chef 11.14.0.alpha.4 → 11.14.0.rc.2

data/lib/chef/resource/service.rb

@@ -42,9 +42,14 @@ class Chef
         @reload_command = nil
         @init_command = nil
         @priority = nil
+        @timeout = nil
         @action = "nothing"
         @supports = { :restart => false, :reload => false, :status => false }
         @allowed_actions.push(:enable, :disable, :start, :stop, :restart, :reload)
+
+        if(run_context && run_context.node[:init_package] == "systemd")
+          @provider = Chef::Provider::Service::Systemd
+        end
       end
 
       def service_name(arg=nil)
@@ -150,16 +155,28 @@ class Chef
       #   similar for other runlevels
       #
       def priority(arg=nil)
-        set_or_return(:priority,
-                      arg,
-                      :kind_of => [ Integer, String, Hash ])
+        set_or_return(
+          :priority,
+          arg,
+          :kind_of => [ Integer, String, Hash ]
+        )
+      end
+
+      # timeout only applies to the windows service manager
+      def timeout(arg=nil)
+        set_or_return(
+          :timeout,
+          arg,
+          :kind_of => Integer
+        )
       end
 
       def parameters(arg=nil)
         set_or_return(
           :parameters,
           arg,
-          :kind_of => [ Hash ] )
+          :kind_of => [ Hash ]
+        )
       end
 
       def supports(args={})

data/lib/chef/resource_reporter.rb

@@ -47,6 +47,16 @@ class Chef
         report
       end
 
+      # Future: Some resources store state information that does not convert nicely
+      # to json. We can't call a resource's state method here, since there are conflicts
+      # with some LWRPs, so we can't override a resource's state method to return
+      # json-friendly state data.
+      #
+      # The registry key resource returns json-friendly state data through its state
+      # attribute, and uses a read-only variable for fetching true state data. If
+      # we have conflicts with other resources reporting json incompatible state, we
+      # may want to extend the state_attrs API with the ability to rename POST'd
+      # attrs.
       def for_json
         as_hash = {}
         as_hash["type"]   = new_resource.class.dsl_name

data/lib/chef/resources.rb

@@ -48,6 +48,7 @@ require 'chef/resource/mount'
 require 'chef/resource/ohai'
 require 'chef/resource/package'
 require 'chef/resource/pacman_package'
+require 'chef/resource/paludis_package'
 require 'chef/resource/perl'
 require 'chef/resource/portage_package'
 require 'chef/resource/powershell_script'

data/lib/chef/role.rb

@@ -231,21 +231,25 @@ class Chef
     end
 
     # Load a role from disk - prefers to load the JSON, but will happily load
-    # the raw rb files as well.
-    def self.from_disk(name, force=nil)
+    # the raw rb files as well. Can search within directories in the role_path.
+    def self.from_disk(name)
       paths = Array(Chef::Config[:role_path])
+      paths.each do |path|
+        roles_files = Dir.glob(File.join(path, "**", "**"))
+        js_files = roles_files.select { |file| file.match /#{name}\.json$/ }
+        rb_files = roles_files.select { |file| file.match /#{name}\.rb$/ }
+        if js_files.count > 1 or rb_files.count > 1
+          raise Chef::Exceptions::DuplicateRole, "Multiple roles of same type found named #{name}"
+        end
+        js_path, rb_path = js_files.first, rb_files.first
 
-      paths.each do |p|
-        js_file = File.join(p, "#{name}.json")
-        rb_file = File.join(p, "#{name}.rb")
-
-        if File.exists?(js_file) || force == "json"
+        if js_path && File.exists?(js_path)
           # from_json returns object.class => json_class in the JSON.
-          return Chef::JSONCompat.from_json(IO.read(js_file))
-        elsif File.exists?(rb_file) || force == "ruby"
+          return Chef::JSONCompat.from_json(IO.read(js_path))
+        elsif rb_path && File.exists?(rb_path)
           role = Chef::Role.new
           role.name(name)
-          role.from_file(rb_file)
+          role.from_file(rb_path)
           return role
         end
       end

data/lib/chef/shell.rb

@@ -53,6 +53,7 @@ module Shell
     IRB::ExtendCommandBundle.instance_variable_get(:@ALIASES).delete(irb_help)
 
     parse_opts
+    Chef::Config[:shell_config] = options.config
 
     # HACK: this duplicates the functions of IRB.start, but we have to do it
     # to get access to the main object before irb starts.
@@ -111,6 +112,7 @@ module Shell
       conf.prompt_i       = "chef#{leader(m)} > "
       conf.prompt_n       = "chef#{leader(m)} ?> "
       conf.prompt_s       = "chef#{leader(m)}%l> "
+      conf.use_tracer     = false
     end
   end
 
@@ -257,6 +259,12 @@ FOOTER
       :proc         => lambda {|v| puts "Chef: #{::Chef::VERSION}"},
       :exit         => 0
 
+    option :override_runlist,
+      :short        => "-o RunlistItem,RunlistItem...",
+      :long         => "--override-runlist RunlistItem,RunlistItem...",
+      :description  => "Replace current run list with specified items",
+      :proc         => lambda { |items| items.split(',').map { |item| Chef::RunList::RunListItem.new(item) }}
+
     def self.print_help
       instance = new
       instance.parse_options([])

data/lib/chef/shell/shell_session.rb

@@ -151,7 +151,7 @@ module Shell
 
     def rebuild_node
       Chef::Config[:solo] = true
-      @client = Chef::Client.new
+      @client = Chef::Client.new(nil, Chef::Config[:shell_config])
       @client.run_ohai
       @client.load_node
       @client.build_node
@@ -183,7 +183,7 @@ module Shell
     def rebuild_node
       # Tell the client we're chef solo so it won't try to contact the server
       Chef::Config[:solo] = true
-      @client = Chef::Client.new
+      @client = Chef::Client.new(nil, Chef::Config[:shell_config])
       @client.run_ohai
       @client.load_node
       @client.build_node
@@ -214,7 +214,7 @@ module Shell
     def rebuild_node
       # Make sure the client knows this is not chef solo
       Chef::Config[:solo] = false
-      @client = Chef::Client.new
+      @client = Chef::Client.new(nil, Chef::Config[:shell_config])
       @client.run_ohai
       @client.register
       @client.load_node

data/lib/chef/user.rb

@@ -144,18 +144,19 @@ class Chef
     end
 
     def self.list(inflate=false)
-      response = if inflate
-                   users = Chef::REST.new(Chef::Config[:chef_server_url]).get_rest('users')
-                   users.map do |name|
-                     Chef::User.load(name)
-                   end
-                 else
-                   Chef::REST.new(Chef::Config[:chef_server_url]).get_rest('users')
-                 end
-      if response.is_a? Array
-        transform_ohc_list_response(response)
+      response = Chef::REST.new(Chef::Config[:chef_server_url]).get_rest('users')
+      users = if response.is_a?(Array)
+        transform_ohc_list_response(response) # OHC/OPC
       else
-        response
+        response # OSC
+      end
+      if inflate
+        users.inject({}) do |user_map, (name, _url)|
+          user_map[name] = Chef::User.load(name)
+          user_map
+        end
+      else
+        users
       end
     end
 

data/lib/chef/util/selinux.rb

@@ -47,7 +47,7 @@ class Chef
       def restore_security_context(file_path, recursive = false)
         if restorecon_path
           restorecon_command = recursive ? "#{restorecon_path} -R -r" : "#{restorecon_path} -R"
-          restorecon_command += " #{file_path}"
+          restorecon_command += " \"#{file_path}\""
           Chef::Log.debug("Restoring selinux security content with #{restorecon_command}")
           shell_out!(restorecon_command)
         else

data/lib/chef/version.rb

@@ -17,7 +17,7 @@
 
 class Chef
   CHEF_ROOT = File.dirname(File.expand_path(File.dirname(__FILE__)))
-  VERSION = '11.14.0.alpha.4'
+  VERSION = '11.14.0.rc.2'
 end
 
 # NOTE: the Chef::Version class is defined in version_class.rb

data/lib/chef/version_constraint.rb

@@ -21,10 +21,10 @@ class Chef
     DEFAULT_CONSTRAINT = ">= 0.0.0"
     STANDARD_OPS = %w(< > <= >=)
     OPS = %w(< > = <= >= ~>)
-    PATTERN = /^(#{OPS.join('|')}) (.+)$/
+    PATTERN = /^(#{OPS.join('|')}) *([0-9].*)$/
     VERSION_CLASS = Chef::Version
 
-    attr_reader :op, :version
+    attr_reader :op, :version, :raw_version
 
     def initialize(constraint_spec=DEFAULT_CONSTRAINT)
       case constraint_spec
@@ -99,12 +99,13 @@ class Chef
       @missing_patch_level = false
       if str.index(" ").nil? && str =~ /^[0-9]/
         # try for lone version, implied '='
-        @version = self.class::VERSION_CLASS.new(str)
+        @raw_version = str
+        @version = self.class::VERSION_CLASS.new(@raw_version)
         @op = "="
       elsif PATTERN.match str
         @op = $1
-        raw_version = $2
-        @version = self.class::VERSION_CLASS.new(raw_version)
+        @raw_version = $2
+        @version = self.class::VERSION_CLASS.new(@raw_version)
         if raw_version.split('.').size <= 2
           @missing_patch_level = true
         end

data/lib/chef/win32/api/process.rb

@@ -34,6 +34,7 @@ class Chef
         safe_attach_function :GetProcessHandleCount, [ :HANDLE, :LPDWORD ], :BOOL
         safe_attach_function :GetProcessId, [ :HANDLE ], :DWORD
         safe_attach_function :CloseHandle, [ :HANDLE ], :BOOL
+        safe_attach_function :IsWow64Process, [ :HANDLE, :PBOOL ], :BOOL
 
       end
     end

data/lib/chef/win32/api/system.rb

@@ -186,6 +186,20 @@ int WINAPI GetSystemMetrics(
 =end
         safe_attach_function :GetSystemMetrics, [:int], :int
 
+=begin
+LRESULT WINAPI SendMessageTimeout(
+  _In_       HWND hWnd,
+  _In_       UINT Msg,
+  _In_       WPARAM wParam,
+  _In_       LPARAM lParam,
+  _In_       UINT fuFlags,
+  _In_       UINT uTimeout,
+  _Out_opt_  PDWORD_PTR lpdwResult
+);
+=end
+        safe_attach_function :SendMessageTimeoutW, [:HWND, :UINT, :WPARAM, :LPARAM, :UINT, :UINT, :PDWORD_PTR], :LRESULT
+        safe_attach_function :SendMessageTimeoutA, [:HWND, :UINT, :WPARAM, :LPARAM, :UINT, :UINT, :PDWORD_PTR], :LRESULT
+
       end
     end
   end

data/lib/chef/win32/error.rb

@@ -47,7 +47,7 @@ class Chef
       end
 
       def self.get_last_error
-        GetLastError()
+        FFI::LastError.error
       end
 
       # Raises the last error.  This should only be called by

data/lib/chef/win32/security.rb

@@ -262,7 +262,7 @@ class Chef
         system_name = system_name.to_wstring if system_name
         if LookupAccountNameW(system_name, name.to_wstring, nil, sid_size, nil, referenced_domain_name_size, nil)
           raise "Expected ERROR_INSUFFICIENT_BUFFER from LookupAccountName, and got no error!"
-        elsif Chef::ReservedNames::Win32::Error.get_last_error != ERROR_INSUFFICIENT_BUFFER
+        elsif FFI::LastError.error != ERROR_INSUFFICIENT_BUFFER
           Chef::ReservedNames::Win32::Error.raise!
         end
 
@@ -284,7 +284,7 @@ class Chef
         system_name = system_name.to_wstring if system_name
         if LookupAccountSidW(system_name, sid, nil, name_size, nil, referenced_domain_name_size, nil)
           raise "Expected ERROR_INSUFFICIENT_BUFFER from LookupAccountSid, and got no error!"
-        elsif Chef::ReservedNames::Win32::Error::get_last_error != ERROR_INSUFFICIENT_BUFFER
+        elsif FFI::LastError.error != ERROR_INSUFFICIENT_BUFFER
           Chef::ReservedNames::Win32::Error.raise!
         end
 
@@ -303,7 +303,7 @@ class Chef
         name_size = FFI::Buffer.new(:long).write_long(0)
         if LookupPrivilegeNameW(system_name, luid, nil, name_size)
           raise "Expected ERROR_INSUFFICIENT_BUFFER from LookupPrivilegeName, and got no error!"
-        elsif Chef::ReservedNames::Win32::Error.get_last_error != ERROR_INSUFFICIENT_BUFFER
+        elsif FFI::LastError.error != ERROR_INSUFFICIENT_BUFFER
           Chef::ReservedNames::Win32::Error.raise!
         end
 
@@ -321,7 +321,7 @@ class Chef
         language_id = FFI::Buffer.new(:long)
         if LookupPrivilegeDisplayNameW(system_name, name.to_wstring, nil, display_name_size, language_id)
           raise "Expected ERROR_INSUFFICIENT_BUFFER from LookupPrivilegeDisplayName, and got no error!"
-        elsif Chef::ReservedNames::Win32::Error.get_last_error != ERROR_INSUFFICIENT_BUFFER
+        elsif FFI::LastError.error != ERROR_INSUFFICIENT_BUFFER
           Chef::ReservedNames::Win32::Error.raise!
         end
 
@@ -353,7 +353,7 @@ class Chef
         group_size = FFI::Buffer.new(:long).write_long(0)
         if MakeAbsoluteSD(security_descriptor, nil, absolute_sd_size, nil, dacl_size, nil, sacl_size, nil, owner_size, nil, group_size)
           raise "Expected ERROR_INSUFFICIENT_BUFFER from MakeAbsoluteSD, and got no error!"
-        elsif Chef::ReservedNames::Win32::Error.get_last_error != ERROR_INSUFFICIENT_BUFFER
+        elsif FFI::LastError.error != ERROR_INSUFFICIENT_BUFFER
           Chef::ReservedNames::Win32::Error.raise!
         end
 

data/lib/chef/win32/version.rb

@@ -23,6 +23,10 @@ require 'wmi-lite/wmi'
 class Chef
   module ReservedNames::Win32
     class Version
+      class << self
+        include Chef::ReservedNames::Win32::API::System
+      end
+
       include Chef::ReservedNames::Win32::API::Macros
       include Chef::ReservedNames::Win32::API::System
 
@@ -33,12 +37,12 @@ class Chef
       private
 
       def self.get_system_metrics(n_index)
-        Win32API.new('user32', 'GetSystemMetrics', 'I', 'I').call(n_index)
+        GetSystemMetrics(n_index)
       end
 
       def self.method_name_from_marketing_name(marketing_name)
         "#{marketing_name.gsub(/\s/, '_').gsub(/\./, '_').downcase}?"
-        # "#{marketing_name.gsub(/\s/, '_').gsub(//, '_').downcase}?"       
+        # "#{marketing_name.gsub(/\s/, '_').gsub(//, '_').downcase}?"
       end
 
       public

data/spec/data/trusted_certs/opscode.pem

@@ -1,38 +1,60 @@
 -----BEGIN CERTIFICATE-----
-MIIGqjCCBZKgAwIBAgIQCJlQhNSTz1z3zHZb972KvDANBgkqhkiG9w0BAQUFADBI
+MIIFrDCCBJSgAwIBAgIQB1O/fCb6cEytJ4BP3HTbCTANBgkqhkiG9w0BAQUFADBI
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSIwIAYDVQQDExlE
-aWdpQ2VydCBTZWN1cmUgU2VydmVyIENBMB4XDTEzMDQxMjAwMDAwMFoXDTE0MDYx
-NjEyMDAwMFowYzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO
-BgNVBAcTB1NlYXR0bGUxFTATBgNVBAoTDE9wc2NvZGUsIEluYzEWMBQGA1UEAwwN
-Ki5vcHNjb2RlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+U
-HLAzObPRlmchlkJ2JFeReJRPXj5F27HuX8SXT+5WhVGunQf1swjASJ0utk1x9wGT
-f9tnF8fYiwJIqWJopaPiwzNw1cD6CnIfhM3z4T3EzLAWWu2ZhfuaQk9Z6jhItkm7
-upO4CsFq1xw7IjqOq09PCAklYC/Y/8Qq5Qj8VoTp0ldVv6hbqTNkezhWcKU/07si
-jAX1O+DYN6dlVNezfl4Xt5ccsu8Mp0s92IMVYLgY6bpb1b91ez9+XBE1v7zjaR0V
-EP7Ix9av/pXjqMqHgjlsg46UpLa30f4FEi2xmXpCBpOP94rCrT7g+u8UlIrJ/QK/
-/lHyKBpCm0R9ftDbppsCAwEAAaOCA3MwggNvMB8GA1UdIwQYMBaAFJBx2zfrc8jv
-3NUeErY0uitaoKaSMB0GA1UdDgQWBBTdhCU7MvQblxtWHlfHG4jPUTuh5DBLBgNV
-HREERDBCgg0qLm9wc2NvZGUuY29tggtvcHNjb2RlLmNvbYIQY29ycC5vcHNjb2Rl
-LmNvbYISKi5jb3JwLm9wc2NvZGUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
-FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwYQYDVR0fBFowWDAqoCigJoYkaHR0cDov
-L2NybDMuZGlnaWNlcnQuY29tL3NzY2EtZzEuY3JsMCqgKKAmhiRodHRwOi8vY3Js
-NC5kaWdpY2VydC5jb20vc3NjYS1nMS5jcmwwggHEBgNVHSAEggG7MIIBtzCCAbMG
-CWCGSAGG/WwBATCCAaQwOgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cuZGlnaWNlcnQu
-Y29tL3NzbC1jcHMtcmVwb3NpdG9yeS5odG0wggFkBggrBgEFBQcCAjCCAVYeggFS
-AEEAbgB5ACAAdQBzAGUAIABvAGYAIAB0AGgAaQBzACAAQwBlAHIAdABpAGYAaQBj
-AGEAdABlACAAYwBvAG4AcwB0AGkAdAB1AHQAZQBzACAAYQBjAGMAZQBwAHQAYQBu
-AGMAZQAgAG8AZgAgAHQAaABlACAARABpAGcAaQBDAGUAcgB0ACAAQwBQAC8AQwBQ
-AFMAIABhAG4AZAAgAHQAaABlACAAUgBlAGwAeQBpAG4AZwAgAFAAYQByAHQAeQAg
-AEEAZwByAGUAZQBtAGUAbgB0ACAAdwBoAGkAYwBoACAAbABpAG0AaQB0ACAAbABp
-AGEAYgBpAGwAaQB0AHkAIABhAG4AZAAgAGEAcgBlACAAaQBuAGMAbwByAHAAbwBy
-AGEAdABlAGQAIABoAGUAcgBlAGkAbgAgAGIAeQAgAHIAZQBmAGUAcgBlAG4AYwBl
-AC4weAYIKwYBBQUHAQEEbDBqMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
-Y2VydC5jb20wQgYIKwYBBQUHMAKGNmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
-bS9EaWdpQ2VydFNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqG
-SIb3DQEBBQUAA4IBAQCNk1+7l+VlAZrKov7ugP7WuKS7IEUZRk8CVAFPtIrp+jFB
-6W0ta1qMpYyItp5enTBCGOkTfPly06hZnFRQw3ZnkSsWDKIvCRks4kZt3oHLd3nO
-G671JGRJI/qbs6F5l6c96kotlZkolYIPMhyK8Ex4LjMW6UrPWdpJrXTWPvLq4c85
-ZaN52yKu6tsLrBTPwPmK9t+zQ2drb1g8Eq9B+cuwD3Row6njsDQ1Ltry+KCnivki
-E/ptgwyCkS4brkhjHMz5l5Co0KMsHylAb2XcBxFVFSl0aJIqK5Gr0nTlg26pNG7O
-qxv6ncOHl3tmArETi36TQbTYvFc+6cNb8CqdWe95
+aWdpQ2VydCBTZWN1cmUgU2VydmVyIENBMB4XDTE0MDYxMDAwMDAwMFoXDTE1MDcw
+MTEyMDAwMFowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO
+BgNVBAcTB1NlYXR0bGUxGzAZBgNVBAoTEkNoZWYgU29mdHdhcmUsIEluYzEWMBQG
+A1UEAwwNKi5vcHNjb2RlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMm+rf2RcPGBlZoM+hI4BxlaHbdRg1GZJ/T46UWFOBnZFVP++TX/pyjDsvns
+xymcQywtoN/26+UIys6oWX1um9ikEokvf67LdsUeemQGFHFky8X1Ka2hVtKnxBhi
+XZfvyHDR4IyFWU9AwmhnqySzxqCtynUu8Gktx7JVfqbRFMZ186pDcSw8LoaqjTVG
+SzO7eNH2sM3doMueAHj7ITc2wUzmfa0Pdh+K8UoCn/HopU5LzycziJVPYvUkLT2m
+YCV7VWRc+kObZseHhZAbyaDk3RgPQ/eRMhytAgbruBHWDqNesNw+ZA70w856Oj2Y
+geO7JF+5V6WvkywrF8vydaoM2l8CAwEAAaOCAm8wggJrMB8GA1UdIwQYMBaAFJBx
+2zfrc8jv3NUeErY0uitaoKaSMB0GA1UdDgQWBBQK5zjZwbcmcMNLnI2h1ioAldEV
+ujCBygYDVR0RBIHCMIG/gg0qLm9wc2NvZGUuY29tghBjb3JwLm9wc2NvZGUuY29t
+ghIqLmNvcnAub3BzY29kZS5jb22CDyoubGVhcm5jaGVmLmNvbYISKi5jb3JwLmdl
+dGNoZWYuY29tgg0qLmdldGNoZWYuY29tggwqLm9wc2NvZGUudXOCC2dldGNoZWYu
+Y29tggtvcHNjb2RlLmNvbYIRYXBpLmJlcmtzaGVsZi5jb22CDWxlYXJuY2hlZi5j
+b22CCm9wc2NvZGUudXMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjBhBgNVHR8EWjBYMCqgKKAmhiRodHRwOi8vY3JsMy5kaWdp
+Y2VydC5jb20vc3NjYS1nNi5jcmwwKqAooCaGJGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0
+LmNvbS9zc2NhLWc2LmNybDBCBgNVHSAEOzA5MDcGCWCGSAGG/WwBATAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHgGCCsGAQUFBwEB
+BGwwajAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEIGCCsG
+AQUFBzAChjZodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTZWN1
+cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEA
+kgBpJ2t+St7SmWfeNU9EWAhy0NuUnRIi1jnqXdapfPmS6V/M0i2wP/p+crMty78e
++3ieuF5s0GJBLs85Hikcl3SlrrbIBJxozov1TY6zeOi6+TCsdXer6t6iQKz36zno
++k+T6lnMCyo9+pk1PhcAWyfo1Fz4xVOBVec/71VovFkkGD2//KB+sbDs+yh21N9M
+ReO7duj16rQSctfO9R2h65djBNlgz6hXY2nlw8/x3uFfZobXOxDrTcH6Z8HIslkE
+MiTXGix6zdqJaFRCWi+prnAztWs+jEy+v95VSEHPj3xpwZ9WjsxQN0kFA2EX61v/
+kGunmyhehGjblQRt7bpyiA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEjzCCA3egAwIBAgIQBp4dt3/PHfupevXlyaJANzANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEgxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxIjAgBgNVBAMTGURpZ2lDZXJ0IFNlY3Vy
+ZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7V+Qh
+qdWbYDd+jqFhf4HiGsJ1ZNmRUAvkNkQkbjDSm3on+sJqrmpwCTi5IArIZRBKiKwx
+8tyS8mOhXYBjWYCSIxzm73ZKUDXJ2HE4ue3w5kKu0zgmeTD5IpTG26Y/QXiQ2N5c
+fml9+JAVOtChoL76srIZodgr0c6/a91Jq6OS/rWryME+7gEA2KlEuEJziMNh9atK
+gygK0tRJ+mqxzd9XLJTl4sqDX7e6YlwvaKXwwLn9K9HpH9gaYhW9/z2m98vv5ttl
+LyU47PvmIGZYljQZ0hXOIdMkzNkUb9j+Vcfnb7YPGoxJvinyulqagSY3JG/XSBJs
+Lln1nBi72fZo4t9FAgMBAAGjggFaMIIBVjASBgNVHRMBAf8ECDAGAQH/AgEAMA4G
+A1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6
+Ly9vY3NwLmRpZ2ljZXJ0LmNvbTB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3Js
+My5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDegNaAzhjFo
+dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3Js
+MD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBSQcds363PI79zVHhK2NLorWqCmkjAf
+BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTANBgkqhkiG9w0BAQUFAAOC
+AQEAMM7RlVEArgYLoQ4CwBestn+PIPZAdXQczHixpE/q9NDEnaLegQcmH0CIUfAf
+z7dMQJnQ9DxxmHOIlywZ126Ej6QfnFog41FcsMWemWpPyGn3EP9OrRnZyVizM64M
+2ZYpnnGycGOjtpkWQh1l8/egHn3F1GUUsmKE1GxcCAzYbJMrtHZZitF//wPYwl24
+LyLWOPD2nGt9RuuZdPfrSg6ppgTre87wXGuYMVqYQOtpxAX0IKjKCDplbDgV9Vws
+slXkLGtB8L5cRspKKaBIXiDSRf8F3jSvcEuBOeLKB1d8tjHcISnivpcOd5AUUUDh
+v+PMGxmcJcqnBrJT3yOyzxIZow==
 -----END CERTIFICATE-----