npm - @push.rocks/smartproxy - Versions diffs - 19.3.2 → 19.3.3 - Mend

@push.rocks/smartproxy 19.3.2 → 19.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (313) hide show

package/dist_ts/certificate/providers/cert-provisioner.js DELETED Viewed

@@ -1,422 +0,0 @@
-import * as plugins from '../../plugins.js';
-import { Port80HandlerEvents, CertProvisionerEvents } from '../events/certificate-events.js';
-import { Port80Handler } from '../../http/port80/port80-handler.js';
-/**
- * CertProvisioner manages certificate provisioning and renewal workflows,
- * unifying static certificates and HTTP-01 challenges via Port80Handler.
- *
- * This class directly works with route configurations instead of converting to domain configs.
- */
-export class CertProvisioner extends plugins.EventEmitter {
-    /**
-     * Extract routes that need certificates
-     * @param routes Route configurations
-     */
-    extractCertificateRoutesFromRoutes(routes) {
-        const certRoutes = [];
-        // Process all HTTPS routes that need certificates
-        for (const route of routes) {
-            // Only process routes with TLS termination that need certificates
-            if (route.action.type === 'forward' &&
-                route.action.tls &&
-                (route.action.tls.mode === 'terminate' || route.action.tls.mode === 'terminate-and-reencrypt') &&
-                route.match.domains) {
-                // Extract domains from the route
-                const domains = Array.isArray(route.match.domains)
-                    ? route.match.domains
-                    : [route.match.domains];
-                // For each domain in the route, create a certRoute entry
-                for (const domain of domains) {
-                    // Skip wildcard domains that can't use ACME unless we have a certProvider
-                    if (domain.includes('*') && (!this.certProvisionFunction || this.certProvisionFunction.length === 0)) {
-                        console.warn(`Skipping wildcard domain that requires a certProvisionFunction: ${domain}`);
-                        continue;
-                    }
-                    certRoutes.push({
-                        domain,
-                        route,
-                        tlsMode: route.action.tls.mode
-                    });
-                }
-            }
-        }
-        return certRoutes;
-    }
-    /**
-     * Constructor for CertProvisioner
-     *
-     * @param routeConfigs Array of route configurations
-     * @param port80Handler HTTP-01 challenge handler instance
-     * @param networkProxyBridge Bridge for applying external certificates
-     * @param certProvider Optional callback returning a static cert or 'http01'
-     * @param renewThresholdDays Days before expiry to trigger renewals
-     * @param renewCheckIntervalHours Interval in hours to check for renewals
-     * @param autoRenew Whether to automatically schedule renewals
-     * @param routeForwards Route-specific forwarding configs for ACME challenges
-     */
-    constructor(routeConfigs, port80Handler, networkProxyBridge, certProvider, renewThresholdDays = 30, renewCheckIntervalHours = 24, autoRenew = true, routeForwards = []) {
-        super();
-        this.certRoutes = [];
-        this.routeConfigs = routeConfigs;
-        this.port80Handler = port80Handler;
-        this.networkProxyBridge = networkProxyBridge;
-        this.certProvisionFunction = certProvider;
-        this.renewThresholdDays = renewThresholdDays;
-        this.renewCheckIntervalHours = renewCheckIntervalHours;
-        this.autoRenew = autoRenew;
-        this.provisionMap = new Map();
-        this.routeForwards = routeForwards;
-        // Extract certificate routes during instantiation
-        this.certRoutes = this.extractCertificateRoutesFromRoutes(routeConfigs);
-    }
-    /**
-     * Start initial provisioning and schedule renewals.
-     */
-    async start() {
-        // Subscribe to Port80Handler certificate events
-        this.setupEventSubscriptions();
-        // Apply route forwarding for ACME challenges
-        this.setupForwardingConfigs();
-        // Initial provisioning for all domains in routes
-        await this.provisionAllCertificates();
-        // Schedule renewals if enabled
-        if (this.autoRenew) {
-            this.scheduleRenewals();
-        }
-    }
-    /**
-     * Set up event subscriptions for certificate events
-     */
-    setupEventSubscriptions() {
-        this.port80Handler.on(Port80HandlerEvents.CERTIFICATE_ISSUED, (data) => {
-            // Add route reference if we have it
-            const routeRef = this.findRouteForDomain(data.domain);
-            const enhancedData = {
-                ...data,
-                source: 'http01',
-                isRenewal: false,
-                routeReference: routeRef ? {
-                    routeId: routeRef.route.name,
-                    routeName: routeRef.route.name
-                } : undefined
-            };
-            this.emit(CertProvisionerEvents.CERTIFICATE_ISSUED, enhancedData);
-        });
-        this.port80Handler.on(Port80HandlerEvents.CERTIFICATE_RENEWED, (data) => {
-            // Add route reference if we have it
-            const routeRef = this.findRouteForDomain(data.domain);
-            const enhancedData = {
-                ...data,
-                source: 'http01',
-                isRenewal: true,
-                routeReference: routeRef ? {
-                    routeId: routeRef.route.name,
-                    routeName: routeRef.route.name
-                } : undefined
-            };
-            this.emit(CertProvisionerEvents.CERTIFICATE_RENEWED, enhancedData);
-        });
-        this.port80Handler.on(Port80HandlerEvents.CERTIFICATE_FAILED, (error) => {
-            this.emit(CertProvisionerEvents.CERTIFICATE_FAILED, error);
-        });
-    }
-    /**
-     * Find a route for a given domain
-     */
-    findRouteForDomain(domain) {
-        return this.certRoutes.find(certRoute => certRoute.domain === domain);
-    }
-    /**
-     * Set up forwarding configurations for the Port80Handler
-     */
-    setupForwardingConfigs() {
-        for (const config of this.routeForwards) {
-            const domainOptions = {
-                domainName: config.domain,
-                sslRedirect: config.sslRedirect || false,
-                acmeMaintenance: false,
-                forward: config.target ? {
-                    ip: config.target.host,
-                    port: config.target.port
-                } : undefined
-            };
-            this.port80Handler.addDomain(domainOptions);
-        }
-    }
-    /**
-     * Provision certificates for all routes that need them
-     */
-    async provisionAllCertificates() {
-        for (const certRoute of this.certRoutes) {
-            await this.provisionCertificateForRoute(certRoute);
-        }
-    }
-    /**
-     * Provision a certificate for a route
-     */
-    async provisionCertificateForRoute(certRoute) {
-        const { domain, route } = certRoute;
-        const isWildcard = domain.includes('*');
-        let provision = 'http01';
-        // Try to get a certificate from the provision function
-        if (this.certProvisionFunction) {
-            try {
-                provision = await this.certProvisionFunction(domain);
-            }
-            catch (err) {
-                console.error(`certProvider error for ${domain} on route ${route.name || 'unnamed'}:`, err);
-            }
-        }
-        else if (isWildcard) {
-            // No certProvider: cannot handle wildcard without DNS-01 support
-            console.warn(`Skipping wildcard domain without certProvisionFunction: ${domain}`);
-            return;
-        }
-        // Store the route reference with the provision type
-        this.provisionMap.set(domain, {
-            type: provision === 'http01' || provision === 'dns01' ? provision : 'static',
-            routeRef: certRoute
-        });
-        // Handle different provisioning methods
-        if (provision === 'http01') {
-            if (isWildcard) {
-                console.warn(`Skipping HTTP-01 for wildcard domain: ${domain}`);
-                return;
-            }
-            this.port80Handler.addDomain({
-                domainName: domain,
-                sslRedirect: true,
-                acmeMaintenance: true,
-                routeReference: {
-                    routeId: route.name || domain,
-                    routeName: route.name
-                }
-            });
-        }
-        else if (provision === 'dns01') {
-            // DNS-01 challenges would be handled by the certProvisionFunction
-            // DNS-01 handling would go here if implemented
-            console.log(`DNS-01 challenge type set for ${domain}`);
-        }
-        else {
-            // Static certificate (e.g., DNS-01 provisioned or user-provided)
-            const certObj = provision;
-            const certData = {
-                domain: certObj.domainName,
-                certificate: certObj.publicKey,
-                privateKey: certObj.privateKey,
-                expiryDate: new Date(certObj.validUntil),
-                source: 'static',
-                isRenewal: false,
-                routeReference: {
-                    routeId: route.name || domain,
-                    routeName: route.name
-                }
-            };
-            this.networkProxyBridge.applyExternalCertificate(certData);
-            this.emit(CertProvisionerEvents.CERTIFICATE_ISSUED, certData);
-        }
-    }
-    /**
-     * Schedule certificate renewals using a task manager
-     */
-    scheduleRenewals() {
-        this.renewManager = new plugins.taskbuffer.TaskManager();
-        const renewTask = new plugins.taskbuffer.Task({
-            name: 'CertificateRenewals',
-            taskFunction: async () => await this.performRenewals()
-        });
-        const hours = this.renewCheckIntervalHours;
-        const cronExpr = `0 0 */${hours} * * *`;
-        this.renewManager.addAndScheduleTask(renewTask, cronExpr);
-        this.renewManager.start();
-    }
-    /**
-     * Perform renewals for all domains that need it
-     */
-    async performRenewals() {
-        for (const [domain, info] of this.provisionMap.entries()) {
-            // Skip wildcard domains for HTTP-01 challenges
-            if (domain.includes('*') && info.type === 'http01')
-                continue;
-            try {
-                await this.renewCertificateForDomain(domain, info.type, info.routeRef);
-            }
-            catch (err) {
-                console.error(`Renewal error for ${domain}:`, err);
-            }
-        }
-    }
-    /**
-     * Renew a certificate for a specific domain
-     * @param domain Domain to renew
-     * @param provisionType Type of provisioning for this domain
-     * @param certRoute The route reference for this domain
-     */
-    async renewCertificateForDomain(domain, provisionType, certRoute) {
-        if (provisionType === 'http01') {
-            await this.port80Handler.renewCertificate(domain);
-        }
-        else if ((provisionType === 'static' || provisionType === 'dns01') && this.certProvisionFunction) {
-            const provision = await this.certProvisionFunction(domain);
-            if (provision !== 'http01' && provision !== 'dns01') {
-                const certObj = provision;
-                const routeRef = certRoute?.route;
-                const certData = {
-                    domain: certObj.domainName,
-                    certificate: certObj.publicKey,
-                    privateKey: certObj.privateKey,
-                    expiryDate: new Date(certObj.validUntil),
-                    source: 'static',
-                    isRenewal: true,
-                    routeReference: routeRef ? {
-                        routeId: routeRef.name || domain,
-                        routeName: routeRef.name
-                    } : undefined
-                };
-                this.networkProxyBridge.applyExternalCertificate(certData);
-                this.emit(CertProvisionerEvents.CERTIFICATE_RENEWED, certData);
-            }
-        }
-    }
-    /**
-     * Stop all scheduled renewal tasks.
-     */
-    async stop() {
-        if (this.renewManager) {
-            this.renewManager.stop();
-        }
-    }
-    /**
-     * Request a certificate on-demand for the given domain.
-     * This will look for a matching route configuration and provision accordingly.
-     *
-     * @param domain Domain name to provision
-     */
-    async requestCertificate(domain) {
-        const isWildcard = domain.includes('*');
-        // Find matching route
-        const certRoute = this.findRouteForDomain(domain);
-        // Determine provisioning method
-        let provision = 'http01';
-        if (this.certProvisionFunction) {
-            provision = await this.certProvisionFunction(domain);
-        }
-        else if (isWildcard) {
-            // Cannot perform HTTP-01 on wildcard without certProvider
-            throw new Error(`Cannot request certificate for wildcard domain without certProvisionFunction: ${domain}`);
-        }
-        if (provision === 'http01') {
-            if (isWildcard) {
-                throw new Error(`Cannot request HTTP-01 certificate for wildcard domain: ${domain}`);
-            }
-            await this.port80Handler.renewCertificate(domain);
-        }
-        else if (provision === 'dns01') {
-            // DNS-01 challenges would be handled by external mechanisms
-            console.log(`DNS-01 challenge requested for ${domain}`);
-        }
-        else {
-            // Static certificate (e.g., DNS-01 provisioned) supports wildcards
-            const certObj = provision;
-            const certData = {
-                domain: certObj.domainName,
-                certificate: certObj.publicKey,
-                privateKey: certObj.privateKey,
-                expiryDate: new Date(certObj.validUntil),
-                source: 'static',
-                isRenewal: false,
-                routeReference: certRoute ? {
-                    routeId: certRoute.route.name || domain,
-                    routeName: certRoute.route.name
-                } : undefined
-            };
-            this.networkProxyBridge.applyExternalCertificate(certData);
-            this.emit(CertProvisionerEvents.CERTIFICATE_ISSUED, certData);
-        }
-    }
-    /**
-     * Add a new domain for certificate provisioning
-     *
-     * @param domain Domain to add
-     * @param options Domain configuration options
-     */
-    async addDomain(domain, options) {
-        const domainOptions = {
-            domainName: domain,
-            sslRedirect: options?.sslRedirect ?? true,
-            acmeMaintenance: options?.acmeMaintenance ?? true,
-            routeReference: {
-                routeId: options?.routeId,
-                routeName: options?.routeName
-            }
-        };
-        this.port80Handler.addDomain(domainOptions);
-        // Find matching route or create a generic one
-        const existingRoute = this.findRouteForDomain(domain);
-        if (existingRoute) {
-            await this.provisionCertificateForRoute(existingRoute);
-        }
-        else {
-            // We don't have a route, just provision the domain
-            const isWildcard = domain.includes('*');
-            let provision = 'http01';
-            if (this.certProvisionFunction) {
-                provision = await this.certProvisionFunction(domain);
-            }
-            else if (isWildcard) {
-                throw new Error(`Cannot request certificate for wildcard domain without certProvisionFunction: ${domain}`);
-            }
-            this.provisionMap.set(domain, {
-                type: provision === 'http01' || provision === 'dns01' ? provision : 'static'
-            });
-            if (provision !== 'http01' && provision !== 'dns01') {
-                const certObj = provision;
-                const certData = {
-                    domain: certObj.domainName,
-                    certificate: certObj.publicKey,
-                    privateKey: certObj.privateKey,
-                    expiryDate: new Date(certObj.validUntil),
-                    source: 'static',
-                    isRenewal: false,
-                    routeReference: {
-                        routeId: options?.routeId,
-                        routeName: options?.routeName
-                    }
-                };
-                this.networkProxyBridge.applyExternalCertificate(certData);
-                this.emit(CertProvisionerEvents.CERTIFICATE_ISSUED, certData);
-            }
-        }
-    }
-    /**
-     * Update routes with new configurations
-     * This replaces all existing routes with new ones and re-provisions certificates as needed
-     *
-     * @param newRoutes New route configurations to use
-     */
-    async updateRoutes(newRoutes) {
-        // Store the new route configs
-        this.routeConfigs = newRoutes;
-        // Extract new certificate routes
-        const newCertRoutes = this.extractCertificateRoutesFromRoutes(newRoutes);
-        // Find domains that no longer need certificates
-        const oldDomains = new Set(this.certRoutes.map(r => r.domain));
-        const newDomains = new Set(newCertRoutes.map(r => r.domain));
-        // Domains to remove
-        const domainsToRemove = [...oldDomains].filter(d => !newDomains.has(d));
-        // Remove obsolete domains from provision map
-        for (const domain of domainsToRemove) {
-            this.provisionMap.delete(domain);
-        }
-        // Update the cert routes
-        this.certRoutes = newCertRoutes;
-        // Provision certificates for new routes
-        for (const certRoute of newCertRoutes) {
-            if (!oldDomains.has(certRoute.domain)) {
-                await this.provisionCertificateForRoute(certRoute);
-            }
-        }
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC1wcm92aXNpb25lci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3RzL2NlcnRpZmljYXRlL3Byb3ZpZGVycy9jZXJ0LXByb3Zpc2lvbmVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFHNUMsT0FBTyxFQUFFLG1CQUFtQixFQUFFLHFCQUFxQixFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDN0YsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBcUJwRTs7Ozs7R0FLRztBQUNILE1BQU0sT0FBTyxlQUFnQixTQUFRLE9BQU8sQ0FBQyxZQUFZO0lBY3ZEOzs7T0FHRztJQUNLLGtDQUFrQyxDQUFDLE1BQXNCO1FBQy9ELE1BQU0sVUFBVSxHQUFpQixFQUFFLENBQUM7UUFFcEMsa0RBQWtEO1FBQ2xELEtBQUssTUFBTSxLQUFLLElBQUksTUFBTSxFQUFFLENBQUM7WUFDM0Isa0VBQWtFO1lBQ2xFLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssU0FBUztnQkFDL0IsS0FBSyxDQUFDLE1BQU0sQ0FBQyxHQUFHO2dCQUNoQixDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksS0FBSyxXQUFXLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBSSxLQUFLLHlCQUF5QixDQUFDO2dCQUM5RixLQUFLLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDO2dCQUV4QixpQ0FBaUM7Z0JBQ2pDLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUM7b0JBQ2hELENBQUMsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLE9BQU87b0JBQ3JCLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBRTFCLHlEQUF5RDtnQkFDekQsS0FBSyxNQUFNLE1BQU0sSUFBSSxPQUFPLEVBQUUsQ0FBQztvQkFDN0IsMEVBQTBFO29CQUMxRSxJQUFJLE1BQU0sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLElBQUksQ0FBQyxxQkFBcUIsSUFBSSxJQUFJLENBQUMscUJBQXFCLENBQUMsTUFBTSxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUM7d0JBQ3JHLE9BQU8sQ0FBQyxJQUFJLENBQUMsbUVBQW1FLE1BQU0sRUFBRSxDQUFDLENBQUM7d0JBQzFGLFNBQVM7b0JBQ1gsQ0FBQztvQkFFRCxVQUFVLENBQUMsSUFBSSxDQUFDO3dCQUNkLE1BQU07d0JBQ04sS0FBSzt3QkFDTCxPQUFPLEVBQUUsS0FBSyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBSTtxQkFDL0IsQ0FBQyxDQUFDO2dCQUNMLENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUVELE9BQU8sVUFBVSxDQUFDO0lBQ3BCLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7T0FXRztJQUNILFlBQ0UsWUFBNEIsRUFDNUIsYUFBNEIsRUFDNUIsa0JBQXVDLEVBQ3ZDLFlBQWdFLEVBQ2hFLHFCQUE2QixFQUFFLEVBQy9CLDBCQUFrQyxFQUFFLEVBQ3BDLFlBQXFCLElBQUksRUFDekIsZ0JBQXVDLEVBQUU7UUFFekMsS0FBSyxFQUFFLENBQUM7UUExRUYsZUFBVSxHQUFpQixFQUFFLENBQUM7UUEyRXBDLElBQUksQ0FBQyxZQUFZLEdBQUcsWUFBWSxDQUFDO1FBQ2pDLElBQUksQ0FBQyxhQUFhLEdBQUcsYUFBYSxDQUFDO1FBQ25DLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxrQkFBa0IsQ0FBQztRQUM3QyxJQUFJLENBQUMscUJBQXFCLEdBQUcsWUFBWSxDQUFDO1FBQzFDLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxrQkFBa0IsQ0FBQztRQUM3QyxJQUFJLENBQUMsdUJBQXVCLEdBQUcsdUJBQXVCLENBQUM7UUFDdkQsSUFBSSxDQUFDLFNBQVMsR0FBRyxTQUFTLENBQUM7UUFDM0IsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLEdBQUcsRUFBRSxDQUFDO1FBQzlCLElBQUksQ0FBQyxhQUFhLEdBQUcsYUFBYSxDQUFDO1FBRW5DLGtEQUFrRDtRQUNsRCxJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxrQ0FBa0MsQ0FBQyxZQUFZLENBQUMsQ0FBQztJQUMxRSxDQUFDO0lBRUQ7O09BRUc7SUFDSSxLQUFLLENBQUMsS0FBSztRQUNoQixnREFBZ0Q7UUFDaEQsSUFBSSxDQUFDLHVCQUF1QixFQUFFLENBQUM7UUFFL0IsNkNBQTZDO1FBQzdDLElBQUksQ0FBQyxzQkFBc0IsRUFBRSxDQUFDO1FBRTlCLGlEQUFpRDtRQUNqRCxNQUFNLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUFDO1FBRXRDLCtCQUErQjtRQUMvQixJQUFJLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNuQixJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztRQUMxQixDQUFDO0lBQ0gsQ0FBQztJQUVEOztPQUVHO0lBQ0ssdUJBQXVCO1FBQzdCLElBQUksQ0FBQyxhQUFhLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLGtCQUFrQixFQUFFLENBQUMsSUFBc0IsRUFBRSxFQUFFO1lBQ3ZGLG9DQUFvQztZQUNwQyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3RELE1BQU0sWUFBWSxHQUFxQjtnQkFDckMsR0FBRyxJQUFJO2dCQUNQLE1BQU0sRUFBRSxRQUFRO2dCQUNoQixTQUFTLEVBQUUsS0FBSztnQkFDaEIsY0FBYyxFQUFFLFFBQVEsQ0FBQyxDQUFDLENBQUM7b0JBQ3pCLE9BQU8sRUFBRSxRQUFRLENBQUMsS0FBSyxDQUFDLElBQUk7b0JBQzVCLFNBQVMsRUFBRSxRQUFRLENBQUMsS0FBSyxDQUFDLElBQUk7aUJBQy9CLENBQUMsQ0FBQyxDQUFDLFNBQVM7YUFDZCxDQUFDO1lBRUYsSUFBSSxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNwRSxDQUFDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxhQUFhLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLG1CQUFtQixFQUFFLENBQUMsSUFBc0IsRUFBRSxFQUFFO1lBQ3hGLG9DQUFvQztZQUNwQyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3RELE1BQU0sWUFBWSxHQUFxQjtnQkFDckMsR0FBRyxJQUFJO2dCQUNQLE1BQU0sRUFBRSxRQUFRO2dCQUNoQixTQUFTLEVBQUUsSUFBSTtnQkFDZixjQUFjLEVBQUUsUUFBUSxDQUFDLENBQUMsQ0FBQztvQkFDekIsT0FBTyxFQUFFLFFBQVEsQ0FBQyxLQUFLLENBQUMsSUFBSTtvQkFDNUIsU0FBUyxFQUFFLFFBQVEsQ0FBQyxLQUFLLENBQUMsSUFBSTtpQkFDL0IsQ0FBQyxDQUFDLENBQUMsU0FBUzthQUNkLENBQUM7WUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDLG1CQUFtQixFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQ3JFLENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUMsbUJBQW1CLENBQUMsa0JBQWtCLEVBQUUsQ0FBQyxLQUFLLEVBQUUsRUFBRTtZQUN0RSxJQUFJLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQzdELENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0ssa0JBQWtCLENBQUMsTUFBYztRQUN2QyxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDLE1BQU0sS0FBSyxNQUFNLENBQUMsQ0FBQztJQUN4RSxDQUFDO0lBRUQ7O09BRUc7SUFDSyxzQkFBc0I7UUFDNUIsS0FBSyxNQUFNLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDeEMsTUFBTSxhQUFhLEdBQW1CO2dCQUNwQyxVQUFVLEVBQUUsTUFBTSxDQUFDLE1BQU07Z0JBQ3pCLFdBQVcsRUFBRSxNQUFNLENBQUMsV0FBVyxJQUFJLEtBQUs7Z0JBQ3hDLGVBQWUsRUFBRSxLQUFLO2dCQUN0QixPQUFPLEVBQUUsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7b0JBQ3ZCLEVBQUUsRUFBRSxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUk7b0JBQ3RCLElBQUksRUFBRSxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUk7aUJBQ3pCLENBQUMsQ0FBQyxDQUFDLFNBQVM7YUFDZCxDQUFDO1lBQ0YsSUFBSSxDQUFDLGFBQWEsQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDOUMsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyx3QkFBd0I7UUFDcEMsS0FBSyxNQUFNLFNBQVMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDeEMsTUFBTSxJQUFJLENBQUMsNEJBQTRCLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDckQsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyw0QkFBNEIsQ0FBQyxTQUFxQjtRQUM5RCxNQUFNLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLFNBQVMsQ0FBQztRQUNwQyxNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3hDLElBQUksU0FBUyxHQUF5QixRQUFRLENBQUM7UUFFL0MsdURBQXVEO1FBQ3ZELElBQUksSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7WUFDL0IsSUFBSSxDQUFDO2dCQUNILFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUN2RCxDQUFDO1lBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztnQkFDYixPQUFPLENBQUMsS0FBSyxDQUFDLDBCQUEwQixNQUFNLGFBQWEsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLEdBQUcsRUFBRSxHQUFHLENBQUMsQ0FBQztZQUM5RixDQUFDO1FBQ0gsQ0FBQzthQUFNLElBQUksVUFBVSxFQUFFLENBQUM7WUFDdEIsaUVBQWlFO1lBQ2pFLE9BQU8sQ0FBQyxJQUFJLENBQUMsMkRBQTJELE1BQU0sRUFBRSxDQUFDLENBQUM7WUFDbEYsT0FBTztRQUNULENBQUM7UUFFRCxvREFBb0Q7UUFDcEQsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFO1lBQzVCLElBQUksRUFBRSxTQUFTLEtBQUssUUFBUSxJQUFJLFNBQVMsS0FBSyxPQUFPLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsUUFBUTtZQUM1RSxRQUFRLEVBQUUsU0FBUztTQUNwQixDQUFDLENBQUM7UUFFSCx3Q0FBd0M7UUFDeEMsSUFBSSxTQUFTLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDM0IsSUFBSSxVQUFVLEVBQUUsQ0FBQztnQkFDZixPQUFPLENBQUMsSUFBSSxDQUFDLHlDQUF5QyxNQUFNLEVBQUUsQ0FBQyxDQUFDO2dCQUNoRSxPQUFPO1lBQ1QsQ0FBQztZQUVELElBQUksQ0FBQyxhQUFhLENBQUMsU0FBUyxDQUFDO2dCQUMzQixVQUFVLEVBQUUsTUFBTTtnQkFDbEIsV0FBVyxFQUFFLElBQUk7Z0JBQ2pCLGVBQWUsRUFBRSxJQUFJO2dCQUNyQixjQUFjLEVBQUU7b0JBQ2QsT0FBTyxFQUFFLEtBQUssQ0FBQyxJQUFJLElBQUksTUFBTTtvQkFDN0IsU0FBUyxFQUFFLEtBQUssQ0FBQyxJQUFJO2lCQUN0QjthQUNGLENBQUMsQ0FBQztRQUNMLENBQUM7YUFBTSxJQUFJLFNBQVMsS0FBSyxPQUFPLEVBQUUsQ0FBQztZQUNqQyxrRUFBa0U7WUFDbEUsK0NBQStDO1lBQy9DLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUNBQWlDLE1BQU0sRUFBRSxDQUFDLENBQUM7UUFDekQsQ0FBQzthQUFNLENBQUM7WUFDTixpRUFBaUU7WUFDakUsTUFBTSxPQUFPLEdBQUcsU0FBMEMsQ0FBQztZQUMzRCxNQUFNLFFBQVEsR0FBcUI7Z0JBQ2pDLE1BQU0sRUFBRSxPQUFPLENBQUMsVUFBVTtnQkFDMUIsV0FBVyxFQUFFLE9BQU8sQ0FBQyxTQUFTO2dCQUM5QixVQUFVLEVBQUUsT0FBTyxDQUFDLFVBQVU7Z0JBQzlCLFVBQVUsRUFBRSxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDO2dCQUN4QyxNQUFNLEVBQUUsUUFBUTtnQkFDaEIsU0FBUyxFQUFFLEtBQUs7Z0JBQ2hCLGNBQWMsRUFBRTtvQkFDZCxPQUFPLEVBQUUsS0FBSyxDQUFDLElBQUksSUFBSSxNQUFNO29CQUM3QixTQUFTLEVBQUUsS0FBSyxDQUFDLElBQUk7aUJBQ3RCO2FBQ0YsQ0FBQztZQUVGLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyx3QkFBd0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUMzRCxJQUFJLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDLGtCQUFrQixFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ2hFLENBQUM7SUFDSCxDQUFDO0lBRUQ7O09BRUc7SUFDSyxnQkFBZ0I7UUFDdEIsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLE9BQU8sQ0FBQyxVQUFVLENBQUMsV0FBVyxFQUFFLENBQUM7UUFFekQsTUFBTSxTQUFTLEdBQUcsSUFBSSxPQUFPLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQztZQUM1QyxJQUFJLEVBQUUscUJBQXFCO1lBQzNCLFlBQVksRUFBRSxLQUFLLElBQUksRUFBRSxDQUFDLE1BQU0sSUFBSSxDQUFDLGVBQWUsRUFBRTtTQUN2RCxDQUFDLENBQUM7UUFFSCxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsdUJBQXVCLENBQUM7UUFDM0MsTUFBTSxRQUFRLEdBQUcsU0FBUyxLQUFLLFFBQVEsQ0FBQztRQUV4QyxJQUFJLENBQUMsWUFBWSxDQUFDLGtCQUFrQixDQUFDLFNBQVMsRUFBRSxRQUFRLENBQUMsQ0FBQztRQUMxRCxJQUFJLENBQUMsWUFBWSxDQUFDLEtBQUssRUFBRSxDQUFDO0lBQzVCLENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyxlQUFlO1FBQzNCLEtBQUssTUFBTSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsWUFBWSxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUM7WUFDekQsK0NBQStDO1lBQy9DLElBQUksTUFBTSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxJQUFJLENBQUMsSUFBSSxLQUFLLFFBQVE7Z0JBQUUsU0FBUztZQUU3RCxJQUFJLENBQUM7Z0JBQ0gsTUFBTSxJQUFJLENBQUMseUJBQXlCLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQ3pFLENBQUM7WUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO2dCQUNiLE9BQU8sQ0FBQyxLQUFLLENBQUMscUJBQXFCLE1BQU0sR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBQ3JELENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ssS0FBSyxDQUFDLHlCQUF5QixDQUNyQyxNQUFjLEVBQ2QsYUFBNEMsRUFDNUMsU0FBc0I7UUFFdEIsSUFBSSxhQUFhLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDL0IsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLGdCQUFnQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3BELENBQUM7YUFBTSxJQUFJLENBQUMsYUFBYSxLQUFLLFFBQVEsSUFBSSxhQUFhLEtBQUssT0FBTyxDQUFDLElBQUksSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7WUFDbkcsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsTUFBTSxDQUFDLENBQUM7WUFFM0QsSUFBSSxTQUFTLEtBQUssUUFBUSxJQUFJLFNBQVMsS0FBSyxPQUFPLEVBQUUsQ0FBQztnQkFDcEQsTUFBTSxPQUFPLEdBQUcsU0FBMEMsQ0FBQztnQkFDM0QsTUFBTSxRQUFRLEdBQUcsU0FBUyxFQUFFLEtBQUssQ0FBQztnQkFFbEMsTUFBTSxRQUFRLEdBQXFCO29CQUNqQyxNQUFNLEVBQUUsT0FBTyxDQUFDLFVBQVU7b0JBQzFCLFdBQVcsRUFBRSxPQUFPLENBQUMsU0FBUztvQkFDOUIsVUFBVSxFQUFFLE9BQU8sQ0FBQyxVQUFVO29CQUM5QixVQUFVLEVBQUUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQztvQkFDeEMsTUFBTSxFQUFFLFFBQVE7b0JBQ2hCLFNBQVMsRUFBRSxJQUFJO29CQUNmLGNBQWMsRUFBRSxRQUFRLENBQUMsQ0FBQyxDQUFDO3dCQUN6QixPQUFPLEVBQUUsUUFBUSxDQUFDLElBQUksSUFBSSxNQUFNO3dCQUNoQyxTQUFTLEVBQUUsUUFBUSxDQUFDLElBQUk7cUJBQ3pCLENBQUMsQ0FBQyxDQUFDLFNBQVM7aUJBQ2QsQ0FBQztnQkFFRixJQUFJLENBQUMsa0JBQWtCLENBQUMsd0JBQXdCLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQzNELElBQUksQ0FBQyxJQUFJLENBQUMscUJBQXFCLENBQUMsbUJBQW1CLEVBQUUsUUFBUSxDQUFDLENBQUM7WUFDakUsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxLQUFLLENBQUMsSUFBSTtRQUNmLElBQUksSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ3RCLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDM0IsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7T0FLRztJQUNJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFjO1FBQzVDLE1BQU0sVUFBVSxHQUFHLE1BQU0sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDeEMsc0JBQXNCO1FBQ3RCLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVsRCxnQ0FBZ0M7UUFDaEMsSUFBSSxTQUFTLEdBQXlCLFFBQVEsQ0FBQztRQUUvQyxJQUFJLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1lBQy9CLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN2RCxDQUFDO2FBQU0sSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUN0QiwwREFBMEQ7WUFDMUQsTUFBTSxJQUFJLEtBQUssQ0FBQyxpRkFBaUYsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUM3RyxDQUFDO1FBRUQsSUFBSSxTQUFTLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDM0IsSUFBSSxVQUFVLEVBQUUsQ0FBQztnQkFDZixNQUFNLElBQUksS0FBSyxDQUFDLDJEQUEyRCxNQUFNLEVBQUUsQ0FBQyxDQUFDO1lBQ3ZGLENBQUM7WUFDRCxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDcEQsQ0FBQzthQUFNLElBQUksU0FBUyxLQUFLLE9BQU8sRUFBRSxDQUFDO1lBQ2pDLDREQUE0RDtZQUM1RCxPQUFPLENBQUMsR0FBRyxDQUFDLGtDQUFrQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBQzFELENBQUM7YUFBTSxDQUFDO1lBQ04sbUVBQW1FO1lBQ25FLE1BQU0sT0FBTyxHQUFHLFNBQTBDLENBQUM7WUFDM0QsTUFBTSxRQUFRLEdBQXFCO2dCQUNqQyxNQUFNLEVBQUUsT0FBTyxDQUFDLFVBQVU7Z0JBQzFCLFdBQVcsRUFBRSxPQUFPLENBQUMsU0FBUztnQkFDOUIsVUFBVSxFQUFFLE9BQU8sQ0FBQyxVQUFVO2dCQUM5QixVQUFVLEVBQUUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQztnQkFDeEMsTUFBTSxFQUFFLFFBQVE7Z0JBQ2hCLFNBQVMsRUFBRSxLQUFLO2dCQUNoQixjQUFjLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDMUIsT0FBTyxFQUFFLFNBQVMsQ0FBQyxLQUFLLENBQUMsSUFBSSxJQUFJLE1BQU07b0JBQ3ZDLFNBQVMsRUFBRSxTQUFTLENBQUMsS0FBSyxDQUFDLElBQUk7aUJBQ2hDLENBQUMsQ0FBQyxDQUFDLFNBQVM7YUFDZCxDQUFDO1lBRUYsSUFBSSxDQUFDLGtCQUFrQixDQUFDLHdCQUF3QixDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQzNELElBQUksQ0FBQyxJQUFJLENBQUMscUJBQXFCLENBQUMsa0JBQWtCLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDaEUsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7T0FLRztJQUNJLEtBQUssQ0FBQyxTQUFTLENBQUMsTUFBYyxFQUFFLE9BS3RDO1FBQ0MsTUFBTSxhQUFhLEdBQW1CO1lBQ3BDLFVBQVUsRUFBRSxNQUFNO1lBQ2xCLFdBQVcsRUFBRSxPQUFPLEVBQUUsV0FBVyxJQUFJLElBQUk7WUFDekMsZUFBZSxFQUFFLE9BQU8sRUFBRSxlQUFlLElBQUksSUFBSTtZQUNqRCxjQUFjLEVBQUU7Z0JBQ2QsT0FBTyxFQUFFLE9BQU8sRUFBRSxPQUFPO2dCQUN6QixTQUFTLEVBQUUsT0FBTyxFQUFFLFNBQVM7YUFDOUI7U0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLGFBQWEsQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDLENBQUM7UUFFNUMsOENBQThDO1FBQzlDLE1BQU0sYUFBYSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN0RCxJQUFJLGFBQWEsRUFBRSxDQUFDO1lBQ2xCLE1BQU0sSUFBSSxDQUFDLDRCQUE0QixDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3pELENBQUM7YUFBTSxDQUFDO1lBQ04sbURBQW1EO1lBQ25ELE1BQU0sVUFBVSxHQUFHLE1BQU0sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDeEMsSUFBSSxTQUFTLEdBQXlCLFFBQVEsQ0FBQztZQUUvQyxJQUFJLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO2dCQUMvQixTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDdkQsQ0FBQztpQkFBTSxJQUFJLFVBQVUsRUFBRSxDQUFDO2dCQUN0QixNQUFNLElBQUksS0FBSyxDQUFDLGlGQUFpRixNQUFNLEVBQUUsQ0FBQyxDQUFDO1lBQzdHLENBQUM7WUFFRCxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUU7Z0JBQzVCLElBQUksRUFBRSxTQUFTLEtBQUssUUFBUSxJQUFJLFNBQVMsS0FBSyxPQUFPLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsUUFBUTthQUM3RSxDQUFDLENBQUM7WUFFSCxJQUFJLFNBQVMsS0FBSyxRQUFRLElBQUksU0FBUyxLQUFLLE9BQU8sRUFBRSxDQUFDO2dCQUNwRCxNQUFNLE9BQU8sR0FBRyxTQUEwQyxDQUFDO2dCQUMzRCxNQUFNLFFBQVEsR0FBcUI7b0JBQ2pDLE1BQU0sRUFBRSxPQUFPLENBQUMsVUFBVTtvQkFDMUIsV0FBVyxFQUFFLE9BQU8sQ0FBQyxTQUFTO29CQUM5QixVQUFVLEVBQUUsT0FBTyxDQUFDLFVBQVU7b0JBQzlCLFVBQVUsRUFBRSxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDO29CQUN4QyxNQUFNLEVBQUUsUUFBUTtvQkFDaEIsU0FBUyxFQUFFLEtBQUs7b0JBQ2hCLGNBQWMsRUFBRTt3QkFDZCxPQUFPLEVBQUUsT0FBTyxFQUFFLE9BQU87d0JBQ3pCLFNBQVMsRUFBRSxPQUFPLEVBQUUsU0FBUztxQkFDOUI7aUJBQ0YsQ0FBQztnQkFFRixJQUFJLENBQUMsa0JBQWtCLENBQUMsd0JBQXdCLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQzNELElBQUksQ0FBQyxJQUFJLENBQUMscUJBQXFCLENBQUMsa0JBQWtCLEVBQUUsUUFBUSxDQUFDLENBQUM7WUFDaEUsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSSxLQUFLLENBQUMsWUFBWSxDQUFDLFNBQXlCO1FBQ2pELDhCQUE4QjtRQUM5QixJQUFJLENBQUMsWUFBWSxHQUFHLFNBQVMsQ0FBQztRQUU5QixpQ0FBaUM7UUFDakMsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLGtDQUFrQyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBRXpFLGdEQUFnRDtRQUNoRCxNQUFNLFVBQVUsR0FBRyxJQUFJLEdBQUcsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO1FBQy9ELE1BQU0sVUFBVSxHQUFHLElBQUksR0FBRyxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztRQUU3RCxvQkFBb0I7UUFDcEIsTUFBTSxlQUFlLEdBQUcsQ0FBQyxHQUFHLFVBQVUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRXhFLDZDQUE2QztRQUM3QyxLQUFLLE1BQU0sTUFBTSxJQUFJLGVBQWUsRUFBRSxDQUFDO1lBQ3JDLElBQUksQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ25DLENBQUM7UUFFRCx5QkFBeUI7UUFDekIsSUFBSSxDQUFDLFVBQVUsR0FBRyxhQUFhLENBQUM7UUFFaEMsd0NBQXdDO1FBQ3hDLEtBQUssTUFBTSxTQUFTLElBQUksYUFBYSxFQUFFLENBQUM7WUFDdEMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUM7Z0JBQ3RDLE1BQU0sSUFBSSxDQUFDLDRCQUE0QixDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ3JELENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztDQUNGIn0=

package/dist_ts/certificate/providers/index.d.ts DELETED Viewed

@@ -1,4 +0,0 @@
-export {};
-/**
- * Certificate providers
- */

package/dist_ts/certificate/providers/index.js DELETED Viewed

@@ -1,5 +0,0 @@
-export {};
-/**
- * Certificate providers
- */
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9jZXJ0aWZpY2F0ZS9wcm92aWRlcnMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOztHQUVHIn0=

package/dist_ts/certificate/simplified-certificate-manager.d.ts DELETED Viewed

@@ -1,150 +0,0 @@
-/**
- * Simplified, unified certificate manager for SmartProxy
- */
-import * as plugins from '../plugins.js';
-import type { CertProvider } from './models/certificate-strategy.js';
-import type { CertificateEventMap, ICertificateEventEmitter } from './events/simplified-events.js';
-import type { IRouteConfig } from '../proxies/smart-proxy/models/route-types.js';
-/**
- * Certificate storage format
- */
-interface StoredCertificate {
-    domain: string;
-    certificate: string;
-    privateKey: string;
-    expiresAt: Date;
-    source: 'acme-http' | 'acme-dns' | 'static';
-}
-/**
- * Certificate manager configuration
- */
-export interface CertificateManagerConfig {
-    certProvider: CertProvider;
-    acmeEmail: string;
-    acmeServer: 'production' | 'staging';
-    storageDir?: string;
-    renewBeforeDays?: number;
-    defaultCertPath?: string;
-    defaultKeyPath?: string;
-}
-/**
- * Unified certificate manager
- */
-export declare class SimplifiedCertificateManager extends plugins.EventEmitter implements ICertificateEventEmitter {
-    private config;
-    private certificateCache;
-    private acmeClient;
-    private renewalTimer?;
-    private pendingRequests;
-    constructor(config: CertificateManagerConfig);
-    /**
-     * Initialize the certificate manager
-     */
-    start(): Promise<void>;
-    /**
-     * Stop the certificate manager
-     */
-    stop(): Promise<void>;
-    /**
-     * Get a certificate for a domain (main entry point)
-     */
-    getCertificate(domain: string): Promise<StoredCertificate>;
-    /**
-     * Request a new certificate
-     */
-    private requestCertificate;
-    /**
-     * Request certificate via ACME HTTP-01
-     */
-    private requestAcmeHttpCertificate;
-    /**
-     * Request certificate via ACME DNS-01
-     */
-    private requestAcmeDnsCertificate;
-    /**
-     * Renew a certificate
-     */
-    renewCertificate(domain: string): Promise<StoredCertificate>;
-    /**
-     * Check certificates for renewal
-     */
-    private checkForRenewals;
-    /**
-     * Initialize ACME client
-     */
-    private initializeAcmeClient;
-    /**
-     * Load stored certificates from disk
-     */
-    private loadStoredCertificates;
-    /**
-     * Store certificate to disk
-     */
-    private storeCertificate;
-    /**
-     * Ensure storage directory exists
-     */
-    private ensureStorageDir;
-    /**
-     * Get or create ACME account key
-     */
-    private getOrCreateAccountKey;
-    /**
-     * Generate keypair for certificate
-     */
-    private generateKeypair;
-    /**
-     * Generate CSR for domain
-     */
-    private generateCsr;
-    /**
-     * Extract expiry date from certificate
-     */
-    private extractExpiryDate;
-    /**
-     * Check if certificate is valid
-     */
-    private isCertificateValid;
-    /**
-     * Check if certificate should be renewed
-     */
-    private shouldRenew;
-    /**
-     * Check if certificate is expiring soon
-     */
-    private isExpiringSoon;
-    /**
-     * Get days remaining until expiry
-     */
-    private getDaysRemaining;
-    /**
-     * Start renewal timer
-     */
-    private startRenewalTimer;
-    /**
-     * Get default certificate for SNI fallback
-     */
-    getDefaultCertificate(): Promise<{
-        cert: string;
-        key: string;
-    }>;
-    /**
-     * Set up HTTP challenge responder
-     */
-    private setupHttpChallenge;
-    /**
-     * Clean up HTTP challenge
-     */
-    private cleanupHttpChallenge;
-    /**
-     * Type assertion for event emitter
-     */
-    on<K extends keyof CertificateEventMap>(event: K, listener: (data: CertificateEventMap[K]) => void): this;
-    off<K extends keyof CertificateEventMap>(event: K, listener: (data: CertificateEventMap[K]) => void): this;
-    emit<K extends keyof CertificateEventMap>(event: K, data: CertificateEventMap[K]): boolean;
-    /**
-     * Update routes (placeholder for future implementation)
-     */
-    updateRoutes(routes: IRouteConfig[]): Promise<void>;
-}
-export {};