89068 2012-06-14 00:23:08 -0700 Do not allow mixed-content WebSockets (ws:// WebSockets on an https:// page) 2023-05-12 07:54:46 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) All All RESOLVED CONFIGURATION CHANGED WebExposed P2 Normal --- 1 yutak yutak abarth annevk ap bfulgham bsmith dbates japhet jochen machorro nicholas noahric tkent webkit.review.bot wilander oldest_to_newest 648880 0 yutak 2012-06-14 00:23:08 -0700 Reported in a Chromium bug: http://code.google.com/p/chromium/issues/detail?id=85271 > Reported by bsmith@mozilla.com, Jun 7, 2011 > See https://bugzilla.mozilla.org/show_bug.cgi?id=662692 > > When a script attempts to open a WebSocket to a non-TLS-protected server ("ws://"), the attempt should fail if the document was delivered over HTTPS. > > Since there are basically no existing WebSockets servers, there is no compatibility reason to allow ws:// (as opposed to wss://) WebSockets from an https:// webpage. We would > like to move to a stronger policy prohibiting all mixed content, and prohibiting https://+ws:// from the start will help prevent WebSockets from adding to the problem. > > In addition to addressing this in code, we should make sure the W3C spec notes this. Firefox already does this and WebSocket API draft now has the following clause: http://dev.w3.org/html5/websockets/#the-websocket-interface > 2. If secure is false but the origin of the entry script has a scheme component that is itself a secure protocol, e.g. HTTPS, then throw a SecurityError exception. 648886 1 abarth 2012-06-14 00:30:01 -0700 "Since there are basically no existing WebSockets servers" <-- This isn't really true, but it's probably early enough to make this sort of change. 648912 2 147513 yutak 2012-06-14 01:05:26 -0700 Created attachment 147513 Patch 648918 3 147513 abarth 2012-06-14 01:07:31 -0700 Comment on attachment 147513 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=147513&action=review > Source/WebCore/Modules/websockets/WebSocket.cpp:217 > + if (SecurityOrigin::isSecure(KURL(KURL(), scriptExecutionContext()->securityOrigin()->toString())) && m_url.protocolIs("ws")) { This is not correct. You want to do something more like what http://trac.webkit.org/browser/trunk/Source/WebCore/loader/FrameLoader.cpp#L869 does. 648929 4 abarth 2012-06-14 01:22:13 -0700 By the way, you should consider moving isMixedContent into SecurityOrigin so you can call it directly from this code. 648998 5 147534 yutak 2012-06-14 02:40:54 -0700 Created attachment 147534 Patch v2 649000 6 147513 yutak 2012-06-14 02:43:25 -0700 Comment on attachment 147513 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=147513&action=review >> Source/WebCore/Modules/websockets/WebSocket.cpp:217 >> + if (SecurityOrigin::isSecure(KURL(KURL(), scriptExecutionContext()->securityOrigin()->toString())) && m_url.protocolIs("ws")) { > > This is not correct. You want to do something more like what http://trac.webkit.org/browser/trunk/Source/WebCore/loader/FrameLoader.cpp#L869 does. Thanks. I uploaded patch v2 which moves the implementation of isMixedContent() to SecurityOrigin so both FrameLoader and WebSocket can use it. 649199 7 ap 2012-06-14 08:39:01 -0700 > We would like to move to a stronger policy prohibiting all mixed content Do we agree that it's feasible and desirable? Because otherwise, limiting WebSocket alone just makes no sense. 649720 8 yutak 2012-06-14 18:40:35 -0700 (In reply to comment #7) > > We would like to move to a stronger policy prohibiting all mixed content > > Do we agree that it's feasible and desirable? Because otherwise, limiting WebSocket alone just makes no sense. I'm not particularly good at this security area, but Adam might be able to comment about this. As for WebSockets, I think there's few reason not to do this, because: (1) WebSocket API spec explicitly mandates this mixed-contentness check, and (2) Firefox is already doing this and has proven that this won't make a heavy compatibility impact. 649805 9 abarth 2012-06-14 20:18:12 -0700 Another viewpoint is that WebSockets are more like XMLHttpRequest with CORS. In the case of XMLHttpRequest, we let an HTTPS page make a CORS-enabled request to HTTP URLs. I'm inclined to think we should follow the spec and Firefox here which will encourage folks to build more secure web sites. I don't feel that strongly about it. If other folks have strong opinions, we might want to raise the issue in the working group. 650282 10 ap 2012-06-15 10:02:36 -0700 If I were to guess about Mozilla's plan, that's likely to block mixed content XMLHttpRequests next, and stylesheets/scripts/images after that, which is quite ambitious. I cannot see any reason to do this for WebSockets alone. I agree that this change likely has no effect on compatibility. It would be good to know that it has a positive effect on anything. 650321 11 abarth 2012-06-15 10:41:28 -0700 > It would be good to know that it has a positive effect on anything. It seems like it will have a positive effect on security if it guides folks to use TLS for their WebSocket connections. 661825 12 noahric 2012-07-02 17:10:18 -0700 If this is added, would it be possible to add an exception for connections to localhost? Google talk is experimenting with using websockets to connect to a locally running daemon process, but we don't do it on Firefox because of this feature. 661944 13 abarth 2012-07-02 21:26:12 -0700 > If this is added, would it be possible to add an exception for connections to localhost? Nope. HTTP to localhost is treated as being insecure all over the platform. We shouldn't have a one-off exception here. > Google talk is experimenting with using websockets to connect to a locally running daemon process, but we don't do it on Firefox because of this feature. You might want to use wss instead. 664951 14 noahric 2012-07-09 10:21:12 -0700 (In reply to comment #13) > > If this is added, would it be possible to add an exception for connections to localhost? > > Nope. HTTP to localhost is treated as being insecure all over the platform. We shouldn't have a one-off exception here. Fair enough. Something like CORS would work for us here as well (as you already pointed out in comment #9). > > > Google talk is experimenting with using websockets to connect to a locally running daemon process, but we don't do it on Firefox because of this feature. > > You might want to use wss instead. We'd like to, but haven't yet decided on how to handle certs for localhost. 664974 15 abarth 2012-07-09 10:35:47 -0700 The more I think about this, the more I think we should treat WebSockets the same way we treat XMLHttpRequest with CORS given that WebSockets essentially has CORS built in. Let's talk with bsmith to see if we can get on the same page as Firefox. Yuta: Would you like to start an email thread with bsmith or would you prefer that I start the conversation? 665554 16 yutak 2012-07-10 01:01:56 -0700 (In reply to comment #15) > Yuta: Would you like to start an email thread with bsmith or would you prefer that I start the conversation? Feel free to start the conversation from you (and cc me). I'm sure you are far better on these topics than I ;) 910162 17 nicholas 2013-07-19 09:09:27 -0700 I don't know where the best place to discuss this is, but for me this change really isn't desirable. The idea behind WebSockets is to bring sockets to the browser, so it can do all the normal sockety things applications would do. Code in an HTTPS page is the like the application you installed on your machine: it's a secure block of code that you trust, and it's allowed to connect out to untrusted machines and communicate with them. I posted a hefty protest at Firefox's behaviour on their bug (https://bugzilla.mozilla.org/show_bug.cgi?id=662692#c11), and I really hope WebKit doesn't follow. To put it another way: A websocket connection can't be mixed content because it isn't "content". It's passed through Javascript first, which can make a decision whether or not to accept the data or abort. This is very different from a mixed content image, which just gets loaded. 912854 18 ap 2013-07-30 08:33:50 -0700 *** Bug 62253 has been marked as a duplicate of this bug. *** 976856 19 147534 andersca 2014-02-05 10:57:12 -0800 Comment on attachment 147534 Patch v2 Clearing review flag on patches from before 2014. If this patch is still relevant, please reset the r? flag. 1030270 20 machorro 2014-08-20 08:26:31 -0700 Are there any practical suggestions for SSL certs under localhost? All CAs want a valid TLD, and a self-signed localhost is too clunky for deploying to clients - it still requires user approval. 1194598 21 bfulgham 2016-05-18 20:45:40 -0700 John: Can you review this issue and let me know if there are steps we should take here. 1954972 22 annevk 2023-05-12 07:54:46 -0700 WebSocket.cpp uses MixedContentChecker these days. There's a FIXME next to it to share more logic, but this is in place. 147513 2012-06-14 01:05:26 -0700 2012-06-14 02:43:25 -0700 Patch bug-89068-20120614170525.patch text/plain 5897 yutak U3VidmVyc2lvbiBSZXZpc2lvbjogMTIwMjc3CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggMThmNmYzZmJlYmNlMmUw MTQ3Zjg0ZmFhMGRlMjVkNmMwZjExNzM1Zi4uMzhiYWRjY2VmYTU1YWM3MGVkZDQzN2MzYTQ0YWE1 MDZlYTY4Y2UwZiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDE2IEBACisyMDEyLTA2LTE0ICBZdXRh IEtpdGFtdXJhICA8eXV0YWtAY2hyb21pdW0ub3JnPgorCisgICAgICAgIERvIG5vdCBhbGxvdyBt aXhlZC1jb250ZW50IFdlYlNvY2tldHMgKHdzOi8vIFdlYlNvY2tldHMgb24gYW4gaHR0cHM6Ly8g cGFnZSkKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTg5 MDY4CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgVGVz dDogaHR0cC90ZXN0cy93ZWJzb2NrZXQvdGVzdHMvaHliaS9taXhlZC1jb250ZW50LWh0dHBzLXRv LXdzLmh0bWwKKworICAgICAgICAqIE1vZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXQuY3BwOgor ICAgICAgICAoV2ViQ29yZTo6V2ViU29ja2V0Ojpjb25uZWN0KTogVGhyb3cgU0VDVVJJVFlfRVJS IGlmIGEgc2VjdXJlIHBhZ2UgaXMKKyAgICAgICAgdHJ5aW5nIHRvIGNvbm5lY3QgdG8gYSBub24t VExTLXByb3RlY3RlZCBXZWJTb2NrZXQgc2VydmVyLgorCiAyMDEyLTA2LTEzICBNT1JJVEEgSGFq aW1lICA8bW9ycml0YUBnb29nbGUuY29tPgogCiAgICAgICAgIFVucmV2aWV3ZWQgdHlwbyBmaXgu CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9Nb2R1bGVzL3dlYnNvY2tldHMvV2ViU29ja2V0 LmNwcCBiL1NvdXJjZS9XZWJDb3JlL01vZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXQuY3BwCmlu ZGV4IDNjNWM1OWM2YTI5MmJjZDhmYTBiZWY2ZDE2NGUxZDBhYWRhMDZjMjEuLmNmMTIwOGUyODQ4 ZTAzZDM3MmYzY2NhZDBiY2RmYWVmMTJjNWM5M2EgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3Jl L01vZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXQuY3BwCisrKyBiL1NvdXJjZS9XZWJDb3JlL01v ZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXQuY3BwCkBAIC0yMTQsNiArMjE0LDEyIEBAIHZvaWQg V2ViU29ja2V0Ojpjb25uZWN0KGNvbnN0IFN0cmluZyYgdXJsLCBjb25zdCBWZWN0b3I8U3RyaW5n PiYgcHJvdG9jb2xzLCBFeGNlCiAgICAgICAgIGVjID0gU1lOVEFYX0VSUjsKICAgICAgICAgcmV0 dXJuOwogICAgIH0KKyAgICBpZiAoU2VjdXJpdHlPcmlnaW46OmlzU2VjdXJlKEtVUkwoS1VSTCgp LCBzY3JpcHRFeGVjdXRpb25Db250ZXh0KCktPnNlY3VyaXR5T3JpZ2luKCktPnRvU3RyaW5nKCkp KSAmJiBtX3VybC5wcm90b2NvbElzKCJ3cyIpKSB7CisgICAgICAgIHNjcmlwdEV4ZWN1dGlvbkNv bnRleHQoKS0+YWRkQ29uc29sZU1lc3NhZ2UoSlNNZXNzYWdlU291cmNlLCBMb2dNZXNzYWdlVHlw ZSwgRXJyb3JNZXNzYWdlTGV2ZWwsICJTZWN1cmUgcGFnZSBjYW4gb25seSBjb25uZWN0IHRvIHNl Y3VyZSBXZWJTb2NrZXQgc2VydmVycyAod3NzOi8vKSIsIHNjcmlwdEV4ZWN1dGlvbkNvbnRleHQo KS0+c2VjdXJpdHlPcmlnaW4oKS0+dG9TdHJpbmcoKSk7CisgICAgICAgIG1fc3RhdGUgPSBDTE9T RUQ7CisgICAgICAgIGVjID0gU0VDVVJJVFlfRVJSOworICAgICAgICByZXR1cm47CisgICAgfQog ICAgIGlmICghcG9ydEFsbG93ZWQobV91cmwpKSB7CiAgICAgICAgIHNjcmlwdEV4ZWN1dGlvbkNv bnRleHQoKS0+YWRkQ29uc29sZU1lc3NhZ2UoSlNNZXNzYWdlU291cmNlLCBMb2dNZXNzYWdlVHlw ZSwgRXJyb3JNZXNzYWdlTGV2ZWwsICJXZWJTb2NrZXQgcG9ydCAiICsgU3RyaW5nOjpudW1iZXIo bV91cmwucG9ydCgpKSArICIgYmxvY2tlZCIsIHNjcmlwdEV4ZWN1dGlvbkNvbnRleHQoKS0+c2Vj dXJpdHlPcmlnaW4oKS0+dG9TdHJpbmcoKSk7CiAgICAgICAgIG1fc3RhdGUgPSBDTE9TRUQ7CmRp ZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9DaGFuZ2VMb2cgYi9MYXlvdXRUZXN0cy9DaGFuZ2VMb2cK aW5kZXggNzk3NDQ5YTg5YjM1NjhiNWNjYWRiMjZlY2I0MzUwNGVmNDlmNTk5Ny4uYjEwMTZkZTQ1 NWJmYTY1ZjY0YjZkYTJiN2VlNGNjNmQwMDY5Y2Q5ZCAxMDA2NDQKLS0tIGEvTGF5b3V0VGVzdHMv Q2hhbmdlTG9nCisrKyBiL0xheW91dFRlc3RzL0NoYW5nZUxvZwpAQCAtMSwzICsxLDE1IEBACisy MDEyLTA2LTE0ICBZdXRhIEtpdGFtdXJhICA8eXV0YWtAY2hyb21pdW0ub3JnPgorCisgICAgICAg IERvIG5vdCBhbGxvdyBtaXhlZC1jb250ZW50IFdlYlNvY2tldHMgKHdzOi8vIFdlYlNvY2tldHMg b24gYW4gaHR0cHM6Ly8gcGFnZSkKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hv d19idWcuY2dpP2lkPTg5MDY4CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISku CisKKyAgICAgICAgKiBodHRwL3Rlc3RzL3dlYnNvY2tldC90ZXN0cy9oeWJpL21peGVkLWNvbnRl bnQtaHR0cHMtdG8td3MtZXhwZWN0ZWQudHh0OiBBZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3Rz L3dlYnNvY2tldC90ZXN0cy9oeWJpL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MuaHRtbDogQWRk ZWQuCisgICAgICAgIE9wZW5zIGFuIGlmcmFtZSB3aGljaCBsb2FkcyBhbiBIVFRQUyBwYWdlIHRy eWluZyB0byBjb25uZWN0IHRvIHdzOi8vIHNlcnZlci4KKyAgICAgICAgKiBodHRwL3Rlc3RzL3dl YnNvY2tldC90ZXN0cy9oeWJpL3Jlc291cmNlcy9taXhlZC1jb250ZW50LWh0dHBzLXRvLXdzLWlm cmFtZS5odG1sOiBBZGRlZC4KKwogMjAxMi0wNi0xMyAgS2ludWtvIFlhc3VkYSAgPGtpbnVrb0Bj aHJvbWl1bS5vcmc+CiAKICAgICAgICAgW0Nocm9taXVtXSBVbnJldmlld2VkOiBBZGQgcmViYXNl bGluZSBhbmQgdXBkYXRlIGV4cGVjdGF0aW9ucy4KZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL2h0 dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3RzL2h5YmkvbWl4ZWQtY29udGVudC1odHRwcy10by13cy1l eHBlY3RlZC50eHQgYi9MYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3dlYnNvY2tldC90ZXN0cy9oeWJp L21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MtZXhwZWN0ZWQudHh0Cm5ldyBmaWxlIG1vZGUgMTAw NjQ0CmluZGV4IDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAuLmU5NzVj MzdiYjYxMzkwZDE2MzhlZmQ3MGRiOGJjNzk3NWE4ZDdiZDkKLS0tIC9kZXYvbnVsbAorKysgYi9M YXlvdXRUZXN0cy9odHRwL3Rlc3RzL3dlYnNvY2tldC90ZXN0cy9oeWJpL21peGVkLWNvbnRlbnQt aHR0cHMtdG8td3MtZXhwZWN0ZWQudHh0CkBAIC0wLDAgKzEsMTUgQEAKK0NPTlNPTEUgTUVTU0FH RTogU2VjdXJlIHBhZ2UgY2FuIG9ubHkgY29ubmVjdCB0byBzZWN1cmUgV2ViU29ja2V0IHNlcnZl cnMgKHdzczovLykKK2h0dHBzOi8vIHBhZ2Ugc2hvdWxkIG5vdCBiZSBhYmxlIHRvIGNvbm5lY3Qg dG8gd3M6Ly8gc2VydmVycy4KKworT24gc3VjY2VzcywgeW91IHdpbGwgc2VlIGEgc2VyaWVzIG9m ICJQQVNTIiBtZXNzYWdlcywgZm9sbG93ZWQgYnkgIlRFU1QgQ09NUExFVEUiLgorCitQQVNTIHN1 Y2Nlc3NmdWxseVBhcnNlZCBpcyB0cnVlCisKK1RFU1QgQ09NUExFVEUKKworCistLS0tLS0tLQor RnJhbWU6ICc8IS0tZnJhbWVQYXRoIC8vPCEtLWZyYW1lMC0tPi0tPicKKy0tLS0tLS0tCitQQVNT IG5ldyBXZWJTb2NrZXQoIndzOi8vMTI3LjAuMC4xOjg4ODAvd2Vic29ja2V0L3Rlc3RzL2h5Ymkv c2ltcGxlIikgdGhyZXcgZXhjZXB0aW9uIEVycm9yOiBTRUNVUklUWV9FUlI6IERPTSBFeGNlcHRp b24gMTguCisKZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rl c3RzL2h5YmkvbWl4ZWQtY29udGVudC1odHRwcy10by13cy5odG1sIGIvTGF5b3V0VGVzdHMvaHR0 cC90ZXN0cy93ZWJzb2NrZXQvdGVzdHMvaHliaS9taXhlZC1jb250ZW50LWh0dHBzLXRvLXdzLmh0 bWwKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMC4uMjMxOWZlZTE2YjVkOWM2OGFkMTFmMWRkNzdmNDUxYjEyMjUwNzQ5Ygot LS0gL2Rldi9udWxsCisrKyBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3Rz L2h5YmkvbWl4ZWQtY29udGVudC1odHRwcy10by13cy5odG1sCkBAIC0wLDAgKzEsMjcgQEAKKzwh RE9DVFlQRSBIVE1MIFBVQkxJQyAiLS8vSUVURi8vRFREIEhUTUwvL0VOIj4KKzxodG1sPgorPGhl YWQ+Cis8c2NyaXB0IHNyYz0iLi4vLi4vLi4vLi4vanMtdGVzdC1yZXNvdXJjZXMvanMtdGVzdC1w cmUuanMiPjwvc2NyaXB0PgorPC9oZWFkPgorPGJvZHk+Cis8ZGl2IGlkPSJkZXNjcmlwdGlvbiI+ PC9kaXY+Cis8ZGl2IGlkPSJjb25zb2xlIj48L2Rpdj4KKzxzY3JpcHQgdHlwZT0idGV4dC9qYXZh c2NyaXB0Ij4KK2Rlc2NyaXB0aW9uKCJodHRwczovLyBwYWdlIHNob3VsZCBub3QgYmUgYWJsZSB0 byBjb25uZWN0IHRvIHdzOi8vIHNlcnZlcnMuIik7CisKK3dpbmRvdy5qc1Rlc3RJc0FzeW5jID0g dHJ1ZTsKK2lmICh3aW5kb3cubGF5b3V0VGVzdENvbnRyb2xsZXIpIHsKKyAgICBsYXlvdXRUZXN0 Q29udHJvbGxlci5vdmVycmlkZVByZWZlcmVuY2UoIldlYktpdEhpeGllNzZXZWJTb2NrZXRQcm90 b2NvbEVuYWJsZWQiLCAwKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5kdW1wQ2hpbGRGcmFt ZXNBc1RleHQoKTsKK30KKwordmFyIGlmcmFtZSA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ2lm cmFtZScpOworaWZyYW1lLm9ubG9hZCA9IGZ1bmN0aW9uKCkgeworICAgIGZpbmlzaEpTVGVzdCgp OworfTsKK2lmcmFtZS5zcmMgPSAnaHR0cHM6Ly8xMjcuMC4wLjE6ODQ0My93ZWJzb2NrZXQvdGVz dHMvaHliaS9yZXNvdXJjZXMvbWl4ZWQtY29udGVudC1odHRwcy10by13cy1pZnJhbWUuaHRtbCc7 Citkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGlmcmFtZSk7Cis8L3NjcmlwdD4KKzxzY3JpcHQg c3JjPSIuLi8uLi8uLi8uLi9qcy10ZXN0LXJlc291cmNlcy9qcy10ZXN0LXBvc3QuanMiPjwvc2Ny aXB0PgorPC9ib2R5PgorPC9odG1sPgpkaWZmIC0tZ2l0IGEvTGF5b3V0VGVzdHMvaHR0cC90ZXN0 cy93ZWJzb2NrZXQvdGVzdHMvaHliaS9yZXNvdXJjZXMvbWl4ZWQtY29udGVudC1odHRwcy10by13 cy1pZnJhbWUuaHRtbCBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3RzL2h5 YmkvcmVzb3VyY2VzL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MtaWZyYW1lLmh0bWwKbmV3IGZp bGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMC4uYWJhMmI0N2I2MzBjNTI3OGM2MmViNWVkZDE3YWJmNjRjMDhkMmQ4NwotLS0gL2Rldi9u dWxsCisrKyBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3RzL2h5YmkvcmVz b3VyY2VzL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MtaWZyYW1lLmh0bWwKQEAgLTAsMCArMSwx MiBAQAorPGh0bWw+Cis8aGVhZD4KKzxzY3JpcHQgc3JjPSIuLi8uLi8uLi8uLi8uLi9qcy10ZXN0 LXJlc291cmNlcy9qcy10ZXN0LXByZS5qcyI+PC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keT4KKzxk aXYgaWQ9ImRlc2NyaXB0aW9uIj48L2Rpdj4KKzxkaXYgaWQ9ImNvbnNvbGUiPjwvZGl2PgorPHNj cmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPgorc2hvdWxkVGhyb3coJ25ldyBXZWJTb2NrZXQo IndzOi8vMTI3LjAuMC4xOjg4ODAvd2Vic29ja2V0L3Rlc3RzL2h5Ymkvc2ltcGxlIiknKTsKKzwv c2NyaXB0PgorPC9ib2R5PgorPC9odG1sPgo= 147534 2012-06-14 02:40:54 -0700 2014-02-05 10:57:12 -0800 Patch v2 bug-89068-20120614184054.patch text/plain 10517 yutak U3VidmVyc2lvbiBSZXZpc2lvbjogMTIwMjc3CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggMThmNmYzZmJlYmNlMmUw MTQ3Zjg0ZmFhMGRlMjVkNmMwZjExNzM1Zi4uZDg2NTRmODIzYTI4YzlmZWY0NTQ3OTY2ZjFkMjQw OTYzMTc0ODkxNyAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDMxIEBACisyMDEyLTA2LTE0ICBZdXRh IEtpdGFtdXJhICA8eXV0YWtAY2hyb21pdW0ub3JnPgorCisgICAgICAgIERvIG5vdCBhbGxvdyBt aXhlZC1jb250ZW50IFdlYlNvY2tldHMgKHdzOi8vIFdlYlNvY2tldHMgb24gYW4gaHR0cHM6Ly8g cGFnZSkKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTg5 MDY4CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgVGVz dDogaHR0cC90ZXN0cy93ZWJzb2NrZXQvdGVzdHMvaHliaS9taXhlZC1jb250ZW50LWh0dHBzLXRv LXdzLmh0bWwKKworICAgICAgICAqIE1vZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXQuY3BwOgor ICAgICAgICAoV2ViQ29yZTo6V2ViU29ja2V0Ojpjb25uZWN0KTogVGhyb3cgU0VDVVJJVFlfRVJS IGlmIHRoZSB0YXJnZXQgVVJMIGlzCisgICAgICAgIGNvbnNpZGVyZWQgbWl4ZWQgY29udGVudC4K KyAgICAgICAgKiBsb2FkZXIvRnJhbWVMb2FkZXIuY3BwOgorICAgICAgICAoV2ViQ29yZTo6RnJh bWVMb2FkZXI6OmNoZWNrSWZEaXNwbGF5SW5zZWN1cmVDb250ZW50KToKKyAgICAgICAgKFdlYkNv cmU6OkZyYW1lTG9hZGVyOjpjaGVja0lmUnVuSW5zZWN1cmVDb250ZW50KToKKyAgICAgICAgKiBs b2FkZXIvRnJhbWVMb2FkZXIuaDoKKyAgICAgICAgTW92ZSB0aGUgaW1wbGVtZW50YXRpb24gb2Yg aXNNaXhlZENvbnRlbnQoKSB0byBTZWN1cml0eU9yaWdpbiBzbyBXZWJTb2NrZXQKKyAgICAgICAg Y2FuIGFjY2VzcyB0aGUgZnVuY3Rpb24uCisgICAgICAgIChGcmFtZUxvYWRlcik6CisgICAgICAg ICogcGFnZS9TZWN1cml0eU9yaWdpbi5jcHA6CisgICAgICAgIChXZWJDb3JlOjpTZWN1cml0eU9y aWdpbjo6aXNNaXhlZENvbnRlbnQpOgorICAgICAgICAoV2ViQ29yZSk6CisgICAgICAgICogcGFn ZS9TZWN1cml0eU9yaWdpbi5oOgorICAgICAgICBBZGQgaXNNaXhlZENvbnRlbnQoKSBmdW5jdGlv biB3aGljaCBpcyB1c2VkIGZyb20gRnJhbWVMb2FkZXIgYW5kIFdlYlNvY2tldC4KKyAgICAgICAg KFNlY3VyaXR5T3JpZ2luKToKKyAgICAgICAgKiBwbGF0Zm9ybS9TY2hlbWVSZWdpc3RyeS5jcHA6 CisgICAgICAgIChXZWJDb3JlOjpzZWN1cmVTY2hlbWVzKTogQWRkICJ3c3MiIHRvIHRoZSBsaXN0 IG9mIHNlY3VyZSBzY2hlbWVzLgorCiAyMDEyLTA2LTEzICBNT1JJVEEgSGFqaW1lICA8bW9ycml0 YUBnb29nbGUuY29tPgogCiAgICAgICAgIFVucmV2aWV3ZWQgdHlwbyBmaXguCmRpZmYgLS1naXQg YS9Tb3VyY2UvV2ViQ29yZS9Nb2R1bGVzL3dlYnNvY2tldHMvV2ViU29ja2V0LmNwcCBiL1NvdXJj ZS9XZWJDb3JlL01vZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXQuY3BwCmluZGV4IDNjNWM1OWM2 YTI5MmJjZDhmYTBiZWY2ZDE2NGUxZDBhYWRhMDZjMjEuLjVlMzM1NDU5YWIzM2NjZmZmYTczNDgx MjQxNWIxZWM1NGYxY2JhOWUgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3JlL01vZHVsZXMvd2Vi c29ja2V0cy9XZWJTb2NrZXQuY3BwCisrKyBiL1NvdXJjZS9XZWJDb3JlL01vZHVsZXMvd2Vic29j a2V0cy9XZWJTb2NrZXQuY3BwCkBAIC0yMTQsNiArMjE0LDEyIEBAIHZvaWQgV2ViU29ja2V0Ojpj b25uZWN0KGNvbnN0IFN0cmluZyYgdXJsLCBjb25zdCBWZWN0b3I8U3RyaW5nPiYgcHJvdG9jb2xz LCBFeGNlCiAgICAgICAgIGVjID0gU1lOVEFYX0VSUjsKICAgICAgICAgcmV0dXJuOwogICAgIH0K KyAgICBpZiAoc2NyaXB0RXhlY3V0aW9uQ29udGV4dCgpLT5zZWN1cml0eU9yaWdpbigpLT5pc01p eGVkQ29udGVudChtX3VybCkpIHsKKyAgICAgICAgc2NyaXB0RXhlY3V0aW9uQ29udGV4dCgpLT5h ZGRDb25zb2xlTWVzc2FnZShKU01lc3NhZ2VTb3VyY2UsIExvZ01lc3NhZ2VUeXBlLCBFcnJvck1l c3NhZ2VMZXZlbCwgIlNlY3VyZSBwYWdlIGNhbiBvbmx5IGNvbm5lY3QgdG8gc2VjdXJlIFdlYlNv Y2tldCBzZXJ2ZXJzICh3c3M6Ly8pIiwgc2NyaXB0RXhlY3V0aW9uQ29udGV4dCgpLT5zZWN1cml0 eU9yaWdpbigpLT50b1N0cmluZygpKTsKKyAgICAgICAgbV9zdGF0ZSA9IENMT1NFRDsKKyAgICAg ICAgZWMgPSBTRUNVUklUWV9FUlI7CisgICAgICAgIHJldHVybjsKKyAgICB9CiAgICAgaWYgKCFw b3J0QWxsb3dlZChtX3VybCkpIHsKICAgICAgICAgc2NyaXB0RXhlY3V0aW9uQ29udGV4dCgpLT5h ZGRDb25zb2xlTWVzc2FnZShKU01lc3NhZ2VTb3VyY2UsIExvZ01lc3NhZ2VUeXBlLCBFcnJvck1l c3NhZ2VMZXZlbCwgIldlYlNvY2tldCBwb3J0ICIgKyBTdHJpbmc6Om51bWJlcihtX3VybC5wb3J0 KCkpICsgIiBibG9ja2VkIiwgc2NyaXB0RXhlY3V0aW9uQ29udGV4dCgpLT5zZWN1cml0eU9yaWdp bigpLT50b1N0cmluZygpKTsKICAgICAgICAgbV9zdGF0ZSA9IENMT1NFRDsKZGlmZiAtLWdpdCBh L1NvdXJjZS9XZWJDb3JlL2xvYWRlci9GcmFtZUxvYWRlci5jcHAgYi9Tb3VyY2UvV2ViQ29yZS9s b2FkZXIvRnJhbWVMb2FkZXIuY3BwCmluZGV4IDJjNjYwOTNmMzY5ZmM4ZTcxNWM4NDEyMjY0MTY3 YTgyMWM4YmMwNjYuLmU3NWI1MmVjOWJkODVjYTAyNTVhNTg2OWM0ZGY4MGMwMTRiZDNmMzAgMTAw NjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3JlL2xvYWRlci9GcmFtZUxvYWRlci5jcHAKKysrIGIvU291 cmNlL1dlYkNvcmUvbG9hZGVyL0ZyYW1lTG9hZGVyLmNwcApAQCAtODY2LDE4ICs4NjYsOSBAQCBT dHJpbmcgRnJhbWVMb2FkZXI6Om91dGdvaW5nT3JpZ2luKCkgY29uc3QKICAgICByZXR1cm4gbV9m cmFtZS0+ZG9jdW1lbnQoKS0+c2VjdXJpdHlPcmlnaW4oKS0+dG9TdHJpbmcoKTsKIH0KIAotYm9v bCBGcmFtZUxvYWRlcjo6aXNNaXhlZENvbnRlbnQoU2VjdXJpdHlPcmlnaW4qIGNvbnRleHQsIGNv bnN0IEtVUkwmIHVybCkKLXsKLSAgICBpZiAoY29udGV4dC0+cHJvdG9jb2woKSAhPSAiaHR0cHMi KQotICAgICAgICByZXR1cm4gZmFsc2U7ICAvLyBXZSBvbmx5IGNhcmUgYWJvdXQgSFRUUFMgc2Vj dXJpdHkgb3JpZ2lucy4KLQotICAgIC8vIFdlJ3JlIGluIGEgc2VjdXJlIGNvbnRleHQsIHNvIHx1 cmx8IGlzIG1peGVkIGNvbnRlbnQgaWYgaXQncyBpbnNlY3VyZS4KLSAgICByZXR1cm4gIVNlY3Vy aXR5T3JpZ2luOjppc1NlY3VyZSh1cmwpOwotfQotCiBib29sIEZyYW1lTG9hZGVyOjpjaGVja0lm RGlzcGxheUluc2VjdXJlQ29udGVudChTZWN1cml0eU9yaWdpbiogY29udGV4dCwgY29uc3QgS1VS TCYgdXJsKQogewotICAgIGlmICghaXNNaXhlZENvbnRlbnQoY29udGV4dCwgdXJsKSkKKyAgICBp ZiAoIWNvbnRleHQtPmlzTWl4ZWRDb250ZW50KHVybCkpCiAgICAgICAgIHJldHVybiB0cnVlOwog CiAgICAgU2V0dGluZ3MqIHNldHRpbmdzID0gbV9mcmFtZS0+c2V0dGluZ3MoKTsKQEAgLTg5NSw3 ICs4ODYsNyBAQCBib29sIEZyYW1lTG9hZGVyOjpjaGVja0lmRGlzcGxheUluc2VjdXJlQ29udGVu dChTZWN1cml0eU9yaWdpbiogY29udGV4dCwgY29uc3QgSwogCiBib29sIEZyYW1lTG9hZGVyOjpj aGVja0lmUnVuSW5zZWN1cmVDb250ZW50KFNlY3VyaXR5T3JpZ2luKiBjb250ZXh0LCBjb25zdCBL VVJMJiB1cmwpCiB7Ci0gICAgaWYgKCFpc01peGVkQ29udGVudChjb250ZXh0LCB1cmwpKQorICAg IGlmICghY29udGV4dC0+aXNNaXhlZENvbnRlbnQodXJsKSkKICAgICAgICAgcmV0dXJuIHRydWU7 CiAKICAgICBTZXR0aW5ncyogc2V0dGluZ3MgPSBtX2ZyYW1lLT5zZXR0aW5ncygpOwpkaWZmIC0t Z2l0IGEvU291cmNlL1dlYkNvcmUvbG9hZGVyL0ZyYW1lTG9hZGVyLmggYi9Tb3VyY2UvV2ViQ29y ZS9sb2FkZXIvRnJhbWVMb2FkZXIuaAppbmRleCBlNTkwNmY2OWUwOTU3MjljMTlkZTk5Y2RhYmQw MWE5OTJjNzc4OTViLi45ZjYyMTYxNjU3N2Q0NDc4YmVhZWFhZTcyZWNjZjBiMzNkNGQyMmUzIDEw MDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9sb2FkZXIvRnJhbWVMb2FkZXIuaAorKysgYi9Tb3Vy Y2UvV2ViQ29yZS9sb2FkZXIvRnJhbWVMb2FkZXIuaApAQCAtMjE1LDcgKzIxNSw2IEBAIHB1Ymxp YzoKICAgICBTYW5kYm94RmxhZ3MgZWZmZWN0aXZlU2FuZGJveEZsYWdzKCkgY29uc3Q7CiAKICAg ICAvLyBNaXhlZCBjb250ZW50IHJlbGF0ZWQgZnVuY3Rpb25zLgotICAgIHN0YXRpYyBib29sIGlz TWl4ZWRDb250ZW50KFNlY3VyaXR5T3JpZ2luKiBjb250ZXh0LCBjb25zdCBLVVJMJik7CiAgICAg Ym9vbCBjaGVja0lmRGlzcGxheUluc2VjdXJlQ29udGVudChTZWN1cml0eU9yaWdpbiogY29udGV4 dCwgY29uc3QgS1VSTCYpOwogICAgIGJvb2wgY2hlY2tJZlJ1bkluc2VjdXJlQ29udGVudChTZWN1 cml0eU9yaWdpbiogY29udGV4dCwgY29uc3QgS1VSTCYpOwogCmRpZmYgLS1naXQgYS9Tb3VyY2Uv V2ViQ29yZS9wYWdlL1NlY3VyaXR5T3JpZ2luLmNwcCBiL1NvdXJjZS9XZWJDb3JlL3BhZ2UvU2Vj dXJpdHlPcmlnaW4uY3BwCmluZGV4IDI1YmFlMDI4NDlhMWJiYTE4NTc4YmZiMDIyM2FjMmQ0NDNl MmY0YTkuLjhmNjljODVjODY5ZjBhNDJlMThiNWZmNzJkOTQ3OWZlMTI3NGJkOTggMTAwNjQ0Ci0t LSBhL1NvdXJjZS9XZWJDb3JlL3BhZ2UvU2VjdXJpdHlPcmlnaW4uY3BwCisrKyBiL1NvdXJjZS9X ZWJDb3JlL3BhZ2UvU2VjdXJpdHlPcmlnaW4uY3BwCkBAIC0zNjgsNiArMzY4LDE1IEBAIGJvb2wg U2VjdXJpdHlPcmlnaW46OmNhbkRpc3BsYXkoY29uc3QgS1VSTCYgdXJsKSBjb25zdAogICAgIHJl dHVybiB0cnVlOwogfQogCitib29sIFNlY3VyaXR5T3JpZ2luOjppc01peGVkQ29udGVudChjb25z dCBLVVJMJiB1cmwpIGNvbnN0Cit7CisgICAgaWYgKG1fcHJvdG9jb2wgIT0gImh0dHBzIikKKyAg ICAgICAgcmV0dXJuIGZhbHNlOyAvLyBXZSBvbmx5IGNhcmUgYWJvdXQgSFRUUFMgc2VjdXJpdHkg b3JpZ2lucy4KKworICAgIC8vIFdlJ3JlIGluIGEgc2VjdXJlIGNvbnRleHQsIHNvIHx1cmx8IGlz IG1peGVkIGNvbnRlbnQgaWYgaXQncyBpbnNlY3VyZS4KKyAgICByZXR1cm4gIWlzU2VjdXJlKHVy bCk7Cit9CisKIFNlY3VyaXR5T3JpZ2luOjpQb2xpY3kgU2VjdXJpdHlPcmlnaW46OmNhblNob3dO b3RpZmljYXRpb25zKCkgY29uc3QKIHsKICAgICBpZiAobV91bml2ZXJzYWxBY2Nlc3MpCmRpZmYg LS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9wYWdlL1NlY3VyaXR5T3JpZ2luLmggYi9Tb3VyY2UvV2Vi Q29yZS9wYWdlL1NlY3VyaXR5T3JpZ2luLmgKaW5kZXggMmE1MGJhN2UzZWVjZTZhYTRlNzE3YjRj MzE3MjU2OGUyNjIyOTNlOC4uMTcyNWJiNDBkYjQxZjQwODg2Y2MxYWVkNTkxZmU5ZDgwYThjNWY0 MCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvcGFnZS9TZWN1cml0eU9yaWdpbi5oCisrKyBi L1NvdXJjZS9XZWJDb3JlL3BhZ2UvU2VjdXJpdHlPcmlnaW4uaApAQCAtOTgsNiArOTgsMTAgQEAg cHVibGljOgogICAgIC8vIGRpc3BsYXkgY29udGVudCBmcm9tIHRoZSB1c2VyJ3MgZmlsZXMgc3lz dGVtLgogICAgIGJvb2wgY2FuRGlzcGxheShjb25zdCBLVVJMJikgY29uc3Q7CiAKKyAgICAvLyBS ZXR1cm5zIHRydWUgaWYgdGhlIGdpdmVuIFVSTCBpcyBjb25zaWRlcmVkIG1peGVkIGNvbnRlbnQg d2hlbiBhY2Nlc3NlZAorICAgIC8vIGZyb20gdGhpcyBTZWN1cml0eU9yaWdpbi4KKyAgICBib29s IGlzTWl4ZWRDb250ZW50KGNvbnN0IEtVUkwmKSBjb25zdDsKKwogICAgIC8vIFJldHVybnMgdHJ1 ZSBpZiB0aGlzIFNlY3VyaXR5T3JpZ2luIGNhbiBsb2FkIGxvY2FsIHJlc291cmNlcywgc3VjaAog ICAgIC8vIGFzIGltYWdlcywgaWZyYW1lcywgYW5kIHN0eWxlIHNoZWV0cywgYW5kIGNhbiBsaW5r IHRvIGxvY2FsIFVSTHMuCiAgICAgLy8gRm9yIGV4YW1wbGUsIGNhbGwgdGhpcyBmdW5jdGlvbiBi ZWZvcmUgY3JlYXRpbmcgYW4gaWZyYW1lIHRvIGEKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3Jl L3BsYXRmb3JtL1NjaGVtZVJlZ2lzdHJ5LmNwcCBiL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL1Nj aGVtZVJlZ2lzdHJ5LmNwcAppbmRleCBiMjVjZTFhMGQ0YWZjMzBlNTBjNTRjYzE3YTZlNDFjZjMz Nzk4ZjQ0Li5lNTI2M2UxOGNlZjk4NzY4NjQ4ZGRhZDVmNTU0NWI4ODk5ZTcwYTQ4IDEwMDY0NAot LS0gYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9TY2hlbWVSZWdpc3RyeS5jcHAKKysrIGIvU291 cmNlL1dlYkNvcmUvcGxhdGZvcm0vU2NoZW1lUmVnaXN0cnkuY3BwCkBAIC01OCw2ICs1OCw3IEBA IHN0YXRpYyBVUkxTY2hlbWVzTWFwJiBzZWN1cmVTY2hlbWVzKCkKIAogICAgIGlmIChzZWN1cmVT Y2hlbWVzLmlzRW1wdHkoKSkgewogICAgICAgICBzZWN1cmVTY2hlbWVzLmFkZCgiaHR0cHMiKTsK KyAgICAgICAgc2VjdXJlU2NoZW1lcy5hZGQoIndzcyIpOwogICAgICAgICBzZWN1cmVTY2hlbWVz LmFkZCgiYWJvdXQiKTsKICAgICAgICAgc2VjdXJlU2NoZW1lcy5hZGQoImRhdGEiKTsKICAgICB9 CmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9DaGFuZ2VMb2cgYi9MYXlvdXRUZXN0cy9DaGFuZ2VM b2cKaW5kZXggNzk3NDQ5YTg5YjM1NjhiNWNjYWRiMjZlY2I0MzUwNGVmNDlmNTk5Ny4uYjEwMTZk ZTQ1NWJmYTY1ZjY0YjZkYTJiN2VlNGNjNmQwMDY5Y2Q5ZCAxMDA2NDQKLS0tIGEvTGF5b3V0VGVz dHMvQ2hhbmdlTG9nCisrKyBiL0xheW91dFRlc3RzL0NoYW5nZUxvZwpAQCAtMSwzICsxLDE1IEBA CisyMDEyLTA2LTE0ICBZdXRhIEtpdGFtdXJhICA8eXV0YWtAY2hyb21pdW0ub3JnPgorCisgICAg ICAgIERvIG5vdCBhbGxvdyBtaXhlZC1jb250ZW50IFdlYlNvY2tldHMgKHdzOi8vIFdlYlNvY2tl dHMgb24gYW4gaHR0cHM6Ly8gcGFnZSkKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcv c2hvd19idWcuY2dpP2lkPTg5MDY4CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BT ISkuCisKKyAgICAgICAgKiBodHRwL3Rlc3RzL3dlYnNvY2tldC90ZXN0cy9oeWJpL21peGVkLWNv bnRlbnQtaHR0cHMtdG8td3MtZXhwZWN0ZWQudHh0OiBBZGRlZC4KKyAgICAgICAgKiBodHRwL3Rl c3RzL3dlYnNvY2tldC90ZXN0cy9oeWJpL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MuaHRtbDog QWRkZWQuCisgICAgICAgIE9wZW5zIGFuIGlmcmFtZSB3aGljaCBsb2FkcyBhbiBIVFRQUyBwYWdl IHRyeWluZyB0byBjb25uZWN0IHRvIHdzOi8vIHNlcnZlci4KKyAgICAgICAgKiBodHRwL3Rlc3Rz L3dlYnNvY2tldC90ZXN0cy9oeWJpL3Jlc291cmNlcy9taXhlZC1jb250ZW50LWh0dHBzLXRvLXdz LWlmcmFtZS5odG1sOiBBZGRlZC4KKwogMjAxMi0wNi0xMyAgS2ludWtvIFlhc3VkYSAgPGtpbnVr b0BjaHJvbWl1bS5vcmc+CiAKICAgICAgICAgW0Nocm9taXVtXSBVbnJldmlld2VkOiBBZGQgcmVi YXNlbGluZSBhbmQgdXBkYXRlIGV4cGVjdGF0aW9ucy4KZGlmZiAtLWdpdCBhL0xheW91dFRlc3Rz L2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3RzL2h5YmkvbWl4ZWQtY29udGVudC1odHRwcy10by13 cy1leHBlY3RlZC50eHQgYi9MYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3dlYnNvY2tldC90ZXN0cy9o eWJpL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MtZXhwZWN0ZWQudHh0Cm5ldyBmaWxlIG1vZGUg MTAwNjQ0CmluZGV4IDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAuLmU5 NzVjMzdiYjYxMzkwZDE2MzhlZmQ3MGRiOGJjNzk3NWE4ZDdiZDkKLS0tIC9kZXYvbnVsbAorKysg Yi9MYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3dlYnNvY2tldC90ZXN0cy9oeWJpL21peGVkLWNvbnRl bnQtaHR0cHMtdG8td3MtZXhwZWN0ZWQudHh0CkBAIC0wLDAgKzEsMTUgQEAKK0NPTlNPTEUgTUVT U0FHRTogU2VjdXJlIHBhZ2UgY2FuIG9ubHkgY29ubmVjdCB0byBzZWN1cmUgV2ViU29ja2V0IHNl cnZlcnMgKHdzczovLykKK2h0dHBzOi8vIHBhZ2Ugc2hvdWxkIG5vdCBiZSBhYmxlIHRvIGNvbm5l Y3QgdG8gd3M6Ly8gc2VydmVycy4KKworT24gc3VjY2VzcywgeW91IHdpbGwgc2VlIGEgc2VyaWVz IG9mICJQQVNTIiBtZXNzYWdlcywgZm9sbG93ZWQgYnkgIlRFU1QgQ09NUExFVEUiLgorCitQQVNT IHN1Y2Nlc3NmdWxseVBhcnNlZCBpcyB0cnVlCisKK1RFU1QgQ09NUExFVEUKKworCistLS0tLS0t LQorRnJhbWU6ICc8IS0tZnJhbWVQYXRoIC8vPCEtLWZyYW1lMC0tPi0tPicKKy0tLS0tLS0tCitQ QVNTIG5ldyBXZWJTb2NrZXQoIndzOi8vMTI3LjAuMC4xOjg4ODAvd2Vic29ja2V0L3Rlc3RzL2h5 Ymkvc2ltcGxlIikgdGhyZXcgZXhjZXB0aW9uIEVycm9yOiBTRUNVUklUWV9FUlI6IERPTSBFeGNl cHRpb24gMTguCisKZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0 L3Rlc3RzL2h5YmkvbWl4ZWQtY29udGVudC1odHRwcy10by13cy5odG1sIGIvTGF5b3V0VGVzdHMv aHR0cC90ZXN0cy93ZWJzb2NrZXQvdGVzdHMvaHliaS9taXhlZC1jb250ZW50LWh0dHBzLXRvLXdz Lmh0bWwKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwMC4uMjMxOWZlZTE2YjVkOWM2OGFkMTFmMWRkNzdmNDUxYjEyMjUwNzQ5 YgotLS0gL2Rldi9udWxsCisrKyBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rl c3RzL2h5YmkvbWl4ZWQtY29udGVudC1odHRwcy10by13cy5odG1sCkBAIC0wLDAgKzEsMjcgQEAK KzwhRE9DVFlQRSBIVE1MIFBVQkxJQyAiLS8vSUVURi8vRFREIEhUTUwvL0VOIj4KKzxodG1sPgor PGhlYWQ+Cis8c2NyaXB0IHNyYz0iLi4vLi4vLi4vLi4vanMtdGVzdC1yZXNvdXJjZXMvanMtdGVz dC1wcmUuanMiPjwvc2NyaXB0PgorPC9oZWFkPgorPGJvZHk+Cis8ZGl2IGlkPSJkZXNjcmlwdGlv biI+PC9kaXY+Cis8ZGl2IGlkPSJjb25zb2xlIj48L2Rpdj4KKzxzY3JpcHQgdHlwZT0idGV4dC9q YXZhc2NyaXB0Ij4KK2Rlc2NyaXB0aW9uKCJodHRwczovLyBwYWdlIHNob3VsZCBub3QgYmUgYWJs ZSB0byBjb25uZWN0IHRvIHdzOi8vIHNlcnZlcnMuIik7CisKK3dpbmRvdy5qc1Rlc3RJc0FzeW5j ID0gdHJ1ZTsKK2lmICh3aW5kb3cubGF5b3V0VGVzdENvbnRyb2xsZXIpIHsKKyAgICBsYXlvdXRU ZXN0Q29udHJvbGxlci5vdmVycmlkZVByZWZlcmVuY2UoIldlYktpdEhpeGllNzZXZWJTb2NrZXRQ cm90b2NvbEVuYWJsZWQiLCAwKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5kdW1wQ2hpbGRG cmFtZXNBc1RleHQoKTsKK30KKwordmFyIGlmcmFtZSA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQo J2lmcmFtZScpOworaWZyYW1lLm9ubG9hZCA9IGZ1bmN0aW9uKCkgeworICAgIGZpbmlzaEpTVGVz dCgpOworfTsKK2lmcmFtZS5zcmMgPSAnaHR0cHM6Ly8xMjcuMC4wLjE6ODQ0My93ZWJzb2NrZXQv dGVzdHMvaHliaS9yZXNvdXJjZXMvbWl4ZWQtY29udGVudC1odHRwcy10by13cy1pZnJhbWUuaHRt bCc7Citkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGlmcmFtZSk7Cis8L3NjcmlwdD4KKzxzY3Jp cHQgc3JjPSIuLi8uLi8uLi8uLi9qcy10ZXN0LXJlc291cmNlcy9qcy10ZXN0LXBvc3QuanMiPjwv c2NyaXB0PgorPC9ib2R5PgorPC9odG1sPgpkaWZmIC0tZ2l0IGEvTGF5b3V0VGVzdHMvaHR0cC90 ZXN0cy93ZWJzb2NrZXQvdGVzdHMvaHliaS9yZXNvdXJjZXMvbWl4ZWQtY29udGVudC1odHRwcy10 by13cy1pZnJhbWUuaHRtbCBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3Rz L2h5YmkvcmVzb3VyY2VzL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MtaWZyYW1lLmh0bWwKbmV3 IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMC4uYWJhMmI0N2I2MzBjNTI3OGM2MmViNWVkZDE3YWJmNjRjMDhkMmQ4NwotLS0gL2Rl di9udWxsCisrKyBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3RzL2h5Ymkv cmVzb3VyY2VzL21peGVkLWNvbnRlbnQtaHR0cHMtdG8td3MtaWZyYW1lLmh0bWwKQEAgLTAsMCAr MSwxMiBAQAorPGh0bWw+Cis8aGVhZD4KKzxzY3JpcHQgc3JjPSIuLi8uLi8uLi8uLi8uLi9qcy10 ZXN0LXJlc291cmNlcy9qcy10ZXN0LXByZS5qcyI+PC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keT4K KzxkaXYgaWQ9ImRlc2NyaXB0aW9uIj48L2Rpdj4KKzxkaXYgaWQ9ImNvbnNvbGUiPjwvZGl2Pgor PHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPgorc2hvdWxkVGhyb3coJ25ldyBXZWJTb2Nr ZXQoIndzOi8vMTI3LjAuMC4xOjg4ODAvd2Vic29ja2V0L3Rlc3RzL2h5Ymkvc2ltcGxlIiknKTsK Kzwvc2NyaXB0PgorPC9ib2R5PgorPC9odG1sPgo=