net-ldap 0.16.0 → 0.17.0

data/.travis.yml

@@ -1,33 +0,0 @@
-language: ruby
-rvm:
-  - 2.0.0
-  - 2.1
-  - 2.2
-  # optional
-  - ruby-head
-  - jruby-19mode
-  - jruby-head
-  - rbx-2
-
-env:
-  - INTEGRATION=openldap
-
-before_install:
-  - gem update bundler
-
-install:
-  - if [ "$INTEGRATION" = "openldap" ]; then sudo script/install-openldap; fi
-  - bundle install
-
-script: bundle exec rake ci
-
-matrix:
-  allow_failures:
-    - rvm: ruby-head
-    - rvm: jruby-19mode
-    - rvm: jruby-head
-    - rvm: rbx-2
-  fast_finish: true
-
-notifications:
-  email: false

data/CONTRIBUTING.md

@@ -1,54 +0,0 @@
-# Contribution guide
-
-Thank you for using net-ldap. If you'd like to help, keep these guidelines in
-mind.
-
-## Submitting a New Issue
-
-If you find a bug, or would like to propose an idea, file a [new issue][issues].
-Include as many details as possible:
-
-- Version of net-ldap gem
-- LDAP server version
-- Queries, connection information, any other input
-- output or error messages
-
-## Sending a Pull Request
-
-[Pull requests][pr] are always welcome!
-
-Check out [the project's issues list][issues] for ideas on what could be improved.
-
-Before sending, please add tests and ensure the test suite passes.
-
-To run the full suite:
-
-  `bundle exec rake`
-
-To run a specific test file:
-
-  `bundle exec ruby test/test_ldap.rb`
-
-To run a specific test:
-
-  `bundle exec ruby test/test_ldap.rb -n test_instrument_bind`
-
-Pull requests will trigger automatic continuous integration builds on
-[TravisCI][travis]. To run integration tests locally, see the `test/support`
-folder.
-
-## Styleguide
-
-```ruby
-# 1.9+ style hashes
-{key: "value"}
-
-# Multi-line arguments with `\`
-MyClass.new \
-  foo: 'bar',
-  baz: 'garply'
-```
-
-[issues]: https://github.com/ruby-net-ldap/ruby-net-ldap/issues
-[pr]: https://help.github.com/articles/using-pull-requests
-[travis]: https://travis-ci.org/ruby-ldap/ruby-net-ldap

data/Gemfile

@@ -1,2 +0,0 @@
-source 'https://rubygems.org'
-gemspec

data/Rakefile

@@ -1,23 +0,0 @@
-# -*- ruby encoding: utf-8 -*-
-# vim: syntax=ruby
-
-require 'rake/testtask'
-require 'rubocop/rake_task'
-require 'bundler'
-
-RuboCop::RakeTask.new
-
-Rake::TestTask.new do |t|
-  t.libs << 'test'
-  t.test_files = FileList['test/**/test_*.rb']
-  t.verbose = true
-  t.description = 'Run tests, set INTEGRATION=openldap to run integration tests, INTEGRATION_HOST and INTEGRATION_PORT are also supported'
-end
-
-desc 'Run tests and RuboCop (RuboCop runs on mri only)'
-task ci: [:test]
-
-desc 'Run tests and RuboCop'
-task rubotest: [:test, :rubocop]
-
-task default: Bundler.current_ruby.mri? ? [:test, :rubocop] : [:test]

data/net-ldap.gemspec

@@ -1,37 +0,0 @@
-# -*- encoding: utf-8 -*-
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'net/ldap/version'
-
-Gem::Specification.new do |s|
-  s.name = %q{net-ldap}
-  s.version = Net::LDAP::VERSION
-  s.license = "MIT"
-  s.authors = ["Francis Cianfrocca", "Emiel van de Laar", "Rory O'Connell", "Kaspar Schiess", "Austin Ziegler", "Michael Schaarschmidt"]
-  s.description = %q{Net::LDAP for Ruby (also called net-ldap) implements client access for the
-Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for
-accessing distributed directory services. Net::LDAP is written completely in
-Ruby with no external dependencies. It supports most LDAP client features and a
-subset of server features as well.
-
-Net::LDAP has been tested against modern popular LDAP servers including
-OpenLDAP and Active Directory. The current release is mostly compliant with
-earlier versions of the IETF LDAP RFCs (2251-2256, 2829-2830, 3377, and 3771).
-Our roadmap for Net::LDAP 1.0 is to gain full <em>client</em> compliance with
-the most recent LDAP RFCs (4510-4519, plutions of 4520-4532).}
-  s.email = ["blackhedd@rubyforge.org", "gemiel@gmail.com", "rory.ocon@gmail.com", "kaspar.schiess@absurd.li", "austin@rubyforge.org"]
-  s.extra_rdoc_files = ["Contributors.rdoc", "Hacking.rdoc", "History.rdoc", "License.rdoc", "README.rdoc"]
-  s.files = `git ls-files`.split $/
-  s.test_files = s.files.grep(%r{^test})
-  s.homepage = %q{http://github.com/ruby-ldap/ruby-net-ldap}
-  s.rdoc_options = ["--main", "README.rdoc"]
-  s.require_paths = ["lib"]
-  s.required_ruby_version = ">= 2.0.0"
-  s.summary = %q{Net::LDAP for Ruby (also called net-ldap) implements client access for the Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for accessing distributed directory services}
-
-  s.add_development_dependency("flexmock", "~> 1.3")
-  s.add_development_dependency("rake", "~> 10.0")
-  s.add_development_dependency("rubocop", "~> 0.42.0")
-  s.add_development_dependency("test-unit")
-  s.add_development_dependency("byebug")
-end

data/script/changelog

@@ -1,47 +0,0 @@
-#!/bin/bash
-# Usage: script/changelog [-r <repo>] [-b <base>] [-h <head>]
-#
-#  repo: BASE string of GitHub REPOsitory url. e.g. "user_or_org/REPOsitory". Defaults to git remote url.
-#  base: git ref to compare from. e.g. "v1.3.1". Defaults to latest git tag.
-#  head: git ref to compare to. Defaults to "HEAD".
-#
-# Generate a changelog preview from pull requests merged between `base` and
-# `head`.
-#
-# https://github.com/jch/release-scripts/blob/master/changelog
-set -e
-
-[ $# -eq 0 ] && set -- --help
-while [[ $# > 1 ]]
-do
-  key="$1"
-  case $key in
-    -r|--repo)
-    repo="$2"
-    shift
-    ;;
-    -b|--base)
-    base="$2"
-    shift
-    ;;
-    -h|--head)
-    head="$2"
-    shift
-    ;;
-    *)
-    ;;
-  esac
-  shift
-done
-
-repo="${repo:-$(git remote -v | grep push | awk '{print $2}' | cut -d'/' -f4- | sed 's/\.git//')}"
-base="${base:-$(git tag -l | sort -t. -k 1,1n -k 2,2n -k 3,3n | tail -n 1)}"
-head="${head:-HEAD}"
-api_url="https://api.github.com"
-
-# get merged PR's. Better way is to query the API for these, but this is easier
-for pr in $(git log --oneline $base..$head | grep "Merge pull request" | awk '{gsub("#",""); print $5}')
-do
-  # frustrated with trying to pull out the right values, fell back to ruby
-  curl -s "$api_url/repos/$repo/pulls/$pr" | ruby -rjson -e 'pr=JSON.parse(STDIN.read); puts "* #{pr[%q(title)]} {##{pr[%q(number)]}}[#{pr[%q(html_url)]}]"'
-done

data/script/generate-fixture-ca

@@ -1,48 +0,0 @@
-#!/bin/bash
-
-BASE_PATH=$( cd "`dirname $0`/../test/fixtures/ca" && pwd )
-cd "${BASE_PATH}" || exit 4
-
-USAGE=$( cat << EOS
-Usage:
-  $0 --regenerate
-
-Generates a new self-signed CA, for integration testing. This should only need
-to be run if you are writing new TLS/SSL tests, and need to generate
-additional fixtuer CAs.
-
-This script uses the GnuTLS certtool CLI. If you are on macOS,
-'brew install gnutls', and it will be installed as 'gnutls-certtool'.
-Apple unfortunately ships with an incompatible /usr/bin/certtool that does
-different things.
-EOS
-)
-
-if [ "x$1" != 'x--regenerate' ]; then
-  echo "${USAGE}"
-  exit 1
-fi
-
-TOOL=`type -p certtool`
-if [ "$(uname)" = "Darwin" ]; then
-  TOOL=`type -p gnutls-certtool`
-  if [ ! -x "${TOOL}" ]; then
-    echo "Sorry, Darwin requires gnutls-certtool; try `brew install gnutls`"
-    exit 2
-  fi
-fi
-
-if [ ! -x "${TOOL}" ]; then
-  echo "Sorry, no certtool found!"
-  exit 3
-fi
-export TOOL
-
-
-${TOOL} --generate-privkey > ./cakey.pem
-${TOOL} --generate-self-signed \
-  --load-privkey ./cakey.pem \
-  --template ./ca.info \
-  --outfile ./cacert.pem
-
-echo "cert and private key generated! Don't forget to check them in"

data/script/install-openldap

@@ -1,134 +0,0 @@
-#!/usr/bin/env sh
-set -e
-set -x
-
-BASE_PATH=$( cd "`dirname $0`/../test/fixtures/openldap" && pwd )
-SEED_PATH=$( cd "`dirname $0`/../test/fixtures"          && pwd )
-
-dpkg -s slapd time ldap-utils gnutls-bin ssl-cert > /dev/null ||\
-  DEBIAN_FRONTEND=noninteractive apt-get update  -y --force-yes && \
-  DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes slapd time ldap-utils gnutls-bin ssl-cert
-
-/etc/init.d/slapd stop
-
-TMPDIR=$(mktemp -d)
-cd $TMPDIR
-
-# Delete data and reconfigure.
-cp -v /var/lib/ldap/DB_CONFIG ./DB_CONFIG
-rm -rf /etc/ldap/slapd.d/*
-rm -rf /var/lib/ldap/*
-cp -v ./DB_CONFIG /var/lib/ldap/DB_CONFIG
-slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/slapd.conf.ldif
-# Load memberof and ref-int overlays and configure them.
-slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/memberof.ldif
-# Load retcode overlay and configure
-slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/retcode.ldif
-
-# Add base domain.
-slapadd -F /etc/ldap/slapd.d <<EOM
-dn: dc=rubyldap,dc=com
-objectClass: top
-objectClass: domain
-dc: rubyldap
-EOM
-
-chown -R openldap.openldap /etc/ldap/slapd.d
-chown -R openldap.openldap /var/lib/ldap
-
-/etc/init.d/slapd start
-
-# Import seed data.
-# NOTE: use ldapadd in order for memberOf and refint to apply, instead of:
-# cat $SEED_PATH/seed.ldif | slapadd -F /etc/ldap/slapd.d
-/usr/bin/time ldapadd -x -D "cn=admin,dc=rubyldap,dc=com" -w passworD1 \
-             -h localhost -p 389 \
-             -f $SEED_PATH/seed.ldif
-
-rm -rf $TMPDIR
-
-# SSL
-export CA_CERT="/usr/local/share/ca-certificates/rubyldap-ca.crt"
-export CA_KEY="/etc/ssl/private/rubyldap-ca.key"
-
-# The self-signed fixture CA cert & key are generated by
-# `script/generate-fiuxture-ca` and checked into version control.
-# You shouldn't need to muck with these unless you're writing more
-# TLS/SSL integration tests, and need special magic values in the cert.
-
-cp "${SEED_PATH}/ca/cacert.pem" "${CA_CERT}"
-cp "${SEED_PATH}/ca/cakey.pem"  "${CA_KEY}"
-
-# actually add the fixture CA to the system store
-update-ca-certificates
-
-# Make a private key for the server:
-certtool --generate-privkey \
-  --bits 1024 \
-  --outfile /etc/ssl/private/ldap01_slapd_key.pem
-
-sh -c "cat > /etc/ssl/ldap01.info <<EOF
-organization = Example Company
-cn = ldap01.example.com
-dns_name = ldap01.example.com
-dns_name = ldap02.example.com
-dns_name = localhost
-tls_www_server
-encryption_key
-signing_key
-expiration_days = 3650
-EOF"
-
-# The integration server may be accessed by IP address, in which case
-# we want some of the IPs included in the cert. We skip loopback (127.0.0.1)
-# because that's the IP we use in the integration test for cert name mismatches.
-ADDRS=$(ifconfig -a | grep 'inet addr:' | cut -f 2 -d : | cut -f 1 -d ' ')
-for ip in $ADDRS; do
-  if [ "x$ip" = 'x127.0.0.1' ]; then continue; fi
-  echo "ip_address = $ip" >> /etc/ssl/ldap01.info
-done
-
-# Create the server certificate
-certtool --generate-certificate \
-  --load-privkey /etc/ssl/private/ldap01_slapd_key.pem \
-  --load-ca-certificate "${CA_CERT}" \
-  --load-ca-privkey "${CA_KEY}" \
-  --template /etc/ssl/ldap01.info \
-  --outfile /etc/ssl/certs/ldap01_slapd_cert.pem
-
-ldapmodify -Y EXTERNAL -H ldapi:/// <<EOF | true
-dn: cn=config
-add: olcTLSCACertificateFile
-olcTLSCACertificateFile: ${CA_CERT}
--
-add: olcTLSCertificateFile
-olcTLSCertificateFile: /etc/ssl/certs/ldap01_slapd_cert.pem
--
-add: olcTLSCertificateKeyFile
-olcTLSCertificateKeyFile: /etc/ssl/private/ldap01_slapd_key.pem
-EOF
-
-# LDAP over TLS/SSL (ldaps://) is deprecated in favour of StartTLS. The latter
-# refers to an existing LDAP session (listening on TCP port 389) becoming
-# protected by TLS/SSL whereas LDAPS, like HTTPS, is a distinct
-# encrypted-from-the-start protocol that operates over TCP port 636. But we
-# enable it for testing here.
-sed -i -e 's|^SLAPD_SERVICES="\(.*\)"|SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///"|' /etc/default/slapd
-
-adduser openldap ssl-cert
-chgrp ssl-cert /etc/ssl/private/ldap01_slapd_key.pem
-chmod g+r /etc/ssl/private/ldap01_slapd_key.pem
-chmod o-r /etc/ssl/private/ldap01_slapd_key.pem
-
-# Drop packets on a secondary port used to specific timeout tests
-iptables -A INPUT -p tcp -j DROP --dport 8389
-
-# Forward a port for Vagrant
-iptables -t nat -A PREROUTING -p tcp --dport 9389 -j REDIRECT --to-port 389
-
-# fix up /etc/hosts for cert validation
-grep ldap01 /etc/hosts || echo "127.0.0.1 ldap01.example.com" >> /etc/hosts
-grep ldap02 /etc/hosts || echo "127.0.0.1 ldap02.example.com" >> /etc/hosts
-grep bogus /etc/hosts  || echo "127.0.0.1 bogus.example.com" >> /etc/hosts
-
-service slapd restart

data/script/package

@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-# Usage: script/package
-# Updates the gemspec and builds a new gem in the pkg directory.
-
-mkdir -p pkg
-gem build *.gemspec
-mv *.gem pkg

data/script/release

@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-# Usage: script/release
-# Build the package, tag a commit, push it to origin, and then release the
-# package publicly.
-
-set -e
-
-version="$(script/package | grep Version: | awk '{print $2}')"
-[ -n "$version" ] || exit 1
-
-echo $version
-git commit --allow-empty -a -m "Release $version"
-git tag "v$version"
-git push origin
-git push origin "v$version"
-gem push pkg/*-${version}.gem

data/test/ber/core_ext/test_array.rb

@@ -1,22 +0,0 @@
-require_relative '../../test_helper'
-
-class TestBERArrayExtension < Test::Unit::TestCase
-  def test_control_code_array
-    control_codes = []
-    control_codes << ['1.2.3'.to_ber, true.to_ber].to_ber_sequence
-    control_codes << ['1.7.9'.to_ber, false.to_ber].to_ber_sequence
-    control_codes = control_codes.to_ber_sequence
-    res = [['1.2.3', true], ['1.7.9', false]].to_ber_control
-    assert_equal control_codes, res
-  end
-
-  def test_wrap_array_if_not_nested
-    result1 = ['1.2.3', true].to_ber_control
-    result2 = [['1.2.3', true]].to_ber_control
-    assert_equal result2, result1
-  end
-
-  def test_empty_string_if_empty_array
-    assert_equal "", [].to_ber_control
-  end
-end

data/test/ber/core_ext/test_string.rb

@@ -1,25 +0,0 @@
-require_relative '../../test_helper'
-
-class TestBERStringExtension < Test::Unit::TestCase
-  def setup
-    @bind_request = "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus UNCONSUMED".b
-    @result = @bind_request.read_ber!(Net::LDAP::AsnSyntax)
-  end
-
-  def test_parse_ber
-    assert_equal [1, [3, "Administrator", "ad_is_bogus"]], @result
-  end
-
-  def test_unconsumed_message
-    assert_equal " UNCONSUMED", @bind_request
-  end
-
-  def test_exception_does_not_modify_string
-    original = "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus".b
-    duplicate = original.dup
-    flexmock(StringIO).new_instances.should_receive(:read_ber).and_raise(Net::BER::BerError)
-    duplicate.read_ber!(Net::LDAP::AsnSyntax) rescue Net::BER::BerError
-
-    assert_equal original, duplicate
-  end
-end

data/test/ber/test_ber.rb

@@ -1,153 +0,0 @@
-require_relative '../test_helper'
-
-class TestBEREncoding < Test::Unit::TestCase
-  def test_empty_array
-    assert_equal [], [].to_ber.read_ber
-  end
-
-  def test_array
-    ary = [1, 2, 3]
-    encoded_ary = ary.map(&:to_ber).to_ber
-
-    assert_equal ary, encoded_ary.read_ber
-  end
-
-  # http://tools.ietf.org/html/rfc4511#section-5.1
-  def test_true
-    assert_equal "\x01\x01\xFF".b, true.to_ber
-  end
-
-  def test_false
-    assert_equal "\x01\x01\x00", false.to_ber
-  end
-
-  # Sample based
-  {
-    0           => "\x02\x01\x00",
-    1           => "\x02\x01\x01",
-    127         => "\x02\x01\x7F",
-    128         => "\x02\x02\x00\x80",
-    255         => "\x02\x02\x00\xFF",
-    256         => "\x02\x02\x01\x00",
-    65535       => "\x02\x03\x00\xFF\xFF",
-    65536       => "\x02\x03\x01\x00\x00",
-    8388607     => "\x02\x03\x7F\xFF\xFF",
-    8388608     => "\x02\x04\x00\x80\x00\x00",
-    16_777_215  => "\x02\x04\x00\xFF\xFF\xFF",
-    0x01000000  => "\x02\x04\x01\x00\x00\x00",
-    0x3FFFFFFF  => "\x02\x04\x3F\xFF\xFF\xFF",
-    0x4FFFFFFF  => "\x02\x04\x4F\xFF\xFF\xFF",
-
-    # Some odd samples...
-    5           => "\x02\x01\x05",
-    500         => "\x02\x02\x01\xf4",
-    50_000      => "\x02\x03\x00\xC3\x50",
-    5_000_000_000 => "\x02\x05\x01\x2a\x05\xF2\x00",
-
-    # negatives
-    -1          => "\x02\x01\xFF",
-    -127        => "\x02\x01\x81",
-    -128        => "\x02\x01\x80",
-    -255        => "\x02\x02\xFF\x01",
-    -256        => "\x02\x02\xFF\x00",
-    -65535      => "\x02\x03\xFF\x00\x01",
-    -65536      => "\x02\x03\xFF\x00\x00",
-    -65537      => "\x02\x03\xFE\xFF\xFF",
-    -8388607    => "\x02\x03\x80\x00\x01",
-    -8388608    => "\x02\x03\x80\x00\x00",
-    -16_777_215 => "\x02\x04\xFF\x00\x00\x01",
-  }.each do |number, expected_encoding|
-    define_method "test_encode_#{number}" do
-      assert_equal expected_encoding.b, number.to_ber
-    end
-
-    define_method "test_decode_encoded_#{number}" do
-      assert_equal number, expected_encoding.b.read_ber
-    end
-  end
-
-  # Round-trip encoding: This is mostly to be sure to cover Bignums well.
-  def test_powers_of_two
-    100.times do |p|
-      n = 2 << p
-
-      assert_equal n, n.to_ber.read_ber
-    end
-  end
-
-  def test_powers_of_ten
-    100.times do |p|
-      n = 5 * 10**p
-
-      assert_equal n, n.to_ber.read_ber
-    end
-  end
-
-  if "Ruby 1.9".respond_to?(:encoding)
-    def test_encode_utf8_strings
-      assert_equal "\x04\x02\xC3\xA5".b, "\u00e5".force_encoding("UTF-8").to_ber
-    end
-
-    def test_utf8_encodable_strings
-      assert_equal "\x04\nteststring", "teststring".encode("US-ASCII").to_ber
-    end
-
-    def test_encode_binary_data
-      # This is used for searching for GUIDs in Active Directory
-      assert_equal "\x04\x10" + "j1\xB4\xA1*\xA2zA\xAC\xA9`?'\xDDQ\x16".b,
-        ["6a31b4a12aa27a41aca9603f27dd5116"].pack("H*").to_ber_bin
-    end
-
-    def test_non_utf8_encodable_strings
-      assert_equal "\x04\x01\x81".b, "\x81".to_ber
-    end
-  end
-end
-
-class TestBERDecoding < Test::Unit::TestCase
-  def test_decode_number
-    assert_equal 6, "\002\001\006".read_ber(Net::LDAP::AsnSyntax)
-  end
-
-  def test_decode_string
-    assert_equal "testing", "\004\007testing".read_ber(Net::LDAP::AsnSyntax)
-  end
-
-  def test_decode_ldap_bind_request
-    assert_equal [1, [3, "Administrator", "ad_is_bogus"]], "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus".read_ber(Net::LDAP::AsnSyntax)
-  end
-end
-
-class TestBERIdentifiedString < Test::Unit::TestCase
-  def test_binary_data
-    data = ["6a31b4a12aa27a41aca9603f27dd5116"].pack("H*").force_encoding("ASCII-8BIT")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "ASCII-8BIT", bis.encoding.name
-  end
-
-  def test_ascii_data_in_utf8
-    data = "some text".force_encoding("UTF-8")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "UTF-8", bis.encoding.name
-  end
-
-  def test_umlaut_data_in_utf8
-    data = "Müller".force_encoding("UTF-8")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "UTF-8", bis.encoding.name
-  end
-
-  def test_utf8_data_in_utf8
-    data = ["e4b8ad"].pack("H*").force_encoding("UTF-8")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "UTF-8", bis.encoding.name
-  end
-end

data/test/fixtures/ca/ca.info

@@ -1,4 +0,0 @@
-cn = rubyldap
-ca
-cert_signing_key
-expiration_days = 7200

data/test/fixtures/ca/cacert.pem

@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID7zCCAlegAwIBAgIMV7zWei6SNfABx6jMMA0GCSqGSIb3DQEBCwUAMBMxETAP
-BgNVBAMTCHJ1YnlsZGFwMB4XDTE2MDgyMzIzMDQyNloXDTM2MDUxMDIzMDQyNlow
-EzERMA8GA1UEAxMIcnVieWxkYXAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK
-AoIBgQDGe9wziGHZJhIf+IEKSk1tpT9Mu7YgsUwjrlutvkoO1Q6K+amTAVDXizPf
-1DVSDpZP5+CfBOznhgLMsPvrQ02w4qx5/6X9L+zJcMk8jTNYSKj5uIKpK52E7Uok
-aygMXeaqroPONGkoJIZiVGgdbWfTvcffTm8FOhztXUbMrMXJNinFsocGHEoMNN8b
-vqgAyG4+DFHoK4L0c6eQjE4nZBChieZdShUhaBpV7r2qSNbPw67cvAKuEzml58mV
-1ZF1F73Ua8gPWXHEfUe2GEfG0NnRq6sGbsDYe/DIKxC7AZ89udZF3WZXNrPhvXKj
-ZT7njwcMQemns4dNPQ0k2V4vAQ8pD8r8Qvb65FiSopUhVaGQswAnIMS1DnFq88AQ
-KJTKIXbBuMwuaNNSs6R/qTS2RDk1w+CGpRXAg7+1SX5NKdrEsu1IaABA/tQ/zKKk
-OLLJaD0giX1weBVmNeFcKxIoT34VS59eEt5APmPcguJnx+aBrA9TLzSO788apBN0
-4lGAmR0CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQA
-MB0GA1UdDgQWBBRTvXSkge03oqLu7UUjFI+oLYwnujANBgkqhkiG9w0BAQsFAAOC
-AYEATSZQWH+uSN5GvOUvJ8LHWkeVovn0UhboK0K7GzmMeGz+dp/Xrj6eQ4ONK0zI
-RCJyoo/nCR7CfQ5ujVXr03XD2SUgyD565ulXuhw336DasL5//fucmQYDeqhwbKML
-FTzsF9H9dO4J5TjxJs7e5dRJ0wrP/XEY+WFhXXdSHTl8vGCI6QqWc7TvDpmbS4iX
-uTzjJswu9Murt9JUJNMN2DlDi/vBBeruaj4c2cMMnKMvkfj14kd8wMocmzj+gVQl
-r+fRQbKAJNec65lA4/Zeb6sD9SAi0ZIVgxA4a7g8/sdNWHIAxPicpJkIJf30TsyY
-F+8+Hd5mBtCbvFfAVkT6bHBP1OiAgNke+Rh/j/sQbyWbKCKw0+jpFJgO9KUNGfC0
-O/CqX+J4G7HqL8VJqrLnBvOdhfetAvNQtf1gcw5ZwpeEFM+Kvx/lsILaIYdAUSjX
-ePOc5gI2Bi9WXq+T9AuhSf+TWUR874m/rdTWe5fM8mXCNl7C4I5zCqLltEDkSoMP
-jDj/
------END CERTIFICATE-----