jishushell 0.0.1 → 0.4.2-beta2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/INSTALL-NOTICE +41 -0
- package/LICENSE +202 -0
- package/README.md +36 -0
- package/THIRD-PARTY-NOTICES +387 -0
- package/dist/auth.d.ts +6 -0
- package/dist/auth.js +88 -0
- package/dist/auth.js.map +1 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +290 -0
- package/dist/cli.js.map +1 -0
- package/dist/config.d.ts +24 -0
- package/dist/config.js +226 -0
- package/dist/config.js.map +1 -0
- package/dist/constants.d.ts +3 -0
- package/dist/constants.js +15 -0
- package/dist/constants.js.map +1 -0
- package/dist/control.d.ts +44 -0
- package/dist/control.js +1359 -0
- package/dist/control.js.map +1 -0
- package/dist/crypto-shim.d.ts +1 -0
- package/dist/crypto-shim.js +2 -0
- package/dist/crypto-shim.js.map +1 -0
- package/dist/doctor.d.ts +46 -0
- package/dist/doctor.js +937 -0
- package/dist/doctor.js.map +1 -0
- package/dist/install.d.ts +27 -0
- package/dist/install.js +570 -0
- package/dist/install.js.map +1 -0
- package/dist/routes/auth.d.ts +4 -0
- package/dist/routes/auth.js +151 -0
- package/dist/routes/auth.js.map +1 -0
- package/dist/routes/instances.d.ts +2 -0
- package/dist/routes/instances.js +1303 -0
- package/dist/routes/instances.js.map +1 -0
- package/dist/routes/setup.d.ts +2 -0
- package/dist/routes/setup.js +139 -0
- package/dist/routes/setup.js.map +1 -0
- package/dist/routes/system.d.ts +2 -0
- package/dist/routes/system.js +102 -0
- package/dist/routes/system.js.map +1 -0
- package/dist/server.d.ts +6 -0
- package/dist/server.js +392 -0
- package/dist/server.js.map +1 -0
- package/dist/services/instance-manager.d.ts +67 -0
- package/dist/services/instance-manager.js +1319 -0
- package/dist/services/instance-manager.js.map +1 -0
- package/dist/services/llm-proxy/adapters.d.ts +3 -0
- package/dist/services/llm-proxy/adapters.js +309 -0
- package/dist/services/llm-proxy/adapters.js.map +1 -0
- package/dist/services/llm-proxy/circuit-breaker.d.ts +9 -0
- package/dist/services/llm-proxy/circuit-breaker.js +73 -0
- package/dist/services/llm-proxy/circuit-breaker.js.map +1 -0
- package/dist/services/llm-proxy/encryption.d.ts +6 -0
- package/dist/services/llm-proxy/encryption.js +61 -0
- package/dist/services/llm-proxy/encryption.js.map +1 -0
- package/dist/services/llm-proxy/index.d.ts +24 -0
- package/dist/services/llm-proxy/index.js +708 -0
- package/dist/services/llm-proxy/index.js.map +1 -0
- package/dist/services/llm-proxy/rate-limiter.d.ts +1 -0
- package/dist/services/llm-proxy/rate-limiter.js +39 -0
- package/dist/services/llm-proxy/rate-limiter.js.map +1 -0
- package/dist/services/llm-proxy/sse.d.ts +10 -0
- package/dist/services/llm-proxy/sse.js +378 -0
- package/dist/services/llm-proxy/sse.js.map +1 -0
- package/dist/services/llm-proxy/ssrf.d.ts +16 -0
- package/dist/services/llm-proxy/ssrf.js +185 -0
- package/dist/services/llm-proxy/ssrf.js.map +1 -0
- package/dist/services/llm-proxy/types.d.ts +52 -0
- package/dist/services/llm-proxy/types.js +2 -0
- package/dist/services/llm-proxy/types.js.map +1 -0
- package/dist/services/llm-proxy/usage.d.ts +12 -0
- package/dist/services/llm-proxy/usage.js +108 -0
- package/dist/services/llm-proxy/usage.js.map +1 -0
- package/dist/services/nomad-manager.d.ts +22 -0
- package/dist/services/nomad-manager.js +828 -0
- package/dist/services/nomad-manager.js.map +1 -0
- package/dist/services/plugin-installer.d.ts +22 -0
- package/dist/services/plugin-installer.js +102 -0
- package/dist/services/plugin-installer.js.map +1 -0
- package/dist/services/process-manager.d.ts +25 -0
- package/dist/services/process-manager.js +531 -0
- package/dist/services/process-manager.js.map +1 -0
- package/dist/services/setup-manager.d.ts +93 -0
- package/dist/services/setup-manager.js +1922 -0
- package/dist/services/setup-manager.js.map +1 -0
- package/dist/services/system-monitor.d.ts +1 -0
- package/dist/services/system-monitor.js +79 -0
- package/dist/services/system-monitor.js.map +1 -0
- package/dist/services/telemetry/activation.d.ts +12 -0
- package/dist/services/telemetry/activation.js +78 -0
- package/dist/services/telemetry/activation.js.map +1 -0
- package/dist/services/telemetry/client.d.ts +21 -0
- package/dist/services/telemetry/client.js +36 -0
- package/dist/services/telemetry/client.js.map +1 -0
- package/dist/services/telemetry/device-fingerprint.d.ts +18 -0
- package/dist/services/telemetry/device-fingerprint.js +123 -0
- package/dist/services/telemetry/device-fingerprint.js.map +1 -0
- package/dist/services/telemetry/heartbeat.d.ts +13 -0
- package/dist/services/telemetry/heartbeat.js +87 -0
- package/dist/services/telemetry/heartbeat.js.map +1 -0
- package/dist/services/telemetry/index.d.ts +3 -0
- package/dist/services/telemetry/index.js +4 -0
- package/dist/services/telemetry/index.js.map +1 -0
- package/dist/types.d.ts +51 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/dist/utils/safe-json.d.ts +2 -0
- package/dist/utils/safe-json.js +80 -0
- package/dist/utils/safe-json.js.map +1 -0
- package/dist/utils/ttl-cache.d.ts +29 -0
- package/dist/utils/ttl-cache.js +77 -0
- package/dist/utils/ttl-cache.js.map +1 -0
- package/install/jishu-install.sh +2920 -0
- package/install/jishu-uninstall.sh +811 -0
- package/install/post-install.sh +124 -0
- package/install/post-uninstall.sh +46 -0
- package/package.json +57 -8
- package/public/assets/Dashboard-Dxsq690N.js +1 -0
- package/public/assets/InitPassword-CslWYy8G.js +1 -0
- package/public/assets/InstanceDetail-DmEkMj-t.js +14 -0
- package/public/assets/Login-d45wtgVA.js +1 -0
- package/public/assets/NewInstance-Czp5-AJe.js +1 -0
- package/public/assets/Settings-BKMGck05.js +1 -0
- package/public/assets/Setup-D3rfLWjZ.js +1 -0
- package/public/assets/index-77Ug7feY.css +1 -0
- package/public/assets/index-DkDnIohs.js +16 -0
- package/public/assets/logo-black-theme-DywLAtFy.png +0 -0
- package/public/assets/logo-white-theme-DXffFAWw.png +0 -0
- package/public/assets/providers-lBSOjUWy.js +1 -0
- package/public/assets/usePolling-CqQ8hrNc.js +1 -0
- package/public/assets/vendor-i18n-Bvxxh8Di.js +9 -0
- package/public/assets/vendor-react-DONn7uBV.js +59 -0
- package/public/index.html +15 -0
- package/scripts/build-image.sh +55 -0
- package/scripts/run.sh +310 -0
- package/scripts/setup-pi.sh +80 -0
- package/scripts/start-feishu1.js +46 -0
- package/index.js +0 -0
- package/jishushell-0.0.1.tgz +0 -0
|
@@ -0,0 +1,151 @@
|
|
|
1
|
+
import * as auth from "../auth.js";
|
|
2
|
+
import { JWT_EXPIRE_HOURS } from "../config.js";
|
|
3
|
+
import * as setupManager from "../services/setup-manager.js";
|
|
4
|
+
// Brute-force protection: per-IP progressive lockout
|
|
5
|
+
const loginAttempts = new Map();
|
|
6
|
+
const MAX_ATTEMPTS = 5;
|
|
7
|
+
const MAX_TRACKED_IPS = 10_000;
|
|
8
|
+
// Progressive lockout: 1min → 5min → 15min → 1h (based on cumulative failures)
|
|
9
|
+
const BLOCK_DURATIONS = [60_000, 300_000, 900_000, 3_600_000];
|
|
10
|
+
function checkLoginRate(ip) {
|
|
11
|
+
const now = Date.now();
|
|
12
|
+
const record = loginAttempts.get(ip);
|
|
13
|
+
if (record && now < record.blockedUntil) {
|
|
14
|
+
return { allowed: false, retryAfter: Math.ceil((record.blockedUntil - now) / 1000) };
|
|
15
|
+
}
|
|
16
|
+
return { allowed: true };
|
|
17
|
+
}
|
|
18
|
+
function recordLoginFailure(ip) {
|
|
19
|
+
const record = loginAttempts.get(ip) || { count: 0, blockedUntil: 0, lastAttempt: 0 };
|
|
20
|
+
record.count++;
|
|
21
|
+
record.lastAttempt = Date.now();
|
|
22
|
+
if (record.count >= MAX_ATTEMPTS) {
|
|
23
|
+
// Progressive: longer blocks for repeat offenders
|
|
24
|
+
const tier = Math.min(Math.floor(record.count / MAX_ATTEMPTS) - 1, BLOCK_DURATIONS.length - 1);
|
|
25
|
+
record.blockedUntil = Date.now() + BLOCK_DURATIONS[tier];
|
|
26
|
+
}
|
|
27
|
+
// Evict a non-blocked entry first to avoid kicking active locks off the map;
|
|
28
|
+
// only fall back to FIFO if every tracked IP is still within its block window.
|
|
29
|
+
if (!loginAttempts.has(ip) && loginAttempts.size >= MAX_TRACKED_IPS) {
|
|
30
|
+
const now = Date.now();
|
|
31
|
+
let evictKey;
|
|
32
|
+
for (const [k, v] of loginAttempts) {
|
|
33
|
+
if (now >= v.blockedUntil) {
|
|
34
|
+
evictKey = k;
|
|
35
|
+
break;
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
if (evictKey === undefined)
|
|
39
|
+
evictKey = loginAttempts.keys().next().value;
|
|
40
|
+
if (evictKey !== undefined)
|
|
41
|
+
loginAttempts.delete(evictKey);
|
|
42
|
+
}
|
|
43
|
+
loginAttempts.set(ip, record);
|
|
44
|
+
}
|
|
45
|
+
function clearLoginFailures(ip) {
|
|
46
|
+
loginAttempts.delete(ip);
|
|
47
|
+
}
|
|
48
|
+
// Clean up expired entries every minute to limit memory under brute-force attacks
|
|
49
|
+
setInterval(() => {
|
|
50
|
+
const now = Date.now();
|
|
51
|
+
for (const [ip, record] of loginAttempts) {
|
|
52
|
+
// Remove entries whose block has expired for over 10 minutes (no longer useful)
|
|
53
|
+
if (record.blockedUntil > 0 && now >= record.blockedUntil + 600_000)
|
|
54
|
+
loginAttempts.delete(ip);
|
|
55
|
+
// Remove entries that never reached the block threshold and have been idle for over 10 minutes
|
|
56
|
+
else if (record.blockedUntil === 0 && record.count < MAX_ATTEMPTS && now - record.lastAttempt >= 600_000)
|
|
57
|
+
loginAttempts.delete(ip);
|
|
58
|
+
}
|
|
59
|
+
}, 60_000).unref();
|
|
60
|
+
const AUTH_COOKIE_NAME = "jishushell_session";
|
|
61
|
+
function setAuthCookie(req, reply, token) {
|
|
62
|
+
const maxAge = JWT_EXPIRE_HOURS * 3600;
|
|
63
|
+
const secure = req.headers["x-forwarded-proto"] === "https" ? "; Secure" : "";
|
|
64
|
+
reply.header("Set-Cookie", `${AUTH_COOKIE_NAME}=${token}; HttpOnly; SameSite=Strict; Path=/api; Max-Age=${maxAge}${secure}`);
|
|
65
|
+
}
|
|
66
|
+
function clearAuthCookie(reply) {
|
|
67
|
+
reply.header("Set-Cookie", `${AUTH_COOKIE_NAME}=; HttpOnly; SameSite=Strict; Path=/api; Max-Age=0`);
|
|
68
|
+
}
|
|
69
|
+
export async function authRoutes(app, opts = {}) {
|
|
70
|
+
app.get("/api/auth/status", async () => {
|
|
71
|
+
return { initialized: auth.isInitialized() };
|
|
72
|
+
});
|
|
73
|
+
app.post("/api/auth/init", async (req, reply) => {
|
|
74
|
+
if (auth.isInitialized()) {
|
|
75
|
+
return reply.status(400).send({ detail: "Password already initialized" });
|
|
76
|
+
}
|
|
77
|
+
if (typeof req.body?.password !== "string" || req.body.password.length < 8) {
|
|
78
|
+
return reply.status(400).send({ detail: "Password must be at least 8 characters" });
|
|
79
|
+
}
|
|
80
|
+
const ok = await auth.initPassword(req.body.password);
|
|
81
|
+
if (!ok) {
|
|
82
|
+
// Could lose race with another concurrent init call — treat same as already-initialized.
|
|
83
|
+
return reply.status(409).send({ detail: "Password already initialized" });
|
|
84
|
+
}
|
|
85
|
+
const token = auth.createToken();
|
|
86
|
+
setAuthCookie(req, reply, token);
|
|
87
|
+
// Rebind from 127.0.0.1 → 0.0.0.0 after password is set, so the response can be sent first.
|
|
88
|
+
setTimeout(() => {
|
|
89
|
+
const rebind = opts.getRebind?.();
|
|
90
|
+
if (rebind) {
|
|
91
|
+
console.log("[auth] Password initialized — rebinding to 0.0.0.0 for remote access...");
|
|
92
|
+
rebind("0.0.0.0")
|
|
93
|
+
.then(() => setupManager.startNomad())
|
|
94
|
+
.then((r) => console.log("[auth] Post-rebind Nomad:", r.message))
|
|
95
|
+
.catch((e) => console.error("[auth] Post-rebind error:", e));
|
|
96
|
+
}
|
|
97
|
+
else {
|
|
98
|
+
console.log("[auth] Password initialized — restart to enable remote access.");
|
|
99
|
+
}
|
|
100
|
+
}, 500);
|
|
101
|
+
return { token };
|
|
102
|
+
});
|
|
103
|
+
app.post("/api/auth/login", async (req, reply) => {
|
|
104
|
+
if (!auth.isInitialized()) {
|
|
105
|
+
return reply.status(400).send({ detail: "Password not initialized" });
|
|
106
|
+
}
|
|
107
|
+
const ip = req.ip || "unknown";
|
|
108
|
+
const rateCheck = checkLoginRate(ip);
|
|
109
|
+
if (!rateCheck.allowed) {
|
|
110
|
+
reply.header("Retry-After", String(rateCheck.retryAfter));
|
|
111
|
+
return reply.status(429).send({ detail: `Too many login attempts, retry after ${rateCheck.retryAfter}s` });
|
|
112
|
+
}
|
|
113
|
+
if (typeof req.body?.password !== "string") {
|
|
114
|
+
return reply.status(400).send({ detail: "Password is required" });
|
|
115
|
+
}
|
|
116
|
+
if (!await auth.verifyPassword(req.body.password)) {
|
|
117
|
+
recordLoginFailure(ip);
|
|
118
|
+
return reply.status(401).send({ detail: "Wrong password" });
|
|
119
|
+
}
|
|
120
|
+
clearLoginFailures(ip);
|
|
121
|
+
const token = auth.createToken();
|
|
122
|
+
setAuthCookie(req, reply, token);
|
|
123
|
+
return { token };
|
|
124
|
+
});
|
|
125
|
+
app.post("/api/auth/change-password", async (req, reply) => {
|
|
126
|
+
// Rate-limit change-password same as login to prevent brute-force on old password
|
|
127
|
+
const ip = req.ip || "unknown";
|
|
128
|
+
const rateCheck = checkLoginRate(ip);
|
|
129
|
+
if (!rateCheck.allowed) {
|
|
130
|
+
reply.header("Retry-After", String(rateCheck.retryAfter));
|
|
131
|
+
return reply.status(429).send({ detail: `Too many attempts, retry after ${rateCheck.retryAfter}s` });
|
|
132
|
+
}
|
|
133
|
+
if (typeof req.body?.new_password !== "string" || req.body.new_password.length < 8) {
|
|
134
|
+
return reply.status(400).send({ detail: "Password must be at least 8 characters" });
|
|
135
|
+
}
|
|
136
|
+
if (!await auth.changePassword(req.body.old_password, req.body.new_password)) {
|
|
137
|
+
recordLoginFailure(ip);
|
|
138
|
+
return reply.status(401).send({ detail: "Wrong old password" });
|
|
139
|
+
}
|
|
140
|
+
clearLoginFailures(ip);
|
|
141
|
+
const token = auth.createToken();
|
|
142
|
+
setAuthCookie(req, reply, token);
|
|
143
|
+
return { token };
|
|
144
|
+
});
|
|
145
|
+
// Logout — clear the httpOnly cookie
|
|
146
|
+
app.post("/api/auth/logout", async (_req, reply) => {
|
|
147
|
+
clearAuthCookie(reply);
|
|
148
|
+
return { ok: true };
|
|
149
|
+
});
|
|
150
|
+
}
|
|
151
|
+
//# sourceMappingURL=auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/routes/auth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,IAAI,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,YAAY,MAAM,8BAA8B,CAAC;AAE7D,qDAAqD;AACrD,MAAM,aAAa,GAAG,IAAI,GAAG,EAAwE,CAAC;AACtG,MAAM,YAAY,GAAG,CAAC,CAAC;AACvB,MAAM,eAAe,GAAG,MAAM,CAAC;AAC/B,+EAA+E;AAC/E,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;AAE9D,SAAS,cAAc,CAAC,EAAU;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACrC,IAAI,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,YAAY,EAAE,CAAC;QACxC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC;IACvF,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,kBAAkB,CAAC,EAAU;IACpC,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC;IACtF,MAAM,CAAC,KAAK,EAAE,CAAC;IACf,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAChC,IAAI,MAAM,CAAC,KAAK,IAAI,YAAY,EAAE,CAAC;QACjC,kDAAkD;QAClD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,EAAE,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/F,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IAC3D,CAAC;IACD,6EAA6E;IAC7E,+EAA+E;IAC/E,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,aAAa,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;QACpE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,QAA4B,CAAC;QACjC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,aAAa,EAAE,CAAC;YACnC,IAAI,GAAG,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC;gBAAC,QAAQ,GAAG,CAAC,CAAC;gBAAC,MAAM;YAAC,CAAC;QACrD,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS;YAAE,QAAQ,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QACzE,IAAI,QAAQ,KAAK,SAAS;YAAE,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC7D,CAAC;IACD,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,kBAAkB,CAAC,EAAU;IACpC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC;AAED,kFAAkF;AAClF,WAAW,CAAC,GAAG,EAAE;IACf,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;QACzC,gFAAgF;QAChF,IAAI,MAAM,CAAC,YAAY,GAAG,CAAC,IAAI,GAAG,IAAI,MAAM,CAAC,YAAY,GAAG,OAAO;YAAE,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC9F,+FAA+F;aAC1F,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC,IAAI,MAAM,CAAC,KAAK,GAAG,YAAY,IAAI,GAAG,GAAG,MAAM,CAAC,WAAW,IAAI,OAAO;YAAE,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACrI,CAAC;AACH,CAAC,EAAE,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;AAEnB,MAAM,gBAAgB,GAAG,oBAAoB,CAAC;AAE9C,SAAS,aAAa,CAAC,GAAmB,EAAE,KAAmB,EAAE,KAAa;IAC5E,MAAM,MAAM,GAAG,gBAAgB,GAAG,IAAI,CAAC;IACvC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9E,KAAK,CAAC,MAAM,CAAC,YAAY,EACvB,GAAG,gBAAgB,IAAI,KAAK,mDAAmD,MAAM,GAAG,MAAM,EAAE,CACjG,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,KAAmB;IAC1C,KAAK,CAAC,MAAM,CAAC,YAAY,EACvB,GAAG,gBAAgB,oDAAoD,CACxE,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,GAAoB,EACpB,OAA0E,EAAE;IAE5E,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,IAAI,EAAE;QACrC,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAiC,gBAAgB,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QAC9E,IAAI,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;YACzB,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,8BAA8B,EAAE,CAAC,CAAC;QAC5E,CAAC;QACD,IAAI,OAAO,GAAG,CAAC,IAAI,EAAE,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3E,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,wCAAwC,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACtD,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,yFAAyF;YACzF,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,8BAA8B,EAAE,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QACjC,4FAA4F;QAC5F,UAAU,CAAC,GAAG,EAAE;YACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC;YAClC,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC;gBACvF,MAAM,CAAC,SAAS,CAAC;qBACd,IAAI,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,CAAC;qBACrC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC;qBAChE,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,CAAC,CAAC,CAAC,CAAC;YACjE,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;YAChF,CAAC;QACH,CAAC,EAAE,GAAG,CAAC,CAAC;QACR,OAAO,EAAE,KAAK,EAAE,CAAC;IACnB,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAiC,iBAAiB,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QAC/E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;YAC1B,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,SAAS,GAAG,cAAc,CAAC,EAAE,CAAC,CAAC;QACrC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACvB,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;YAC1D,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,wCAAwC,SAAS,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC;QAC7G,CAAC;QACD,IAAI,OAAO,GAAG,CAAC,IAAI,EAAE,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC3C,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,sBAAsB,EAAE,CAAC,CAAC;QACpE,CAAC;QACD,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClD,kBAAkB,CAAC,EAAE,CAAC,CAAC;YACvB,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QACjC,OAAO,EAAE,KAAK,EAAE,CAAC;IACnB,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CACN,2BAA2B,EAC3B,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QACnB,kFAAkF;QAClF,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,SAAS,GAAG,cAAc,CAAC,EAAE,CAAC,CAAC;QACrC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACvB,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;YAC1D,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,kCAAkC,SAAS,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC;QACvG,CAAC;QACD,IAAI,OAAO,GAAG,CAAC,IAAI,EAAE,YAAY,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACnF,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,wCAAwC,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7E,kBAAkB,CAAC,EAAE,CAAC,CAAC;YACvB,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAClE,CAAC;QACD,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QACjC,OAAO,EAAE,KAAK,EAAE,CAAC;IACnB,CAAC,CACF,CAAC;IAEF,qCAAqC;IACrC,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE;QACjD,eAAe,CAAC,KAAK,CAAC,CAAC;QACvB,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;AACL,CAAC"}
|