: () => null\n },\n {\n key: 'ports',\n converter: webidl.converters['sequence'],\n defaultValue: () => new Array(0)\n }\n])\n\nwebidl.converters.CloseEventInit = webidl.dictionaryConverter([\n ...eventInit,\n {\n key: 'wasClean',\n converter: webidl.converters.boolean,\n defaultValue: () => false\n },\n {\n key: 'code',\n converter: webidl.converters['unsigned short'],\n defaultValue: () => 0\n },\n {\n key: 'reason',\n converter: webidl.converters.USVString,\n defaultValue: () => ''\n }\n])\n\nwebidl.converters.ErrorEventInit = webidl.dictionaryConverter([\n ...eventInit,\n {\n key: 'message',\n converter: webidl.converters.DOMString,\n defaultValue: () => ''\n },\n {\n key: 'filename',\n converter: webidl.converters.USVString,\n defaultValue: () => ''\n },\n {\n key: 'lineno',\n converter: webidl.converters['unsigned long'],\n defaultValue: () => 0\n },\n {\n key: 'colno',\n converter: webidl.converters['unsigned long'],\n defaultValue: () => 0\n },\n {\n key: 'error',\n converter: webidl.converters.any\n }\n])\n\nmodule.exports = {\n MessageEvent,\n CloseEvent,\n ErrorEvent,\n createFastMessageEvent\n}\n","'use strict'\n\nconst { maxUnsigned16Bit } = require('./constants')\n\nconst BUFFER_SIZE = 16386\n\n/** @type {import('crypto')} */\nlet crypto\nlet buffer = null\nlet bufIdx = BUFFER_SIZE\n\ntry {\n crypto = require('node:crypto')\n/* c8 ignore next 3 */\n} catch {\n crypto = {\n // not full compatibility, but minimum.\n randomFillSync: function randomFillSync (buffer, _offset, _size) {\n for (let i = 0; i < buffer.length; ++i) {\n buffer[i] = Math.random() * 255 | 0\n }\n return buffer\n }\n }\n}\n\nfunction generateMask () {\n if (bufIdx === BUFFER_SIZE) {\n bufIdx = 0\n crypto.randomFillSync((buffer ??= Buffer.allocUnsafe(BUFFER_SIZE)), 0, BUFFER_SIZE)\n }\n return [buffer[bufIdx++], buffer[bufIdx++], buffer[bufIdx++], buffer[bufIdx++]]\n}\n\nclass WebsocketFrameSend {\n /**\n * @param {Buffer|undefined} data\n */\n constructor (data) {\n this.frameData = data\n }\n\n createFrame (opcode) {\n const frameData = this.frameData\n const maskKey = generateMask()\n const bodyLength = frameData?.byteLength ?? 0\n\n /** @type {number} */\n let payloadLength = bodyLength // 0-125\n let offset = 6\n\n if (bodyLength > maxUnsigned16Bit) {\n offset += 8 // payload length is next 8 bytes\n payloadLength = 127\n } else if (bodyLength > 125) {\n offset += 2 // payload length is next 2 bytes\n payloadLength = 126\n }\n\n const buffer = Buffer.allocUnsafe(bodyLength + offset)\n\n // Clear first 2 bytes, everything else is overwritten\n buffer[0] = buffer[1] = 0\n buffer[0] |= 0x80 // FIN\n buffer[0] = (buffer[0] & 0xF0) + opcode // opcode\n\n /*! ws. MIT License. Einar Otto Stangvik */\n buffer[offset - 4] = maskKey[0]\n buffer[offset - 3] = maskKey[1]\n buffer[offset - 2] = maskKey[2]\n buffer[offset - 1] = maskKey[3]\n\n buffer[1] = payloadLength\n\n if (payloadLength === 126) {\n buffer.writeUInt16BE(bodyLength, 2)\n } else if (payloadLength === 127) {\n // Clear extended payload length\n buffer[2] = buffer[3] = 0\n buffer.writeUIntBE(bodyLength, 4, 6)\n }\n\n buffer[1] |= 0x80 // MASK\n\n // mask body\n for (let i = 0; i < bodyLength; ++i) {\n buffer[offset + i] = frameData[i] ^ maskKey[i & 3]\n }\n\n return buffer\n }\n}\n\nmodule.exports = {\n WebsocketFrameSend\n}\n","'use strict'\n\nconst { createInflateRaw, Z_DEFAULT_WINDOWBITS } = require('node:zlib')\nconst { isValidClientWindowBits } = require('./util')\nconst { MessageSizeExceededError } = require('../../core/errors')\n\nconst tail = Buffer.from([0x00, 0x00, 0xff, 0xff])\nconst kBuffer = Symbol('kBuffer')\nconst kLength = Symbol('kLength')\n\n// Default maximum decompressed message size: 4 MB\nconst kDefaultMaxDecompressedSize = 4 * 1024 * 1024\n\nclass PerMessageDeflate {\n /** @type {import('node:zlib').InflateRaw} */\n #inflate\n\n #options = {}\n\n /** @type {boolean} */\n #aborted = false\n\n /** @type {Function|null} */\n #currentCallback = null\n\n /**\n * @param {Map} extensions\n */\n constructor (extensions) {\n this.#options.serverNoContextTakeover = extensions.has('server_no_context_takeover')\n this.#options.serverMaxWindowBits = extensions.get('server_max_window_bits')\n }\n\n decompress (chunk, fin, callback) {\n // An endpoint uses the following algorithm to decompress a message.\n // 1. Append 4 octets of 0x00 0x00 0xff 0xff to the tail end of the\n // payload of the message.\n // 2. Decompress the resulting data using DEFLATE.\n\n if (this.#aborted) {\n callback(new MessageSizeExceededError())\n return\n }\n\n if (!this.#inflate) {\n let windowBits = Z_DEFAULT_WINDOWBITS\n\n if (this.#options.serverMaxWindowBits) { // empty values default to Z_DEFAULT_WINDOWBITS\n if (!isValidClientWindowBits(this.#options.serverMaxWindowBits)) {\n callback(new Error('Invalid server_max_window_bits'))\n return\n }\n\n windowBits = Number.parseInt(this.#options.serverMaxWindowBits)\n }\n\n try {\n this.#inflate = createInflateRaw({ windowBits })\n } catch (err) {\n callback(err)\n return\n }\n this.#inflate[kBuffer] = []\n this.#inflate[kLength] = 0\n\n this.#inflate.on('data', (data) => {\n if (this.#aborted) {\n return\n }\n\n this.#inflate[kLength] += data.length\n\n if (this.#inflate[kLength] > kDefaultMaxDecompressedSize) {\n this.#aborted = true\n this.#inflate.removeAllListeners()\n this.#inflate.destroy()\n this.#inflate = null\n\n if (this.#currentCallback) {\n const cb = this.#currentCallback\n this.#currentCallback = null\n cb(new MessageSizeExceededError())\n }\n return\n }\n\n this.#inflate[kBuffer].push(data)\n })\n\n this.#inflate.on('error', (err) => {\n this.#inflate = null\n callback(err)\n })\n }\n\n this.#currentCallback = callback\n this.#inflate.write(chunk)\n if (fin) {\n this.#inflate.write(tail)\n }\n\n this.#inflate.flush(() => {\n if (this.#aborted || !this.#inflate) {\n return\n }\n\n const full = Buffer.concat(this.#inflate[kBuffer], this.#inflate[kLength])\n\n this.#inflate[kBuffer].length = 0\n this.#inflate[kLength] = 0\n this.#currentCallback = null\n\n callback(null, full)\n })\n }\n}\n\nmodule.exports = { PerMessageDeflate }\n","'use strict'\n\nconst { Writable } = require('node:stream')\nconst assert = require('node:assert')\nconst { parserStates, opcodes, states, emptyBuffer, sentCloseFrameState } = require('./constants')\nconst { kReadyState, kSentClose, kResponse, kReceivedClose } = require('./symbols')\nconst { channels } = require('../../core/diagnostics')\nconst {\n isValidStatusCode,\n isValidOpcode,\n failWebsocketConnection,\n websocketMessageReceived,\n utf8Decode,\n isControlFrame,\n isTextBinaryFrame,\n isContinuationFrame\n} = require('./util')\nconst { WebsocketFrameSend } = require('./frame')\nconst { closeWebSocketConnection } = require('./connection')\nconst { PerMessageDeflate } = require('./permessage-deflate')\n\n// This code was influenced by ws released under the MIT license.\n// Copyright (c) 2011 Einar Otto Stangvik \n// Copyright (c) 2013 Arnout Kazemier and contributors\n// Copyright (c) 2016 Luigi Pinca and contributors\n\nclass ByteParser extends Writable {\n #buffers = []\n #byteOffset = 0\n #loop = false\n\n #state = parserStates.INFO\n\n #info = {}\n #fragments = []\n\n /** @type {Map} */\n #extensions\n\n /**\n * @param {import('./websocket').WebSocket} ws\n * @param {Map|null} extensions\n */\n constructor (ws, extensions) {\n super()\n\n this.ws = ws\n this.#extensions = extensions == null ? new Map() : extensions\n\n if (this.#extensions.has('permessage-deflate')) {\n this.#extensions.set('permessage-deflate', new PerMessageDeflate(extensions))\n }\n }\n\n /**\n * @param {Buffer} chunk\n * @param {() => void} callback\n */\n _write (chunk, _, callback) {\n this.#buffers.push(chunk)\n this.#byteOffset += chunk.length\n this.#loop = true\n\n this.run(callback)\n }\n\n /**\n * Runs whenever a new chunk is received.\n * Callback is called whenever there are no more chunks buffering,\n * or not enough bytes are buffered to parse.\n */\n run (callback) {\n while (this.#loop) {\n if (this.#state === parserStates.INFO) {\n // If there aren't enough bytes to parse the payload length, etc.\n if (this.#byteOffset < 2) {\n return callback()\n }\n\n const buffer = this.consume(2)\n const fin = (buffer[0] & 0x80) !== 0\n const opcode = buffer[0] & 0x0F\n const masked = (buffer[1] & 0x80) === 0x80\n\n const fragmented = !fin && opcode !== opcodes.CONTINUATION\n const payloadLength = buffer[1] & 0x7F\n\n const rsv1 = buffer[0] & 0x40\n const rsv2 = buffer[0] & 0x20\n const rsv3 = buffer[0] & 0x10\n\n if (!isValidOpcode(opcode)) {\n failWebsocketConnection(this.ws, 'Invalid opcode received')\n return callback()\n }\n\n if (masked) {\n failWebsocketConnection(this.ws, 'Frame cannot be masked')\n return callback()\n }\n\n // MUST be 0 unless an extension is negotiated that defines meanings\n // for non-zero values. If a nonzero value is received and none of\n // the negotiated extensions defines the meaning of such a nonzero\n // value, the receiving endpoint MUST _Fail the WebSocket\n // Connection_.\n // This document allocates the RSV1 bit of the WebSocket header for\n // PMCEs and calls the bit the \"Per-Message Compressed\" bit. On a\n // WebSocket connection where a PMCE is in use, this bit indicates\n // whether a message is compressed or not.\n if (rsv1 !== 0 && !this.#extensions.has('permessage-deflate')) {\n failWebsocketConnection(this.ws, 'Expected RSV1 to be clear.')\n return\n }\n\n if (rsv2 !== 0 || rsv3 !== 0) {\n failWebsocketConnection(this.ws, 'RSV1, RSV2, RSV3 must be clear')\n return\n }\n\n if (fragmented && !isTextBinaryFrame(opcode)) {\n // Only text and binary frames can be fragmented\n failWebsocketConnection(this.ws, 'Invalid frame type was fragmented.')\n return\n }\n\n // If we are already parsing a text/binary frame and do not receive either\n // a continuation frame or close frame, fail the connection.\n if (isTextBinaryFrame(opcode) && this.#fragments.length > 0) {\n failWebsocketConnection(this.ws, 'Expected continuation frame')\n return\n }\n\n if (this.#info.fragmented && fragmented) {\n // A fragmented frame can't be fragmented itself\n failWebsocketConnection(this.ws, 'Fragmented frame exceeded 125 bytes.')\n return\n }\n\n // \"All control frames MUST have a payload length of 125 bytes or less\n // and MUST NOT be fragmented.\"\n if ((payloadLength > 125 || fragmented) && isControlFrame(opcode)) {\n failWebsocketConnection(this.ws, 'Control frame either too large or fragmented')\n return\n }\n\n if (isContinuationFrame(opcode) && this.#fragments.length === 0 && !this.#info.compressed) {\n failWebsocketConnection(this.ws, 'Unexpected continuation frame')\n return\n }\n\n if (payloadLength <= 125) {\n this.#info.payloadLength = payloadLength\n this.#state = parserStates.READ_DATA\n } else if (payloadLength === 126) {\n this.#state = parserStates.PAYLOADLENGTH_16\n } else if (payloadLength === 127) {\n this.#state = parserStates.PAYLOADLENGTH_64\n }\n\n if (isTextBinaryFrame(opcode)) {\n this.#info.binaryType = opcode\n this.#info.compressed = rsv1 !== 0\n }\n\n this.#info.opcode = opcode\n this.#info.masked = masked\n this.#info.fin = fin\n this.#info.fragmented = fragmented\n } else if (this.#state === parserStates.PAYLOADLENGTH_16) {\n if (this.#byteOffset < 2) {\n return callback()\n }\n\n const buffer = this.consume(2)\n\n this.#info.payloadLength = buffer.readUInt16BE(0)\n this.#state = parserStates.READ_DATA\n } else if (this.#state === parserStates.PAYLOADLENGTH_64) {\n if (this.#byteOffset < 8) {\n return callback()\n }\n\n const buffer = this.consume(8)\n const upper = buffer.readUInt32BE(0)\n const lower = buffer.readUInt32BE(4)\n\n // 2^31 is the maximum bytes an arraybuffer can contain\n // on 32-bit systems. Although, on 64-bit systems, this is\n // 2^53-1 bytes.\n // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Invalid_array_length\n // https://source.chromium.org/chromium/chromium/src/+/main:v8/src/common/globals.h;drc=1946212ac0100668f14eb9e2843bdd846e510a1e;bpv=1;bpt=1;l=1275\n // https://source.chromium.org/chromium/chromium/src/+/main:v8/src/objects/js-array-buffer.h;l=34;drc=1946212ac0100668f14eb9e2843bdd846e510a1e\n if (upper !== 0 || lower > 2 ** 31 - 1) {\n failWebsocketConnection(this.ws, 'Received payload length > 2^31 bytes.')\n return\n }\n\n this.#info.payloadLength = lower\n this.#state = parserStates.READ_DATA\n } else if (this.#state === parserStates.READ_DATA) {\n if (this.#byteOffset < this.#info.payloadLength) {\n return callback()\n }\n\n const body = this.consume(this.#info.payloadLength)\n\n if (isControlFrame(this.#info.opcode)) {\n this.#loop = this.parseControlFrame(body)\n this.#state = parserStates.INFO\n } else {\n if (!this.#info.compressed) {\n this.#fragments.push(body)\n\n // If the frame is not fragmented, a message has been received.\n // If the frame is fragmented, it will terminate with a fin bit set\n // and an opcode of 0 (continuation), therefore we handle that when\n // parsing continuation frames, not here.\n if (!this.#info.fragmented && this.#info.fin) {\n const fullMessage = Buffer.concat(this.#fragments)\n websocketMessageReceived(this.ws, this.#info.binaryType, fullMessage)\n this.#fragments.length = 0\n }\n\n this.#state = parserStates.INFO\n } else {\n this.#extensions.get('permessage-deflate').decompress(body, this.#info.fin, (error, data) => {\n if (error) {\n failWebsocketConnection(this.ws, error.message)\n return\n }\n\n this.#fragments.push(data)\n\n if (!this.#info.fin) {\n this.#state = parserStates.INFO\n this.#loop = true\n this.run(callback)\n return\n }\n\n websocketMessageReceived(this.ws, this.#info.binaryType, Buffer.concat(this.#fragments))\n\n this.#loop = true\n this.#state = parserStates.INFO\n this.#fragments.length = 0\n this.run(callback)\n })\n\n this.#loop = false\n break\n }\n }\n }\n }\n }\n\n /**\n * Take n bytes from the buffered Buffers\n * @param {number} n\n * @returns {Buffer}\n */\n consume (n) {\n if (n > this.#byteOffset) {\n throw new Error('Called consume() before buffers satiated.')\n } else if (n === 0) {\n return emptyBuffer\n }\n\n if (this.#buffers[0].length === n) {\n this.#byteOffset -= this.#buffers[0].length\n return this.#buffers.shift()\n }\n\n const buffer = Buffer.allocUnsafe(n)\n let offset = 0\n\n while (offset !== n) {\n const next = this.#buffers[0]\n const { length } = next\n\n if (length + offset === n) {\n buffer.set(this.#buffers.shift(), offset)\n break\n } else if (length + offset > n) {\n buffer.set(next.subarray(0, n - offset), offset)\n this.#buffers[0] = next.subarray(n - offset)\n break\n } else {\n buffer.set(this.#buffers.shift(), offset)\n offset += next.length\n }\n }\n\n this.#byteOffset -= n\n\n return buffer\n }\n\n parseCloseBody (data) {\n assert(data.length !== 1)\n\n // https://datatracker.ietf.org/doc/html/rfc6455#section-7.1.5\n /** @type {number|undefined} */\n let code\n\n if (data.length >= 2) {\n // _The WebSocket Connection Close Code_ is\n // defined as the status code (Section 7.4) contained in the first Close\n // control frame received by the application\n code = data.readUInt16BE(0)\n }\n\n if (code !== undefined && !isValidStatusCode(code)) {\n return { code: 1002, reason: 'Invalid status code', error: true }\n }\n\n // https://datatracker.ietf.org/doc/html/rfc6455#section-7.1.6\n /** @type {Buffer} */\n let reason = data.subarray(2)\n\n // Remove BOM\n if (reason[0] === 0xEF && reason[1] === 0xBB && reason[2] === 0xBF) {\n reason = reason.subarray(3)\n }\n\n try {\n reason = utf8Decode(reason)\n } catch {\n return { code: 1007, reason: 'Invalid UTF-8', error: true }\n }\n\n return { code, reason, error: false }\n }\n\n /**\n * Parses control frames.\n * @param {Buffer} body\n */\n parseControlFrame (body) {\n const { opcode, payloadLength } = this.#info\n\n if (opcode === opcodes.CLOSE) {\n if (payloadLength === 1) {\n failWebsocketConnection(this.ws, 'Received close frame with a 1-byte body.')\n return false\n }\n\n this.#info.closeInfo = this.parseCloseBody(body)\n\n if (this.#info.closeInfo.error) {\n const { code, reason } = this.#info.closeInfo\n\n closeWebSocketConnection(this.ws, code, reason, reason.length)\n failWebsocketConnection(this.ws, reason)\n return false\n }\n\n if (this.ws[kSentClose] !== sentCloseFrameState.SENT) {\n // If an endpoint receives a Close frame and did not previously send a\n // Close frame, the endpoint MUST send a Close frame in response. (When\n // sending a Close frame in response, the endpoint typically echos the\n // status code it received.)\n let body = emptyBuffer\n if (this.#info.closeInfo.code) {\n body = Buffer.allocUnsafe(2)\n body.writeUInt16BE(this.#info.closeInfo.code, 0)\n }\n const closeFrame = new WebsocketFrameSend(body)\n\n this.ws[kResponse].socket.write(\n closeFrame.createFrame(opcodes.CLOSE),\n (err) => {\n if (!err) {\n this.ws[kSentClose] = sentCloseFrameState.SENT\n }\n }\n )\n }\n\n // Upon either sending or receiving a Close control frame, it is said\n // that _The WebSocket Closing Handshake is Started_ and that the\n // WebSocket connection is in the CLOSING state.\n this.ws[kReadyState] = states.CLOSING\n this.ws[kReceivedClose] = true\n\n return false\n } else if (opcode === opcodes.PING) {\n // Upon receipt of a Ping frame, an endpoint MUST send a Pong frame in\n // response, unless it already received a Close frame.\n // A Pong frame sent in response to a Ping frame must have identical\n // \"Application data\"\n\n if (!this.ws[kReceivedClose]) {\n const frame = new WebsocketFrameSend(body)\n\n this.ws[kResponse].socket.write(frame.createFrame(opcodes.PONG))\n\n if (channels.ping.hasSubscribers) {\n channels.ping.publish({\n payload: body\n })\n }\n }\n } else if (opcode === opcodes.PONG) {\n // A Pong frame MAY be sent unsolicited. This serves as a\n // unidirectional heartbeat. A response to an unsolicited Pong frame is\n // not expected.\n\n if (channels.pong.hasSubscribers) {\n channels.pong.publish({\n payload: body\n })\n }\n }\n\n return true\n }\n\n get closingInfo () {\n return this.#info.closeInfo\n }\n}\n\nmodule.exports = {\n ByteParser\n}\n","'use strict'\n\nconst { WebsocketFrameSend } = require('./frame')\nconst { opcodes, sendHints } = require('./constants')\nconst FixedQueue = require('../../dispatcher/fixed-queue')\n\n/** @type {typeof Uint8Array} */\nconst FastBuffer = Buffer[Symbol.species]\n\n/**\n * @typedef {object} SendQueueNode\n * @property {Promise | null} promise\n * @property {((...args: any[]) => any)} callback\n * @property {Buffer | null} frame\n */\n\nclass SendQueue {\n /**\n * @type {FixedQueue}\n */\n #queue = new FixedQueue()\n\n /**\n * @type {boolean}\n */\n #running = false\n\n /** @type {import('node:net').Socket} */\n #socket\n\n constructor (socket) {\n this.#socket = socket\n }\n\n add (item, cb, hint) {\n if (hint !== sendHints.blob) {\n const frame = createFrame(item, hint)\n if (!this.#running) {\n // fast-path\n this.#socket.write(frame, cb)\n } else {\n /** @type {SendQueueNode} */\n const node = {\n promise: null,\n callback: cb,\n frame\n }\n this.#queue.push(node)\n }\n return\n }\n\n /** @type {SendQueueNode} */\n const node = {\n promise: item.arrayBuffer().then((ab) => {\n node.promise = null\n node.frame = createFrame(ab, hint)\n }),\n callback: cb,\n frame: null\n }\n\n this.#queue.push(node)\n\n if (!this.#running) {\n this.#run()\n }\n }\n\n async #run () {\n this.#running = true\n const queue = this.#queue\n while (!queue.isEmpty()) {\n const node = queue.shift()\n // wait pending promise\n if (node.promise !== null) {\n await node.promise\n }\n // write\n this.#socket.write(node.frame, node.callback)\n // cleanup\n node.callback = node.frame = null\n }\n this.#running = false\n }\n}\n\nfunction createFrame (data, hint) {\n return new WebsocketFrameSend(toBuffer(data, hint)).createFrame(hint === sendHints.string ? opcodes.TEXT : opcodes.BINARY)\n}\n\nfunction toBuffer (data, hint) {\n switch (hint) {\n case sendHints.string:\n return Buffer.from(data)\n case sendHints.arrayBuffer:\n case sendHints.blob:\n return new FastBuffer(data)\n case sendHints.typedArray:\n return new FastBuffer(data.buffer, data.byteOffset, data.byteLength)\n }\n}\n\nmodule.exports = { SendQueue }\n","'use strict'\n\nmodule.exports = {\n kWebSocketURL: Symbol('url'),\n kReadyState: Symbol('ready state'),\n kController: Symbol('controller'),\n kResponse: Symbol('response'),\n kBinaryType: Symbol('binary type'),\n kSentClose: Symbol('sent close'),\n kReceivedClose: Symbol('received close'),\n kByteParser: Symbol('byte parser')\n}\n","'use strict'\n\nconst { kReadyState, kController, kResponse, kBinaryType, kWebSocketURL } = require('./symbols')\nconst { states, opcodes } = require('./constants')\nconst { ErrorEvent, createFastMessageEvent } = require('./events')\nconst { isUtf8 } = require('node:buffer')\nconst { collectASequenceOfCodePointsFast, removeHTTPWhitespace } = require('../fetch/data-url')\n\n/* globals Blob */\n\n/**\n * @param {import('./websocket').WebSocket} ws\n * @returns {boolean}\n */\nfunction isConnecting (ws) {\n // If the WebSocket connection is not yet established, and the connection\n // is not yet closed, then the WebSocket connection is in the CONNECTING state.\n return ws[kReadyState] === states.CONNECTING\n}\n\n/**\n * @param {import('./websocket').WebSocket} ws\n * @returns {boolean}\n */\nfunction isEstablished (ws) {\n // If the server's response is validated as provided for above, it is\n // said that _The WebSocket Connection is Established_ and that the\n // WebSocket Connection is in the OPEN state.\n return ws[kReadyState] === states.OPEN\n}\n\n/**\n * @param {import('./websocket').WebSocket} ws\n * @returns {boolean}\n */\nfunction isClosing (ws) {\n // Upon either sending or receiving a Close control frame, it is said\n // that _The WebSocket Closing Handshake is Started_ and that the\n // WebSocket connection is in the CLOSING state.\n return ws[kReadyState] === states.CLOSING\n}\n\n/**\n * @param {import('./websocket').WebSocket} ws\n * @returns {boolean}\n */\nfunction isClosed (ws) {\n return ws[kReadyState] === states.CLOSED\n}\n\n/**\n * @see https://dom.spec.whatwg.org/#concept-event-fire\n * @param {string} e\n * @param {EventTarget} target\n * @param {(...args: ConstructorParameters) => Event} eventFactory\n * @param {EventInit | undefined} eventInitDict\n */\nfunction fireEvent (e, target, eventFactory = (type, init) => new Event(type, init), eventInitDict = {}) {\n // 1. If eventConstructor is not given, then let eventConstructor be Event.\n\n // 2. Let event be the result of creating an event given eventConstructor,\n // in the relevant realm of target.\n // 3. Initialize event’s type attribute to e.\n const event = eventFactory(e, eventInitDict)\n\n // 4. Initialize any other IDL attributes of event as described in the\n // invocation of this algorithm.\n\n // 5. Return the result of dispatching event at target, with legacy target\n // override flag set if set.\n target.dispatchEvent(event)\n}\n\n/**\n * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol\n * @param {import('./websocket').WebSocket} ws\n * @param {number} type Opcode\n * @param {Buffer} data application data\n */\nfunction websocketMessageReceived (ws, type, data) {\n // 1. If ready state is not OPEN (1), then return.\n if (ws[kReadyState] !== states.OPEN) {\n return\n }\n\n // 2. Let dataForEvent be determined by switching on type and binary type:\n let dataForEvent\n\n if (type === opcodes.TEXT) {\n // -> type indicates that the data is Text\n // a new DOMString containing data\n try {\n dataForEvent = utf8Decode(data)\n } catch {\n failWebsocketConnection(ws, 'Received invalid UTF-8 in text frame.')\n return\n }\n } else if (type === opcodes.BINARY) {\n if (ws[kBinaryType] === 'blob') {\n // -> type indicates that the data is Binary and binary type is \"blob\"\n // a new Blob object, created in the relevant Realm of the WebSocket\n // object, that represents data as its raw data\n dataForEvent = new Blob([data])\n } else {\n // -> type indicates that the data is Binary and binary type is \"arraybuffer\"\n // a new ArrayBuffer object, created in the relevant Realm of the\n // WebSocket object, whose contents are data\n dataForEvent = toArrayBuffer(data)\n }\n }\n\n // 3. Fire an event named message at the WebSocket object, using MessageEvent,\n // with the origin attribute initialized to the serialization of the WebSocket\n // object’s url's origin, and the data attribute initialized to dataForEvent.\n fireEvent('message', ws, createFastMessageEvent, {\n origin: ws[kWebSocketURL].origin,\n data: dataForEvent\n })\n}\n\nfunction toArrayBuffer (buffer) {\n if (buffer.byteLength === buffer.buffer.byteLength) {\n return buffer.buffer\n }\n return buffer.buffer.slice(buffer.byteOffset, buffer.byteOffset + buffer.byteLength)\n}\n\n/**\n * @see https://datatracker.ietf.org/doc/html/rfc6455\n * @see https://datatracker.ietf.org/doc/html/rfc2616\n * @see https://bugs.chromium.org/p/chromium/issues/detail?id=398407\n * @param {string} protocol\n */\nfunction isValidSubprotocol (protocol) {\n // If present, this value indicates one\n // or more comma-separated subprotocol the client wishes to speak,\n // ordered by preference. The elements that comprise this value\n // MUST be non-empty strings with characters in the range U+0021 to\n // U+007E not including separator characters as defined in\n // [RFC2616] and MUST all be unique strings.\n if (protocol.length === 0) {\n return false\n }\n\n for (let i = 0; i < protocol.length; ++i) {\n const code = protocol.charCodeAt(i)\n\n if (\n code < 0x21 || // CTL, contains SP (0x20) and HT (0x09)\n code > 0x7E ||\n code === 0x22 || // \"\n code === 0x28 || // (\n code === 0x29 || // )\n code === 0x2C || // ,\n code === 0x2F || // /\n code === 0x3A || // :\n code === 0x3B || // ;\n code === 0x3C || // <\n code === 0x3D || // =\n code === 0x3E || // >\n code === 0x3F || // ?\n code === 0x40 || // @\n code === 0x5B || // [\n code === 0x5C || // \\\n code === 0x5D || // ]\n code === 0x7B || // {\n code === 0x7D // }\n ) {\n return false\n }\n }\n\n return true\n}\n\n/**\n * @see https://datatracker.ietf.org/doc/html/rfc6455#section-7-4\n * @param {number} code\n */\nfunction isValidStatusCode (code) {\n if (code >= 1000 && code < 1015) {\n return (\n code !== 1004 && // reserved\n code !== 1005 && // \"MUST NOT be set as a status code\"\n code !== 1006 // \"MUST NOT be set as a status code\"\n )\n }\n\n return code >= 3000 && code <= 4999\n}\n\n/**\n * @param {import('./websocket').WebSocket} ws\n * @param {string|undefined} reason\n */\nfunction failWebsocketConnection (ws, reason) {\n const { [kController]: controller, [kResponse]: response } = ws\n\n controller.abort()\n\n if (response?.socket && !response.socket.destroyed) {\n response.socket.destroy()\n }\n\n if (reason) {\n // TODO: process.nextTick\n fireEvent('error', ws, (type, init) => new ErrorEvent(type, init), {\n error: new Error(reason),\n message: reason\n })\n }\n}\n\n/**\n * @see https://datatracker.ietf.org/doc/html/rfc6455#section-5.5\n * @param {number} opcode\n */\nfunction isControlFrame (opcode) {\n return (\n opcode === opcodes.CLOSE ||\n opcode === opcodes.PING ||\n opcode === opcodes.PONG\n )\n}\n\nfunction isContinuationFrame (opcode) {\n return opcode === opcodes.CONTINUATION\n}\n\nfunction isTextBinaryFrame (opcode) {\n return opcode === opcodes.TEXT || opcode === opcodes.BINARY\n}\n\nfunction isValidOpcode (opcode) {\n return isTextBinaryFrame(opcode) || isContinuationFrame(opcode) || isControlFrame(opcode)\n}\n\n/**\n * Parses a Sec-WebSocket-Extensions header value.\n * @param {string} extensions\n * @returns {Map}\n */\n// TODO(@Uzlopak, @KhafraDev): make compliant https://datatracker.ietf.org/doc/html/rfc6455#section-9.1\nfunction parseExtensions (extensions) {\n const position = { position: 0 }\n const extensionList = new Map()\n\n while (position.position < extensions.length) {\n const pair = collectASequenceOfCodePointsFast(';', extensions, position)\n const [name, value = ''] = pair.split('=')\n\n extensionList.set(\n removeHTTPWhitespace(name, true, false),\n removeHTTPWhitespace(value, false, true)\n )\n\n position.position++\n }\n\n return extensionList\n}\n\n/**\n * @see https://www.rfc-editor.org/rfc/rfc7692#section-7.1.2.2\n * @description \"client-max-window-bits = 1*DIGIT\"\n * @param {string} value\n */\nfunction isValidClientWindowBits (value) {\n // Must have at least one character\n if (value.length === 0) {\n return false\n }\n\n // Check all characters are ASCII digits\n for (let i = 0; i < value.length; i++) {\n const byte = value.charCodeAt(i)\n\n if (byte < 0x30 || byte > 0x39) {\n return false\n }\n }\n\n // Check numeric range: zlib requires windowBits in range 8-15\n const num = Number.parseInt(value, 10)\n return num >= 8 && num <= 15\n}\n\n// https://nodejs.org/api/intl.html#detecting-internationalization-support\nconst hasIntl = typeof process.versions.icu === 'string'\nconst fatalDecoder = hasIntl ? new TextDecoder('utf-8', { fatal: true }) : undefined\n\n/**\n * Converts a Buffer to utf-8, even on platforms without icu.\n * @param {Buffer} buffer\n */\nconst utf8Decode = hasIntl\n ? fatalDecoder.decode.bind(fatalDecoder)\n : function (buffer) {\n if (isUtf8(buffer)) {\n return buffer.toString('utf-8')\n }\n throw new TypeError('Invalid utf-8 received.')\n }\n\nmodule.exports = {\n isConnecting,\n isEstablished,\n isClosing,\n isClosed,\n fireEvent,\n isValidSubprotocol,\n isValidStatusCode,\n failWebsocketConnection,\n websocketMessageReceived,\n utf8Decode,\n isControlFrame,\n isContinuationFrame,\n isTextBinaryFrame,\n isValidOpcode,\n parseExtensions,\n isValidClientWindowBits\n}\n","'use strict'\n\nconst { webidl } = require('../fetch/webidl')\nconst { URLSerializer } = require('../fetch/data-url')\nconst { environmentSettingsObject } = require('../fetch/util')\nconst { staticPropertyDescriptors, states, sentCloseFrameState, sendHints } = require('./constants')\nconst {\n kWebSocketURL,\n kReadyState,\n kController,\n kBinaryType,\n kResponse,\n kSentClose,\n kByteParser\n} = require('./symbols')\nconst {\n isConnecting,\n isEstablished,\n isClosing,\n isValidSubprotocol,\n fireEvent\n} = require('./util')\nconst { establishWebSocketConnection, closeWebSocketConnection } = require('./connection')\nconst { ByteParser } = require('./receiver')\nconst { kEnumerableProperty, isBlobLike } = require('../../core/util')\nconst { getGlobalDispatcher } = require('../../global')\nconst { types } = require('node:util')\nconst { ErrorEvent, CloseEvent } = require('./events')\nconst { SendQueue } = require('./sender')\n\n// https://websockets.spec.whatwg.org/#interface-definition\nclass WebSocket extends EventTarget {\n #events = {\n open: null,\n error: null,\n close: null,\n message: null\n }\n\n #bufferedAmount = 0\n #protocol = ''\n #extensions = ''\n\n /** @type {SendQueue} */\n #sendQueue\n\n /**\n * @param {string} url\n * @param {string|string[]} protocols\n */\n constructor (url, protocols = []) {\n super()\n\n webidl.util.markAsUncloneable(this)\n\n const prefix = 'WebSocket constructor'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n const options = webidl.converters['DOMString or sequence or WebSocketInit'](protocols, prefix, 'options')\n\n url = webidl.converters.USVString(url, prefix, 'url')\n protocols = options.protocols\n\n // 1. Let baseURL be this's relevant settings object's API base URL.\n const baseURL = environmentSettingsObject.settingsObject.baseUrl\n\n // 1. Let urlRecord be the result of applying the URL parser to url with baseURL.\n let urlRecord\n\n try {\n urlRecord = new URL(url, baseURL)\n } catch (e) {\n // 3. If urlRecord is failure, then throw a \"SyntaxError\" DOMException.\n throw new DOMException(e, 'SyntaxError')\n }\n\n // 4. If urlRecord’s scheme is \"http\", then set urlRecord’s scheme to \"ws\".\n if (urlRecord.protocol === 'http:') {\n urlRecord.protocol = 'ws:'\n } else if (urlRecord.protocol === 'https:') {\n // 5. Otherwise, if urlRecord’s scheme is \"https\", set urlRecord’s scheme to \"wss\".\n urlRecord.protocol = 'wss:'\n }\n\n // 6. If urlRecord’s scheme is not \"ws\" or \"wss\", then throw a \"SyntaxError\" DOMException.\n if (urlRecord.protocol !== 'ws:' && urlRecord.protocol !== 'wss:') {\n throw new DOMException(\n `Expected a ws: or wss: protocol, got ${urlRecord.protocol}`,\n 'SyntaxError'\n )\n }\n\n // 7. If urlRecord’s fragment is non-null, then throw a \"SyntaxError\"\n // DOMException.\n if (urlRecord.hash || urlRecord.href.endsWith('#')) {\n throw new DOMException('Got fragment', 'SyntaxError')\n }\n\n // 8. If protocols is a string, set protocols to a sequence consisting\n // of just that string.\n if (typeof protocols === 'string') {\n protocols = [protocols]\n }\n\n // 9. If any of the values in protocols occur more than once or otherwise\n // fail to match the requirements for elements that comprise the value\n // of `Sec-WebSocket-Protocol` fields as defined by The WebSocket\n // protocol, then throw a \"SyntaxError\" DOMException.\n if (protocols.length !== new Set(protocols.map(p => p.toLowerCase())).size) {\n throw new DOMException('Invalid Sec-WebSocket-Protocol value', 'SyntaxError')\n }\n\n if (protocols.length > 0 && !protocols.every(p => isValidSubprotocol(p))) {\n throw new DOMException('Invalid Sec-WebSocket-Protocol value', 'SyntaxError')\n }\n\n // 10. Set this's url to urlRecord.\n this[kWebSocketURL] = new URL(urlRecord.href)\n\n // 11. Let client be this's relevant settings object.\n const client = environmentSettingsObject.settingsObject\n\n // 12. Run this step in parallel:\n\n // 1. Establish a WebSocket connection given urlRecord, protocols,\n // and client.\n this[kController] = establishWebSocketConnection(\n urlRecord,\n protocols,\n client,\n this,\n (response, extensions) => this.#onConnectionEstablished(response, extensions),\n options\n )\n\n // Each WebSocket object has an associated ready state, which is a\n // number representing the state of the connection. Initially it must\n // be CONNECTING (0).\n this[kReadyState] = WebSocket.CONNECTING\n\n this[kSentClose] = sentCloseFrameState.NOT_SENT\n\n // The extensions attribute must initially return the empty string.\n\n // The protocol attribute must initially return the empty string.\n\n // Each WebSocket object has an associated binary type, which is a\n // BinaryType. Initially it must be \"blob\".\n this[kBinaryType] = 'blob'\n }\n\n /**\n * @see https://websockets.spec.whatwg.org/#dom-websocket-close\n * @param {number|undefined} code\n * @param {string|undefined} reason\n */\n close (code = undefined, reason = undefined) {\n webidl.brandCheck(this, WebSocket)\n\n const prefix = 'WebSocket.close'\n\n if (code !== undefined) {\n code = webidl.converters['unsigned short'](code, prefix, 'code', { clamp: true })\n }\n\n if (reason !== undefined) {\n reason = webidl.converters.USVString(reason, prefix, 'reason')\n }\n\n // 1. If code is present, but is neither an integer equal to 1000 nor an\n // integer in the range 3000 to 4999, inclusive, throw an\n // \"InvalidAccessError\" DOMException.\n if (code !== undefined) {\n if (code !== 1000 && (code < 3000 || code > 4999)) {\n throw new DOMException('invalid code', 'InvalidAccessError')\n }\n }\n\n let reasonByteLength = 0\n\n // 2. If reason is present, then run these substeps:\n if (reason !== undefined) {\n // 1. Let reasonBytes be the result of encoding reason.\n // 2. If reasonBytes is longer than 123 bytes, then throw a\n // \"SyntaxError\" DOMException.\n reasonByteLength = Buffer.byteLength(reason)\n\n if (reasonByteLength > 123) {\n throw new DOMException(\n `Reason must be less than 123 bytes; received ${reasonByteLength}`,\n 'SyntaxError'\n )\n }\n }\n\n // 3. Run the first matching steps from the following list:\n closeWebSocketConnection(this, code, reason, reasonByteLength)\n }\n\n /**\n * @see https://websockets.spec.whatwg.org/#dom-websocket-send\n * @param {NodeJS.TypedArray|ArrayBuffer|Blob|string} data\n */\n send (data) {\n webidl.brandCheck(this, WebSocket)\n\n const prefix = 'WebSocket.send'\n webidl.argumentLengthCheck(arguments, 1, prefix)\n\n data = webidl.converters.WebSocketSendData(data, prefix, 'data')\n\n // 1. If this's ready state is CONNECTING, then throw an\n // \"InvalidStateError\" DOMException.\n if (isConnecting(this)) {\n throw new DOMException('Sent before connected.', 'InvalidStateError')\n }\n\n // 2. Run the appropriate set of steps from the following list:\n // https://datatracker.ietf.org/doc/html/rfc6455#section-6.1\n // https://datatracker.ietf.org/doc/html/rfc6455#section-5.2\n\n if (!isEstablished(this) || isClosing(this)) {\n return\n }\n\n // If data is a string\n if (typeof data === 'string') {\n // If the WebSocket connection is established and the WebSocket\n // closing handshake has not yet started, then the user agent\n // must send a WebSocket Message comprised of the data argument\n // using a text frame opcode; if the data cannot be sent, e.g.\n // because it would need to be buffered but the buffer is full,\n // the user agent must flag the WebSocket as full and then close\n // the WebSocket connection. Any invocation of this method with a\n // string argument that does not throw an exception must increase\n // the bufferedAmount attribute by the number of bytes needed to\n // express the argument as UTF-8.\n\n const length = Buffer.byteLength(data)\n\n this.#bufferedAmount += length\n this.#sendQueue.add(data, () => {\n this.#bufferedAmount -= length\n }, sendHints.string)\n } else if (types.isArrayBuffer(data)) {\n // If the WebSocket connection is established, and the WebSocket\n // closing handshake has not yet started, then the user agent must\n // send a WebSocket Message comprised of data using a binary frame\n // opcode; if the data cannot be sent, e.g. because it would need\n // to be buffered but the buffer is full, the user agent must flag\n // the WebSocket as full and then close the WebSocket connection.\n // The data to be sent is the data stored in the buffer described\n // by the ArrayBuffer object. Any invocation of this method with an\n // ArrayBuffer argument that does not throw an exception must\n // increase the bufferedAmount attribute by the length of the\n // ArrayBuffer in bytes.\n\n this.#bufferedAmount += data.byteLength\n this.#sendQueue.add(data, () => {\n this.#bufferedAmount -= data.byteLength\n }, sendHints.arrayBuffer)\n } else if (ArrayBuffer.isView(data)) {\n // If the WebSocket connection is established, and the WebSocket\n // closing handshake has not yet started, then the user agent must\n // send a WebSocket Message comprised of data using a binary frame\n // opcode; if the data cannot be sent, e.g. because it would need to\n // be buffered but the buffer is full, the user agent must flag the\n // WebSocket as full and then close the WebSocket connection. The\n // data to be sent is the data stored in the section of the buffer\n // described by the ArrayBuffer object that data references. Any\n // invocation of this method with this kind of argument that does\n // not throw an exception must increase the bufferedAmount attribute\n // by the length of data’s buffer in bytes.\n\n this.#bufferedAmount += data.byteLength\n this.#sendQueue.add(data, () => {\n this.#bufferedAmount -= data.byteLength\n }, sendHints.typedArray)\n } else if (isBlobLike(data)) {\n // If the WebSocket connection is established, and the WebSocket\n // closing handshake has not yet started, then the user agent must\n // send a WebSocket Message comprised of data using a binary frame\n // opcode; if the data cannot be sent, e.g. because it would need to\n // be buffered but the buffer is full, the user agent must flag the\n // WebSocket as full and then close the WebSocket connection. The data\n // to be sent is the raw data represented by the Blob object. Any\n // invocation of this method with a Blob argument that does not throw\n // an exception must increase the bufferedAmount attribute by the size\n // of the Blob object’s raw data, in bytes.\n\n this.#bufferedAmount += data.size\n this.#sendQueue.add(data, () => {\n this.#bufferedAmount -= data.size\n }, sendHints.blob)\n }\n }\n\n get readyState () {\n webidl.brandCheck(this, WebSocket)\n\n // The readyState getter steps are to return this's ready state.\n return this[kReadyState]\n }\n\n get bufferedAmount () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#bufferedAmount\n }\n\n get url () {\n webidl.brandCheck(this, WebSocket)\n\n // The url getter steps are to return this's url, serialized.\n return URLSerializer(this[kWebSocketURL])\n }\n\n get extensions () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#extensions\n }\n\n get protocol () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#protocol\n }\n\n get onopen () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#events.open\n }\n\n set onopen (fn) {\n webidl.brandCheck(this, WebSocket)\n\n if (this.#events.open) {\n this.removeEventListener('open', this.#events.open)\n }\n\n if (typeof fn === 'function') {\n this.#events.open = fn\n this.addEventListener('open', fn)\n } else {\n this.#events.open = null\n }\n }\n\n get onerror () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#events.error\n }\n\n set onerror (fn) {\n webidl.brandCheck(this, WebSocket)\n\n if (this.#events.error) {\n this.removeEventListener('error', this.#events.error)\n }\n\n if (typeof fn === 'function') {\n this.#events.error = fn\n this.addEventListener('error', fn)\n } else {\n this.#events.error = null\n }\n }\n\n get onclose () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#events.close\n }\n\n set onclose (fn) {\n webidl.brandCheck(this, WebSocket)\n\n if (this.#events.close) {\n this.removeEventListener('close', this.#events.close)\n }\n\n if (typeof fn === 'function') {\n this.#events.close = fn\n this.addEventListener('close', fn)\n } else {\n this.#events.close = null\n }\n }\n\n get onmessage () {\n webidl.brandCheck(this, WebSocket)\n\n return this.#events.message\n }\n\n set onmessage (fn) {\n webidl.brandCheck(this, WebSocket)\n\n if (this.#events.message) {\n this.removeEventListener('message', this.#events.message)\n }\n\n if (typeof fn === 'function') {\n this.#events.message = fn\n this.addEventListener('message', fn)\n } else {\n this.#events.message = null\n }\n }\n\n get binaryType () {\n webidl.brandCheck(this, WebSocket)\n\n return this[kBinaryType]\n }\n\n set binaryType (type) {\n webidl.brandCheck(this, WebSocket)\n\n if (type !== 'blob' && type !== 'arraybuffer') {\n this[kBinaryType] = 'blob'\n } else {\n this[kBinaryType] = type\n }\n }\n\n /**\n * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol\n */\n #onConnectionEstablished (response, parsedExtensions) {\n // processResponse is called when the \"response's header list has been received and initialized.\"\n // once this happens, the connection is open\n this[kResponse] = response\n\n const parser = new ByteParser(this, parsedExtensions)\n parser.on('drain', onParserDrain)\n parser.on('error', onParserError.bind(this))\n\n response.socket.ws = this\n this[kByteParser] = parser\n\n this.#sendQueue = new SendQueue(response.socket)\n\n // 1. Change the ready state to OPEN (1).\n this[kReadyState] = states.OPEN\n\n // 2. Change the extensions attribute’s value to the extensions in use, if\n // it is not the null value.\n // https://datatracker.ietf.org/doc/html/rfc6455#section-9.1\n const extensions = response.headersList.get('sec-websocket-extensions')\n\n if (extensions !== null) {\n this.#extensions = extensions\n }\n\n // 3. Change the protocol attribute’s value to the subprotocol in use, if\n // it is not the null value.\n // https://datatracker.ietf.org/doc/html/rfc6455#section-1.9\n const protocol = response.headersList.get('sec-websocket-protocol')\n\n if (protocol !== null) {\n this.#protocol = protocol\n }\n\n // 4. Fire an event named open at the WebSocket object.\n fireEvent('open', this)\n }\n}\n\n// https://websockets.spec.whatwg.org/#dom-websocket-connecting\nWebSocket.CONNECTING = WebSocket.prototype.CONNECTING = states.CONNECTING\n// https://websockets.spec.whatwg.org/#dom-websocket-open\nWebSocket.OPEN = WebSocket.prototype.OPEN = states.OPEN\n// https://websockets.spec.whatwg.org/#dom-websocket-closing\nWebSocket.CLOSING = WebSocket.prototype.CLOSING = states.CLOSING\n// https://websockets.spec.whatwg.org/#dom-websocket-closed\nWebSocket.CLOSED = WebSocket.prototype.CLOSED = states.CLOSED\n\nObject.defineProperties(WebSocket.prototype, {\n CONNECTING: staticPropertyDescriptors,\n OPEN: staticPropertyDescriptors,\n CLOSING: staticPropertyDescriptors,\n CLOSED: staticPropertyDescriptors,\n url: kEnumerableProperty,\n readyState: kEnumerableProperty,\n bufferedAmount: kEnumerableProperty,\n onopen: kEnumerableProperty,\n onerror: kEnumerableProperty,\n onclose: kEnumerableProperty,\n close: kEnumerableProperty,\n onmessage: kEnumerableProperty,\n binaryType: kEnumerableProperty,\n send: kEnumerableProperty,\n extensions: kEnumerableProperty,\n protocol: kEnumerableProperty,\n [Symbol.toStringTag]: {\n value: 'WebSocket',\n writable: false,\n enumerable: false,\n configurable: true\n }\n})\n\nObject.defineProperties(WebSocket, {\n CONNECTING: staticPropertyDescriptors,\n OPEN: staticPropertyDescriptors,\n CLOSING: staticPropertyDescriptors,\n CLOSED: staticPropertyDescriptors\n})\n\nwebidl.converters['sequence'] = webidl.sequenceConverter(\n webidl.converters.DOMString\n)\n\nwebidl.converters['DOMString or sequence'] = function (V, prefix, argument) {\n if (webidl.util.Type(V) === 'Object' && Symbol.iterator in V) {\n return webidl.converters['sequence'](V)\n }\n\n return webidl.converters.DOMString(V, prefix, argument)\n}\n\n// This implements the proposal made in https://github.com/whatwg/websockets/issues/42\nwebidl.converters.WebSocketInit = webidl.dictionaryConverter([\n {\n key: 'protocols',\n converter: webidl.converters['DOMString or sequence'],\n defaultValue: () => new Array(0)\n },\n {\n key: 'dispatcher',\n converter: webidl.converters.any,\n defaultValue: () => getGlobalDispatcher()\n },\n {\n key: 'headers',\n converter: webidl.nullableConverter(webidl.converters.HeadersInit)\n }\n])\n\nwebidl.converters['DOMString or sequence or WebSocketInit'] = function (V) {\n if (webidl.util.Type(V) === 'Object' && !(Symbol.iterator in V)) {\n return webidl.converters.WebSocketInit(V)\n }\n\n return { protocols: webidl.converters['DOMString or sequence'](V) }\n}\n\nwebidl.converters.WebSocketSendData = function (V) {\n if (webidl.util.Type(V) === 'Object') {\n if (isBlobLike(V)) {\n return webidl.converters.Blob(V, { strict: false })\n }\n\n if (ArrayBuffer.isView(V) || types.isArrayBuffer(V)) {\n return webidl.converters.BufferSource(V)\n }\n }\n\n return webidl.converters.USVString(V)\n}\n\nfunction onParserDrain () {\n this.ws[kResponse].socket.resume()\n}\n\nfunction onParserError (err) {\n let message\n let code\n\n if (err instanceof CloseEvent) {\n message = err.reason\n code = err.code\n } else {\n message = err.message\n }\n\n fireEvent('error', this, () => new ErrorEvent('error', { error: err, message }))\n\n closeWebSocketConnection(this, code)\n}\n\nmodule.exports = {\n WebSocket\n}\n","module.exports = __non_webpack_require__(__webpack_require__.ab + \"build/Release/cpufeatures.node\")","module.exports = __non_webpack_require__(__webpack_require__.ab + \"lib/protocol/crypto/build/Release/sshcrypto.node\")","module.exports = require(\"assert\");","module.exports = require(\"buffer\");","module.exports = require(\"child_process\");","module.exports = require(\"crypto\");","module.exports = require(\"dns\");","module.exports = require(\"events\");","module.exports = require(\"fs\");","module.exports = require(\"http\");","module.exports = require(\"https\");","module.exports = require(\"net\");","module.exports = require(\"node:assert\");","module.exports = require(\"node:async_hooks\");","module.exports = require(\"node:buffer\");","module.exports = require(\"node:console\");","module.exports = require(\"node:crypto\");","module.exports = require(\"node:diagnostics_channel\");","module.exports = require(\"node:dns\");","module.exports = require(\"node:events\");","module.exports = require(\"node:http\");","module.exports = require(\"node:http2\");","module.exports = require(\"node:net\");","module.exports = require(\"node:perf_hooks\");","module.exports = require(\"node:querystring\");","module.exports = require(\"node:stream\");","module.exports = require(\"node:tls\");","module.exports = require(\"node:url\");","module.exports = require(\"node:util\");","module.exports = require(\"node:util/types\");","module.exports = require(\"node:worker_threads\");","module.exports = require(\"node:zlib\");","module.exports = require(\"os\");","module.exports = require(\"path\");","module.exports = require(\"stream\");","module.exports = require(\"string_decoder\");","module.exports = require(\"timers\");","module.exports = require(\"tls\");","module.exports = require(\"util\");","module.exports = require(\"zlib\");","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n var desc = Object.getOwnPropertyDescriptor(m, k);\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n desc = { enumerable: true, get: function() { return m[k]; } };\n }\n Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n if (k2 === undefined) k2 = k;\n o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n if (mod && mod.__esModule) return mod;\n var result = {};\n if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n __setModuleDefault(result, mod);\n return result;\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.NodeSSH = exports.SSHError = void 0;\nconst assert_1 = __importStar(require(\"assert\"));\nconst fs_1 = __importDefault(require(\"fs\"));\nconst is_stream_1 = __importDefault(require(\"is-stream\"));\nconst make_dir_1 = __importDefault(require(\"make-dir\"));\nconst path_1 = __importDefault(require(\"path\"));\nconst sb_promise_queue_1 = require(\"sb-promise-queue\");\nconst sb_scandir_1 = __importDefault(require(\"sb-scandir\"));\nconst shell_escape_1 = __importDefault(require(\"shell-escape\"));\nconst ssh2_1 = __importDefault(require(\"ssh2\"));\nconst DEFAULT_CONCURRENCY = 1;\nconst DEFAULT_VALIDATE = (path) => !path_1.default.basename(path).startsWith('.');\nconst DEFAULT_TICK = () => {\n /* No Op */\n};\nclass SSHError extends Error {\n constructor(message, code = null) {\n super(message);\n this.code = code;\n }\n}\nexports.SSHError = SSHError;\nfunction unixifyPath(path) {\n if (path.includes('\\\\')) {\n return path.split('\\\\').join('/');\n }\n return path;\n}\nasync function readFile(filePath) {\n return new Promise((resolve, reject) => {\n fs_1.default.readFile(filePath, 'utf8', (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n}\nconst SFTP_MKDIR_ERR_CODE_REGEXP = /Error: (E[\\S]+): /;\nasync function makeDirectoryWithSftp(path, sftp) {\n let stats = null;\n try {\n stats = await new Promise((resolve, reject) => {\n sftp.stat(path, (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n }\n catch (_) {\n /* No Op */\n }\n if (stats) {\n if (stats.isDirectory()) {\n // Already exists, nothing to worry about\n return;\n }\n throw new Error('mkdir() failed, target already exists and is not a directory');\n }\n try {\n await new Promise((resolve, reject) => {\n sftp.mkdir(path, (err) => {\n if (err) {\n reject(err);\n }\n else {\n resolve();\n }\n });\n });\n }\n catch (err) {\n if (err != null && typeof err.stack === 'string') {\n const matches = SFTP_MKDIR_ERR_CODE_REGEXP.exec(err.stack);\n if (matches != null) {\n throw new SSHError(err.message, matches[1]);\n }\n throw err;\n }\n }\n}\nclass NodeSSH {\n constructor() {\n this.connection = null;\n }\n getConnection() {\n const { connection } = this;\n if (connection == null) {\n throw new Error('Not connected to server');\n }\n return connection;\n }\n async connect(givenConfig) {\n (0, assert_1.default)(givenConfig != null && typeof givenConfig === 'object', 'config must be a valid object');\n const config = { ...givenConfig };\n (0, assert_1.default)(config.username != null && typeof config.username === 'string', 'config.username must be a valid string');\n if (config.host != null) {\n (0, assert_1.default)(typeof config.host === 'string', 'config.host must be a valid string');\n }\n else if (config.sock != null) {\n (0, assert_1.default)(typeof config.sock === 'object', 'config.sock must be a valid object');\n }\n else {\n throw new assert_1.AssertionError({ message: 'Either config.host or config.sock must be provided' });\n }\n if (config.privateKey != null || config.privateKeyPath != null) {\n if (config.privateKey != null) {\n (0, assert_1.default)(typeof config.privateKey === 'string', 'config.privateKey must be a valid string');\n (0, assert_1.default)(config.privateKeyPath == null, 'config.privateKeyPath must not be specified when config.privateKey is specified');\n }\n else if (config.privateKeyPath != null) {\n (0, assert_1.default)(typeof config.privateKeyPath === 'string', 'config.privateKeyPath must be a valid string');\n (0, assert_1.default)(config.privateKey == null, 'config.privateKey must not be specified when config.privateKeyPath is specified');\n }\n (0, assert_1.default)(config.passphrase == null || typeof config.passphrase === 'string', 'config.passphrase must be null or a valid string');\n if (config.privateKeyPath != null) {\n // Must be an fs path\n try {\n config.privateKey = await readFile(config.privateKeyPath);\n }\n catch (err) {\n if (err != null && err.code === 'ENOENT') {\n throw new assert_1.AssertionError({ message: 'config.privateKeyPath does not exist at given fs path' });\n }\n throw err;\n }\n }\n }\n else if (config.password != null) {\n (0, assert_1.default)(typeof config.password === 'string', 'config.password must be a valid string');\n }\n if (config.tryKeyboard != null) {\n (0, assert_1.default)(typeof config.tryKeyboard === 'boolean', 'config.tryKeyboard must be a valid boolean');\n }\n if (config.tryKeyboard) {\n const { password } = config;\n if (config.onKeyboardInteractive != null) {\n (0, assert_1.default)(typeof config.onKeyboardInteractive === 'function', 'config.onKeyboardInteractive must be a valid function');\n }\n else if (password != null) {\n config.onKeyboardInteractive = (name, instructions, instructionsLang, prompts, finish) => {\n if (prompts.length > 0 && prompts[0].prompt.toLowerCase().includes('password')) {\n finish([password]);\n }\n };\n }\n }\n const connection = new ssh2_1.default.Client();\n this.connection = connection;\n await new Promise((resolve, reject) => {\n connection.on('error', reject);\n if (config.onKeyboardInteractive) {\n connection.on('keyboard-interactive', config.onKeyboardInteractive);\n }\n connection.on('ready', () => {\n connection.removeListener('error', reject);\n resolve();\n });\n connection.on('end', () => {\n if (this.connection === connection) {\n this.connection = null;\n }\n });\n connection.on('close', () => {\n if (this.connection === connection) {\n this.connection = null;\n }\n reject(new SSHError('No response from server', 'ETIMEDOUT'));\n });\n connection.connect(config);\n });\n return this;\n }\n isConnected() {\n return this.connection != null;\n }\n async requestShell(options) {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.on('error', reject);\n const callback = (err, res) => {\n connection.removeListener('error', reject);\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n };\n if (options == null) {\n connection.shell(callback);\n }\n else {\n connection.shell(options, callback);\n }\n });\n }\n async withShell(callback, options) {\n (0, assert_1.default)(typeof callback === 'function', 'callback must be a valid function');\n const shell = await this.requestShell(options);\n try {\n await callback(shell);\n }\n finally {\n shell.destroy();\n }\n }\n async requestSFTP() {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.on('error', reject);\n connection.sftp((err, res) => {\n connection.removeListener('error', reject);\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n }\n async withSFTP(callback) {\n (0, assert_1.default)(typeof callback === 'function', 'callback must be a valid function');\n const sftp = await this.requestSFTP();\n try {\n await callback(sftp);\n }\n finally {\n sftp.end();\n }\n }\n async execCommand(givenCommand, options = {}) {\n (0, assert_1.default)(typeof givenCommand === 'string', 'command must be a valid string');\n (0, assert_1.default)(options != null && typeof options === 'object', 'options must be a valid object');\n (0, assert_1.default)(options.cwd == null || typeof options.cwd === 'string', 'options.cwd must be a valid string');\n (0, assert_1.default)(options.stdin == null || typeof options.stdin === 'string' || is_stream_1.default.readable(options.stdin), 'options.stdin must be a valid string or readable stream');\n (0, assert_1.default)(options.execOptions == null || typeof options.execOptions === 'object', 'options.execOptions must be a valid object');\n (0, assert_1.default)(options.encoding == null || typeof options.encoding === 'string', 'options.encoding must be a valid string');\n (0, assert_1.default)(options.onChannel == null || typeof options.onChannel === 'function', 'options.onChannel must be a valid function');\n (0, assert_1.default)(options.onStdout == null || typeof options.onStdout === 'function', 'options.onStdout must be a valid function');\n (0, assert_1.default)(options.onStderr == null || typeof options.onStderr === 'function', 'options.onStderr must be a valid function');\n (0, assert_1.default)(options.noTrim == null || typeof options.noTrim === 'boolean', 'options.noTrim must be a boolean');\n let command = givenCommand;\n if (options.cwd) {\n command = `cd ${(0, shell_escape_1.default)([options.cwd])} ; ${command}`;\n }\n const connection = this.getConnection();\n const output = { stdout: [], stderr: [] };\n return new Promise((resolve, reject) => {\n connection.on('error', reject);\n connection.exec(command, options.execOptions != null ? options.execOptions : {}, (err, channel) => {\n connection.removeListener('error', reject);\n if (err) {\n reject(err);\n return;\n }\n if (options.onChannel) {\n options.onChannel(channel);\n }\n channel.on('data', (chunk) => {\n if (options.onStdout)\n options.onStdout(chunk);\n output.stdout.push(chunk.toString(options.encoding));\n });\n channel.stderr.on('data', (chunk) => {\n if (options.onStderr)\n options.onStderr(chunk);\n output.stderr.push(chunk.toString(options.encoding));\n });\n if (options.stdin != null) {\n if (is_stream_1.default.readable(options.stdin)) {\n options.stdin.pipe(channel, {\n end: true,\n });\n }\n else {\n channel.write(options.stdin);\n channel.end();\n }\n }\n else {\n channel.end();\n }\n let code = null;\n let signal = null;\n channel.on('exit', (code_, signal_) => {\n code = code_ !== null && code_ !== void 0 ? code_ : null;\n signal = signal_ !== null && signal_ !== void 0 ? signal_ : null;\n });\n channel.on('close', () => {\n let stdout = output.stdout.join('');\n let stderr = output.stderr.join('');\n if (options.noTrim !== true) {\n stdout = stdout.trim();\n stderr = stderr.trim();\n }\n resolve({\n code: code != null ? code : null,\n signal: signal != null ? signal : null,\n stdout,\n stderr,\n });\n });\n });\n });\n }\n async exec(command, parameters, options = {}) {\n (0, assert_1.default)(typeof command === 'string', 'command must be a valid string');\n (0, assert_1.default)(Array.isArray(parameters), 'parameters must be a valid array');\n (0, assert_1.default)(options != null && typeof options === 'object', 'options must be a valid object');\n (0, assert_1.default)(options.stream == null || ['both', 'stdout', 'stderr'].includes(options.stream), 'options.stream must be one of both, stdout, stderr');\n for (let i = 0, { length } = parameters; i < length; i += 1) {\n (0, assert_1.default)(typeof parameters[i] === 'string', `parameters[${i}] must be a valid string`);\n }\n const completeCommand = `${command}${parameters.length > 0 ? ` ${(0, shell_escape_1.default)(parameters)}` : ''}`;\n const response = await this.execCommand(completeCommand, options);\n if (options.stream == null || options.stream === 'stdout') {\n if (response.stderr) {\n throw new Error(response.stderr);\n }\n return response.stdout;\n }\n if (options.stream === 'stderr') {\n return response.stderr;\n }\n return response;\n }\n async mkdir(path, method = 'sftp', givenSftp = null) {\n (0, assert_1.default)(typeof path === 'string', 'path must be a valid string');\n (0, assert_1.default)(typeof method === 'string' && (method === 'sftp' || method === 'exec'), 'method must be either sftp or exec');\n (0, assert_1.default)(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n if (method === 'exec') {\n await this.exec('mkdir', ['-p', unixifyPath(path)]);\n return;\n }\n const sftp = givenSftp || (await this.requestSFTP());\n const makeSftpDirectory = async (retry) => makeDirectoryWithSftp(unixifyPath(path), sftp).catch(async (error) => {\n if (!retry || error == null || (error.message !== 'No such file' && error.code !== 'ENOENT')) {\n throw error;\n }\n await this.mkdir(path_1.default.dirname(path), 'sftp', sftp);\n await makeSftpDirectory(false);\n });\n try {\n await makeSftpDirectory(true);\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async getFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n (0, assert_1.default)(typeof localFile === 'string', 'localFile must be a valid string');\n (0, assert_1.default)(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n (0, assert_1.default)(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n (0, assert_1.default)(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n const sftp = givenSftp || (await this.requestSFTP());\n try {\n await new Promise((resolve, reject) => {\n sftp.fastGet(unixifyPath(remoteFile), localFile, transferOptions || {}, (err) => {\n if (err) {\n reject(err);\n }\n else {\n resolve();\n }\n });\n });\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async putFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n (0, assert_1.default)(typeof localFile === 'string', 'localFile must be a valid string');\n (0, assert_1.default)(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n (0, assert_1.default)(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n (0, assert_1.default)(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n (0, assert_1.default)(await new Promise((resolve) => {\n fs_1.default.access(localFile, fs_1.default.constants.R_OK, (err) => {\n resolve(err === null);\n });\n }), `localFile does not exist at ${localFile}`);\n const sftp = givenSftp || (await this.requestSFTP());\n const putFile = (retry) => {\n return new Promise((resolve, reject) => {\n sftp.fastPut(localFile, unixifyPath(remoteFile), transferOptions || {}, (err) => {\n if (err == null) {\n resolve();\n return;\n }\n if (err.message === 'No such file' && retry) {\n resolve(this.mkdir(path_1.default.dirname(remoteFile), 'sftp', sftp).then(() => putFile(false)));\n }\n else {\n reject(err);\n }\n });\n });\n };\n try {\n await putFile(true);\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async putFiles(files, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {} } = {}) {\n (0, assert_1.default)(Array.isArray(files), 'files must be an array');\n for (let i = 0, { length } = files; i < length; i += 1) {\n const file = files[i];\n (0, assert_1.default)(file, 'files items must be valid objects');\n (0, assert_1.default)(file.local && typeof file.local === 'string', `files[${i}].local must be a string`);\n (0, assert_1.default)(file.remote && typeof file.remote === 'string', `files[${i}].remote must be a string`);\n }\n const transferred = [];\n const sftp = givenSftp || (await this.requestSFTP());\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n try {\n await new Promise((resolve, reject) => {\n files.forEach((file) => {\n queue\n .add(async () => {\n await this.putFile(file.local, file.remote, sftp, transferOptions);\n transferred.push(file);\n })\n .catch(reject);\n });\n queue.waitTillIdle().then(resolve);\n });\n }\n catch (error) {\n if (error != null) {\n error.transferred = transferred;\n }\n throw error;\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n }\n async putDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n (0, assert_1.default)(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n (0, assert_1.default)(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n const localDirectoryStat = await new Promise((resolve) => {\n fs_1.default.stat(localDirectory, (err, stat) => {\n resolve(stat || null);\n });\n });\n (0, assert_1.default)(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n (0, assert_1.default)(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n const sftp = givenSftp || (await this.requestSFTP());\n const scanned = await (0, sb_scandir_1.default)(localDirectory, {\n recursive,\n validate,\n });\n const files = scanned.files.map((item) => path_1.default.relative(localDirectory, item));\n const directories = scanned.directories.map((item) => path_1.default.relative(localDirectory, item));\n // Sort shortest to longest\n directories.sort((a, b) => a.length - b.length);\n let failed = false;\n try {\n // Do the directories first.\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n directories.forEach((directory) => {\n queue\n .add(async () => {\n await this.mkdir(path_1.default.join(remoteDirectory, directory), 'sftp', sftp);\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n // and now the files\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n files.forEach((file) => {\n queue\n .add(async () => {\n const localFile = path_1.default.join(localDirectory, file);\n const remoteFile = path_1.default.join(remoteDirectory, file);\n try {\n await this.putFile(localFile, remoteFile, sftp, transferOptions);\n tick(localFile, remoteFile, null);\n }\n catch (_) {\n failed = true;\n tick(localFile, remoteFile, _);\n }\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n return !failed;\n }\n async getDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n (0, assert_1.default)(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n (0, assert_1.default)(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n const localDirectoryStat = await new Promise((resolve) => {\n fs_1.default.stat(localDirectory, (err, stat) => {\n resolve(stat || null);\n });\n });\n (0, assert_1.default)(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n (0, assert_1.default)(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n const sftp = givenSftp || (await this.requestSFTP());\n const scanned = await (0, sb_scandir_1.default)(remoteDirectory, {\n recursive,\n validate,\n concurrency,\n fileSystem: {\n basename(path) {\n return path_1.default.posix.basename(path);\n },\n join(pathA, pathB) {\n return path_1.default.posix.join(pathA, pathB);\n },\n readdir(path) {\n return new Promise((resolve, reject) => {\n sftp.readdir(path, (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n resolve(res.map((item) => item.filename));\n }\n });\n });\n },\n stat(path) {\n return new Promise((resolve, reject) => {\n sftp.stat(path, (err, res) => {\n if (err) {\n reject(err);\n }\n else {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n resolve(res);\n }\n });\n });\n },\n },\n });\n const files = scanned.files.map((item) => path_1.default.relative(remoteDirectory, item));\n const directories = scanned.directories.map((item) => path_1.default.relative(remoteDirectory, item));\n // Sort shortest to longest\n directories.sort((a, b) => a.length - b.length);\n let failed = false;\n try {\n // Do the directories first.\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n directories.forEach((directory) => {\n queue\n .add(async () => {\n await (0, make_dir_1.default)(path_1.default.join(localDirectory, directory));\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n // and now the files\n await new Promise((resolve, reject) => {\n const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n files.forEach((file) => {\n queue\n .add(async () => {\n const localFile = path_1.default.join(localDirectory, file);\n const remoteFile = path_1.default.join(remoteDirectory, file);\n try {\n await this.getFile(localFile, remoteFile, sftp, transferOptions);\n tick(localFile, remoteFile, null);\n }\n catch (_) {\n failed = true;\n tick(localFile, remoteFile, _);\n }\n })\n .catch(reject);\n });\n resolve(queue.waitTillIdle());\n });\n }\n finally {\n if (!givenSftp) {\n sftp.end();\n }\n }\n return !failed;\n }\n forwardIn(remoteAddr, remotePort, onConnection) {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.forwardIn(remoteAddr, remotePort, (error, port) => {\n if (error) {\n reject(error);\n return;\n }\n const handler = (details, acceptConnection, rejectConnection) => {\n if (details.destIP === remoteAddr && details.destPort === port) {\n onConnection === null || onConnection === void 0 ? void 0 : onConnection(details, acceptConnection, rejectConnection);\n }\n };\n if (onConnection) {\n connection.on('tcp connection', handler);\n }\n const dispose = () => {\n return new Promise((_resolve, _reject) => {\n connection.off('tcp connection', handler);\n connection.unforwardIn(remoteAddr, port, (_error) => {\n if (_error) {\n _reject(error);\n }\n _resolve();\n });\n });\n };\n resolve({ port, dispose });\n });\n });\n }\n forwardOut(srcIP, srcPort, dstIP, dstPort) {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.forwardOut(srcIP, srcPort, dstIP, dstPort, (error, channel) => {\n if (error) {\n reject(error);\n return;\n }\n resolve(channel);\n });\n });\n }\n forwardInStreamLocal(socketPath, onConnection) {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.openssh_forwardInStreamLocal(socketPath, (error) => {\n if (error) {\n reject(error);\n return;\n }\n const handler = (details, acceptConnection, rejectConnection) => {\n if (details.socketPath === socketPath) {\n onConnection === null || onConnection === void 0 ? void 0 : onConnection(details, acceptConnection, rejectConnection);\n }\n };\n if (onConnection) {\n connection.on('unix connection', handler);\n }\n const dispose = () => {\n return new Promise((_resolve, _reject) => {\n connection.off('unix connection', handler);\n connection.openssh_unforwardInStreamLocal(socketPath, (_error) => {\n if (_error) {\n _reject(_error);\n }\n _resolve();\n });\n });\n };\n resolve({ dispose });\n });\n });\n }\n forwardOutStreamLocal(socketPath) {\n const connection = this.getConnection();\n return new Promise((resolve, reject) => {\n connection.openssh_forwardOutStreamLocal(socketPath, (error, channel) => {\n if (error) {\n reject(error);\n return;\n }\n resolve(channel);\n });\n });\n }\n dispose() {\n if (this.connection) {\n this.connection.end();\n this.connection = null;\n }\n }\n}\nexports.NodeSSH = NodeSSH;\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nvar PromiseQueue = /** @class */ (function () {\n function PromiseQueue(_a) {\n var _b = (_a === void 0 ? {} : _a).concurrency, concurrency = _b === void 0 ? 1 : _b;\n this.options = { concurrency: concurrency };\n this.running = 0;\n this.queue = [];\n this.idleCallbacks = [];\n }\n PromiseQueue.prototype.clear = function () {\n this.queue = [];\n };\n PromiseQueue.prototype.onIdle = function (callback) {\n var _this = this;\n this.idleCallbacks.push(callback);\n return function () {\n var index = _this.idleCallbacks.indexOf(callback);\n if (index !== -1) {\n _this.idleCallbacks.splice(index, 1);\n }\n };\n };\n PromiseQueue.prototype.waitTillIdle = function () {\n var _this = this;\n return new Promise(function (resolve) {\n if (_this.running === 0) {\n resolve();\n return;\n }\n var dispose = _this.onIdle(function () {\n dispose();\n resolve();\n });\n });\n };\n PromiseQueue.prototype.add = function (callback) {\n var _this = this;\n return new Promise(function (resolve, reject) {\n var runCallback = function () {\n _this.running += 1;\n try {\n Promise.resolve(callback()).then(function (val) {\n resolve(val);\n _this.processNext();\n }, function (err) {\n reject(err);\n _this.processNext();\n });\n }\n catch (err) {\n reject(err);\n _this.processNext();\n }\n };\n if (_this.running >= _this.options.concurrency) {\n _this.queue.push(runCallback);\n }\n else {\n runCallback();\n }\n });\n };\n // Internal function, don't use\n PromiseQueue.prototype.processNext = function () {\n this.running -= 1;\n var callback = this.queue.shift();\n if (callback) {\n callback();\n }\n else if (this.running === 0) {\n this.idleCallbacks.forEach(function (item) { return item(); });\n }\n };\n return PromiseQueue;\n}());\nexports.PromiseQueue = PromiseQueue;\n","\"use strict\";\n/* @flow */\nvar __assign = (this && this.__assign) || function () {\n __assign = Object.assign || function(t) {\n for (var s, i = 1, n = arguments.length; i < n; i++) {\n s = arguments[i];\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))\n t[p] = s[p];\n }\n return t;\n };\n return __assign.apply(this, arguments);\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n return new (P || (P = Promise))(function (resolve, reject) {\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n step((generator = generator.apply(thisArg, _arguments || [])).next());\n });\n};\nvar __generator = (this && this.__generator) || function (thisArg, body) {\n var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;\n return g = { next: verb(0), \"throw\": verb(1), \"return\": verb(2) }, typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\n function verb(n) { return function (v) { return step([n, v]); }; }\n function step(op) {\n if (f) throw new TypeError(\"Generator is already executing.\");\n while (_) try {\n if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\n if (y = 0, t) op = [op[0] & 2, t.value];\n switch (op[0]) {\n case 0: case 1: t = op; break;\n case 4: _.label++; return { value: op[1], done: false };\n case 5: _.label++; y = op[1]; op = [0]; continue;\n case 7: op = _.ops.pop(); _.trys.pop(); continue;\n default:\n if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\n if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\n if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\n if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\n if (t[2]) _.ops.pop();\n _.trys.pop(); continue;\n }\n op = body.call(thisArg, _);\n } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\n if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\n }\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.defaultFilesystem = void 0;\nvar fs_1 = __importDefault(require(\"fs\"));\nvar path_1 = __importDefault(require(\"path\"));\nvar assert_1 = __importDefault(require(\"assert\"));\nvar sb_promise_queue_1 = require(\"sb-promise-queue\");\nexports.defaultFilesystem = {\n join: function (pathA, pathB) {\n return path_1.default.join(pathA, pathB);\n },\n basename: function (path) {\n return path_1.default.basename(path);\n },\n stat: function (path) {\n return new Promise(function (resolve, reject) {\n fs_1.default.stat(path, function (err, res) {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n },\n readdir: function (path) {\n return new Promise(function (resolve, reject) {\n fs_1.default.readdir(path, function (err, res) {\n if (err) {\n reject(err);\n }\n else {\n resolve(res);\n }\n });\n });\n },\n};\nfunction scanDirectoryInternal(_a) {\n var path = _a.path, recursive = _a.recursive, validate = _a.validate, result = _a.result, fileSystem = _a.fileSystem, queue = _a.queue, reject = _a.reject;\n return __awaiter(this, void 0, void 0, function () {\n var itemStat, contents;\n return __generator(this, function (_b) {\n switch (_b.label) {\n case 0: return [4 /*yield*/, fileSystem.stat(path)];\n case 1:\n itemStat = _b.sent();\n if (itemStat.isFile()) {\n result.files.push(path);\n }\n else if (itemStat.isDirectory()) {\n result.directories.push(path);\n }\n if (!itemStat.isDirectory() || recursive === 'none') {\n return [2 /*return*/];\n }\n return [4 /*yield*/, fileSystem.readdir(path)];\n case 2:\n contents = _b.sent();\n contents.forEach(function (item) {\n var itemPath = fileSystem.join(path, item);\n if (!validate(itemPath)) {\n return;\n }\n queue\n .add(function () {\n return scanDirectoryInternal({\n path: itemPath,\n recursive: recursive === 'shallow' ? 'none' : 'deep',\n validate: validate,\n result: result,\n fileSystem: fileSystem,\n queue: queue,\n reject: reject,\n });\n })\n .catch(reject);\n });\n return [2 /*return*/];\n }\n });\n });\n}\nfunction scanDirectory(path, _a) {\n var _b = _a === void 0 ? {} : _a, _c = _b.recursive, recursive = _c === void 0 ? true : _c, _d = _b.validate, validate = _d === void 0 ? null : _d, _e = _b.concurrency, concurrency = _e === void 0 ? Infinity : _e, _f = _b.fileSystem, fileSystem = _f === void 0 ? exports.defaultFilesystem : _f;\n return __awaiter(this, void 0, void 0, function () {\n var queue, result, mergedFileSystem;\n return __generator(this, function (_g) {\n switch (_g.label) {\n case 0:\n assert_1.default(path && typeof path === 'string', 'path must be a valid string');\n assert_1.default(typeof recursive === 'boolean', 'options.recursive must be a valid boolean');\n assert_1.default(validate === null || typeof validate === 'function', 'options.validate must be a valid function');\n assert_1.default(typeof concurrency === 'number', 'options.concurrency must be a valid number');\n assert_1.default(fileSystem !== null && typeof fileSystem === 'object', 'options.fileSystem must be a valid object');\n queue = new sb_promise_queue_1.PromiseQueue({\n concurrency: concurrency,\n });\n result = { files: [], directories: [] };\n mergedFileSystem = __assign(__assign({}, exports.defaultFilesystem), fileSystem);\n return [4 /*yield*/, new Promise(function (resolve, reject) {\n scanDirectoryInternal({\n path: path,\n recursive: recursive ? 'deep' : 'shallow',\n validate: validate != null ? validate : function (item) { return mergedFileSystem.basename(item).slice(0, 1) !== '.'; },\n result: result,\n fileSystem: mergedFileSystem,\n queue: queue,\n reject: reject,\n })\n .then(function () { return queue.waitTillIdle(); })\n .then(resolve, reject);\n })];\n case 1:\n _g.sent();\n return [2 /*return*/, result];\n }\n });\n });\n}\nexports.default = scanDirectory;\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\tvar threw = true;\n\ttry {\n\t\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\t\tthrew = false;\n\t} finally {\n\t\tif(threw) delete __webpack_module_cache__[moduleId];\n\t}\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nif (typeof __webpack_require__ !== 'undefined') __webpack_require__.ab = __dirname + \"/\";","","// startup\n// Load entry module and return exports\n// This entry module is referenced by other modules so it can't be inlined\nvar __webpack_exports__ = __webpack_require__(1188);\n",""],"names":[],"sourceRoot":""} \ No newline at end of file diff --git a/dist/lib/protocol/crypto/build/Release/sshcrypto.node b/dist/lib/protocol/crypto/build/Release/sshcrypto.node index 6dfdc9c..3705791 100755 Binary files a/dist/lib/protocol/crypto/build/Release/sshcrypto.node and b/dist/lib/protocol/crypto/build/Release/sshcrypto.node differ diff --git a/dist/licenses.txt b/dist/licenses.txt index 104a09f..4bf78ed 100644 --- a/dist/licenses.txt +++ b/dist/licenses.txt @@ -10,6 +10,18 @@ The above copyright notice and this permission notice shall be included in all c THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +@actions/exec +MIT +The MIT License (MIT) + +Copyright 2019 GitHub + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + @actions/http-client MIT Actions Http Client for Node.js @@ -35,6 +47,18 @@ WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +@actions/io +MIT +The MIT License (MIT) + +Copyright 2019 GitHub + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + asn1 MIT Copyright (c) 2011 Mark Cavage, All rights reserved. @@ -373,14 +397,26 @@ OTHER DEALINGS IN THE SOFTWARE. For more information, please refer to -uuid +undici MIT -The MIT License (MIT) +MIT License -Copyright (c) 2010-2020 Robert Kieffer and other contributors +Copyright (c) Matteo Collina and Undici contributors -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/dist/sourcemap-register.js b/dist/sourcemap-register.js index 466141d..cb1fb13 100644 --- a/dist/sourcemap-register.js +++ b/dist/sourcemap-register.js @@ -1 +1 @@ -(()=>{var e={650:e=>{var r=Object.prototype.toString;var n=typeof Buffer.alloc==="function"&&typeof Buffer.allocUnsafe==="function"&&typeof Buffer.from==="function";function isArrayBuffer(e){return r.call(e).slice(8,-1)==="ArrayBuffer"}function fromArrayBuffer(e,r,t){r>>>=0;var o=e.byteLength-r;if(o<0){throw new RangeError("'offset' is out of bounds")}if(t===undefined){t=o}else{t>>>=0;if(t>o){throw new RangeError("'length' is out of bounds")}}return n?Buffer.from(e.slice(r,r+t)):new Buffer(new Uint8Array(e.slice(r,r+t)))}function fromString(e,r){if(typeof r!=="string"||r===""){r="utf8"}if(!Buffer.isEncoding(r)){throw new TypeError('"encoding" must be a valid string encoding')}return n?Buffer.from(e,r):new Buffer(e,r)}function bufferFrom(e,r,t){if(typeof e==="number"){throw new TypeError('"value" argument must not be a number')}if(isArrayBuffer(e)){return fromArrayBuffer(e,r,t)}if(typeof e==="string"){return fromString(e,r)}return n?Buffer.from(e):new Buffer(e)}e.exports=bufferFrom},274:(e,r,n)=>{var t=n(339);var o=Object.prototype.hasOwnProperty;var i=typeof Map!=="undefined";function ArraySet(){this._array=[];this._set=i?new Map:Object.create(null)}ArraySet.fromArray=function ArraySet_fromArray(e,r){var n=new ArraySet;for(var t=0,o=e.length;t=0){return r}}else{var n=t.toSetString(e);if(o.call(this._set,n)){return this._set[n]}}throw new Error('"'+e+'" is not in the set.')};ArraySet.prototype.at=function ArraySet_at(e){if(e>=0&&e{var t=n(190);var o=5;var i=1<>1;return r?-n:n}r.encode=function base64VLQ_encode(e){var r="";var n;var i=toVLQSigned(e);do{n=i&a;i>>>=o;if(i>0){n|=u}r+=t.encode(n)}while(i>0);return r};r.decode=function base64VLQ_decode(e,r,n){var i=e.length;var s=0;var l=0;var c,p;do{if(r>=i){throw new Error("Expected more digits in base 64 VLQ value.")}p=t.decode(e.charCodeAt(r++));if(p===-1){throw new Error("Invalid base64 digit: "+e.charAt(r-1))}c=!!(p&u);p&=a;s=s+(p<{var n="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".split("");r.encode=function(e){if(0<=e&&e{r.GREATEST_LOWER_BOUND=1;r.LEAST_UPPER_BOUND=2;function recursiveSearch(e,n,t,o,i,a){var u=Math.floor((n-e)/2)+e;var s=i(t,o[u],true);if(s===0){return u}else if(s>0){if(n-u>1){return recursiveSearch(u,n,t,o,i,a)}if(a==r.LEAST_UPPER_BOUND){return n1){return recursiveSearch(e,u,t,o,i,a)}if(a==r.LEAST_UPPER_BOUND){return u}else{return e<0?-1:e}}}r.search=function search(e,n,t,o){if(n.length===0){return-1}var i=recursiveSearch(-1,n.length,e,n,t,o||r.GREATEST_LOWER_BOUND);if(i<0){return-1}while(i-1>=0){if(t(n[i],n[i-1],true)!==0){break}--i}return i}},680:(e,r,n)=>{var t=n(339);function generatedPositionAfter(e,r){var n=e.generatedLine;var o=r.generatedLine;var i=e.generatedColumn;var a=r.generatedColumn;return o>n||o==n&&a>=i||t.compareByGeneratedPositionsInflated(e,r)<=0}function MappingList(){this._array=[];this._sorted=true;this._last={generatedLine:-1,generatedColumn:0}}MappingList.prototype.unsortedForEach=function MappingList_forEach(e,r){this._array.forEach(e,r)};MappingList.prototype.add=function MappingList_add(e){if(generatedPositionAfter(this._last,e)){this._last=e;this._array.push(e)}else{this._sorted=false;this._array.push(e)}};MappingList.prototype.toArray=function MappingList_toArray(){if(!this._sorted){this._array.sort(t.compareByGeneratedPositionsInflated);this._sorted=true}return this._array};r.H=MappingList},758:(e,r)=>{function swap(e,r,n){var t=e[r];e[r]=e[n];e[n]=t}function randomIntInRange(e,r){return Math.round(e+Math.random()*(r-e))}function doQuickSort(e,r,n,t){if(n{var t;var o=n(339);var i=n(345);var a=n(274).I;var u=n(449);var s=n(758).U;function SourceMapConsumer(e,r){var n=e;if(typeof e==="string"){n=o.parseSourceMapInput(e)}return n.sections!=null?new IndexedSourceMapConsumer(n,r):new BasicSourceMapConsumer(n,r)}SourceMapConsumer.fromSourceMap=function(e,r){return BasicSourceMapConsumer.fromSourceMap(e,r)};SourceMapConsumer.prototype._version=3;SourceMapConsumer.prototype.__generatedMappings=null;Object.defineProperty(SourceMapConsumer.prototype,"_generatedMappings",{configurable:true,enumerable:true,get:function(){if(!this.__generatedMappings){this._parseMappings(this._mappings,this.sourceRoot)}return this.__generatedMappings}});SourceMapConsumer.prototype.__originalMappings=null;Object.defineProperty(SourceMapConsumer.prototype,"_originalMappings",{configurable:true,enumerable:true,get:function(){if(!this.__originalMappings){this._parseMappings(this._mappings,this.sourceRoot)}return this.__originalMappings}});SourceMapConsumer.prototype._charIsMappingSeparator=function SourceMapConsumer_charIsMappingSeparator(e,r){var n=e.charAt(r);return n===";"||n===","};SourceMapConsumer.prototype._parseMappings=function SourceMapConsumer_parseMappings(e,r){throw new Error("Subclasses must implement _parseMappings")};SourceMapConsumer.GENERATED_ORDER=1;SourceMapConsumer.ORIGINAL_ORDER=2;SourceMapConsumer.GREATEST_LOWER_BOUND=1;SourceMapConsumer.LEAST_UPPER_BOUND=2;SourceMapConsumer.prototype.eachMapping=function SourceMapConsumer_eachMapping(e,r,n){var t=r||null;var i=n||SourceMapConsumer.GENERATED_ORDER;var a;switch(i){case SourceMapConsumer.GENERATED_ORDER:a=this._generatedMappings;break;case SourceMapConsumer.ORIGINAL_ORDER:a=this._originalMappings;break;default:throw new Error("Unknown order of iteration.")}var u=this.sourceRoot;a.map((function(e){var r=e.source===null?null:this._sources.at(e.source);r=o.computeSourceURL(u,r,this._sourceMapURL);return{source:r,generatedLine:e.generatedLine,generatedColumn:e.generatedColumn,originalLine:e.originalLine,originalColumn:e.originalColumn,name:e.name===null?null:this._names.at(e.name)}}),this).forEach(e,t)};SourceMapConsumer.prototype.allGeneratedPositionsFor=function SourceMapConsumer_allGeneratedPositionsFor(e){var r=o.getArg(e,"line");var n={source:o.getArg(e,"source"),originalLine:r,originalColumn:o.getArg(e,"column",0)};n.source=this._findSourceIndex(n.source);if(n.source<0){return[]}var t=[];var a=this._findMapping(n,this._originalMappings,"originalLine","originalColumn",o.compareByOriginalPositions,i.LEAST_UPPER_BOUND);if(a>=0){var u=this._originalMappings[a];if(e.column===undefined){var s=u.originalLine;while(u&&u.originalLine===s){t.push({line:o.getArg(u,"generatedLine",null),column:o.getArg(u,"generatedColumn",null),lastColumn:o.getArg(u,"lastGeneratedColumn",null)});u=this._originalMappings[++a]}}else{var l=u.originalColumn;while(u&&u.originalLine===r&&u.originalColumn==l){t.push({line:o.getArg(u,"generatedLine",null),column:o.getArg(u,"generatedColumn",null),lastColumn:o.getArg(u,"lastGeneratedColumn",null)});u=this._originalMappings[++a]}}}return t};r.SourceMapConsumer=SourceMapConsumer;function BasicSourceMapConsumer(e,r){var n=e;if(typeof e==="string"){n=o.parseSourceMapInput(e)}var t=o.getArg(n,"version");var i=o.getArg(n,"sources");var u=o.getArg(n,"names",[]);var s=o.getArg(n,"sourceRoot",null);var l=o.getArg(n,"sourcesContent",null);var c=o.getArg(n,"mappings");var p=o.getArg(n,"file",null);if(t!=this._version){throw new Error("Unsupported version: "+t)}if(s){s=o.normalize(s)}i=i.map(String).map(o.normalize).map((function(e){return s&&o.isAbsolute(s)&&o.isAbsolute(e)?o.relative(s,e):e}));this._names=a.fromArray(u.map(String),true);this._sources=a.fromArray(i,true);this._absoluteSources=this._sources.toArray().map((function(e){return o.computeSourceURL(s,e,r)}));this.sourceRoot=s;this.sourcesContent=l;this._mappings=c;this._sourceMapURL=r;this.file=p}BasicSourceMapConsumer.prototype=Object.create(SourceMapConsumer.prototype);BasicSourceMapConsumer.prototype.consumer=SourceMapConsumer;BasicSourceMapConsumer.prototype._findSourceIndex=function(e){var r=e;if(this.sourceRoot!=null){r=o.relative(this.sourceRoot,r)}if(this._sources.has(r)){return this._sources.indexOf(r)}var n;for(n=0;n1){v.source=l+_[1];l+=_[1];v.originalLine=i+_[2];i=v.originalLine;v.originalLine+=1;v.originalColumn=a+_[3];a=v.originalColumn;if(_.length>4){v.name=c+_[4];c+=_[4]}}m.push(v);if(typeof v.originalLine==="number"){d.push(v)}}}s(m,o.compareByGeneratedPositionsDeflated);this.__generatedMappings=m;s(d,o.compareByOriginalPositions);this.__originalMappings=d};BasicSourceMapConsumer.prototype._findMapping=function SourceMapConsumer_findMapping(e,r,n,t,o,a){if(e[n]<=0){throw new TypeError("Line must be greater than or equal to 1, got "+e[n])}if(e[t]<0){throw new TypeError("Column must be greater than or equal to 0, got "+e[t])}return i.search(e,r,o,a)};BasicSourceMapConsumer.prototype.computeColumnSpans=function SourceMapConsumer_computeColumnSpans(){for(var e=0;e=0){var t=this._generatedMappings[n];if(t.generatedLine===r.generatedLine){var i=o.getArg(t,"source",null);if(i!==null){i=this._sources.at(i);i=o.computeSourceURL(this.sourceRoot,i,this._sourceMapURL)}var a=o.getArg(t,"name",null);if(a!==null){a=this._names.at(a)}return{source:i,line:o.getArg(t,"originalLine",null),column:o.getArg(t,"originalColumn",null),name:a}}}return{source:null,line:null,column:null,name:null}};BasicSourceMapConsumer.prototype.hasContentsOfAllSources=function BasicSourceMapConsumer_hasContentsOfAllSources(){if(!this.sourcesContent){return false}return this.sourcesContent.length>=this._sources.size()&&!this.sourcesContent.some((function(e){return e==null}))};BasicSourceMapConsumer.prototype.sourceContentFor=function SourceMapConsumer_sourceContentFor(e,r){if(!this.sourcesContent){return null}var n=this._findSourceIndex(e);if(n>=0){return this.sourcesContent[n]}var t=e;if(this.sourceRoot!=null){t=o.relative(this.sourceRoot,t)}var i;if(this.sourceRoot!=null&&(i=o.urlParse(this.sourceRoot))){var a=t.replace(/^file:\/\//,"");if(i.scheme=="file"&&this._sources.has(a)){return this.sourcesContent[this._sources.indexOf(a)]}if((!i.path||i.path=="/")&&this._sources.has("/"+t)){return this.sourcesContent[this._sources.indexOf("/"+t)]}}if(r){return null}else{throw new Error('"'+t+'" is not in the SourceMap.')}};BasicSourceMapConsumer.prototype.generatedPositionFor=function SourceMapConsumer_generatedPositionFor(e){var r=o.getArg(e,"source");r=this._findSourceIndex(r);if(r<0){return{line:null,column:null,lastColumn:null}}var n={source:r,originalLine:o.getArg(e,"line"),originalColumn:o.getArg(e,"column")};var t=this._findMapping(n,this._originalMappings,"originalLine","originalColumn",o.compareByOriginalPositions,o.getArg(e,"bias",SourceMapConsumer.GREATEST_LOWER_BOUND));if(t>=0){var i=this._originalMappings[t];if(i.source===n.source){return{line:o.getArg(i,"generatedLine",null),column:o.getArg(i,"generatedColumn",null),lastColumn:o.getArg(i,"lastGeneratedColumn",null)}}}return{line:null,column:null,lastColumn:null}};t=BasicSourceMapConsumer;function IndexedSourceMapConsumer(e,r){var n=e;if(typeof e==="string"){n=o.parseSourceMapInput(e)}var t=o.getArg(n,"version");var i=o.getArg(n,"sections");if(t!=this._version){throw new Error("Unsupported version: "+t)}this._sources=new a;this._names=new a;var u={line:-1,column:0};this._sections=i.map((function(e){if(e.url){throw new Error("Support for url field in sections not implemented.")}var n=o.getArg(e,"offset");var t=o.getArg(n,"line");var i=o.getArg(n,"column");if(t{var t=n(449);var o=n(339);var i=n(274).I;var a=n(680).H;function SourceMapGenerator(e){if(!e){e={}}this._file=o.getArg(e,"file",null);this._sourceRoot=o.getArg(e,"sourceRoot",null);this._skipValidation=o.getArg(e,"skipValidation",false);this._sources=new i;this._names=new i;this._mappings=new a;this._sourcesContents=null}SourceMapGenerator.prototype._version=3;SourceMapGenerator.fromSourceMap=function SourceMapGenerator_fromSourceMap(e){var r=e.sourceRoot;var n=new SourceMapGenerator({file:e.file,sourceRoot:r});e.eachMapping((function(e){var t={generated:{line:e.generatedLine,column:e.generatedColumn}};if(e.source!=null){t.source=e.source;if(r!=null){t.source=o.relative(r,t.source)}t.original={line:e.originalLine,column:e.originalColumn};if(e.name!=null){t.name=e.name}}n.addMapping(t)}));e.sources.forEach((function(t){var i=t;if(r!==null){i=o.relative(r,t)}if(!n._sources.has(i)){n._sources.add(i)}var a=e.sourceContentFor(t);if(a!=null){n.setSourceContent(t,a)}}));return n};SourceMapGenerator.prototype.addMapping=function SourceMapGenerator_addMapping(e){var r=o.getArg(e,"generated");var n=o.getArg(e,"original",null);var t=o.getArg(e,"source",null);var i=o.getArg(e,"name",null);if(!this._skipValidation){this._validateMapping(r,n,t,i)}if(t!=null){t=String(t);if(!this._sources.has(t)){this._sources.add(t)}}if(i!=null){i=String(i);if(!this._names.has(i)){this._names.add(i)}}this._mappings.add({generatedLine:r.line,generatedColumn:r.column,originalLine:n!=null&&n.line,originalColumn:n!=null&&n.column,source:t,name:i})};SourceMapGenerator.prototype.setSourceContent=function SourceMapGenerator_setSourceContent(e,r){var n=e;if(this._sourceRoot!=null){n=o.relative(this._sourceRoot,n)}if(r!=null){if(!this._sourcesContents){this._sourcesContents=Object.create(null)}this._sourcesContents[o.toSetString(n)]=r}else if(this._sourcesContents){delete this._sourcesContents[o.toSetString(n)];if(Object.keys(this._sourcesContents).length===0){this._sourcesContents=null}}};SourceMapGenerator.prototype.applySourceMap=function SourceMapGenerator_applySourceMap(e,r,n){var t=r;if(r==null){if(e.file==null){throw new Error("SourceMapGenerator.prototype.applySourceMap requires either an explicit source file, "+'or the source map\'s "file" property. Both were omitted.')}t=e.file}var a=this._sourceRoot;if(a!=null){t=o.relative(a,t)}var u=new i;var s=new i;this._mappings.unsortedForEach((function(r){if(r.source===t&&r.originalLine!=null){var i=e.originalPositionFor({line:r.originalLine,column:r.originalColumn});if(i.source!=null){r.source=i.source;if(n!=null){r.source=o.join(n,r.source)}if(a!=null){r.source=o.relative(a,r.source)}r.originalLine=i.line;r.originalColumn=i.column;if(i.name!=null){r.name=i.name}}}var l=r.source;if(l!=null&&!u.has(l)){u.add(l)}var c=r.name;if(c!=null&&!s.has(c)){s.add(c)}}),this);this._sources=u;this._names=s;e.sources.forEach((function(r){var t=e.sourceContentFor(r);if(t!=null){if(n!=null){r=o.join(n,r)}if(a!=null){r=o.relative(a,r)}this.setSourceContent(r,t)}}),this)};SourceMapGenerator.prototype._validateMapping=function SourceMapGenerator_validateMapping(e,r,n,t){if(r&&typeof r.line!=="number"&&typeof r.column!=="number"){throw new Error("original.line and original.column are not numbers -- you probably meant to omit "+"the original mapping entirely and only map the generated position. If so, pass "+"null for the original mapping instead of an object with empty or null values.")}if(e&&"line"in e&&"column"in e&&e.line>0&&e.column>=0&&!r&&!n&&!t){return}else if(e&&"line"in e&&"column"in e&&r&&"line"in r&&"column"in r&&e.line>0&&e.column>=0&&r.line>0&&r.column>=0&&n){return}else{throw new Error("Invalid mapping: "+JSON.stringify({generated:e,source:n,original:r,name:t}))}};SourceMapGenerator.prototype._serializeMappings=function SourceMapGenerator_serializeMappings(){var e=0;var r=1;var n=0;var i=0;var a=0;var u=0;var s="";var l;var c;var p;var f;var g=this._mappings.toArray();for(var h=0,d=g.length;h0){if(!o.compareByGeneratedPositionsInflated(c,g[h-1])){continue}l+=","}}l+=t.encode(c.generatedColumn-e);e=c.generatedColumn;if(c.source!=null){f=this._sources.indexOf(c.source);l+=t.encode(f-u);u=f;l+=t.encode(c.originalLine-1-i);i=c.originalLine-1;l+=t.encode(c.originalColumn-n);n=c.originalColumn;if(c.name!=null){p=this._names.indexOf(c.name);l+=t.encode(p-a);a=p}}s+=l}return s};SourceMapGenerator.prototype._generateSourcesContent=function SourceMapGenerator_generateSourcesContent(e,r){return e.map((function(e){if(!this._sourcesContents){return null}if(r!=null){e=o.relative(r,e)}var n=o.toSetString(e);return Object.prototype.hasOwnProperty.call(this._sourcesContents,n)?this._sourcesContents[n]:null}),this)};SourceMapGenerator.prototype.toJSON=function SourceMapGenerator_toJSON(){var e={version:this._version,sources:this._sources.toArray(),names:this._names.toArray(),mappings:this._serializeMappings()};if(this._file!=null){e.file=this._file}if(this._sourceRoot!=null){e.sourceRoot=this._sourceRoot}if(this._sourcesContents){e.sourcesContent=this._generateSourcesContent(e.sources,e.sourceRoot)}return e};SourceMapGenerator.prototype.toString=function SourceMapGenerator_toString(){return JSON.stringify(this.toJSON())};r.h=SourceMapGenerator},351:(e,r,n)=>{var t;var o=n(591).h;var i=n(339);var a=/(\r?\n)/;var u=10;var s="$$$isSourceNode$$$";function SourceNode(e,r,n,t,o){this.children=[];this.sourceContents={};this.line=e==null?null:e;this.column=r==null?null:r;this.source=n==null?null:n;this.name=o==null?null:o;this[s]=true;if(t!=null)this.add(t)}SourceNode.fromStringWithSourceMap=function SourceNode_fromStringWithSourceMap(e,r,n){var t=new SourceNode;var o=e.split(a);var u=0;var shiftNextLine=function(){var e=getNextLine();var r=getNextLine()||"";return e+r;function getNextLine(){return u=0;r--){this.prepend(e[r])}}else if(e[s]||typeof e==="string"){this.children.unshift(e)}else{throw new TypeError("Expected a SourceNode, string, or an array of SourceNodes and strings. Got "+e)}return this};SourceNode.prototype.walk=function SourceNode_walk(e){var r;for(var n=0,t=this.children.length;n0){r=[];for(n=0;n{function getArg(e,r,n){if(r in e){return e[r]}else if(arguments.length===3){return n}else{throw new Error('"'+r+'" is a required argument.')}}r.getArg=getArg;var n=/^(?:([\w+\-.]+):)?\/\/(?:(\w+:\w+)@)?([\w.-]*)(?::(\d+))?(.*)$/;var t=/^data:.+\,.+$/;function urlParse(e){var r=e.match(n);if(!r){return null}return{scheme:r[1],auth:r[2],host:r[3],port:r[4],path:r[5]}}r.urlParse=urlParse;function urlGenerate(e){var r="";if(e.scheme){r+=e.scheme+":"}r+="//";if(e.auth){r+=e.auth+"@"}if(e.host){r+=e.host}if(e.port){r+=":"+e.port}if(e.path){r+=e.path}return r}r.urlGenerate=urlGenerate;function normalize(e){var n=e;var t=urlParse(e);if(t){if(!t.path){return e}n=t.path}var o=r.isAbsolute(n);var i=n.split(/\/+/);for(var a,u=0,s=i.length-1;s>=0;s--){a=i[s];if(a==="."){i.splice(s,1)}else if(a===".."){u++}else if(u>0){if(a===""){i.splice(s+1,u);u=0}else{i.splice(s,2);u--}}}n=i.join("/");if(n===""){n=o?"/":"."}if(t){t.path=n;return urlGenerate(t)}return n}r.normalize=normalize;function join(e,r){if(e===""){e="."}if(r===""){r="."}var n=urlParse(r);var o=urlParse(e);if(o){e=o.path||"/"}if(n&&!n.scheme){if(o){n.scheme=o.scheme}return urlGenerate(n)}if(n||r.match(t)){return r}if(o&&!o.host&&!o.path){o.host=r;return urlGenerate(o)}var i=r.charAt(0)==="/"?r:normalize(e.replace(/\/+$/,"")+"/"+r);if(o){o.path=i;return urlGenerate(o)}return i}r.join=join;r.isAbsolute=function(e){return e.charAt(0)==="/"||n.test(e)};function relative(e,r){if(e===""){e="."}e=e.replace(/\/$/,"");var n=0;while(r.indexOf(e+"/")!==0){var t=e.lastIndexOf("/");if(t<0){return r}e=e.slice(0,t);if(e.match(/^([^\/]+:\/)?\/*$/)){return r}++n}return Array(n+1).join("../")+r.substr(e.length+1)}r.relative=relative;var o=function(){var e=Object.create(null);return!("__proto__"in e)}();function identity(e){return e}function toSetString(e){if(isProtoString(e)){return"$"+e}return e}r.toSetString=o?identity:toSetString;function fromSetString(e){if(isProtoString(e)){return e.slice(1)}return e}r.fromSetString=o?identity:fromSetString;function isProtoString(e){if(!e){return false}var r=e.length;if(r<9){return false}if(e.charCodeAt(r-1)!==95||e.charCodeAt(r-2)!==95||e.charCodeAt(r-3)!==111||e.charCodeAt(r-4)!==116||e.charCodeAt(r-5)!==111||e.charCodeAt(r-6)!==114||e.charCodeAt(r-7)!==112||e.charCodeAt(r-8)!==95||e.charCodeAt(r-9)!==95){return false}for(var n=r-10;n>=0;n--){if(e.charCodeAt(n)!==36){return false}}return true}function compareByOriginalPositions(e,r,n){var t=strcmp(e.source,r.source);if(t!==0){return t}t=e.originalLine-r.originalLine;if(t!==0){return t}t=e.originalColumn-r.originalColumn;if(t!==0||n){return t}t=e.generatedColumn-r.generatedColumn;if(t!==0){return t}t=e.generatedLine-r.generatedLine;if(t!==0){return t}return strcmp(e.name,r.name)}r.compareByOriginalPositions=compareByOriginalPositions;function compareByGeneratedPositionsDeflated(e,r,n){var t=e.generatedLine-r.generatedLine;if(t!==0){return t}t=e.generatedColumn-r.generatedColumn;if(t!==0||n){return t}t=strcmp(e.source,r.source);if(t!==0){return t}t=e.originalLine-r.originalLine;if(t!==0){return t}t=e.originalColumn-r.originalColumn;if(t!==0){return t}return strcmp(e.name,r.name)}r.compareByGeneratedPositionsDeflated=compareByGeneratedPositionsDeflated;function strcmp(e,r){if(e===r){return 0}if(e===null){return 1}if(r===null){return-1}if(e>r){return 1}return-1}function compareByGeneratedPositionsInflated(e,r){var n=e.generatedLine-r.generatedLine;if(n!==0){return n}n=e.generatedColumn-r.generatedColumn;if(n!==0){return n}n=strcmp(e.source,r.source);if(n!==0){return n}n=e.originalLine-r.originalLine;if(n!==0){return n}n=e.originalColumn-r.originalColumn;if(n!==0){return n}return strcmp(e.name,r.name)}r.compareByGeneratedPositionsInflated=compareByGeneratedPositionsInflated;function parseSourceMapInput(e){return JSON.parse(e.replace(/^\)]}'[^\n]*\n/,""))}r.parseSourceMapInput=parseSourceMapInput;function computeSourceURL(e,r,n){r=r||"";if(e){if(e[e.length-1]!=="/"&&r[0]!=="/"){e+="/"}r=e+r}if(n){var t=urlParse(n);if(!t){throw new Error("sourceMapURL could not be parsed")}if(t.path){var o=t.path.lastIndexOf("/");if(o>=0){t.path=t.path.substring(0,o+1)}}r=join(urlGenerate(t),r)}return normalize(r)}r.computeSourceURL=computeSourceURL},997:(e,r,n)=>{n(591).h;r.SourceMapConsumer=n(952).SourceMapConsumer;n(351)},284:(e,r,n)=>{e=n.nmd(e);var t=n(997).SourceMapConsumer;var o=n(17);var i;try{i=n(147);if(!i.existsSync||!i.readFileSync){i=null}}catch(e){}var a=n(650);function dynamicRequire(e,r){return e.require(r)}var u=false;var s=false;var l=false;var c="auto";var p={};var f={};var g=/^data:application\/json[^,]+base64,/;var h=[];var d=[];function isInBrowser(){if(c==="browser")return true;if(c==="node")return false;return typeof window!=="undefined"&&typeof XMLHttpRequest==="function"&&!(window.require&&window.module&&window.process&&window.process.type==="renderer")}function hasGlobalProcessEventEmitter(){return typeof process==="object"&&process!==null&&typeof process.on==="function"}function globalProcessVersion(){if(typeof process==="object"&&process!==null){return process.version}else{return""}}function globalProcessStderr(){if(typeof process==="object"&&process!==null){return process.stderr}}function globalProcessExit(e){if(typeof process==="object"&&process!==null&&typeof process.exit==="function"){return process.exit(e)}}function handlerExec(e){return function(r){for(var n=0;n"}var n=this.getLineNumber();if(n!=null){r+=":"+n;var t=this.getColumnNumber();if(t){r+=":"+t}}}var o="";var i=this.getFunctionName();var a=true;var u=this.isConstructor();var s=!(this.isToplevel()||u);if(s){var l=this.getTypeName();if(l==="[object Object]"){l="null"}var c=this.getMethodName();if(i){if(l&&i.indexOf(l)!=0){o+=l+"."}o+=i;if(c&&i.indexOf("."+c)!=i.length-c.length-1){o+=" [as "+c+"]"}}else{o+=l+"."+(c||"")}}else if(u){o+="new "+(i||"")}else if(i){o+=i}else{o+=r;a=false}if(a){o+=" ("+r+")"}return o}function cloneCallSite(e){var r={};Object.getOwnPropertyNames(Object.getPrototypeOf(e)).forEach((function(n){r[n]=/^(?:is|get)/.test(n)?function(){return e[n].call(e)}:e[n]}));r.toString=CallSiteToString;return r}function wrapCallSite(e,r){if(r===undefined){r={nextPosition:null,curPosition:null}}if(e.isNative()){r.curPosition=null;return e}var n=e.getFileName()||e.getScriptNameOrSourceURL();if(n){var t=e.getLineNumber();var o=e.getColumnNumber()-1;var i=/^v(10\.1[6-9]|10\.[2-9][0-9]|10\.[0-9]{3,}|1[2-9]\d*|[2-9]\d|\d{3,}|11\.11)/;var a=i.test(globalProcessVersion())?0:62;if(t===1&&o>a&&!isInBrowser()&&!e.isEval()){o-=a}var u=mapSourcePosition({source:n,line:t,column:o});r.curPosition=u;e=cloneCallSite(e);var s=e.getFunctionName;e.getFunctionName=function(){if(r.nextPosition==null){return s()}return r.nextPosition.name||s()};e.getFileName=function(){return u.source};e.getLineNumber=function(){return u.line};e.getColumnNumber=function(){return u.column+1};e.getScriptNameOrSourceURL=function(){return u.source};return e}var l=e.isEval()&&e.getEvalOrigin();if(l){l=mapEvalOrigin(l);e=cloneCallSite(e);e.getEvalOrigin=function(){return l};return e}return e}function prepareStackTrace(e,r){if(l){p={};f={}}var n=e.name||"Error";var t=e.message||"";var o=n+": "+t;var i={nextPosition:null,curPosition:null};var a=[];for(var u=r.length-1;u>=0;u--){a.push("\n at "+wrapCallSite(r[u],i));i.nextPosition=i.curPosition}i.curPosition=i.nextPosition=null;return o+a.reverse().join("")}function getErrorSource(e){var r=/\n at [^(]+ \((.*):(\d+):(\d+)\)/.exec(e.stack);if(r){var n=r[1];var t=+r[2];var o=+r[3];var a=p[n];if(!a&&i&&i.existsSync(n)){try{a=i.readFileSync(n,"utf8")}catch(e){a=""}}if(a){var u=a.split(/(?:\r\n|\r|\n)/)[t-1];if(u){return n+":"+t+"\n"+u+"\n"+new Array(o).join(" ")+"^"}}}return null}function printErrorAndExit(e){var r=getErrorSource(e);var n=globalProcessStderr();if(n&&n._handle&&n._handle.setBlocking){n._handle.setBlocking(true)}if(r){console.error();console.error(r)}console.error(e.stack);globalProcessExit(1)}function shimEmitUncaughtException(){var e=process.emit;process.emit=function(r){if(r==="uncaughtException"){var n=arguments[1]&&arguments[1].stack;var t=this.listeners(r).length>0;if(n&&!t){return printErrorAndExit(arguments[1])}}return e.apply(this,arguments)}}var S=h.slice(0);var _=d.slice(0);r.wrapCallSite=wrapCallSite;r.getErrorSource=getErrorSource;r.mapSourcePosition=mapSourcePosition;r.retrieveSourceMap=v;r.install=function(r){r=r||{};if(r.environment){c=r.environment;if(["node","browser","auto"].indexOf(c)===-1){throw new Error("environment "+c+" was unknown. Available options are {auto, browser, node}")}}if(r.retrieveFile){if(r.overrideRetrieveFile){h.length=0}h.unshift(r.retrieveFile)}if(r.retrieveSourceMap){if(r.overrideRetrieveSourceMap){d.length=0}d.unshift(r.retrieveSourceMap)}if(r.hookRequire&&!isInBrowser()){var n=dynamicRequire(e,"module");var t=n.prototype._compile;if(!t.__sourceMapSupport){n.prototype._compile=function(e,r){p[r]=e;f[r]=undefined;return t.call(this,e,r)};n.prototype._compile.__sourceMapSupport=true}}if(!l){l="emptyCacheBetweenOperations"in r?r.emptyCacheBetweenOperations:false}if(!u){u=true;Error.prepareStackTrace=prepareStackTrace}if(!s){var o="handleUncaughtExceptions"in r?r.handleUncaughtExceptions:true;try{var i=dynamicRequire(e,"worker_threads");if(i.isMainThread===false){o=false}}catch(e){}if(o&&hasGlobalProcessEventEmitter()){s=true;shimEmitUncaughtException()}}};r.resetRetrieveHandlers=function(){h.length=0;d.length=0;h=S.slice(0);d=_.slice(0);v=handlerExec(d);m=handlerExec(h)}},147:e=>{"use strict";e.exports=require("fs")},17:e=>{"use strict";e.exports=require("path")}};var r={};function __webpack_require__(n){var t=r[n];if(t!==undefined){return t.exports}var o=r[n]={id:n,loaded:false,exports:{}};var i=true;try{e[n](o,o.exports,__webpack_require__);i=false}finally{if(i)delete r[n]}o.loaded=true;return o.exports}(()=>{__webpack_require__.nmd=e=>{e.paths=[];if(!e.children)e.children=[];return e}})();if(typeof __webpack_require__!=="undefined")__webpack_require__.ab=__dirname+"/";var n={};(()=>{__webpack_require__(284).install()})();module.exports=n})(); \ No newline at end of file +(()=>{var e={296:e=>{var r=Object.prototype.toString;var n=typeof Buffer!=="undefined"&&typeof Buffer.alloc==="function"&&typeof Buffer.allocUnsafe==="function"&&typeof Buffer.from==="function";function isArrayBuffer(e){return r.call(e).slice(8,-1)==="ArrayBuffer"}function fromArrayBuffer(e,r,t){r>>>=0;var o=e.byteLength-r;if(o<0){throw new RangeError("'offset' is out of bounds")}if(t===undefined){t=o}else{t>>>=0;if(t>o){throw new RangeError("'length' is out of bounds")}}return n?Buffer.from(e.slice(r,r+t)):new Buffer(new Uint8Array(e.slice(r,r+t)))}function fromString(e,r){if(typeof r!=="string"||r===""){r="utf8"}if(!Buffer.isEncoding(r)){throw new TypeError('"encoding" must be a valid string encoding')}return n?Buffer.from(e,r):new Buffer(e,r)}function bufferFrom(e,r,t){if(typeof e==="number"){throw new TypeError('"value" argument must not be a number')}if(isArrayBuffer(e)){return fromArrayBuffer(e,r,t)}if(typeof e==="string"){return fromString(e,r)}return n?Buffer.from(e):new Buffer(e)}e.exports=bufferFrom},599:(e,r,n)=>{e=n.nmd(e);var t=n(927).SourceMapConsumer;var o=n(928);var i;try{i=n(896);if(!i.existsSync||!i.readFileSync){i=null}}catch(e){}var a=n(296);function dynamicRequire(e,r){return e.require(r)}var u=false;var s=false;var l=false;var c="auto";var p={};var f={};var g=/^data:application\/json[^,]+base64,/;var d=[];var h=[];function isInBrowser(){if(c==="browser")return true;if(c==="node")return false;return typeof window!=="undefined"&&typeof XMLHttpRequest==="function"&&!(window.require&&window.module&&window.process&&window.process.type==="renderer")}function hasGlobalProcessEventEmitter(){return typeof process==="object"&&process!==null&&typeof process.on==="function"}function globalProcessVersion(){if(typeof process==="object"&&process!==null){return process.version}else{return""}}function globalProcessStderr(){if(typeof process==="object"&&process!==null){return process.stderr}}function globalProcessExit(e){if(typeof process==="object"&&process!==null&&typeof process.exit==="function"){return process.exit(e)}}function handlerExec(e){return function(r){for(var n=0;n"}var n=this.getLineNumber();if(n!=null){r+=":"+n;var t=this.getColumnNumber();if(t){r+=":"+t}}}var o="";var i=this.getFunctionName();var a=true;var u=this.isConstructor();var s=!(this.isToplevel()||u);if(s){var l=this.getTypeName();if(l==="[object Object]"){l="null"}var c=this.getMethodName();if(i){if(l&&i.indexOf(l)!=0){o+=l+"."}o+=i;if(c&&i.indexOf("."+c)!=i.length-c.length-1){o+=" [as "+c+"]"}}else{o+=l+"."+(c||"")}}else if(u){o+="new "+(i||"")}else if(i){o+=i}else{o+=r;a=false}if(a){o+=" ("+r+")"}return o}function cloneCallSite(e){var r={};Object.getOwnPropertyNames(Object.getPrototypeOf(e)).forEach((function(n){r[n]=/^(?:is|get)/.test(n)?function(){return e[n].call(e)}:e[n]}));r.toString=CallSiteToString;return r}function wrapCallSite(e,r){if(r===undefined){r={nextPosition:null,curPosition:null}}if(e.isNative()){r.curPosition=null;return e}var n=e.getFileName()||e.getScriptNameOrSourceURL();if(n){var t=e.getLineNumber();var o=e.getColumnNumber()-1;var i=/^v(10\.1[6-9]|10\.[2-9][0-9]|10\.[0-9]{3,}|1[2-9]\d*|[2-9]\d|\d{3,}|11\.11)/;var a=i.test(globalProcessVersion())?0:62;if(t===1&&o>a&&!isInBrowser()&&!e.isEval()){o-=a}var u=mapSourcePosition({source:n,line:t,column:o});r.curPosition=u;e=cloneCallSite(e);var s=e.getFunctionName;e.getFunctionName=function(){if(r.nextPosition==null){return s()}return r.nextPosition.name||s()};e.getFileName=function(){return u.source};e.getLineNumber=function(){return u.line};e.getColumnNumber=function(){return u.column+1};e.getScriptNameOrSourceURL=function(){return u.source};return e}var l=e.isEval()&&e.getEvalOrigin();if(l){l=mapEvalOrigin(l);e=cloneCallSite(e);e.getEvalOrigin=function(){return l};return e}return e}function prepareStackTrace(e,r){if(l){p={};f={}}var n=e.name||"Error";var t=e.message||"";var o=n+": "+t;var i={nextPosition:null,curPosition:null};var a=[];for(var u=r.length-1;u>=0;u--){a.push("\n at "+wrapCallSite(r[u],i));i.nextPosition=i.curPosition}i.curPosition=i.nextPosition=null;return o+a.reverse().join("")}function getErrorSource(e){var r=/\n at [^(]+ \((.*):(\d+):(\d+)\)/.exec(e.stack);if(r){var n=r[1];var t=+r[2];var o=+r[3];var a=p[n];if(!a&&i&&i.existsSync(n)){try{a=i.readFileSync(n,"utf8")}catch(e){a=""}}if(a){var u=a.split(/(?:\r\n|\r|\n)/)[t-1];if(u){return n+":"+t+"\n"+u+"\n"+new Array(o).join(" ")+"^"}}}return null}function printErrorAndExit(e){var r=getErrorSource(e);var n=globalProcessStderr();if(n&&n._handle&&n._handle.setBlocking){n._handle.setBlocking(true)}if(r){console.error();console.error(r)}console.error(e.stack);globalProcessExit(1)}function shimEmitUncaughtException(){var e=process.emit;process.emit=function(r){if(r==="uncaughtException"){var n=arguments[1]&&arguments[1].stack;var t=this.listeners(r).length>0;if(n&&!t){return printErrorAndExit(arguments[1])}}return e.apply(this,arguments)}}var S=d.slice(0);var _=h.slice(0);r.wrapCallSite=wrapCallSite;r.getErrorSource=getErrorSource;r.mapSourcePosition=mapSourcePosition;r.retrieveSourceMap=v;r.install=function(r){r=r||{};if(r.environment){c=r.environment;if(["node","browser","auto"].indexOf(c)===-1){throw new Error("environment "+c+" was unknown. Available options are {auto, browser, node}")}}if(r.retrieveFile){if(r.overrideRetrieveFile){d.length=0}d.unshift(r.retrieveFile)}if(r.retrieveSourceMap){if(r.overrideRetrieveSourceMap){h.length=0}h.unshift(r.retrieveSourceMap)}if(r.hookRequire&&!isInBrowser()){var n=dynamicRequire(e,"module");var t=n.prototype._compile;if(!t.__sourceMapSupport){n.prototype._compile=function(e,r){p[r]=e;f[r]=undefined;return t.call(this,e,r)};n.prototype._compile.__sourceMapSupport=true}}if(!l){l="emptyCacheBetweenOperations"in r?r.emptyCacheBetweenOperations:false}if(!u){u=true;Error.prepareStackTrace=prepareStackTrace}if(!s){var o="handleUncaughtExceptions"in r?r.handleUncaughtExceptions:true;try{var i=dynamicRequire(e,"worker_threads");if(i.isMainThread===false){o=false}}catch(e){}if(o&&hasGlobalProcessEventEmitter()){s=true;shimEmitUncaughtException()}}};r.resetRetrieveHandlers=function(){d.length=0;h.length=0;d=S.slice(0);h=_.slice(0);v=handlerExec(h);m=handlerExec(d)}},517:(e,r,n)=>{var t=n(297);var o=Object.prototype.hasOwnProperty;var i=typeof Map!=="undefined";function ArraySet(){this._array=[];this._set=i?new Map:Object.create(null)}ArraySet.fromArray=function ArraySet_fromArray(e,r){var n=new ArraySet;for(var t=0,o=e.length;t=0){return r}}else{var n=t.toSetString(e);if(o.call(this._set,n)){return this._set[n]}}throw new Error('"'+e+'" is not in the set.')};ArraySet.prototype.at=function ArraySet_at(e){if(e>=0&&e{var t=n(158);var o=5;var i=1<>1;return r?-n:n}r.encode=function base64VLQ_encode(e){var r="";var n;var i=toVLQSigned(e);do{n=i&a;i>>>=o;if(i>0){n|=u}r+=t.encode(n)}while(i>0);return r};r.decode=function base64VLQ_decode(e,r,n){var i=e.length;var s=0;var l=0;var c,p;do{if(r>=i){throw new Error("Expected more digits in base 64 VLQ value.")}p=t.decode(e.charCodeAt(r++));if(p===-1){throw new Error("Invalid base64 digit: "+e.charAt(r-1))}c=!!(p&u);p&=a;s=s+(p<{var n="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".split("");r.encode=function(e){if(0<=e&&e{r.GREATEST_LOWER_BOUND=1;r.LEAST_UPPER_BOUND=2;function recursiveSearch(e,n,t,o,i,a){var u=Math.floor((n-e)/2)+e;var s=i(t,o[u],true);if(s===0){return u}else if(s>0){if(n-u>1){return recursiveSearch(u,n,t,o,i,a)}if(a==r.LEAST_UPPER_BOUND){return n1){return recursiveSearch(e,u,t,o,i,a)}if(a==r.LEAST_UPPER_BOUND){return u}else{return e<0?-1:e}}}r.search=function search(e,n,t,o){if(n.length===0){return-1}var i=recursiveSearch(-1,n.length,e,n,t,o||r.GREATEST_LOWER_BOUND);if(i<0){return-1}while(i-1>=0){if(t(n[i],n[i-1],true)!==0){break}--i}return i}},24:(e,r,n)=>{var t=n(297);function generatedPositionAfter(e,r){var n=e.generatedLine;var o=r.generatedLine;var i=e.generatedColumn;var a=r.generatedColumn;return o>n||o==n&&a>=i||t.compareByGeneratedPositionsInflated(e,r)<=0}function MappingList(){this._array=[];this._sorted=true;this._last={generatedLine:-1,generatedColumn:0}}MappingList.prototype.unsortedForEach=function MappingList_forEach(e,r){this._array.forEach(e,r)};MappingList.prototype.add=function MappingList_add(e){if(generatedPositionAfter(this._last,e)){this._last=e;this._array.push(e)}else{this._sorted=false;this._array.push(e)}};MappingList.prototype.toArray=function MappingList_toArray(){if(!this._sorted){this._array.sort(t.compareByGeneratedPositionsInflated);this._sorted=true}return this._array};r.P=MappingList},299:(e,r)=>{function swap(e,r,n){var t=e[r];e[r]=e[n];e[n]=t}function randomIntInRange(e,r){return Math.round(e+Math.random()*(r-e))}function doQuickSort(e,r,n,t){if(n{var t;var o=n(297);var i=n(197);var a=n(517).C;var u=n(818);var s=n(299).g;function SourceMapConsumer(e,r){var n=e;if(typeof e==="string"){n=o.parseSourceMapInput(e)}return n.sections!=null?new IndexedSourceMapConsumer(n,r):new BasicSourceMapConsumer(n,r)}SourceMapConsumer.fromSourceMap=function(e,r){return BasicSourceMapConsumer.fromSourceMap(e,r)};SourceMapConsumer.prototype._version=3;SourceMapConsumer.prototype.__generatedMappings=null;Object.defineProperty(SourceMapConsumer.prototype,"_generatedMappings",{configurable:true,enumerable:true,get:function(){if(!this.__generatedMappings){this._parseMappings(this._mappings,this.sourceRoot)}return this.__generatedMappings}});SourceMapConsumer.prototype.__originalMappings=null;Object.defineProperty(SourceMapConsumer.prototype,"_originalMappings",{configurable:true,enumerable:true,get:function(){if(!this.__originalMappings){this._parseMappings(this._mappings,this.sourceRoot)}return this.__originalMappings}});SourceMapConsumer.prototype._charIsMappingSeparator=function SourceMapConsumer_charIsMappingSeparator(e,r){var n=e.charAt(r);return n===";"||n===","};SourceMapConsumer.prototype._parseMappings=function SourceMapConsumer_parseMappings(e,r){throw new Error("Subclasses must implement _parseMappings")};SourceMapConsumer.GENERATED_ORDER=1;SourceMapConsumer.ORIGINAL_ORDER=2;SourceMapConsumer.GREATEST_LOWER_BOUND=1;SourceMapConsumer.LEAST_UPPER_BOUND=2;SourceMapConsumer.prototype.eachMapping=function SourceMapConsumer_eachMapping(e,r,n){var t=r||null;var i=n||SourceMapConsumer.GENERATED_ORDER;var a;switch(i){case SourceMapConsumer.GENERATED_ORDER:a=this._generatedMappings;break;case SourceMapConsumer.ORIGINAL_ORDER:a=this._originalMappings;break;default:throw new Error("Unknown order of iteration.")}var u=this.sourceRoot;a.map((function(e){var r=e.source===null?null:this._sources.at(e.source);r=o.computeSourceURL(u,r,this._sourceMapURL);return{source:r,generatedLine:e.generatedLine,generatedColumn:e.generatedColumn,originalLine:e.originalLine,originalColumn:e.originalColumn,name:e.name===null?null:this._names.at(e.name)}}),this).forEach(e,t)};SourceMapConsumer.prototype.allGeneratedPositionsFor=function SourceMapConsumer_allGeneratedPositionsFor(e){var r=o.getArg(e,"line");var n={source:o.getArg(e,"source"),originalLine:r,originalColumn:o.getArg(e,"column",0)};n.source=this._findSourceIndex(n.source);if(n.source<0){return[]}var t=[];var a=this._findMapping(n,this._originalMappings,"originalLine","originalColumn",o.compareByOriginalPositions,i.LEAST_UPPER_BOUND);if(a>=0){var u=this._originalMappings[a];if(e.column===undefined){var s=u.originalLine;while(u&&u.originalLine===s){t.push({line:o.getArg(u,"generatedLine",null),column:o.getArg(u,"generatedColumn",null),lastColumn:o.getArg(u,"lastGeneratedColumn",null)});u=this._originalMappings[++a]}}else{var l=u.originalColumn;while(u&&u.originalLine===r&&u.originalColumn==l){t.push({line:o.getArg(u,"generatedLine",null),column:o.getArg(u,"generatedColumn",null),lastColumn:o.getArg(u,"lastGeneratedColumn",null)});u=this._originalMappings[++a]}}}return t};r.SourceMapConsumer=SourceMapConsumer;function BasicSourceMapConsumer(e,r){var n=e;if(typeof e==="string"){n=o.parseSourceMapInput(e)}var t=o.getArg(n,"version");var i=o.getArg(n,"sources");var u=o.getArg(n,"names",[]);var s=o.getArg(n,"sourceRoot",null);var l=o.getArg(n,"sourcesContent",null);var c=o.getArg(n,"mappings");var p=o.getArg(n,"file",null);if(t!=this._version){throw new Error("Unsupported version: "+t)}if(s){s=o.normalize(s)}i=i.map(String).map(o.normalize).map((function(e){return s&&o.isAbsolute(s)&&o.isAbsolute(e)?o.relative(s,e):e}));this._names=a.fromArray(u.map(String),true);this._sources=a.fromArray(i,true);this._absoluteSources=this._sources.toArray().map((function(e){return o.computeSourceURL(s,e,r)}));this.sourceRoot=s;this.sourcesContent=l;this._mappings=c;this._sourceMapURL=r;this.file=p}BasicSourceMapConsumer.prototype=Object.create(SourceMapConsumer.prototype);BasicSourceMapConsumer.prototype.consumer=SourceMapConsumer;BasicSourceMapConsumer.prototype._findSourceIndex=function(e){var r=e;if(this.sourceRoot!=null){r=o.relative(this.sourceRoot,r)}if(this._sources.has(r)){return this._sources.indexOf(r)}var n;for(n=0;n1){v.source=l+_[1];l+=_[1];v.originalLine=i+_[2];i=v.originalLine;v.originalLine+=1;v.originalColumn=a+_[3];a=v.originalColumn;if(_.length>4){v.name=c+_[4];c+=_[4]}}m.push(v);if(typeof v.originalLine==="number"){h.push(v)}}}s(m,o.compareByGeneratedPositionsDeflated);this.__generatedMappings=m;s(h,o.compareByOriginalPositions);this.__originalMappings=h};BasicSourceMapConsumer.prototype._findMapping=function SourceMapConsumer_findMapping(e,r,n,t,o,a){if(e[n]<=0){throw new TypeError("Line must be greater than or equal to 1, got "+e[n])}if(e[t]<0){throw new TypeError("Column must be greater than or equal to 0, got "+e[t])}return i.search(e,r,o,a)};BasicSourceMapConsumer.prototype.computeColumnSpans=function SourceMapConsumer_computeColumnSpans(){for(var e=0;e=0){var t=this._generatedMappings[n];if(t.generatedLine===r.generatedLine){var i=o.getArg(t,"source",null);if(i!==null){i=this._sources.at(i);i=o.computeSourceURL(this.sourceRoot,i,this._sourceMapURL)}var a=o.getArg(t,"name",null);if(a!==null){a=this._names.at(a)}return{source:i,line:o.getArg(t,"originalLine",null),column:o.getArg(t,"originalColumn",null),name:a}}}return{source:null,line:null,column:null,name:null}};BasicSourceMapConsumer.prototype.hasContentsOfAllSources=function BasicSourceMapConsumer_hasContentsOfAllSources(){if(!this.sourcesContent){return false}return this.sourcesContent.length>=this._sources.size()&&!this.sourcesContent.some((function(e){return e==null}))};BasicSourceMapConsumer.prototype.sourceContentFor=function SourceMapConsumer_sourceContentFor(e,r){if(!this.sourcesContent){return null}var n=this._findSourceIndex(e);if(n>=0){return this.sourcesContent[n]}var t=e;if(this.sourceRoot!=null){t=o.relative(this.sourceRoot,t)}var i;if(this.sourceRoot!=null&&(i=o.urlParse(this.sourceRoot))){var a=t.replace(/^file:\/\//,"");if(i.scheme=="file"&&this._sources.has(a)){return this.sourcesContent[this._sources.indexOf(a)]}if((!i.path||i.path=="/")&&this._sources.has("/"+t)){return this.sourcesContent[this._sources.indexOf("/"+t)]}}if(r){return null}else{throw new Error('"'+t+'" is not in the SourceMap.')}};BasicSourceMapConsumer.prototype.generatedPositionFor=function SourceMapConsumer_generatedPositionFor(e){var r=o.getArg(e,"source");r=this._findSourceIndex(r);if(r<0){return{line:null,column:null,lastColumn:null}}var n={source:r,originalLine:o.getArg(e,"line"),originalColumn:o.getArg(e,"column")};var t=this._findMapping(n,this._originalMappings,"originalLine","originalColumn",o.compareByOriginalPositions,o.getArg(e,"bias",SourceMapConsumer.GREATEST_LOWER_BOUND));if(t>=0){var i=this._originalMappings[t];if(i.source===n.source){return{line:o.getArg(i,"generatedLine",null),column:o.getArg(i,"generatedColumn",null),lastColumn:o.getArg(i,"lastGeneratedColumn",null)}}}return{line:null,column:null,lastColumn:null}};t=BasicSourceMapConsumer;function IndexedSourceMapConsumer(e,r){var n=e;if(typeof e==="string"){n=o.parseSourceMapInput(e)}var t=o.getArg(n,"version");var i=o.getArg(n,"sections");if(t!=this._version){throw new Error("Unsupported version: "+t)}this._sources=new a;this._names=new a;var u={line:-1,column:0};this._sections=i.map((function(e){if(e.url){throw new Error("Support for url field in sections not implemented.")}var n=o.getArg(e,"offset");var t=o.getArg(n,"line");var i=o.getArg(n,"column");if(t{var t=n(818);var o=n(297);var i=n(517).C;var a=n(24).P;function SourceMapGenerator(e){if(!e){e={}}this._file=o.getArg(e,"file",null);this._sourceRoot=o.getArg(e,"sourceRoot",null);this._skipValidation=o.getArg(e,"skipValidation",false);this._sources=new i;this._names=new i;this._mappings=new a;this._sourcesContents=null}SourceMapGenerator.prototype._version=3;SourceMapGenerator.fromSourceMap=function SourceMapGenerator_fromSourceMap(e){var r=e.sourceRoot;var n=new SourceMapGenerator({file:e.file,sourceRoot:r});e.eachMapping((function(e){var t={generated:{line:e.generatedLine,column:e.generatedColumn}};if(e.source!=null){t.source=e.source;if(r!=null){t.source=o.relative(r,t.source)}t.original={line:e.originalLine,column:e.originalColumn};if(e.name!=null){t.name=e.name}}n.addMapping(t)}));e.sources.forEach((function(t){var i=t;if(r!==null){i=o.relative(r,t)}if(!n._sources.has(i)){n._sources.add(i)}var a=e.sourceContentFor(t);if(a!=null){n.setSourceContent(t,a)}}));return n};SourceMapGenerator.prototype.addMapping=function SourceMapGenerator_addMapping(e){var r=o.getArg(e,"generated");var n=o.getArg(e,"original",null);var t=o.getArg(e,"source",null);var i=o.getArg(e,"name",null);if(!this._skipValidation){this._validateMapping(r,n,t,i)}if(t!=null){t=String(t);if(!this._sources.has(t)){this._sources.add(t)}}if(i!=null){i=String(i);if(!this._names.has(i)){this._names.add(i)}}this._mappings.add({generatedLine:r.line,generatedColumn:r.column,originalLine:n!=null&&n.line,originalColumn:n!=null&&n.column,source:t,name:i})};SourceMapGenerator.prototype.setSourceContent=function SourceMapGenerator_setSourceContent(e,r){var n=e;if(this._sourceRoot!=null){n=o.relative(this._sourceRoot,n)}if(r!=null){if(!this._sourcesContents){this._sourcesContents=Object.create(null)}this._sourcesContents[o.toSetString(n)]=r}else if(this._sourcesContents){delete this._sourcesContents[o.toSetString(n)];if(Object.keys(this._sourcesContents).length===0){this._sourcesContents=null}}};SourceMapGenerator.prototype.applySourceMap=function SourceMapGenerator_applySourceMap(e,r,n){var t=r;if(r==null){if(e.file==null){throw new Error("SourceMapGenerator.prototype.applySourceMap requires either an explicit source file, "+'or the source map\'s "file" property. Both were omitted.')}t=e.file}var a=this._sourceRoot;if(a!=null){t=o.relative(a,t)}var u=new i;var s=new i;this._mappings.unsortedForEach((function(r){if(r.source===t&&r.originalLine!=null){var i=e.originalPositionFor({line:r.originalLine,column:r.originalColumn});if(i.source!=null){r.source=i.source;if(n!=null){r.source=o.join(n,r.source)}if(a!=null){r.source=o.relative(a,r.source)}r.originalLine=i.line;r.originalColumn=i.column;if(i.name!=null){r.name=i.name}}}var l=r.source;if(l!=null&&!u.has(l)){u.add(l)}var c=r.name;if(c!=null&&!s.has(c)){s.add(c)}}),this);this._sources=u;this._names=s;e.sources.forEach((function(r){var t=e.sourceContentFor(r);if(t!=null){if(n!=null){r=o.join(n,r)}if(a!=null){r=o.relative(a,r)}this.setSourceContent(r,t)}}),this)};SourceMapGenerator.prototype._validateMapping=function SourceMapGenerator_validateMapping(e,r,n,t){if(r&&typeof r.line!=="number"&&typeof r.column!=="number"){throw new Error("original.line and original.column are not numbers -- you probably meant to omit "+"the original mapping entirely and only map the generated position. If so, pass "+"null for the original mapping instead of an object with empty or null values.")}if(e&&"line"in e&&"column"in e&&e.line>0&&e.column>=0&&!r&&!n&&!t){return}else if(e&&"line"in e&&"column"in e&&r&&"line"in r&&"column"in r&&e.line>0&&e.column>=0&&r.line>0&&r.column>=0&&n){return}else{throw new Error("Invalid mapping: "+JSON.stringify({generated:e,source:n,original:r,name:t}))}};SourceMapGenerator.prototype._serializeMappings=function SourceMapGenerator_serializeMappings(){var e=0;var r=1;var n=0;var i=0;var a=0;var u=0;var s="";var l;var c;var p;var f;var g=this._mappings.toArray();for(var d=0,h=g.length;d0){if(!o.compareByGeneratedPositionsInflated(c,g[d-1])){continue}l+=","}}l+=t.encode(c.generatedColumn-e);e=c.generatedColumn;if(c.source!=null){f=this._sources.indexOf(c.source);l+=t.encode(f-u);u=f;l+=t.encode(c.originalLine-1-i);i=c.originalLine-1;l+=t.encode(c.originalColumn-n);n=c.originalColumn;if(c.name!=null){p=this._names.indexOf(c.name);l+=t.encode(p-a);a=p}}s+=l}return s};SourceMapGenerator.prototype._generateSourcesContent=function SourceMapGenerator_generateSourcesContent(e,r){return e.map((function(e){if(!this._sourcesContents){return null}if(r!=null){e=o.relative(r,e)}var n=o.toSetString(e);return Object.prototype.hasOwnProperty.call(this._sourcesContents,n)?this._sourcesContents[n]:null}),this)};SourceMapGenerator.prototype.toJSON=function SourceMapGenerator_toJSON(){var e={version:this._version,sources:this._sources.toArray(),names:this._names.toArray(),mappings:this._serializeMappings()};if(this._file!=null){e.file=this._file}if(this._sourceRoot!=null){e.sourceRoot=this._sourceRoot}if(this._sourcesContents){e.sourcesContent=this._generateSourcesContent(e.sources,e.sourceRoot)}return e};SourceMapGenerator.prototype.toString=function SourceMapGenerator_toString(){return JSON.stringify(this.toJSON())};r.x=SourceMapGenerator},565:(e,r,n)=>{var t;var o=n(163).x;var i=n(297);var a=/(\r?\n)/;var u=10;var s="$$$isSourceNode$$$";function SourceNode(e,r,n,t,o){this.children=[];this.sourceContents={};this.line=e==null?null:e;this.column=r==null?null:r;this.source=n==null?null:n;this.name=o==null?null:o;this[s]=true;if(t!=null)this.add(t)}SourceNode.fromStringWithSourceMap=function SourceNode_fromStringWithSourceMap(e,r,n){var t=new SourceNode;var o=e.split(a);var u=0;var shiftNextLine=function(){var e=getNextLine();var r=getNextLine()||"";return e+r;function getNextLine(){return u=0;r--){this.prepend(e[r])}}else if(e[s]||typeof e==="string"){this.children.unshift(e)}else{throw new TypeError("Expected a SourceNode, string, or an array of SourceNodes and strings. Got "+e)}return this};SourceNode.prototype.walk=function SourceNode_walk(e){var r;for(var n=0,t=this.children.length;n0){r=[];for(n=0;n{function getArg(e,r,n){if(r in e){return e[r]}else if(arguments.length===3){return n}else{throw new Error('"'+r+'" is a required argument.')}}r.getArg=getArg;var n=/^(?:([\w+\-.]+):)?\/\/(?:(\w+:\w+)@)?([\w.-]*)(?::(\d+))?(.*)$/;var t=/^data:.+\,.+$/;function urlParse(e){var r=e.match(n);if(!r){return null}return{scheme:r[1],auth:r[2],host:r[3],port:r[4],path:r[5]}}r.urlParse=urlParse;function urlGenerate(e){var r="";if(e.scheme){r+=e.scheme+":"}r+="//";if(e.auth){r+=e.auth+"@"}if(e.host){r+=e.host}if(e.port){r+=":"+e.port}if(e.path){r+=e.path}return r}r.urlGenerate=urlGenerate;function normalize(e){var n=e;var t=urlParse(e);if(t){if(!t.path){return e}n=t.path}var o=r.isAbsolute(n);var i=n.split(/\/+/);for(var a,u=0,s=i.length-1;s>=0;s--){a=i[s];if(a==="."){i.splice(s,1)}else if(a===".."){u++}else if(u>0){if(a===""){i.splice(s+1,u);u=0}else{i.splice(s,2);u--}}}n=i.join("/");if(n===""){n=o?"/":"."}if(t){t.path=n;return urlGenerate(t)}return n}r.normalize=normalize;function join(e,r){if(e===""){e="."}if(r===""){r="."}var n=urlParse(r);var o=urlParse(e);if(o){e=o.path||"/"}if(n&&!n.scheme){if(o){n.scheme=o.scheme}return urlGenerate(n)}if(n||r.match(t)){return r}if(o&&!o.host&&!o.path){o.host=r;return urlGenerate(o)}var i=r.charAt(0)==="/"?r:normalize(e.replace(/\/+$/,"")+"/"+r);if(o){o.path=i;return urlGenerate(o)}return i}r.join=join;r.isAbsolute=function(e){return e.charAt(0)==="/"||n.test(e)};function relative(e,r){if(e===""){e="."}e=e.replace(/\/$/,"");var n=0;while(r.indexOf(e+"/")!==0){var t=e.lastIndexOf("/");if(t<0){return r}e=e.slice(0,t);if(e.match(/^([^\/]+:\/)?\/*$/)){return r}++n}return Array(n+1).join("../")+r.substr(e.length+1)}r.relative=relative;var o=function(){var e=Object.create(null);return!("__proto__"in e)}();function identity(e){return e}function toSetString(e){if(isProtoString(e)){return"$"+e}return e}r.toSetString=o?identity:toSetString;function fromSetString(e){if(isProtoString(e)){return e.slice(1)}return e}r.fromSetString=o?identity:fromSetString;function isProtoString(e){if(!e){return false}var r=e.length;if(r<9){return false}if(e.charCodeAt(r-1)!==95||e.charCodeAt(r-2)!==95||e.charCodeAt(r-3)!==111||e.charCodeAt(r-4)!==116||e.charCodeAt(r-5)!==111||e.charCodeAt(r-6)!==114||e.charCodeAt(r-7)!==112||e.charCodeAt(r-8)!==95||e.charCodeAt(r-9)!==95){return false}for(var n=r-10;n>=0;n--){if(e.charCodeAt(n)!==36){return false}}return true}function compareByOriginalPositions(e,r,n){var t=strcmp(e.source,r.source);if(t!==0){return t}t=e.originalLine-r.originalLine;if(t!==0){return t}t=e.originalColumn-r.originalColumn;if(t!==0||n){return t}t=e.generatedColumn-r.generatedColumn;if(t!==0){return t}t=e.generatedLine-r.generatedLine;if(t!==0){return t}return strcmp(e.name,r.name)}r.compareByOriginalPositions=compareByOriginalPositions;function compareByGeneratedPositionsDeflated(e,r,n){var t=e.generatedLine-r.generatedLine;if(t!==0){return t}t=e.generatedColumn-r.generatedColumn;if(t!==0||n){return t}t=strcmp(e.source,r.source);if(t!==0){return t}t=e.originalLine-r.originalLine;if(t!==0){return t}t=e.originalColumn-r.originalColumn;if(t!==0){return t}return strcmp(e.name,r.name)}r.compareByGeneratedPositionsDeflated=compareByGeneratedPositionsDeflated;function strcmp(e,r){if(e===r){return 0}if(e===null){return 1}if(r===null){return-1}if(e>r){return 1}return-1}function compareByGeneratedPositionsInflated(e,r){var n=e.generatedLine-r.generatedLine;if(n!==0){return n}n=e.generatedColumn-r.generatedColumn;if(n!==0){return n}n=strcmp(e.source,r.source);if(n!==0){return n}n=e.originalLine-r.originalLine;if(n!==0){return n}n=e.originalColumn-r.originalColumn;if(n!==0){return n}return strcmp(e.name,r.name)}r.compareByGeneratedPositionsInflated=compareByGeneratedPositionsInflated;function parseSourceMapInput(e){return JSON.parse(e.replace(/^\)]}'[^\n]*\n/,""))}r.parseSourceMapInput=parseSourceMapInput;function computeSourceURL(e,r,n){r=r||"";if(e){if(e[e.length-1]!=="/"&&r[0]!=="/"){e+="/"}r=e+r}if(n){var t=urlParse(n);if(!t){throw new Error("sourceMapURL could not be parsed")}if(t.path){var o=t.path.lastIndexOf("/");if(o>=0){t.path=t.path.substring(0,o+1)}}r=join(urlGenerate(t),r)}return normalize(r)}r.computeSourceURL=computeSourceURL},927:(e,r,n)=>{n(163).x;r.SourceMapConsumer=n(684).SourceMapConsumer;n(565)},896:e=>{"use strict";e.exports=require("fs")},928:e=>{"use strict";e.exports=require("path")}};var r={};function __webpack_require__(n){var t=r[n];if(t!==undefined){return t.exports}var o=r[n]={id:n,loaded:false,exports:{}};var i=true;try{e[n](o,o.exports,__webpack_require__);i=false}finally{if(i)delete r[n]}o.loaded=true;return o.exports}(()=>{__webpack_require__.nmd=e=>{e.paths=[];if(!e.children)e.children=[];return e}})();if(typeof __webpack_require__!=="undefined")__webpack_require__.ab=__dirname+"/";var n={};__webpack_require__(599).install();module.exports=n})(); \ No newline at end of file diff --git a/lib/index.js b/lib/index.js index 6517922..05a5e27 100644 --- a/lib/index.js +++ b/lib/index.js @@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( }) : function(o, v) { o["default"] = v; }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -55,8 +65,8 @@ function run() { } }); } -function connect(host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) { - return __awaiter(this, void 0, void 0, function* () { +function connect() { + return __awaiter(this, arguments, void 0, function* (host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) { const ssh = new node_ssh_1.NodeSSH(); console.log(`Establishing a SSH connection to ${host}.`); try { @@ -84,8 +94,8 @@ function connect(host = 'localhost', username, port = 22, privateKey, password, }); } function executeCommand(ssh, command) { - var _a; return __awaiter(this, void 0, void 0, function* () { + var _a; console.log(`Executing command: ${command}`); try { const { code } = yield ssh.exec(command, [], { diff --git a/package-lock.json b/package-lock.json index cc3cc48..aaaf987 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,70 +9,109 @@ "version": "0.8.0", "license": "MIT", "dependencies": { - "@actions/core": "^1.10.0", - "node-ssh": "^13.0.0" + "@actions/core": "^2.0.0", + "node-ssh": "^13.2.1" }, "bin": { "github-action-ssh": "dist/index.js" }, "devDependencies": { - "@types/node": "^20.12.1", - "@types/ssh2": "^1.11.6", - "@types/ssh2-streams": "^0.1.9", - "@vercel/ncc": "^0.34.0", - "prettier": "^2.7.1", - "typescript": "4.8.4" + "@types/node": "^24.12.0", + "@types/ssh2": "^1.15.5", + "@types/ssh2-streams": "^0.1.13", + "@vercel/ncc": "^0.38.4", + "prettier": "^3.8.1", + "typescript": "5.9.3" } }, "node_modules/@actions/core": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz", - "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-2.0.3.tgz", + "integrity": "sha512-Od9Thc3T1mQJYddvVPM4QGiLUewdh+3txmDYHHxoNdkqysR1MbCT+rFOtNUxYAz+7+6RIsqipVahY2GJqGPyxA==", + "license": "MIT", + "dependencies": { + "@actions/exec": "^2.0.0", + "@actions/http-client": "^3.0.2" + } + }, + "node_modules/@actions/exec": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-2.0.0.tgz", + "integrity": "sha512-k8ngrX2voJ/RIN6r9xB82NVqKpnMRtxDoiO+g3olkIUpQNqjArXrCQceduQZCQj3P3xm32pChRLqRrtXTlqhIw==", + "license": "MIT", "dependencies": { - "@actions/http-client": "^2.0.1", - "uuid": "^8.3.2" + "@actions/io": "^2.0.0" } }, "node_modules/@actions/http-client": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.0.1.tgz", - "integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-3.0.2.tgz", + "integrity": "sha512-JP38FYYpyqvUsz+Igqlc/JG6YO9PaKuvqjM3iGvaLqFnJ7TFmcLyy2IDrY0bI0qCQug8E9K+elv5ZNfw62ZJzA==", + "license": "MIT", "dependencies": { - "tunnel": "^0.0.6" + "tunnel": "^0.0.6", + "undici": "^6.23.0" } }, + "node_modules/@actions/io": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@actions/io/-/io-2.0.0.tgz", + "integrity": "sha512-Jv33IN09XLO+0HS79aaODsvIRyduiF7NY/F6LYeK5oeUmrsz7aFdRphQjFoESF4jS7lMauDOttKALcpapVDIAg==", + "license": "MIT" + }, "node_modules/@types/node": { - "version": "20.12.4", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.4.tgz", - "integrity": "sha512-E+Fa9z3wSQpzgYQdYmme5X3OTuejnnTx88A6p6vkkJosR3KBz+HpE3kqNm98VE6cfLFcISx7zW7MsJkH6KwbTw==", + "version": "24.12.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.12.0.tgz", + "integrity": "sha512-GYDxsZi3ChgmckRT9HPU0WEhKLP08ev/Yfcq2AstjrDASOYCSXeyjDsHg4v5t4jOj7cyDX3vmprafKlWIG9MXQ==", "dev": true, + "license": "MIT", "dependencies": { - "undici-types": "~5.26.4" + "undici-types": "~7.16.0" } }, "node_modules/@types/ssh2": { - "version": "1.11.6", - "resolved": "https://registry.npmjs.org/@types/ssh2/-/ssh2-1.11.6.tgz", - "integrity": "sha512-8Mf6bhzYYBLEB/G6COux7DS/F5bCWwojv/qFo2yH/e4cLzAavJnxvFXrYW59iKfXdhG6OmzJcXDasgOb/s0rxw==", + "version": "1.15.5", + "resolved": "https://registry.npmjs.org/@types/ssh2/-/ssh2-1.15.5.tgz", + "integrity": "sha512-N1ASjp/nXH3ovBHddRJpli4ozpk6UdDYIX4RJWFa9L1YKnzdhTlVmiGHm4DZnj/jLbqZpes4aeR30EFGQtvhQQ==", "dev": true, + "license": "MIT", "dependencies": { - "@types/node": "*" + "@types/node": "^18.11.18" } }, "node_modules/@types/ssh2-streams": { - "version": "0.1.9", - "resolved": "https://registry.npmjs.org/@types/ssh2-streams/-/ssh2-streams-0.1.9.tgz", - "integrity": "sha512-I2J9jKqfmvXLR5GomDiCoHrEJ58hAOmFrekfFqmCFd+A6gaEStvWnPykoWUwld1PNg4G5ag1LwdA+Lz1doRJqg==", + "version": "0.1.13", + "resolved": "https://registry.npmjs.org/@types/ssh2-streams/-/ssh2-streams-0.1.13.tgz", + "integrity": "sha512-faHyY3brO9oLEA0QlcO8N2wT7R0+1sHWZvQ+y3rMLwdY1ZyS1z0W3t65j9PqT4HmQ6ALzNe7RZlNuCNE0wBSWA==", "dev": true, + "license": "MIT", "dependencies": { "@types/node": "*" } }, + "node_modules/@types/ssh2/node_modules/@types/node": { + "version": "18.19.130", + "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.130.tgz", + "integrity": "sha512-GRaXQx6jGfL8sKfaIDD6OupbIHBr9jv7Jnaml9tB7l4v068PAOXqfcujMMo5PhbIs6ggR1XODELqahT2R8v0fg==", + "dev": true, + "license": "MIT", + "dependencies": { + "undici-types": "~5.26.4" + } + }, + "node_modules/@types/ssh2/node_modules/undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "license": "MIT" + }, "node_modules/@vercel/ncc": { - "version": "0.34.0", - "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.34.0.tgz", - "integrity": "sha512-G9h5ZLBJ/V57Ou9vz5hI8pda/YQX5HQszCs3AmIus3XzsmRn/0Ptic5otD3xVST8QLKk7AMk7AqpsyQGN7MZ9A==", + "version": "0.38.4", + "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.4.tgz", + "integrity": "sha512-8LwjnlP39s08C08J5NstzriPvW1SP8Zfpp1BvC2sI35kPeZnHfxVkCwu4/+Wodgnd60UtT1n8K8zw+Mp7J9JmQ==", "dev": true, + "license": "MIT", "bin": { "ncc": "dist/ncc/cli.js" } @@ -81,6 +120,7 @@ "version": "0.2.6", "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", + "license": "MIT", "dependencies": { "safer-buffer": "~2.1.0" } @@ -89,28 +129,29 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "license": "BSD-3-Clause", "dependencies": { "tweetnacl": "^0.14.3" } }, "node_modules/buildcheck": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/buildcheck/-/buildcheck-0.0.3.tgz", - "integrity": "sha512-pziaA+p/wdVImfcbsZLNF32EiWyujlQLwolMqUQE8xpKNOH7KmZQaY8sXN7DGOEzPAElo9QTaeNRfGnf3iOJbA==", + "version": "0.0.7", + "resolved": "https://registry.npmjs.org/buildcheck/-/buildcheck-0.0.7.tgz", + "integrity": "sha512-lHblz4ahamxpTmnsk+MNTRWsjYKv965MwOrSJyeD588rR3Jcu7swE+0wN5F+PbL5cjgu/9ObkhfzEPuofEMwLA==", "optional": true, "engines": { "node": ">=10.0.0" } }, "node_modules/cpu-features": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/cpu-features/-/cpu-features-0.0.4.tgz", - "integrity": "sha512-fKiZ/zp1mUwQbnzb9IghXtHtDoTMtNeb8oYGx6kX2SYfhnG0HNdBEBIzB9b5KlXu5DQPhfy3mInbBxFcgwAr3A==", + "version": "0.0.10", + "resolved": "https://registry.npmjs.org/cpu-features/-/cpu-features-0.0.10.tgz", + "integrity": "sha512-9IkYqtX3YHPCzoVg1Py+o9057a3i0fp7S530UWokCSaFVTc7CwXPRiOjRjBQQ18ZCNafx78YfnG+HALxtVmOGA==", "hasInstallScript": true, "optional": true, "dependencies": { - "buildcheck": "0.0.3", - "nan": "^2.15.0" + "buildcheck": "~0.0.6", + "nan": "^2.19.0" }, "engines": { "node": ">=10.0.0" @@ -142,37 +183,40 @@ } }, "node_modules/nan": { - "version": "2.17.0", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.17.0.tgz", - "integrity": "sha512-2ZTgtl0nJsO0KQCjEpxcIr5D+Yv90plTitZt9JBfQvVJDS5seMl3FOvsh3+9CoYWXf/1l5OaZzzF6nDm4cagaQ==", + "version": "2.25.0", + "resolved": "https://registry.npmjs.org/nan/-/nan-2.25.0.tgz", + "integrity": "sha512-0M90Ag7Xn5KMLLZ7zliPWP3rT90P6PN+IzVFS0VqmnPktBk3700xUVv8Ikm9EUaUE5SDWdp/BIxdENzVznpm1g==", + "license": "MIT", "optional": true }, "node_modules/node-ssh": { - "version": "13.0.0", - "resolved": "https://registry.npmjs.org/node-ssh/-/node-ssh-13.0.0.tgz", - "integrity": "sha512-8yfPvuB8z1M5rXFR8Z1Tl0a0M43N64VjZfjXRwOGCcImFphuXhMPniPksf1FkVj9djKbpHvLUMIVS399H9yCSQ==", + "version": "13.2.1", + "resolved": "https://registry.npmjs.org/node-ssh/-/node-ssh-13.2.1.tgz", + "integrity": "sha512-rfl4GWMygQfzlExPkQ2LWyya5n2jOBm5vhEnup+4mdw7tQhNpJWbP5ldr09Jfj93k5SfY5lxcn8od5qrQ/6mBg==", + "license": "MIT", "dependencies": { "is-stream": "^2.0.0", "make-dir": "^3.1.0", "sb-promise-queue": "^2.1.0", "sb-scandir": "^3.1.0", "shell-escape": "^0.2.0", - "ssh2": "^1.5.0" + "ssh2": "^1.14.0" }, "engines": { "node": ">= 10" } }, "node_modules/prettier": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz", - "integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==", + "version": "3.8.1", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz", + "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==", "dev": true, + "license": "MIT", "bin": { - "prettier": "bin-prettier.js" + "prettier": "bin/prettier.cjs" }, "engines": { - "node": ">=10.13.0" + "node": ">=14" }, "funding": { "url": "https://github.com/prettier/prettier?sponsor=1" @@ -181,7 +225,8 @@ "node_modules/safer-buffer": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "license": "MIT" }, "node_modules/sb-promise-queue": { "version": "2.1.0", @@ -216,26 +261,27 @@ "integrity": "sha1-aP0CXrBJC09WegJ/C/IkgLX4QTM=" }, "node_modules/ssh2": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-1.11.0.tgz", - "integrity": "sha512-nfg0wZWGSsfUe/IBJkXVll3PEZ//YH2guww+mP88gTpuSU4FtZN7zu9JoeTGOyCNx2dTDtT9fOpWwlzyj4uOOw==", + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-1.17.0.tgz", + "integrity": "sha512-wPldCk3asibAjQ/kziWQQt1Wh3PgDFpC0XpwclzKcdT1vql6KeYxf5LIt4nlFkUeR8WuphYMKqUA56X4rjbfgQ==", "hasInstallScript": true, "dependencies": { - "asn1": "^0.2.4", + "asn1": "^0.2.6", "bcrypt-pbkdf": "^1.0.2" }, "engines": { "node": ">=10.16.0" }, "optionalDependencies": { - "cpu-features": "~0.0.4", - "nan": "^2.16.0" + "cpu-features": "~0.0.10", + "nan": "^2.23.0" } }, "node_modules/tunnel": { "version": "0.0.6", "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", + "license": "MIT", "engines": { "node": ">=0.6.11 <=0.7.0 || >=0.7.3" } @@ -243,34 +289,38 @@ "node_modules/tweetnacl": { "version": "0.14.5", "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" + "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==", + "license": "Unlicense" }, "node_modules/typescript": { - "version": "4.8.4", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz", - "integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==", + "version": "5.9.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz", + "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "dev": true, + "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" }, "engines": { - "node": ">=4.2.0" + "node": ">=14.17" } }, - "node_modules/undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", - "dev": true - }, - "node_modules/uuid": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", - "bin": { - "uuid": "dist/bin/uuid" + "node_modules/undici": { + "version": "6.24.1", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz", + "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==", + "license": "MIT", + "engines": { + "node": ">=18.17" } + }, + "node_modules/undici-types": { + "version": "7.16.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", + "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", + "dev": true, + "license": "MIT" } } } diff --git a/package.json b/package.json index b36468c..d0c3f13 100644 --- a/package.json +++ b/package.json @@ -27,15 +27,15 @@ "author": "garygrossgarten", "license": "MIT", "dependencies": { - "@actions/core": "^1.10.0", - "node-ssh": "^13.0.0" + "@actions/core": "^2.0.0", + "node-ssh": "^13.2.1" }, "devDependencies": { - "@types/node": "^20.12.1", - "@types/ssh2": "^1.11.6", - "@types/ssh2-streams": "^0.1.9", - "@vercel/ncc": "^0.34.0", - "prettier": "^2.7.1", - "typescript": "4.8.4" + "@types/node": "^24.12.0", + "@types/ssh2": "^1.15.5", + "@types/ssh2-streams": "^0.1.13", + "@vercel/ncc": "^0.38.4", + "prettier": "^3.8.1", + "typescript": "5.9.3" } }