@certd/plugin-cert 1.41.3 → 1.41.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/package.json +6 -6
  3. package/dist/access/eab-access.d.ts +0 -6
  4. package/dist/access/eab-access.js +0 -62
  5. package/dist/access/google-access.d.ts +0 -8
  6. package/dist/access/google-access.js +0 -119
  7. package/dist/access/index.d.ts +0 -2
  8. package/dist/access/index.js +0 -3
  9. package/dist/dns-provider/api.d.ts +0 -76
  10. package/dist/dns-provider/api.js +0 -2
  11. package/dist/dns-provider/base.d.ts +0 -27
  12. package/dist/dns-provider/base.js +0 -49
  13. package/dist/dns-provider/decorator.d.ts +0 -3
  14. package/dist/dns-provider/decorator.js +0 -18
  15. package/dist/dns-provider/domain-parser.d.ts +0 -9
  16. package/dist/dns-provider/domain-parser.js +0 -64
  17. package/dist/dns-provider/index.d.ts +0 -5
  18. package/dist/dns-provider/index.js +0 -6
  19. package/dist/dns-provider/registry.d.ts +0 -1
  20. package/dist/dns-provider/registry.js +0 -3
  21. package/dist/libs/google.d.ts +0 -11
  22. package/dist/libs/google.js +0 -59
  23. package/dist/plugin/cert-plugin/acme.d.ts +0 -123
  24. package/dist/plugin/cert-plugin/acme.js +0 -362
  25. package/dist/plugin/cert-plugin/base-convert.d.ts +0 -25
  26. package/dist/plugin/cert-plugin/base-convert.js +0 -210
  27. package/dist/plugin/cert-plugin/base.d.ts +0 -27
  28. package/dist/plugin/cert-plugin/base.js +0 -175
  29. package/dist/plugin/cert-plugin/cert-reader.d.ts +0 -51
  30. package/dist/plugin/cert-plugin/cert-reader.js +0 -206
  31. package/dist/plugin/cert-plugin/convert.d.ts +0 -26
  32. package/dist/plugin/cert-plugin/convert.js +0 -124
  33. package/dist/plugin/cert-plugin/custom/index.d.ts +0 -24
  34. package/dist/plugin/cert-plugin/custom/index.js +0 -202
  35. package/dist/plugin/cert-plugin/getter/aliyun.d.ts +0 -19
  36. package/dist/plugin/cert-plugin/getter/aliyun.js +0 -165
  37. package/dist/plugin/cert-plugin/index.d.ts +0 -62
  38. package/dist/plugin/cert-plugin/index.js +0 -672
  39. package/dist/plugin/cert-plugin/lego/dns.d.ts +0 -1
  40. package/dist/plugin/cert-plugin/lego/dns.js +0 -2
  41. package/dist/plugin/cert-plugin/lego/index.d.ts +0 -21
  42. package/dist/plugin/cert-plugin/lego/index.js +0 -256
  43. package/dist/plugin/index.d.ts +0 -6
  44. package/dist/plugin/index.js +0 -7
  45. package/stats.html +0 -6177
  46. package/test/dist/cert-plugin.test.js +0 -14
  47. package/test/dist/test/cert-plugin.test.js +0 -15
@@ -1,123 +0,0 @@
1
- import * as acme from "@certd/acme-client";
2
- import { ClientExternalAccountBindingOptions, UrlMapping } from "@certd/acme-client";
3
- import { Challenge } from "@certd/acme-client/types/rfc8555";
4
- import { IContext } from "@certd/pipeline";
5
- import { ILogger } from "@certd/basic";
6
- import { IDnsProvider, IDomainParser } from "../../dns-provider/index.js";
7
- import { IOssClient } from "@certd/plugin-lib";
8
- export type CnameVerifyPlan = {
9
- type?: string;
10
- domain: string;
11
- fullRecord: string;
12
- dnsProvider: IDnsProvider;
13
- };
14
- export type HttpVerifyPlan = {
15
- type: string;
16
- domain: string;
17
- httpUploader: IOssClient;
18
- };
19
- export type DomainVerifyPlan = {
20
- domain: string;
21
- mainDomain: string;
22
- type: "cname" | "dns" | "http";
23
- dnsProvider?: IDnsProvider;
24
- cnameVerifyPlan?: CnameVerifyPlan;
25
- httpVerifyPlan?: HttpVerifyPlan;
26
- };
27
- export type DomainsVerifyPlan = {
28
- [key: string]: DomainVerifyPlan;
29
- };
30
- export type Providers = {
31
- dnsProvider?: IDnsProvider;
32
- domainsVerifyPlan?: DomainsVerifyPlan;
33
- };
34
- export type CertInfo = {
35
- crt: string;
36
- key: string;
37
- csr: string;
38
- oc?: string;
39
- ic?: string;
40
- pfx?: string;
41
- der?: string;
42
- jks?: string;
43
- one?: string;
44
- p7b?: string;
45
- };
46
- export type SSLProvider = "letsencrypt" | "google" | "zerossl" | "sslcom" | "letsencrypt_staging";
47
- export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
48
- type AcmeServiceOptions = {
49
- userContext: IContext;
50
- logger: ILogger;
51
- sslProvider: SSLProvider;
52
- eab?: ClientExternalAccountBindingOptions;
53
- skipLocalVerify?: boolean;
54
- useMappingProxy?: boolean;
55
- reverseProxy?: string;
56
- privateKeyType?: PrivateKeyType;
57
- signal?: AbortSignal;
58
- maxCheckRetryCount?: number;
59
- userId: number;
60
- domainParser: IDomainParser;
61
- waitDnsDiffuseTime?: number;
62
- };
63
- export declare class AcmeService {
64
- options: AcmeServiceOptions;
65
- userContext: IContext;
66
- logger: ILogger;
67
- sslProvider: SSLProvider;
68
- skipLocalVerify: boolean;
69
- eab?: ClientExternalAccountBindingOptions;
70
- constructor(options: AcmeServiceOptions);
71
- getAccountConfig(email: string, urlMapping: UrlMapping): Promise<any>;
72
- buildAccountKey(email: string): string;
73
- saveAccountConfig(email: string, conf: any): Promise<void>;
74
- getAcmeClient(email: string): Promise<acme.Client>;
75
- createNewKey(): Promise<string>;
76
- challengeCreateFn(authz: any, keyAuthorizationGetter: (challenge: Challenge) => Promise<string>, providers: Providers): Promise<{
77
- challenge: any;
78
- keyAuthorization: string;
79
- httpUploader: IOssClient;
80
- } | {
81
- recordReq: {
82
- domain: any;
83
- fullRecord: string;
84
- hostRecord: string;
85
- type: string;
86
- value: string;
87
- };
88
- recordRes: any;
89
- dnsProvider: IDnsProvider<any>;
90
- challenge: any;
91
- keyAuthorization: string;
92
- }>;
93
- /**
94
- * Function used to remove an ACME challenge response
95
- *
96
- * @param {object} authz Authorization object
97
- * @param {object} challenge Selected challenge
98
- * @param {string} keyAuthorization Authorization key
99
- * @param recordReq
100
- * @param recordRes
101
- * @param dnsProvider dnsProvider
102
- * @param httpUploader
103
- * @returns {Promise}
104
- */
105
- challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider?: IDnsProvider, httpUploader?: IOssClient): Promise<void>;
106
- order(options: {
107
- email: string;
108
- domains: string | string[];
109
- dnsProvider?: any;
110
- domainsVerifyPlan?: DomainsVerifyPlan;
111
- httpUploader?: any;
112
- csrInfo: any;
113
- privateKeyType?: string;
114
- profile?: string;
115
- preferredChain?: string;
116
- }): Promise<CertInfo>;
117
- buildCommonNameByDomains(domains: string | string[]): {
118
- commonName?: string;
119
- altNames: string[] | undefined;
120
- };
121
- private testDirectory;
122
- }
123
- export {};
@@ -1,362 +0,0 @@
1
- // @ts-ignore
2
- import * as acme from "@certd/acme-client";
3
- import { utils } from "@certd/basic";
4
- import punycode from "punycode.js";
5
- export class AcmeService {
6
- options;
7
- userContext;
8
- logger;
9
- sslProvider;
10
- skipLocalVerify = true;
11
- eab;
12
- constructor(options) {
13
- this.options = options;
14
- this.userContext = options.userContext;
15
- this.logger = options.logger;
16
- this.sslProvider = options.sslProvider || "letsencrypt";
17
- this.eab = options.eab;
18
- this.skipLocalVerify = options.skipLocalVerify ?? false;
19
- // acme.setLogger((message: any, ...args: any[]) => {
20
- // this.logger.info(message, ...args);
21
- // });
22
- }
23
- async getAccountConfig(email, urlMapping) {
24
- const conf = (await this.userContext.getObj(this.buildAccountKey(email))) || {};
25
- if (urlMapping && urlMapping.mappings) {
26
- for (const key in urlMapping.mappings) {
27
- if (Object.prototype.hasOwnProperty.call(urlMapping.mappings, key)) {
28
- const element = urlMapping.mappings[key];
29
- if (conf.accountUrl?.indexOf(element) > -1) {
30
- //如果用了代理url,要替换回去
31
- conf.accountUrl = conf.accountUrl.replace(element, key);
32
- }
33
- }
34
- }
35
- }
36
- return conf;
37
- }
38
- buildAccountKey(email) {
39
- return `acme.config.${this.sslProvider}.${email}`;
40
- }
41
- async saveAccountConfig(email, conf) {
42
- await this.userContext.setObj(this.buildAccountKey(email), conf);
43
- }
44
- async getAcmeClient(email) {
45
- const mappings = {};
46
- if (this.sslProvider === "letsencrypt") {
47
- mappings["acme-v02.api.letsencrypt.org"] = this.options.reverseProxy || "le.px.certd.handfree.work";
48
- }
49
- else if (this.sslProvider === "google") {
50
- mappings["dv.acme-v02.api.pki.goog"] = this.options.reverseProxy || "gg.px.certd.handfree.work";
51
- }
52
- const urlMapping = {
53
- enabled: false,
54
- mappings,
55
- };
56
- const conf = await this.getAccountConfig(email, urlMapping);
57
- if (conf.key == null) {
58
- conf.key = await this.createNewKey();
59
- await this.saveAccountConfig(email, conf);
60
- this.logger.info(`创建新的Accountkey:${email}`);
61
- }
62
- const directoryUrl = acme.getDirectoryUrl({ sslProvider: this.sslProvider, pkType: this.options.privateKeyType });
63
- if (this.options.useMappingProxy) {
64
- urlMapping.enabled = true;
65
- }
66
- else {
67
- //测试directory是否可以访问
68
- const isOk = await this.testDirectory(directoryUrl);
69
- if (!isOk) {
70
- this.logger.info("测试访问失败,自动使用代理");
71
- urlMapping.enabled = true;
72
- }
73
- }
74
- const client = new acme.Client({
75
- sslProvider: this.sslProvider,
76
- directoryUrl: directoryUrl,
77
- accountKey: conf.key,
78
- accountUrl: conf.accountUrl,
79
- externalAccountBinding: this.eab,
80
- backoffAttempts: this.options.maxCheckRetryCount || 20,
81
- backoffMin: 5000,
82
- backoffMax: 10000,
83
- urlMapping,
84
- signal: this.options.signal,
85
- logger: this.logger,
86
- });
87
- if (conf.accountUrl == null) {
88
- const accountPayload = {
89
- termsOfServiceAgreed: true,
90
- contact: [`mailto:${email}`],
91
- externalAccountBinding: this.eab,
92
- };
93
- await client.createAccount(accountPayload);
94
- conf.accountUrl = client.getAccountUrl();
95
- await this.saveAccountConfig(email, conf);
96
- }
97
- return client;
98
- }
99
- async createNewKey() {
100
- const key = await acme.crypto.createPrivateKey(2048);
101
- return key.toString();
102
- }
103
- async challengeCreateFn(authz, keyAuthorizationGetter, providers) {
104
- this.logger.info("Triggered challengeCreateFn()");
105
- const fullDomain = authz.identifier.value;
106
- let domain = await this.options.domainParser.parse(fullDomain);
107
- this.logger.info("主域名为:" + domain);
108
- const getChallenge = (type) => {
109
- return authz.challenges.find((c) => c.type === type);
110
- };
111
- const doHttpVerify = async (challenge, httpUploader) => {
112
- const keyAuthorization = await keyAuthorizationGetter(challenge);
113
- this.logger.info("http校验");
114
- const filePath = `.well-known/acme-challenge/${challenge.token}`;
115
- const fileContents = keyAuthorization;
116
- this.logger.info(`校验 ${fullDomain} ,准备上传文件:${filePath}`);
117
- await httpUploader.upload(filePath, Buffer.from(fileContents));
118
- this.logger.info(`上传文件【${filePath}】成功`);
119
- return {
120
- challenge,
121
- keyAuthorization,
122
- httpUploader,
123
- };
124
- };
125
- const doDnsVerify = async (challenge, fullRecord, dnsProvider) => {
126
- this.logger.info("dns校验");
127
- const keyAuthorization = await keyAuthorizationGetter(challenge);
128
- const mainDomain = dnsProvider.usePunyCode() ? domain : punycode.toUnicode(domain);
129
- fullRecord = dnsProvider.usePunyCode() ? fullRecord : punycode.toUnicode(fullRecord);
130
- const recordValue = keyAuthorization;
131
- let hostRecord = fullRecord.replace(`${mainDomain}`, "");
132
- if (hostRecord.endsWith(".")) {
133
- hostRecord = hostRecord.substring(0, hostRecord.length - 1);
134
- }
135
- const recordReq = {
136
- domain: mainDomain,
137
- fullRecord,
138
- hostRecord,
139
- type: "TXT",
140
- value: recordValue,
141
- };
142
- this.logger.info("添加 TXT 解析记录", JSON.stringify(recordReq));
143
- const recordRes = await dnsProvider.createRecord(recordReq);
144
- this.logger.info("添加 TXT 解析记录成功", JSON.stringify(recordRes));
145
- return {
146
- recordReq,
147
- recordRes,
148
- dnsProvider,
149
- challenge,
150
- keyAuthorization,
151
- };
152
- };
153
- let dnsProvider = providers.dnsProvider;
154
- let fullRecord = `_acme-challenge.${fullDomain}`;
155
- // const origDomain = punycode.toUnicode(domain);
156
- const origFullDomain = punycode.toUnicode(fullDomain);
157
- const isIp = utils.domain.isIp(origFullDomain);
158
- function checkIpChallenge(type) {
159
- if (isIp) {
160
- throw new Error(`IP证书不支持${type}校验方式,请选择HTTP方式校验`);
161
- }
162
- }
163
- if (providers.domainsVerifyPlan) {
164
- //按照计划执行
165
- const domainVerifyPlan = providers.domainsVerifyPlan[origFullDomain];
166
- if (domainVerifyPlan) {
167
- if (domainVerifyPlan.type === "dns") {
168
- checkIpChallenge("dns");
169
- dnsProvider = domainVerifyPlan.dnsProvider;
170
- }
171
- else if (domainVerifyPlan.type === "cname") {
172
- checkIpChallenge("cname");
173
- const cname = domainVerifyPlan.cnameVerifyPlan;
174
- if (cname) {
175
- dnsProvider = cname.dnsProvider;
176
- domain = await this.options.domainParser.parse(cname.domain);
177
- fullRecord = cname.fullRecord;
178
- }
179
- else {
180
- this.logger.error(`未找到域名${fullDomain}的CNAME校验计划,请修改证书申请配置`);
181
- }
182
- if (dnsProvider == null) {
183
- throw new Error(`未找到域名${fullDomain}CNAME校验计划的DnsProvider,请修改证书申请配置`);
184
- }
185
- }
186
- else if (domainVerifyPlan.type === "http") {
187
- const plan = domainVerifyPlan.httpVerifyPlan;
188
- if (plan) {
189
- const httpChallenge = getChallenge("http-01");
190
- if (httpChallenge == null) {
191
- throw new Error("该域名不支持http-01方式校验");
192
- }
193
- return await doHttpVerify(httpChallenge, plan.httpUploader);
194
- }
195
- else {
196
- throw new Error("未找到域名【" + fullDomain + "】的http校验配置");
197
- }
198
- }
199
- else {
200
- throw new Error("不支持的校验类型", domainVerifyPlan.type);
201
- }
202
- }
203
- else {
204
- this.logger.warn(`未找到域名${fullDomain}的校验计划,使用默认的dnsProvider`);
205
- }
206
- }
207
- if (!dnsProvider) {
208
- throw new Error(`域名${fullDomain}没有匹配到任何校验方式,证书申请失败`);
209
- }
210
- const dnsChallenge = getChallenge("dns-01");
211
- checkIpChallenge("dns");
212
- return await doDnsVerify(dnsChallenge, fullRecord, dnsProvider);
213
- }
214
- /**
215
- * Function used to remove an ACME challenge response
216
- *
217
- * @param {object} authz Authorization object
218
- * @param {object} challenge Selected challenge
219
- * @param {string} keyAuthorization Authorization key
220
- * @param recordReq
221
- * @param recordRes
222
- * @param dnsProvider dnsProvider
223
- * @param httpUploader
224
- * @returns {Promise}
225
- */
226
- async challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader) {
227
- this.logger.info("执行清理");
228
- /* http-01 */
229
- const fullDomain = authz.identifier.value;
230
- if (challenge.type === "http-01") {
231
- const filePath = `.well-known/acme-challenge/${challenge.token}`;
232
- this.logger.info(`Removing challenge response for ${fullDomain} at file: ${filePath}`);
233
- await httpUploader.remove(filePath);
234
- this.logger.info(`删除文件【${filePath}】成功`);
235
- }
236
- else if (challenge.type === "dns-01") {
237
- this.logger.info(`删除 TXT 解析记录:${JSON.stringify(recordReq)} ,recordRes = ${JSON.stringify(recordRes)}`);
238
- try {
239
- await dnsProvider.removeRecord({
240
- recordReq,
241
- recordRes,
242
- });
243
- this.logger.info("删除解析记录成功");
244
- }
245
- catch (e) {
246
- this.logger.error("删除解析记录出错:", e);
247
- throw e;
248
- }
249
- }
250
- }
251
- async order(options) {
252
- const { email, csrInfo, dnsProvider, domainsVerifyPlan, profile, preferredChain } = options;
253
- const client = await this.getAcmeClient(email);
254
- let domains = options.domains;
255
- const encodingDomains = [];
256
- for (const domain of domains) {
257
- encodingDomains.push(punycode.toASCII(domain));
258
- }
259
- domains = encodingDomains;
260
- /* Create CSR */
261
- const { altNames } = this.buildCommonNameByDomains(domains);
262
- let privateKey = null;
263
- const privateKeyType = options.privateKeyType || "rsa_2048";
264
- const privateKeyArr = privateKeyType.split("_");
265
- const type = privateKeyArr[0];
266
- let size = 2048;
267
- if (privateKeyArr.length > 1) {
268
- size = parseInt(privateKeyArr[1]);
269
- }
270
- let encodingType = "pkcs8";
271
- if (privateKeyArr.length > 2) {
272
- encodingType = privateKeyArr[2];
273
- }
274
- if (type == "ec") {
275
- const name = "P-" + size;
276
- privateKey = await acme.crypto.createPrivateEcdsaKey(name, encodingType);
277
- }
278
- else {
279
- privateKey = await acme.crypto.createPrivateRsaKey(size, encodingType);
280
- }
281
- let createCsr = acme.crypto.createCsr;
282
- if (encodingType === "pkcs1") {
283
- //兼容老版本
284
- createCsr = acme.forge.createCsr;
285
- }
286
- const csrData = {
287
- // commonName,
288
- ...csrInfo,
289
- altNames,
290
- // emailAddress: email,
291
- };
292
- const [key, csr] = await createCsr(csrData, privateKey);
293
- if (dnsProvider == null && domainsVerifyPlan == null) {
294
- throw new Error("dnsProvider 、 domainsVerifyPlan不能都为空");
295
- }
296
- const providers = {
297
- dnsProvider,
298
- domainsVerifyPlan,
299
- };
300
- /* 自动申请证书 */
301
- const crt = await client.auto({
302
- csr,
303
- email: email,
304
- termsOfServiceAgreed: true,
305
- skipChallengeVerification: this.skipLocalVerify,
306
- challengePriority: ["dns-01", "http-01"],
307
- challengeCreateFn: async (authz, keyAuthorizationGetter) => {
308
- return await this.challengeCreateFn(authz, keyAuthorizationGetter, providers);
309
- },
310
- challengeRemoveFn: async (authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader) => {
311
- return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
312
- },
313
- signal: this.options.signal,
314
- profile,
315
- preferredChain,
316
- });
317
- const crtString = crt.toString();
318
- const cert = {
319
- crt: crtString,
320
- key: key.toString(),
321
- csr: csr.toString(),
322
- };
323
- /* Done */
324
- this.logger.debug(`CSR:\n${cert.csr}`);
325
- this.logger.debug(`Certificate:\n${cert.crt}`);
326
- this.logger.info("证书申请成功");
327
- return cert;
328
- }
329
- buildCommonNameByDomains(domains) {
330
- if (typeof domains === "string") {
331
- domains = domains.split(",");
332
- }
333
- if (domains.length === 0) {
334
- throw new Error("domain can not be empty");
335
- }
336
- // const commonName = domains[0];
337
- // let altNames: undefined | string[] = undefined;
338
- // if (domains.length > 1) {
339
- // altNames = _.slice(domains, 1);
340
- // }
341
- return {
342
- // commonName,
343
- altNames: domains,
344
- };
345
- }
346
- async testDirectory(directoryUrl) {
347
- try {
348
- await utils.http.request({
349
- url: directoryUrl,
350
- method: "GET",
351
- timeout: 10000,
352
- });
353
- }
354
- catch (e) {
355
- this.logger.error(`${directoryUrl},测试访问失败`, e.message);
356
- return false;
357
- }
358
- this.logger.info(`${directoryUrl},测试访问成功`);
359
- return true;
360
- }
361
- }
362
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNtZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9wbHVnaW4vY2VydC1wbHVnaW4vYWNtZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxhQUFhO0FBQ2IsT0FBTyxLQUFLLElBQUksTUFBTSxvQkFBb0IsQ0FBQztBQUszQyxPQUFPLEVBQVcsS0FBSyxFQUFFLE1BQU0sY0FBYyxDQUFDO0FBRTlDLE9BQU8sUUFBUSxNQUFNLGFBQWEsQ0FBQztBQThEbkMsTUFBTSxPQUFPLFdBQVc7SUFDdEIsT0FBTyxDQUFxQjtJQUM1QixXQUFXLENBQVc7SUFDdEIsTUFBTSxDQUFVO0lBQ2hCLFdBQVcsQ0FBYztJQUN6QixlQUFlLEdBQUcsSUFBSSxDQUFDO0lBQ3ZCLEdBQUcsQ0FBdUM7SUFDMUMsWUFBWSxPQUEyQjtRQUNyQyxJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQztRQUN2QixJQUFJLENBQUMsV0FBVyxHQUFHLE9BQU8sQ0FBQyxXQUFXLENBQUM7UUFDdkMsSUFBSSxDQUFDLE1BQU0sR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDO1FBQzdCLElBQUksQ0FBQyxXQUFXLEdBQUcsT0FBTyxDQUFDLFdBQVcsSUFBSSxhQUFhLENBQUM7UUFDeEQsSUFBSSxDQUFDLEdBQUcsR0FBRyxPQUFPLENBQUMsR0FBRyxDQUFDO1FBQ3ZCLElBQUksQ0FBQyxlQUFlLEdBQUcsT0FBTyxDQUFDLGVBQWUsSUFBSSxLQUFLLENBQUM7UUFDeEQscURBQXFEO1FBQ3JELHdDQUF3QztRQUN4QyxNQUFNO0lBQ1IsQ0FBQztJQUVELEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFhLEVBQUUsVUFBc0I7UUFDMUQsTUFBTSxJQUFJLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNoRixJQUFJLFVBQVUsSUFBSSxVQUFVLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDdEMsS0FBSyxNQUFNLEdBQUcsSUFBSSxVQUFVLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3RDLElBQUksTUFBTSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxRQUFRLEVBQUUsR0FBRyxDQUFDLEVBQUUsQ0FBQztvQkFDbkUsTUFBTSxPQUFPLEdBQUcsVUFBVSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQztvQkFDekMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxDQUFDO3dCQUMzQyxpQkFBaUI7d0JBQ2pCLElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLEdBQUcsQ0FBQyxDQUFDO29CQUMxRCxDQUFDO2dCQUNILENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVELGVBQWUsQ0FBQyxLQUFhO1FBQzNCLE9BQU8sZUFBZSxJQUFJLENBQUMsV0FBVyxJQUFJLEtBQUssRUFBRSxDQUFDO0lBQ3BELENBQUM7SUFFRCxLQUFLLENBQUMsaUJBQWlCLENBQUMsS0FBYSxFQUFFLElBQVM7UUFDOUMsTUFBTSxJQUFJLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQ25FLENBQUM7SUFFRCxLQUFLLENBQUMsYUFBYSxDQUFDLEtBQWE7UUFDL0IsTUFBTSxRQUFRLEdBQUcsRUFBRSxDQUFDO1FBQ3BCLElBQUksSUFBSSxDQUFDLFdBQVcsS0FBSyxhQUFhLEVBQUUsQ0FBQztZQUN2QyxRQUFRLENBQUMsOEJBQThCLENBQUMsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFlBQVksSUFBSSwyQkFBMkIsQ0FBQztRQUN0RyxDQUFDO2FBQU0sSUFBSSxJQUFJLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRSxDQUFDO1lBQ3pDLFFBQVEsQ0FBQywwQkFBMEIsQ0FBQyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsWUFBWSxJQUFJLDJCQUEyQixDQUFDO1FBQ2xHLENBQUM7UUFDRCxNQUFNLFVBQVUsR0FBZTtZQUM3QixPQUFPLEVBQUUsS0FBSztZQUNkLFFBQVE7U0FDVCxDQUFDO1FBQ0YsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBQzVELElBQUksSUFBSSxDQUFDLEdBQUcsSUFBSSxJQUFJLEVBQUUsQ0FBQztZQUNyQixJQUFJLENBQUMsR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ3JDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsQ0FBQztZQUMxQyxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUM5QyxDQUFDO1FBQ0QsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGVBQWUsQ0FBQyxFQUFFLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVyxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDLENBQUM7UUFDbEgsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsRUFBRSxDQUFDO1lBQ2pDLFVBQVUsQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO1FBQzVCLENBQUM7YUFBTSxDQUFDO1lBQ04sbUJBQW1CO1lBQ25CLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLENBQUMsQ0FBQztZQUNwRCxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQ1YsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7Z0JBQ2xDLFVBQVUsQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO1lBQzVCLENBQUM7UUFDSCxDQUFDO1FBQ0QsTUFBTSxNQUFNLEdBQUcsSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDO1lBQzdCLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVztZQUM3QixZQUFZLEVBQUUsWUFBWTtZQUMxQixVQUFVLEVBQUUsSUFBSSxDQUFDLEdBQUc7WUFDcEIsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLHNCQUFzQixFQUFFLElBQUksQ0FBQyxHQUFHO1lBQ2hDLGVBQWUsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLGtCQUFrQixJQUFJLEVBQUU7WUFDdEQsVUFBVSxFQUFFLElBQUk7WUFDaEIsVUFBVSxFQUFFLEtBQUs7WUFDakIsVUFBVTtZQUNWLE1BQU0sRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU07WUFDM0IsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO1NBQ3BCLENBQUMsQ0FBQztRQUVILElBQUksSUFBSSxDQUFDLFVBQVUsSUFBSSxJQUFJLEVBQUUsQ0FBQztZQUM1QixNQUFNLGNBQWMsR0FBRztnQkFDckIsb0JBQW9CLEVBQUUsSUFBSTtnQkFDMUIsT0FBTyxFQUFFLENBQUMsVUFBVSxLQUFLLEVBQUUsQ0FBQztnQkFDNUIsc0JBQXNCLEVBQUUsSUFBSSxDQUFDLEdBQUc7YUFDakMsQ0FBQztZQUNGLE1BQU0sTUFBTSxDQUFDLGFBQWEsQ0FBQyxjQUFjLENBQUMsQ0FBQztZQUMzQyxJQUFJLENBQUMsVUFBVSxHQUFHLE1BQU0sQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUN6QyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFDNUMsQ0FBQztRQUNELE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7SUFFRCxLQUFLLENBQUMsWUFBWTtRQUNoQixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDckQsT0FBTyxHQUFHLENBQUMsUUFBUSxFQUFFLENBQUM7SUFDeEIsQ0FBQztJQUVELEtBQUssQ0FBQyxpQkFBaUIsQ0FBQyxLQUFVLEVBQUUsc0JBQWlFLEVBQUUsU0FBb0I7UUFDekgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsK0JBQStCLENBQUMsQ0FBQztRQUVsRCxNQUFNLFVBQVUsR0FBRyxLQUFLLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQztRQUMxQyxJQUFJLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUMvRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLEdBQUcsTUFBTSxDQUFDLENBQUM7UUFFbkMsTUFBTSxZQUFZLEdBQUcsQ0FBQyxJQUFZLEVBQUUsRUFBRTtZQUNwQyxPQUFPLEtBQUssQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxLQUFLLElBQUksQ0FBQyxDQUFDO1FBQzVELENBQUMsQ0FBQztRQUVGLE1BQU0sWUFBWSxHQUFHLEtBQUssRUFBRSxTQUFjLEVBQUUsWUFBd0IsRUFBRSxFQUFFO1lBQ3RFLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxzQkFBc0IsQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUNqRSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUMzQixNQUFNLFFBQVEsR0FBRyw4QkFBOEIsU0FBUyxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ2pFLE1BQU0sWUFBWSxHQUFHLGdCQUFnQixDQUFDO1lBQ3RDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sVUFBVSxZQUFZLFFBQVEsRUFBRSxDQUFDLENBQUM7WUFDekQsTUFBTSxZQUFZLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUM7WUFDL0QsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsUUFBUSxRQUFRLEtBQUssQ0FBQyxDQUFDO1lBQ3hDLE9BQU87Z0JBQ0wsU0FBUztnQkFDVCxnQkFBZ0I7Z0JBQ2hCLFlBQVk7YUFDYixDQUFDO1FBQ0osQ0FBQyxDQUFDO1FBRUYsTUFBTSxXQUFXLEdBQUcsS0FBSyxFQUFFLFNBQWMsRUFBRSxVQUFrQixFQUFFLFdBQXlCLEVBQUUsRUFBRTtZQUMxRixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUMxQixNQUFNLGdCQUFnQixHQUFHLE1BQU0sc0JBQXNCLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFakUsTUFBTSxVQUFVLEdBQUcsV0FBVyxDQUFDLFdBQVcsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDbkYsVUFBVSxHQUFHLFdBQVcsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1lBQ3JGLE1BQU0sV0FBVyxHQUFHLGdCQUFnQixDQUFDO1lBQ3JDLElBQUksVUFBVSxHQUFHLFVBQVUsQ0FBQyxPQUFPLENBQUMsR0FBRyxVQUFVLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUN6RCxJQUFJLFVBQVUsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDN0IsVUFBVSxHQUFHLFVBQVUsQ0FBQyxTQUFTLENBQUMsQ0FBQyxFQUFFLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUM7WUFDOUQsQ0FBQztZQUVELE1BQU0sU0FBUyxHQUFHO2dCQUNoQixNQUFNLEVBQUUsVUFBVTtnQkFDbEIsVUFBVTtnQkFDVixVQUFVO2dCQUNWLElBQUksRUFBRSxLQUFLO2dCQUNYLEtBQUssRUFBRSxXQUFXO2FBQ25CLENBQUM7WUFDRixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDO1lBQzNELE1BQU0sU0FBUyxHQUFHLE1BQU0sV0FBVyxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUM1RCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxlQUFlLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDO1lBQzdELE9BQU87Z0JBQ0wsU0FBUztnQkFDVCxTQUFTO2dCQUNULFdBQVc7Z0JBQ1gsU0FBUztnQkFDVCxnQkFBZ0I7YUFDakIsQ0FBQztRQUNKLENBQUMsQ0FBQztRQUVGLElBQUksV0FBVyxHQUFHLFNBQVMsQ0FBQyxXQUFXLENBQUM7UUFDeEMsSUFBSSxVQUFVLEdBQUcsbUJBQW1CLFVBQVUsRUFBRSxDQUFDO1FBRWpELGlEQUFpRDtRQUNqRCxNQUFNLGNBQWMsR0FBRyxRQUFRLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRXRELE1BQU0sSUFBSSxHQUFHLEtBQUssQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQy9DLFNBQVMsZ0JBQWdCLENBQUMsSUFBWTtZQUNwQyxJQUFJLElBQUksRUFBRSxDQUFDO2dCQUNULE1BQU0sSUFBSSxLQUFLLENBQUMsVUFBVSxJQUFJLGtCQUFrQixDQUFDLENBQUM7WUFDcEQsQ0FBQztRQUNILENBQUM7UUFDRCxJQUFJLFNBQVMsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQ2hDLFFBQVE7WUFDUixNQUFNLGdCQUFnQixHQUFHLFNBQVMsQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLENBQUMsQ0FBQztZQUNyRSxJQUFJLGdCQUFnQixFQUFFLENBQUM7Z0JBQ3JCLElBQUksZ0JBQWdCLENBQUMsSUFBSSxLQUFLLEtBQUssRUFBRSxDQUFDO29CQUNwQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztvQkFDeEIsV0FBVyxHQUFHLGdCQUFnQixDQUFDLFdBQVcsQ0FBQztnQkFDN0MsQ0FBQztxQkFBTSxJQUFJLGdCQUFnQixDQUFDLElBQUksS0FBSyxPQUFPLEVBQUUsQ0FBQztvQkFDN0MsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7b0JBQzFCLE1BQU0sS0FBSyxHQUFvQixnQkFBZ0IsQ0FBQyxlQUFlLENBQUM7b0JBQ2hFLElBQUksS0FBSyxFQUFFLENBQUM7d0JBQ1YsV0FBVyxHQUFHLEtBQUssQ0FBQyxXQUFXLENBQUM7d0JBQ2hDLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUM7d0JBQzdELFVBQVUsR0FBRyxLQUFLLENBQUMsVUFBVSxDQUFDO29CQUNoQyxDQUFDO3lCQUFNLENBQUM7d0JBQ04sSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsUUFBUSxVQUFVLHNCQUFzQixDQUFDLENBQUM7b0JBQzlELENBQUM7b0JBQ0QsSUFBSSxXQUFXLElBQUksSUFBSSxFQUFFLENBQUM7d0JBQ3hCLE1BQU0sSUFBSSxLQUFLLENBQUMsUUFBUSxVQUFVLGlDQUFpQyxDQUFDLENBQUM7b0JBQ3ZFLENBQUM7Z0JBQ0gsQ0FBQztxQkFBTSxJQUFJLGdCQUFnQixDQUFDLElBQUksS0FBSyxNQUFNLEVBQUUsQ0FBQztvQkFDNUMsTUFBTSxJQUFJLEdBQW1CLGdCQUFnQixDQUFDLGNBQWMsQ0FBQztvQkFDN0QsSUFBSSxJQUFJLEVBQUUsQ0FBQzt3QkFDVCxNQUFNLGFBQWEsR0FBRyxZQUFZLENBQUMsU0FBUyxDQUFDLENBQUM7d0JBQzlDLElBQUksYUFBYSxJQUFJLElBQUksRUFBRSxDQUFDOzRCQUMxQixNQUFNLElBQUksS0FBSyxDQUFDLG1CQUFtQixDQUFDLENBQUM7d0JBQ3ZDLENBQUM7d0JBQ0QsT0FBTyxNQUFNLFlBQVksQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO29CQUM5RCxDQUFDO3lCQUFNLENBQUM7d0JBQ04sTUFBTSxJQUFJLEtBQUssQ0FBQyxRQUFRLEdBQUcsVUFBVSxHQUFHLFlBQVksQ0FBQyxDQUFDO29CQUN4RCxDQUFDO2dCQUNILENBQUM7cUJBQU0sQ0FBQztvQkFDTixNQUFNLElBQUksS0FBSyxDQUFDLFVBQVUsRUFBRSxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztnQkFDckQsQ0FBQztZQUNILENBQUM7aUJBQU0sQ0FBQztnQkFDTixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLFVBQVUsd0JBQXdCLENBQUMsQ0FBQztZQUMvRCxDQUFDO1FBQ0gsQ0FBQztRQUNELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUFDLEtBQUssVUFBVSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ3ZELENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxZQUFZLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDNUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDeEIsT0FBTyxNQUFNLFdBQVcsQ0FBQyxZQUFZLEVBQUUsVUFBVSxFQUFFLFdBQVcsQ0FBQyxDQUFDO0lBQ2xFLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7T0FXRztJQUVILEtBQUssQ0FBQyxpQkFBaUIsQ0FBQyxLQUFVLEVBQUUsU0FBYyxFQUFFLGdCQUF3QixFQUFFLFNBQWMsRUFBRSxTQUFjLEVBQUUsV0FBMEIsRUFBRSxZQUF5QjtRQUNqSyxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUV6QixhQUFhO1FBQ2IsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUM7UUFDMUMsSUFBSSxTQUFTLENBQUMsSUFBSSxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQ2pDLE1BQU0sUUFBUSxHQUFHLDhCQUE4QixTQUFTLENBQUMsS0FBSyxFQUFFLENBQUM7WUFDakUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsbUNBQW1DLFVBQVUsYUFBYSxRQUFRLEVBQUUsQ0FBQyxDQUFDO1lBQ3ZGLE1BQU0sWUFBWSxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUNwQyxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLFFBQVEsS0FBSyxDQUFDLENBQUM7UUFDMUMsQ0FBQzthQUFNLElBQUksU0FBUyxDQUFDLElBQUksS0FBSyxRQUFRLEVBQUUsQ0FBQztZQUN2QyxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxlQUFlLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLGlCQUFpQixJQUFJLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUN2RyxJQUFJLENBQUM7Z0JBQ0gsTUFBTSxXQUFXLENBQUMsWUFBWSxDQUFDO29CQUM3QixTQUFTO29CQUNULFNBQVM7aUJBQ1YsQ0FBQyxDQUFDO2dCQUNILElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1lBQy9CLENBQUM7WUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2dCQUNYLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDLENBQUMsQ0FBQztnQkFDbEMsTUFBTSxDQUFDLENBQUM7WUFDVixDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRCxLQUFLLENBQUMsS0FBSyxDQUFDLE9BVVg7UUFDQyxNQUFNLEVBQUUsS0FBSyxFQUFFLE9BQU8sRUFBRSxXQUFXLEVBQUUsaUJBQWlCLEVBQUUsT0FBTyxFQUFFLGNBQWMsRUFBRSxHQUFHLE9BQU8sQ0FBQztRQUM1RixNQUFNLE1BQU0sR0FBZ0IsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRTVELElBQUksT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUM7UUFDOUIsTUFBTSxlQUFlLEdBQUcsRUFBRSxDQUFDO1FBQzNCLEtBQUssTUFBTSxNQUFNLElBQUksT0FBTyxFQUFFLENBQUM7WUFDN0IsZUFBZSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7UUFDakQsQ0FBQztRQUNELE9BQU8sR0FBRyxlQUFlLENBQUM7UUFFMUIsZ0JBQWdCO1FBQ2hCLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFJLENBQUMsd0JBQXdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDNUQsSUFBSSxVQUFVLEdBQUcsSUFBSSxDQUFDO1FBQ3RCLE1BQU0sY0FBYyxHQUFHLE9BQU8sQ0FBQyxjQUFjLElBQUksVUFBVSxDQUFDO1FBQzVELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDaEQsTUFBTSxJQUFJLEdBQUcsYUFBYSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzlCLElBQUksSUFBSSxHQUFHLElBQUksQ0FBQztRQUNoQixJQUFJLGFBQWEsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDN0IsSUFBSSxHQUFHLFFBQVEsQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNwQyxDQUFDO1FBRUQsSUFBSSxZQUFZLEdBQUcsT0FBTyxDQUFDO1FBQzNCLElBQUksYUFBYSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUM3QixZQUFZLEdBQUcsYUFBYSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2xDLENBQUM7UUFFRCxJQUFJLElBQUksSUFBSSxJQUFJLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksR0FBUSxJQUFJLEdBQUcsSUFBSSxDQUFDO1lBQzlCLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMscUJBQXFCLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQzNFLENBQUM7YUFBTSxDQUFDO1lBQ04sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDekUsQ0FBQztRQUVELElBQUksU0FBUyxHQUFRLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDO1FBQzNDLElBQUksWUFBWSxLQUFLLE9BQU8sRUFBRSxDQUFDO1lBQzdCLE9BQU87WUFDUCxTQUFTLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUM7UUFDbkMsQ0FBQztRQUNELE1BQU0sT0FBTyxHQUFRO1lBQ25CLGNBQWM7WUFDZCxHQUFHLE9BQU87WUFDVixRQUFRO1lBQ1IsdUJBQXVCO1NBQ3hCLENBQUM7UUFDRixNQUFNLENBQUMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxHQUFHLE1BQU0sU0FBUyxDQUFDLE9BQU8sRUFBRSxVQUFVLENBQUMsQ0FBQztRQUV4RCxJQUFJLFdBQVcsSUFBSSxJQUFJLElBQUksaUJBQWlCLElBQUksSUFBSSxFQUFFLENBQUM7WUFDckQsTUFBTSxJQUFJLEtBQUssQ0FBQyxzQ0FBc0MsQ0FBQyxDQUFDO1FBQzFELENBQUM7UUFFRCxNQUFNLFNBQVMsR0FBYztZQUMzQixXQUFXO1lBQ1gsaUJBQWlCO1NBQ2xCLENBQUM7UUFDRixZQUFZO1FBQ1osTUFBTSxHQUFHLEdBQUcsTUFBTSxNQUFNLENBQUMsSUFBSSxDQUFDO1lBQzVCLEdBQUc7WUFDSCxLQUFLLEVBQUUsS0FBSztZQUNaLG9CQUFvQixFQUFFLElBQUk7WUFDMUIseUJBQXlCLEVBQUUsSUFBSSxDQUFDLGVBQWU7WUFDL0MsaUJBQWlCLEVBQUUsQ0FBQyxRQUFRLEVBQUUsU0FBUyxDQUFDO1lBQ3hDLGlCQUFpQixFQUFFLEtBQUssRUFDdEIsS0FBeUIsRUFDekIsc0JBQWlFLEVBQ2lELEVBQUU7Z0JBQ3BILE9BQU8sTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsS0FBSyxFQUFFLHNCQUFzQixFQUFFLFNBQVMsQ0FBQyxDQUFDO1lBQ2hGLENBQUM7WUFDRCxpQkFBaUIsRUFBRSxLQUFLLEVBQUUsS0FBeUIsRUFBRSxTQUFvQixFQUFFLGdCQUF3QixFQUFFLFNBQWMsRUFBRSxTQUFjLEVBQUUsV0FBeUIsRUFBRSxZQUF3QixFQUFnQixFQUFFO2dCQUN4TSxPQUFPLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLEtBQUssRUFBRSxTQUFTLEVBQUUsZ0JBQWdCLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxXQUFXLEVBQUUsWUFBWSxDQUFDLENBQUM7WUFDM0gsQ0FBQztZQUNELE1BQU0sRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU07WUFDM0IsT0FBTztZQUNQLGNBQWM7U0FDZixDQUFDLENBQUM7UUFFSCxNQUFNLFNBQVMsR0FBRyxHQUFHLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDakMsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxFQUFFLFNBQVM7WUFDZCxHQUFHLEVBQUUsR0FBRyxDQUFDLFFBQVEsRUFBRTtZQUNuQixHQUFHLEVBQUUsR0FBRyxDQUFDLFFBQVEsRUFBRTtTQUNwQixDQUFDO1FBQ0YsVUFBVTtRQUNWLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLFNBQVMsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDdkMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsaUJBQWlCLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBQy9DLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQzNCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVELHdCQUF3QixDQUFDLE9BQTBCO1FBSWpELElBQUksT0FBTyxPQUFPLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDaEMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDL0IsQ0FBQztRQUNELElBQUksT0FBTyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUN6QixNQUFNLElBQUksS0FBSyxDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDN0MsQ0FBQztRQUNELGlDQUFpQztRQUNqQyxrREFBa0Q7UUFDbEQsNEJBQTRCO1FBQzVCLG9DQUFvQztRQUNwQyxJQUFJO1FBQ0osT0FBTztZQUNMLGNBQWM7WUFDZCxRQUFRLEVBQUUsT0FBTztTQUNsQixDQUFDO0lBQ0osQ0FBQztJQUVPLEtBQUssQ0FBQyxhQUFhLENBQUMsWUFBb0I7UUFDOUMsSUFBSSxDQUFDO1lBQ0gsTUFBTSxLQUFLLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQztnQkFDdkIsR0FBRyxFQUFFLFlBQVk7Z0JBQ2pCLE1BQU0sRUFBRSxLQUFLO2dCQUNiLE9BQU8sRUFBRSxLQUFLO2FBQ2YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDWCxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxHQUFHLFlBQVksU0FBUyxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUN2RCxPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7UUFDRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLFlBQVksU0FBUyxDQUFDLENBQUM7UUFDM0MsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0NBQ0YifQ==
@@ -1,25 +0,0 @@
1
- import { AbstractTaskPlugin, FileItem, IContext, Step } from "@certd/pipeline";
2
- import type { CertInfo } from "./acme.js";
3
- import { CertReader } from "./cert-reader.js";
4
- export declare const EVENT_CERT_APPLY_SUCCESS = "CertApply.success";
5
- export declare abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
6
- domains: string[];
7
- pfxPassword: string;
8
- pfxArgs: string;
9
- userContext: IContext;
10
- lastStatus: Step;
11
- cert?: CertInfo;
12
- certZip?: FileItem;
13
- onInstance(): Promise<void>;
14
- abstract onInit(): Promise<void>;
15
- emitCertApplySuccess(): Promise<void>;
16
- output(certReader: CertReader, isNew: boolean): Promise<void>;
17
- zipCert(cert: CertInfo, filename: string): Promise<void>;
18
- formatCert(pem: string): string;
19
- formatCerts(cert: {
20
- crt: string;
21
- key: string;
22
- csr: string;
23
- }): CertInfo;
24
- readLastCert(): Promise<CertReader | undefined>;
25
- }