# HG changeset patch # User dfuchs # Date 1571233853 -3600 # Node ID 6b6bf0de534bcd8c98d34181933afdca8426d5b6 # Parent 64597a6fd18677f38e40fd43a43ee2fb08b359f1 8231449: HttpClient’s client ssl certificate authentication seems to be broken. Summary: SSLFlowDelegate.Reader and SubscriberWrapper are changed to better cooperate on when more demand should be requested from upstream. The issue encountered in this scenario was triggered by a large certificate which caused the SSLFlowDelegate to stop requesting data from upstream during the handshake although the engine handshake status was NEED_UNWRAP. Reviewed-by: chegar diff -r 64597a6fd186 -r 6b6bf0de534b src/java.net.http/share/classes/jdk/internal/net/http/common/SSLFlowDelegate.java --- a/src/java.net.http/share/classes/jdk/internal/net/http/common/SSLFlowDelegate.java Wed Oct 16 12:36:44 2019 +0200 +++ b/src/java.net.http/share/classes/jdk/internal/net/http/common/SSLFlowDelegate.java Wed Oct 16 14:50:53 2019 +0100 @@ -318,14 +318,19 @@ @Override protected long upstreamWindowUpdate(long currentWindow, long downstreamQsize) { - if (readBuf.remaining() > TARGET_BUFSIZE) { - if (debugr.on()) - debugr.log("readBuf has more than TARGET_BUFSIZE: %d", - readBuf.remaining()); - return 0; - } else { - return super.upstreamWindowUpdate(currentWindow, downstreamQsize); + if (needsMoreData()) { + // run the scheduler to see if more data should be requested + if (debugr.on()) { + int remaining = readBuf.remaining(); + if (remaining > TARGET_BUFSIZE) { + // just some logging to check how much we have in the read buffer + debugr.log("readBuf has more than TARGET_BUFSIZE: %d", + remaining); + } + } + scheduler.runOrSchedule(); } + return 0; // we will request more from the scheduler loop (processData). } // readBuf is kept ready for reading outside of this method @@ -368,6 +373,32 @@ // we had before calling unwrap() again. volatile int minBytesRequired; + // We might need to request more data if: + // - we have a subscription from upstream + // - and we don't have enough data to decrypt in the read buffer + // - *and* - either we're handshaking, and more data is required (NEED_UNWRAP), + // - or we have demand from downstream, but we have nothing decrypted + // to forward downstream. + boolean needsMoreData() { + if (upstreamSubscription != null && readBuf.remaining() <= minBytesRequired && + (engine.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP + || !downstreamSubscription.demand.isFulfilled() && hasNoOutputData())) { + return true; + } + return false; + } + + // If the readBuf has not enough data, and we either need to + // unwrap (handshaking) or we have demand from downstream, + // then request more data + void requestMoreDataIfNeeded() { + if (needsMoreData()) { + // request more will only request more if our + // demand from upstream is fulfilled + requestMore(); + } + } + // work function where it all happens final void processData() { try { @@ -434,6 +465,7 @@ outgoing(Utils.EMPTY_BB_LIST, true); // complete ALPN if not yet completed setALPN(); + requestMoreDataIfNeeded(); return; } if (result.handshaking()) { @@ -451,8 +483,10 @@ handleError(ex); return; } - if (handshaking && !complete) + if (handshaking && !complete) { + requestMoreDataIfNeeded(); return; + } } if (!complete) { synchronized (readBufferLock) { @@ -466,6 +500,8 @@ // activity. setALPN(); outgoing(Utils.EMPTY_BB_LIST, true); + } else { + requestMoreDataIfNeeded(); } } catch (Throwable ex) { errorCommon(ex); diff -r 64597a6fd186 -r 6b6bf0de534b src/java.net.http/share/classes/jdk/internal/net/http/common/SubscriberWrapper.java --- a/src/java.net.http/share/classes/jdk/internal/net/http/common/SubscriberWrapper.java Wed Oct 16 12:36:44 2019 +0200 +++ b/src/java.net.http/share/classes/jdk/internal/net/http/common/SubscriberWrapper.java Wed Oct 16 14:50:53 2019 +0100 @@ -26,9 +26,7 @@ package jdk.internal.net.http.common; import java.io.Closeable; -import java.lang.System.Logger.Level; import java.nio.ByteBuffer; -import java.util.ArrayList; import java.util.List; import java.util.Objects; import java.util.concurrent.CompletableFuture; @@ -318,11 +316,33 @@ downstreamSubscriber.onNext(b); datasent = true; } - if (datasent) upstreamWindowUpdate(); + + // If we have sent some decrypted data downstream, + // or if: + // - there's nothing more available to send downstream + // - and we still have some demand from downstream + // - and upstream is not completed yet + // - and our demand from upstream has reached 0, + // then check whether we should request more data from + // upstream + if (datasent || outputQ.isEmpty() + && !downstreamSubscription.demand.isFulfilled() + && !upstreamCompleted + && upstreamWindow.get() == 0) { + upstreamWindowUpdate(); + } checkCompletion(); } } + final int outputQueueSize() { + return outputQ.size(); + } + + final boolean hasNoOutputData() { + return outputQ.isEmpty(); + } + void upstreamWindowUpdate() { long downstreamQueueSize = outputQ.size(); long upstreamWindowSize = upstreamWindow.get(); @@ -341,7 +361,7 @@ throw new IllegalStateException("Single shot publisher"); } this.upstreamSubscription = subscription; - upstreamRequest(upstreamWindowUpdate(0, 0)); + upstreamRequest(initialUpstreamDemand()); if (debug.on()) debug.log("calling downstreamSubscriber::onSubscribe on %s", downstreamSubscriber); @@ -356,7 +376,6 @@ if (prev <= 0) throw new IllegalStateException("invalid onNext call"); incomingCaller(item, false); - upstreamWindowUpdate(); } private void upstreamRequest(long n) { @@ -365,6 +384,16 @@ upstreamSubscription.request(n); } + /** + * Initial demand that should be requested + * from upstream when we get the upstream subscription + * from {@link #onSubscribe(Flow.Subscription)}. + * @return The initial demand to request from upstream. + */ + protected long initialUpstreamDemand() { + return 1; + } + protected void requestMore() { if (upstreamWindow.get() == 0) { upstreamRequest(1); diff -r 64597a6fd186 -r 6b6bf0de534b test/jdk/java/net/httpclient/HttpSlowServerTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/java/net/httpclient/HttpSlowServerTest.java Wed Oct 16 14:50:53 2019 +0100 @@ -0,0 +1,313 @@ +/* + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +import com.sun.net.httpserver.HttpServer; +import com.sun.net.httpserver.HttpsConfigurator; +import com.sun.net.httpserver.HttpsServer; +import jdk.test.lib.net.SimpleSSLContext; + +import javax.net.ssl.SSLContext; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.Proxy; +import java.net.ProxySelector; +import java.net.SocketAddress; +import java.net.URI; +import java.net.http.HttpClient; +import java.net.http.HttpRequest; +import java.net.http.HttpResponse; +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.List; +import java.util.Set; +import java.util.concurrent.CompletableFuture; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.concurrent.CopyOnWriteArraySet; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.LinkedBlockingQueue; +import java.util.concurrent.ThreadPoolExecutor; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicLong; + +/** + * @test + * @summary This test verifies that the HttpClient works correctly when connected to a + * slow server. + * @library /test/lib http2/server + * @build jdk.test.lib.net.SimpleSSLContext HttpServerAdapters DigestEchoServer HttpSlowServerTest + * @modules java.net.http/jdk.internal.net.http.common + * java.net.http/jdk.internal.net.http.frame + * java.net.http/jdk.internal.net.http.hpack + * java.logging + * java.base/sun.net.www.http + * java.base/sun.net.www + * java.base/sun.net + * @run main/othervm -Dtest.requiresHost=true + * -Djdk.httpclient.HttpClient.log=headers + * -Djdk.internal.httpclient.debug=false + * HttpSlowServerTest + * + */ +public class HttpSlowServerTest implements HttpServerAdapters { + static final List data = List.of( + "Lorem ipsum", + "dolor sit amet", + "consectetur adipiscing elit, sed do eiusmod tempor", + "quis nostrud exercitation ullamco", + "laboris nisi", + "ut", + "aliquip ex ea commodo consequat.", + "Duis aute irure dolor in reprehenderit in voluptate velit esse", + "cillum dolore eu fugiat nulla pariatur.", + "Excepteur sint occaecat cupidatat non proident." + ); + + static final SSLContext context; + static { + try { + context = new SimpleSSLContext().get(); + SSLContext.setDefault(context); + } catch (Exception x) { + throw new ExceptionInInitializerError(x); + } + } + + final AtomicLong requestCounter = new AtomicLong(); + final AtomicLong responseCounter = new AtomicLong(); + HttpTestServer http1Server; + HttpTestServer http2Server; + HttpTestServer https1Server; + HttpTestServer https2Server; + DigestEchoServer.TunnelingProxy proxy; + + URI http1URI; + URI https1URI; + URI http2URI; + URI https2URI; + InetSocketAddress proxyAddress; + ProxySelector proxySelector; + HttpClient client; + List> futures = new CopyOnWriteArrayList<>(); + Set pending = new CopyOnWriteArraySet<>(); + + final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10, + TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Shared by HTTP/1.1 servers + final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1, + TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Used by the client + + public HttpClient newHttpClient(ProxySelector ps) { + HttpClient.Builder builder = HttpClient + .newBuilder() + .sslContext(context) + .executor(clientexec) + .proxy(ps); + return builder.build(); + } + + public void setUp() throws Exception { + try { + InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0); + + // HTTP/1.1 + HttpServer server1 = HttpServer.create(sa, 0); + server1.setExecutor(executor); + http1Server = HttpTestServer.of(server1); + http1Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/http1/"); + http1Server.start(); + http1URI = new URI("http://" + http1Server.serverAuthority() + "/HttpSlowServerTest/http1/"); + + + // HTTPS/1.1 + HttpsServer sserver1 = HttpsServer.create(sa, 100); + sserver1.setExecutor(executor); + sserver1.setHttpsConfigurator(new HttpsConfigurator(context)); + https1Server = HttpTestServer.of(sserver1); + https1Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/https1/"); + https1Server.start(); + https1URI = new URI("https://" + https1Server.serverAuthority() + "/HttpSlowServerTest/https1/"); + + // HTTP/2.0 + http2Server = HttpTestServer.of( + new Http2TestServer("localhost", false, 0)); + http2Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/http2/"); + http2Server.start(); + http2URI = new URI("http://" + http2Server.serverAuthority() + "/HttpSlowServerTest/http2/"); + + // HTTPS/2.0 + https2Server = HttpTestServer.of( + new Http2TestServer("localhost", true, 0)); + https2Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/https2/"); + https2Server.start(); + https2URI = new URI("https://" + https2Server.serverAuthority() + "/HttpSlowServerTest/https2/"); + + proxy = DigestEchoServer.createHttpsProxyTunnel( + DigestEchoServer.HttpAuthSchemeType.NONE); + proxyAddress = proxy.getProxyAddress(); + proxySelector = new HttpProxySelector(proxyAddress); + client = newHttpClient(proxySelector); + System.out.println("Setup: done"); + } catch (Exception x) { + tearDown(); throw x; + } catch (Error e) { + tearDown(); throw e; + } + } + + public static void main(String[] args) throws Exception { + HttpSlowServerTest test = new HttpSlowServerTest(); + test.setUp(); + long start = System.nanoTime(); + try { + test.run(args); + } finally { + try { + long elapsed = System.nanoTime() - start; + System.out.println("*** Elapsed: " + Duration.ofNanos(elapsed)); + } finally { + test.tearDown(); + } + } + } + + public void run(String... args) throws Exception { + List serverURIs = List.of(http1URI, http2URI, https1URI, https2URI); + for (int i=0; i<20; i++) { + for (URI base : serverURIs) { + if (base.getScheme().equalsIgnoreCase("https")) { + URI proxy = i % 1 == 0 ? base.resolve(URI.create("proxy/foo?n="+requestCounter.incrementAndGet())) + : base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet())); + test(proxy); + } + } + for (URI base : serverURIs) { + URI direct = base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet())); + test(direct); + } + } + CompletableFuture.allOf(futures.toArray(new CompletableFuture[0])).join(); + } + + public void test(URI uri) throws Exception { + System.out.println("Testing with " + uri); + pending.add(uri); + HttpRequest request = HttpRequest.newBuilder(uri).build(); + CompletableFuture> resp = + client.sendAsync(request, HttpResponse.BodyHandlers.ofString()) + .whenComplete((r, t) -> this.requestCompleted(request, r, t)); + futures.add(resp); + } + + private void requestCompleted(HttpRequest request, HttpResponse r, Throwable t) { + responseCounter.incrementAndGet(); + pending.remove(request.uri()); + System.out.println(request + " -> " + (t == null ? r : t) + + " [still pending: " + (requestCounter.get() - responseCounter.get()) +"]"); + if (pending.size() < 5 && requestCounter.get() > 100) { + pending.forEach(u -> System.out.println("\tpending: " + u)); + } + } + + public void tearDown() { + proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop); + http1Server = stop(http1Server, HttpTestServer::stop); + https1Server = stop(https1Server, HttpTestServer::stop); + http2Server = stop(http2Server, HttpTestServer::stop); + https2Server = stop(https2Server, HttpTestServer::stop); + client = null; + try { + executor.awaitTermination(2000, TimeUnit.MILLISECONDS); + } catch (Throwable x) { + } finally { + executor.shutdownNow(); + } + try { + clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS); + } catch (Throwable x) { + } finally { + clientexec.shutdownNow(); + } + System.out.println("Teardown: done"); + } + + private interface Stoppable { public void stop(T service) throws Exception; } + + static T stop(T service, Stoppable stop) { + try { if (service != null) stop.stop(service); } catch (Throwable x) { }; + return null; + } + + static class HttpProxySelector extends ProxySelector { + private static final List NO_PROXY = List.of(Proxy.NO_PROXY); + private final List proxyList; + HttpProxySelector(InetSocketAddress proxyAddress) { + proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress)); + } + + @Override + public List select(URI uri) { + // our proxy only supports tunneling + if (uri.getScheme().equalsIgnoreCase("https")) { + if (uri.getPath().contains("/proxy/")) { + return proxyList; + } + } + return NO_PROXY; + } + + @Override + public void connectFailed(URI uri, SocketAddress sa, IOException ioe) { + System.err.println("Connection to proxy failed: " + ioe); + System.err.println("Proxy: " + sa); + System.err.println("\tURI: " + uri); + ioe.printStackTrace(); + } + } + + public static class HttpTestSlowHandler implements HttpTestHandler { + static final AtomicLong respCounter = new AtomicLong(); + @Override + public void handle(HttpTestExchange t) throws IOException { + try (InputStream is = t.getRequestBody(); + OutputStream os = t.getResponseBody()) { + byte[] bytes = is.readAllBytes(); + assert bytes.length == 0; + URI u = t.getRequestURI(); + long responseID = Long.parseLong(u.getQuery().substring(2)); + System.out.println("Server " + t.getRequestURI() + " sending response " + responseID); + t.sendResponseHeaders(200, -1); + for (String part : data) { + bytes = part.getBytes(StandardCharsets.UTF_8); + os.write(bytes); + os.flush(); + System.out.println("\tresp:" + responseID + ": wrote " + bytes.length + " bytes"); + // wait... + try { Thread.sleep(300); } catch (InterruptedException x) {}; + } + System.out.println("\tresp:" + responseID + ": done"); + } + } + } + +} diff -r 64597a6fd186 -r 6b6bf0de534b test/jdk/java/net/httpclient/LargeHandshakeTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/java/net/httpclient/LargeHandshakeTest.java Wed Oct 16 14:50:53 2019 +0100 @@ -0,0 +1,1200 @@ +/* + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +import com.sun.net.httpserver.HttpServer; +import com.sun.net.httpserver.HttpsConfigurator; +import com.sun.net.httpserver.HttpsServer; + +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManagerFactory; +import java.io.ByteArrayInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.UncheckedIOException; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.Proxy; +import java.net.ProxySelector; +import java.net.SocketAddress; +import java.net.URI; +import java.net.http.HttpClient; +import java.net.http.HttpRequest; +import java.net.http.HttpResponse; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.time.Duration; +import java.util.Base64; +import java.util.List; +import java.util.Set; +import java.util.concurrent.CompletableFuture; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.concurrent.CopyOnWriteArraySet; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.LinkedBlockingQueue; +import java.util.concurrent.ThreadPoolExecutor; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicLong; + +/** + * @test + * @bug 8231449 + * @summary This test verifies that the HttpClient works correctly when the server + * sends a large certificate. This test will not pass without + * the fix for JDK-8231449. To regenerate the certificate, modify the + * COMMAND constant as you need, possibly changing the start date + * and validity of the certificate in the command, then run the test. + * The test will run with the old certificate, but will print the new command. + * Copy paste the new command printed by this test into a terminal. + * Then modify the at run line to pass the file generated by that command + * as first argument, and copy paste the new values of the COMMAND and + * BASE64_CERT constant printed by the test into the test. + * Then restore the original at run line and test again. + * @library /test/lib http2/server + * @build jdk.test.lib.net.SimpleSSLContext HttpServerAdapters DigestEchoServer LargeHandshakeTest + * @modules java.net.http/jdk.internal.net.http.common + * java.net.http/jdk.internal.net.http.frame + * java.net.http/jdk.internal.net.http.hpack + * java.logging + * java.base/sun.net.www.http + * java.base/sun.net.www + * java.base/sun.net + * @run main/othervm -Dtest.requiresHost=true + * -Djdk.httpclient.HttpClient.log=headers + * -Djdk.internal.httpclient.debug=true + * LargeHandshakeTest + * + */ +public class LargeHandshakeTest implements HttpServerAdapters { + + // Use this command to regenerate the keystore file whose content is + // base 64 encoded into this file (close your eyes): + private static final String COMMAND = + "keytool -genkeypair -keyalg RSA -startdate 2019/09/30 -valid" + + "ity 13000 -keysize 1024 -dname \"C=Duke, ST=CA-State, L=CA-Ci" + + "ty, O=CA-Org\" -deststoretype PKCS12 -alias server -keystore " + + "temp0.jks -storepass passphrase -ext san:critical=dns:localh" + + "ost,ip:127.0.0.1,ip:0:0:0:0:0:0:0:1,uri:http://www.example.c" + + "om/1.2.3.6.1.4.1.11129.666.666.666.999/041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100,uri:http://www.example.com/1.2.3.6.1.4.1.111" + + "29.666.666.666.999.2/041287234567896776987654327821000412872" + + "345678967769876543278210004128723456789677698765432782100041" + + "287234567896776987654327821000412872345678967769876543278210" + + "004128723456789677698765432782100041287234567896776987654327" + + "821000412872345678967769876543278210004128723456789677698765" + + "432782100041287234567896776987654327821000412872345678967769" + + "876543278210004128723456789677698765432782100041287234567896" + + "776987654327821000412872345678967769876543278210004128723456" + + "789677698765432782100041287234567896776987654327821000412872" + + "345678967769876543278210004128723456789677698765432782100041" + + "287234567896776987654327821000412872345678967769876543278210" + + "004128723456789677698765432782100041287234567896776987654327" + + "821000412872345678967769876543278210004128723456789677698765" + + "432782100041287234567896776987654327821000412872345678967769" + + "876543278210004128723456789677698765432782100041287234567896" + + "776987654327821000412872345678967769876543278210004128723456" + + "789677698765432782100041287234567896776987654327821000412872" + + "345678967769876543278210004128723456789677698765432782100041" + + "287234567896776987654327821000412872345678967769876543278210" + + "004128723456789677698765432782100041287234567896776987654327" + + "821000412872345678967769876543278210004128723456789677698765" + + "432782100041287234567896776987654327821000412872345678967769" + + "876543278210004128723456789677698765432782100041287234567896" + + "776987654327821000412872345678967769876543278210004128723456" + + "789677698765432782100041287234567896776987654327821000412872" + + "345678967769876543278210004128723456789677698765432782100,ur" + + "i:http://www.example.com/1.2.3.6.1.4.1.11129.666.666.666.999" + + ".2/041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "27821000412872345678967769876543278210001,uri:http://www.exa" + + "mple.com/1.2.3.6.1.4.1.11129.666.666.666.999.2/0412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "5678967769876543278210002,uri:http://www.example.com/1.2.3.6" + + ".1.4.1.11129.666.666.666.999.2/04128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210003,uri:http://www.example.com/1.2.3.6.1.4.1.11129.666" + + ".666.666.999.2/041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "96776987654327821000412872345678967769876543278210004,uri:ht" + + "tp://www.example.com/1.2.3.6.1.4.1.11129.666.666.666.999.2/0" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "1000412872345678967769876543278210005,uri:http://www.example" + + ".com/1.2.3.6.1.4.1.11129.666.666.666.999.2/04128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210006,uri:http://www.example.com/1.2.3.6.1.4" + + ".1.11129.666.666.666.999.2/041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "10007,uri:http://www.example.com/1.2.3.6.1.4.1.11129.666.666" + + ".666.999.2/0412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "6987654327821000412872345678967769876543278210008,uri:http:/" + + "/www.example.com/1.2.3.6.1.4.1.11129.666.666.666.999.2/04128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210009,uri:http://www.example.com" + + "/1.2.3.6.1.4.1.11129.666.666.666.999.2/041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "698765432782100041287234567896776987654327821000412872345678" + + "967769876543278210004128723456789677698765432782100041287234" + + "567896776987654327821000412872345678967769876543278210004128" + + "723456789677698765432782100041287234567896776987654327821000" + + "412872345678967769876543278210004128723456789677698765432782" + + "100041287234567896776987654327821000412872345678967769876543" + + "278210004128723456789677698765432782100041287234567896776987" + + "654327821000412872345678967769876543278210004128723456789677" + + "6987654327821000A"; + + // This is a Base64 encoded keystore containing our certificate. + // The keystore itself was produced with the command above, then its content + // base 64 encoded into the string below. The helper function to produce + // and format the string below are included in this file. + private static final String BASE64_CERT = + "MIJR0AIBAzCCUYoGCSqGSIb3DQEHAaCCUXsEglF3MIJRczCCAyAGCSqGSIb3" + + "DQEHAaCCAxEEggMNMIIDCTCCAwUGCyqGSIb3DQEMCgECoIICsjCCAq4wKAYK" + + "KoZIhvcNAQwBAzAaBBSx1wdTxGqb9z4exOHVZNswvFL+oQICBAAEggKA7JdM" + + "91kkP9QkG/igw2p+prxeEOQSmyScKMLtln81eKvT9zpvNjtT+hjABcH2QY8u" + + "1Z3Ji48Umoaxi38Fk58/VazFM6wpL47VVNJ2EeTdj8sFoo8ExCH8EHJNNaVK" + + "VNTG0YWOMa/HOPttl5wtD6pReGNOrVYVOnI2aY6zTqwI0sZS4uPczfb21vyI" + + "NyF4B0Z9WGl77PRoGwrSeoLspISBTq6/JE8UhMWtuz7xnXw04DGp4DeIOO9n" + + "E8+VBRKOELPqNaQ+VEgnwPNtPzjohi4Cwaf84c6vokAl1S/V6GzS0Al1mSGH" + + "syAaszDYWcXXp2JpSXVAztySWZErwHE49/P42taXdhJvOSfqYb6FHpdrCXST" + + "TPo+ULCGxQ83EGfnb/qaqAYZrS//+lzzqw18OY0JcF1i+cGHY8ofJK+bYr7x" + + "ZyC8pLut84pEWNTp1V7SQcMif2Gd2SO2Y+ua4isjfMLNeNE/4puCV1vYsyiz" + + "C9Gnp0Jywv13ioaC24Qy68uVQ81TvwizN3j7FxPCQOEEjXpfJ+5x2q0pUfqp" + + "Roy7ow3Z+d+/fpMIcgyMqWidzLBChRkx4Ugnh7rYBfY1ghchlu8WIIhiR/8p" + + "EBX5WQHyEtwrXOFiWxT+QwXWjbs9dQSUoCU1i2zwCFW9R8FkY2yb98QxF74z" + + "0TpyW+w6cGPUNUd2T143PL4eGt4rGUBUMewe2ENSgZCDstvtiNPfccW8f9tq" + + "G49pHBZt1ZIadM/DbCk1cqDD3u2/e7c57mInFkBBJKjl2K7GK9EYsiey+3Fk" + + "NvkxbaF+89OTqEDPP4E97EeHkk/MFe0bQ/a/aXZrTPSN7mNgusWBQyztnYex" + + "BRr8sPRhNDFAMBsGCSqGSIb3DQEJFDEOHgwAcwBlAHIAdgBlAHIwIQYJKoZI" + + "hvcNAQkVMRQEElRpbWUgMTU2OTk1MzczODEyNzCCTksGCSqGSIb3DQEHBqCC" + + "Tjwwgk44AgEAMIJOMQYJKoZIhvcNAQcBMCgGCiqGSIb3DQEMAQYwGgQUBIoZ" + + "0r5Kc2cs6fHseA1vKWpQi30CAgQAgIJN+Lch8gN0kyMcpdNDM2iAfBHd/kXZ" + + "4ye8lmGvvV0Yy9dd4Q6zmOmkPjWcusyh/vJdya8OG8Fxc/nQmyhB441qtJR5" + + "dwIQe/7lft2gDg2sBD0osPvEHesvFVr0+2cy22sdBXS4ihdtVTciPV+4v0EU" + + "AK6Lcib57Ml7MI6VhBGpWLkaZXv/25CqXGaiY85dSXPHMugvfJn8JoNxe+tN" + + "PDEAy5ar5bnSD9Xl8GyQwHFwQ1P+gEjwg0+hC6OQA6Eg0jBFhIL+dCf6FJwz" + + "J2HekpKXcyCTNTx0HB8AW3u4gVjao0B7oNr0GZprpPgYp4dl04Tar6fmb9MN" + + "w4MWkcySjX0wCNjpvE0bWlUx55jlN+25SWNEafmbzRNECW1hT6Xl3HLLNQQv" + + "8fIgkd2200+Ppwk+cG2dYMrl0MpHPxOo2l+nLNDI+a84v6R2Mqf3qVNfcRxZ" + + "Xmw0kJ1JNUKhd0Dy6FKB7tY1Gwc4rfQQgdUXTlnB96rUrSK2o91QZZ9rN3PD" + + "SbbQRzSBSPMDen+W5878kwd1BkDH1ao7qOHoGYYiYxczkMVncOtOIdg8VScU" + + "t/N1NS9Yrzlj0aAYwX5EYmYzFMiyXr+El/7VnrLHBiaYwJaYVw7a1HgkSXxb" + + "er/vgM639AIhT5ab9NFF+ib+7qwbWPzggIBtfm1bXiRPE6Ue0+aQ9g4vYSR7" + + "QNusu/2Kwyrd6cwqJnQnG53wiSXh3hs7dvNRYpM16iF1dTeud0FSpQx1tMFi" + + "Wp9cGwtUSzvLw1+5Mvz7igLTNAPyTMFNAYFR7JZgRjg1035Y7Xo4aXNMVtGp" + + "BCa+/eJzE33CHH2+kuSa13N6qHA2Ek33aR4Vi7P/QOI1aghsR6tL62ctoq4c" + + "FmRwvReYGdFK08+B2auPHOEPdGaPefydmPNnFLDguH6d2NYIH8cgzpjz48Gf" + + "i5UQfh/UJAxricLjuV2eor7gZCCaC9MfnLlHnDH5MYUQgDsGBTRxh6rpZxVo" + + "PFUm1DQCFdDHgmvVz+GAuiVzUu0TrUAxBeycl9lrDshgZj2jd9FU7XcMFwzC" + + "dMsWJaA8EC8u31vnpWWqK8C03pdXTbWOEJdIDMXKOzd2ZxjGPnBSNXNRsGzi" + + "RdEspHElrfGwHA5Vpsj4Q6tMZ8tZ+gSSmBrKP6xNUDNwi1bPayJw/dAKaC+D" + + "vp5sx/+nZcxSF/ig8ZM6aA3escS1GBNBWFrx2vEASHNpHZsTIOTuOM4e584/" + + "NJpNlRfaTzJ3i9/XoufnHbT5pmpZgxlZckYto3h6lL8R0bXthICRrI37Oh6s" + + "yfO7zhMiGoNdaFAnXTsMzA+Uwr1gesHWE9Rbd+jrkcGgL4Zst/A/c64F58qt" + + "J2RzA3xJCGQ6AXB3SlDHLObuYZ48TH4v2nJ4S8RTs/ant/T9DTRJyhQMa9+P" + + "QC8Ny1ejFOK71Oqjz7J2jGpoBm3gDRZDYeBa6ZiMeJf8Q+bkpbEgUQbdiXhn" + + "dpN7acdJTSHnO5/3Y4G1T6kLNzKc1+NYiYwH9Y6KIMa9IaocOA4wCHEFog7Z" + + "Ac6vFv6r9/cnXEIe9/t5gYLL7X/gU6HMqZFjM0QjRru/Sy9vYfpytqrnOf/q" + + "eOTJ9gRdIn7jNVTrgrE3ZgNvxYapaDMyFG/ixZV0cblsVJ6JO4MArOQq6q9/" + + "LWGtYYEDclyLNxUTYf0gHmVRhYV8rlyMKXtDu0aBOOn13dRxKKVN5pG+LrKe" + + "V+FZ3tDhYiFBxI/gkAiegSQlvknJlbEuanCWFq7sHOZ3C76L5G4qtRv7tHAs" + + "8rtqzhYnddxIkTcj4tkVYsFxkj1afSuLSSoYqc0jYZUXHkL+5U0ZRxhJbo6b" + + "/QVtiGXbS9i1em3+Yr47jHRH7f5Crlc2EdEzZaIm8tCw5G3CddXhhCpQTT3r" + + "Mjwep5/w2ai8qbGC1xo6AV7ZyQS535UbIhOYMPO7vd3oUBmQXyutSxx8Wedx" + + "HbIlBdZ44JlRWELdL6Ejo7PwhG0F3Zd3+FtasM13teYlbDWdFeoTF+inrXCG" + + "BCSqoUDYLAAxRK7oYKSDqfrcRioHO4AkeaF8x5YZpRSM73yawZaWeLVq1NKb" + + "DdeSJEjqDs5Ve6cA/jSLDtlJqudspFamzkdUWa4L1Tc15JY2YD8urNz/qXUK" + + "E74H2MtQWjrQ8Yjz7y+3yUTYd8Clp1dBKV2haIr+sCTnFtUXaQ9LZF5S+enU" + + "mOf7OmdFObwvV1f43HDuDSiFZpE+w57YmAgSIfWelKnGvvn1lBBWBomyVBKo" + + "69seibaSyUXyuq8q3525ZKpHIcic7doYOYgqU94HBQOwkwTtoiX3tKX4EgDa" + + "9AjYD4LHITkwgKzsQAe+3ASKq3SPFXi/UbYuZNXdkXgh7kqL6PZPD6ayIxOW" + + "f8E95fZRXPyNbKf5U9pp9hVKeuOPKbEYKsQNG0ZiephMmV3S6JjSqLo+qTU+" + + "QyGH3vhwlhda9cmxrpKCy0KM8AHyWoS4L5TAiJXp6moCttP0v8P/RRFtBePl" + + "53nyLwZ5SyXv4ifVayJyyeDXn08In9MINLRyjvNF2gHbHI7XbeQKqB3yIBC9" + + "sKpyShX6UKb1Dnd3Z19rT4a7QUkqfcodX9cU7tV6ncRuP5ZJRLHQQi9w/2DI" + + "Leu8Y43jJ/CWYo8Fb8IXHrWA/hwNT28Yr3OcZUIDFdbdxenTKyhMlDOQ87aU" + + "VXBCnq96jEAzY0NY3PZj+CBvts2wlCJJDhBCVTXM9OusZjH2/B6phWO7ybMq" + + "15QqYyypNM62oBlu82psklHRREO1D23MaOyoXSHYVFxvLMKxhstK3wd59cst" + + "8V/uvzzrURJu85X1X0cQJaKB+OjvBT8n8e9jzjATOTiGH2ULLSro2wc7Ne1r" + + "bEK4qHeuSwlvulvcqB7wK84PItmVOW+g9VuXA9QGGHxzybbs+/QaMqJzdN6C" + + "oS1Az5UmvZbdnSAuXtW8xiKJ+ELAGCjOcdkzQaAbd8Tq5hUXAgYeNQnoDjJz" + + "+a8CTk1IaGkeHlg7MrV98AuIQjUB16IU6gE4MH6ueOIZhF3PB2Fp0dGPXL6O" + + "KzIiC3jM7rIuTmOstI/t+XB3+BYxKvLuQhbV5n8sUBsGFFGBKoxIZawKG1Pk" + + "3Dny2rzcB2JkcOO8r6f0dA5V4PKIrhmVeQJyHgY+/fF+JMZxfjYmaSrwu/1R" + + "JnlDfDCIwNon7smi8QwXbEvRehI5a883yI07COM1paHBKNddlw4sfkfbIrNx" + + "LQJLb0mHgqvHAblivBmMuaiZaK0MVOgZTe4bYuYdRSN8/ueZDHOo7lyfXGzc" + + "8FEThaiGp5m/uWYJgG2FIRxM6by9PhusaTZgJ8DmjRLF5yDuR14gau6zj7GZ" + + "TMXGDIDTRWTKTP0/DYF+EEnuWJb2JrrxMnWH8X7xXhrRA6Ku3nqVEwy8eUnR" + + "WtLAQkApLOEhsp3wQyLRbaydcD1Si9s5JICy/m5Sv2NXseKbmAHDphTYuSGr" + + "Gjk5ryTEaaiULVvi7mv1HqDq3fli/PAzMIcsK0yaF9rQv7JjtsOtZtr77+zs" + + "vM8CSY835WpqTtjGDC+HWHulEADgS4ShpIrn3zgyEd1jrRY6rR5ZDuioc7sE" + + "2A/8w6I5KkmcXMu/jKoLjotdUvvGMMAIhqCZD8sD+F2jpNcCV3/7NpwaJSk+" + + "61rfPxzQRKu1jn/9TV7e5PyWQMkPOMbTMlA9jJPi5WEXNanIFTJBYgI6vmYc" + + "156uLrlXh4F5gpLN42JyhddSbV4dXXLt8an9X4dMAJmdgBmzFldFPU7I88Xm" + + "nuy3Rkqs2p4eb44b4oe9xdIyUw3fkfdoYzRx96X2Tvlx67BvbprglcdoiBce" + + "UitoMsN5tI9+o4/wp6SCU1nv97Yl/kGR6xyY/5irK3wVr2DsrRSF/WuycPFV" + + "3EOZLCoh/Y+9yH2dLlslarL2ZVIe701NTp/fN1GCQoCI2elSwXZAiJ446Fyv" + + "F5x8UTIbAZKiJfL8F09XVnNSRIp78rcNUUeFKehewGJ/I6WtD/SyGc7uTCKi" + + "EqXAwoQN+4GcncLQ2eqFFqR1aZLEcJKU79EpKu08rFTl0X9NaA7Qd0nXAiNF" + + "EUz1Xo33ReE9l67+QLXYK17UIqxkFQnawydZKt1T7HeRpTKEQzo9/wLk+IYD" + + "m5y8DXHK/d/kPySyLW4+srw3HRIe2Cuz9nNhPTUKtVC9CPt9NT9guhOhDGRA" + + "XBkF08Snjpn7wG6G1cE2gwU3W4oQIvCAwpdsJ8leg0fbosc1UD1QHR+3CxIU" + + "0yoPm19LygYjIyTg55bGBID0GV+DAHKUVHIUkBpaPM0PcSxsJgFv1seuQSJy" + + "dRUcKGzPg+xJhVvHuuAnnlBibjzrl/DBLCPgOl2kybpsv1sLJdTLEkwkv/yf" + + "83PdSz+uPha5hv7AGfxEaaUwbnktHultVbjO+IKBNqgjz763XgUAKbtfxW4u" + + "VLBESpZiVe/gzgNV7j+6+vHWsOC8GBMjJwHGAFfTyjYv9BmrxkQyabZ8wCb/" + + "5NPvaHBH+qkWVVWBaLZuOkgG9dmQI/oEcO2H9IDtve3OEXGuP2zG3xkk7h8W" + + "RwcHoz/anAbEHA1wmPYn/NFn2FZW3KxdyD0/URj4DaZqMYCJMCN8TkbLBxQk" + + "ZS+8VCcXMALybXUD9OLX/jUHaPqO70e9+o4cD+O/JfxKkTj5A2WD2345b8nK" + + "Lill7lJ5JlYekkGG4LQf92FbH0ytLSVB+A4oc7/nxI5ciWy5vDmaG+3HS5W2" + + "mGxnpLApVJZhhiJRB5fjfgRiuVbcGNWFQtgH2imMorrE0FzONSQfepLtBSQM" + + "Ec8NWgmEa5O0RIYLMblXisxt7jB0k8NqgiSm3dmNmR7GhbBt+mg95uCXWmB7" + + "nbcUaTWUw4Lb1EwVB/MmUEBjer/JYDADWz+NS/0VcAgBbjk7vrjAdgXkgiRB" + + "l9qBDioO73qjmjeTiCjoLsuEreXPu9WTaZDuyKO1uxHoesZE0AcWjcZgKVY+" + + "1Eqz3awCUxQTH+/1HsVxONmbYzJgMZ3f9Kuk7dxwFc0jgIw0LfFNnBDW3wY6" + + "nrdtm7vEuR0gfYU83oqXQqAMQGwMZXKXtibS7yPL+rinLwcoWYkZaIaI6LTb" + + "3DthepCtsYfIpaErOHMVOqxDUb4n5e0EUJiy7gw9JQjDX+VzpxAnt2Kc6/fl" + + "kon4xadP5oyNx3YU+jIywk8p/NMhDfia0fFvl2BHRcgFXHyOa8IPNmRb0CgO" + + "78Zbt3NG2+cFUx1WwOuCohfoYt/STUnxDXpOCrxYk2CD09Vm+2xC+7+VLfex" + + "UnKzKH0tWLNyzA5XKSHyLe6lJCO+mvgdp2vrO7i053YVfqfqWSL9rhR0tH5w" + + "NO8uUd1/ozkIjb74PSft0txTP25/c4/MEWy2JIg+HMM+2fmanJi4xJsuxBfq" + + "2p/7AYfmsp05TfoSLieWDBNx3lrADGUnuPf/o8Zo2tgn8ek4ig706kqzZy9W" + + "p1PaYNK6p/MLI86Sv6OLHf6fR0u6IsGPqMcYx9J7U5SCemntLvucfWRAqRn4" + + "5htDzdTFrtO2nXLNDxk20DQtol7yyBg3ngVX8XDhKReGdV/Z9kEeJhgzbxLT" + + "fbjoGQD5twirxYyV+eRqQZM7fu71Srg6lz7najEyH9pbQjpEPForDy5Briry" + + "nplWImdWd+KwG0N35+H48kpxAU09sOUGURzsUPdwTANQUnrWWMo5+UIjxXtR" + + "cDMuQmj8vlYH8iH0bKgexZMb7cRciRUF3az3lo24FA6l7e4SkyFErGJITGFN" + + "IHO7wDz9h4rLikjGkz4G1d04XQCxrpHSrW9fj808up1LSoaye5ijutJihEHu" + + "hkiFLi1nwuhd4ZrAZD+0VkTde9GAi9xPa8Cx+lh4JMB5mghk8uTjv7G4KqzE" + + "Wlpos30CMyCc5cBGqkCVLKt64+KgUyt0FnU6tbZve7i1/oYyUaWx7BCk6o9f" + + "9PuQM2bOwqhjRtpBR7q9Zb9H+qytAM8psLV6Sh9K0cK5Ug4BBEAtCK+JHBHG" + + "U3zkhu2FXlm0Mnp5xiaTvPwPWe0P/mrD4Fhgn2pbPvyJXTPgWV107zafKuLW" + + "34/+ML8oog69/oUOSAw4vaJx8PWguMRoQIsS6ATT2RhUVn/t21fJK9j6eF/B" + + "YG5IIEavyybQMILx86+SI5sLi9j+Xqd5bPLWnZTataP+voMTzyyYqAi6ybEl" + + "4QkWM0c8t141t7FULXHMTrKhdZDocb9plz3sfYk6cEqlOphvmhbZbT88iWJe" + + "ndBHJxY0SL0NQ7Yl6fg/DHt4goXSIWGL5IamBM8CZnVwyCHz7laP15Zsc92H" + + "DqWgbojeMxiPSVnFqxFzL/6TBBTQYuNl6+CgCOPIe88FwhZvfwzXVnQHb91i" + + "58t7pwXCURscYFK7iyxi7QTrofT0QM4upsI3zBqOO0X2SOW5H6Dx3uukNP2r" + + "Ud0AbXWHglnooaMNl/XRfYyb6VYg28r7qcfsSKlWuRenNf/ejaLl6GeO/ef9" + + "VI+ia0qv7S2Hi6xgdw3/NTqltehTyZylC7LtKr/TVRFdGLsFKtGvT/KGMYt4" + + "eUYR1zz61CVxAjjGAg+NlpTG8P50xralMthUppA7P6X4j4cDrD3E74HYg9Zv" + + "4PLAh6MOymj0YbW+/QjbO13DeSXxYX5/EGk78+sBOVSzvigI9NLvWHZMFylp" + + "mi5m3Wh7cQojpkeKXSw0XRd8lSeMN6lrzkMknniWfZZhK3idGCH3kHd7IGzC" + + "X67K3gf+8syXOIpoDfUJHVpfvKZCw5XN2huYNGKP8KqELMoDatmEoB4hoVq/" + + "VIssuwanWj3vDOxp7bYRUXID9dfTrgq5A5+1RuzrJVpmK+maTGypBDvemJhw" + + "OSP62Oa+1ryH3+e1yqWDbWJrDts1S1wqMRRG5LKP16e3ZUYo33Gir/qott4b" + + "J3PSvZn50KLnkyt1apUGE3pIyytvencsCca26qm+EGLYJXu+njUHIU+s4z5Y" + + "xxrR4xcqc4CKXKK5+z34YCkdGM8JME8fCinDgrsixnYCjyv367LrQ+/YRvtF" + + "6gF2XrCyPNTtRisqHg8Ug3CSKMPYJBXO2uu8/9dxF+r8LGv0pbVoPUBJpPiL" + + "+tnxY0ggyOiU2zsUfb3QcuHONXU/2qv9FxUzBZDUDVuhXeCgNDtfv5QN7R2S" + + "VoWWQDcQP5Vop61TXUhLnNaU6LwaXsVIIi9hbv4k7LV3tOxgjtyddymxch0x" + + "4mR6XCXVwPx3yVIEwju7ANKsDxR+yT7crRYpPstka9lY8Y73w5MIgz2LVk65" + + "xJ13puMbAGnCuSEuQgRdPHyt9JDp8KfvQ0/FegDE1axheKVAfCKgCuAudIxZ" + + "UGXjPXLh4hMp+o87hw0Mkr0tfmKBd3KzRkjZm854ksnURKPODIjEqhHcW4t3" + + "gRQ3cYiMqcv0cDd7cDw/4dFsfJs11aXSF674f1lhOjYqB2Xa7EMDQxJC2zw9" + + "6HPVKHmGGSNAv/UiJHjcQuJslGVq1SisnSWgpMND5+QnxHDBww1p7DqXpDQJ" + + "boHjZKPM/gi9N4GD6iHGbF4l8Mx1YzuzoAbqqg/6v+fmYQRUgzGnNRHW781F" + + "R6J6R6JwNOVTaSvlDFzQukHdwpyqcR4OM6XkaxNK3SMRWye4O1/U+12FhPYx" + + "5pPHMId8d8voJIIMPYRjFIkZAWpYbavjtV5x4xUWu/Ch6SeZ6uQu5h3WbFVe" + + "buXjnOQbVIixTh8qo1WXXKiG9DUYHowgz2XWC45izfOnt1xwWj1He0IQoYWg" + + "WkePdJPKfS5igRdzjwEp29RlLoqXj9TsICzYhWY626A3UjnTSOAg8Av2iWxx" + + "j+3I3zA5I34udiSf/4iyrWZHeaLP3S4wIDrTTNzOh18NvspyLJrjoRokXwoJ" + + "g5BnQan1rHl4p2e7oNLPhc9ewKF0QWdi2rJZDY6qO7sa6jt2C57g8jAYhAFS" + + "2cXjJNQAPCgoodeKTnJ/1R6Ykk+byXzeDc1NuHPHiNbtGu54Hz5Xd3P8hYJ3" + + "VBYvhkF90Rq7LvBBXyVTy8tL0I0N9BdCQrnd94HPm+fMj/nwc0pqCi9b68ex" + + "Gcr8YM3vSg9xRHEBXsWjL16oKchvwavauC2Uap/OEizdkQUKBZlzDazbXTN6" + + "dZpCyFcB+Ox/zgltv3jxum19WdgjyIddqBIyiKxFtC3XunK5yvmr/fFZV8X3" + + "vxbxV6y0QPqJDM2ctb/ndiYaGn60EJQjxETGIanp5szgKFBYs1p1mjyov5p6" + + "p76yEvTm+Ba+LX4ngM1AddqyfbPYscxtIyhUsqDqQ7vSNHQezTBcz63OclbJ" + + "G2SyQFZfZKIgUXiZt+ZC3BwKRBGQZUE+UIV9WjrIvhtZN7A1qdo42c0S/skz" + + "lHMKR75/PxVVXRaArCRytERwdLOvlyBE1xl3rxnxErTQHViP0xEzOfOpQ2M2" + + "Ds9TcXkm66ZRnJBuk+fp4m8iiz7IfRlrI8y4AUuI9LEaFOKkh0HH7sjSWzs5" + + "7uGe0eBZsLpzWoDd2Uacht9+xLcnn8tQQ32H0KHkZjm1UGtbSyUSvvoC8SQk" + + "U8QstWumKzrzf3/GYuW43N4TIBUvl7GWcpmpevuAicl6SVeDjyaSGp1n/OUM" + + "FH6e6kSgyDvrs/V/pQran+Dymby9DPV7fUWNo51rFdqvLhktICGGWRuUXjvA" + + "eOOk4JhsD4MSlKysuGfbcUhFnkhjFkctA63HEAPAKNLoQze2tRwG+tZhJuAp" + + "Q+3YEHce9DEVo/13eYVKRu4yFqD0G+KAkwcXHcFwH4b8ByTJ6K4BboRIpGAI" + + "sCWN2r4Yx6sH7hDgDH/ywTs3xTI+JBDGk4+15EXUSVA41bCKEsT3BiksVE7b" + + "Uo2eXPFkG7ikOuyMr5xfWtIN5v3tg/lE8K45LtWgOT2mZeEZVEVmgozGwR55" + + "OqZvFeqdZbV1l57N2vSf3YkJFU8CRwd6uDZ96C/Fax7aL4biwSragaXrYu04" + + "XqqWIJVYOZQnHHHTGSH+C8+NEZJiAEH2ILRlqa8VCTGPTVd96+tVriytRGFE" + + "wG2xl4jYviismG73MqzuCq6iwx+HaWTiGSlXzMfhKL0DE3rhPmWrKIjdR+Ub" + + "Lp1C/L2mM/y+DEMoj59/l+SwMaijQY6oUpOtVGS+Pm2C03JFNSFZyYo+HHAC" + + "OkBnWMUKCGWMWOejGaC4vtBxZsHn7Q5ij+9diNfxyLEWc08L/muJG46bzlHY" + + "+t6W/j4UdYuizHNm1og+DD17Kbxk7fjRsQr1ARKeDkw0RgVZrnMzfsVeNfP/" + + "tQVCeOlsgTa8x3j5eQsR7aJi1taen0BQATTprJmN0428+g3Sgh+4eLslkGfi" + + "9c5Ftpq6vM9bxE5w8PxjPdQdGQZdcNkDHEreAmGf8Tb/r0ODx9wMdYNRqbq0" + + "Uo2Y09Q9zm91bPC75IGGrLvzc1X0MXqQmQ0YsRFq7T8j9wZqS6+bveA/Svd8" + + "pwfzfR7GWDCd1lwzuP9QezVrYYcozCquJNMFgCu5hcCJUb0RdC8EBsxArcP4" + + "iEM5+R62j5eOOBMikMgLpRsTQCFxBgFLiqv1sLBe1xxPIjQhtx2FJvuxd6PS" + + "zOVdplRe8WbbN1XZUW5UQJH3fnD8OLpAlWS6xas3Qk0ZCl0jNqUYANUmnuJx" + + "SysQeI4HRF0pvthikuZBzpS6gkxDf+CyNbJa8DZrwc+cZje11KWkthn+DMdG" + + "sODZI4Z/wUGBRB9S4QQSaHUajYbJ/wfiYopt884ophtyjW14oBs67hmX/nZy" + + "cYxmJnEaqcoJvSDzVDnK7YVwV6dV5pmvFe20fWuk9nAdtWbUyk1dXwZrtx7y" + + "Yw6N93sAtlA+a0xwKDWK30PUU0DXuVnaw5pejrHznj1gM+zCycZ0jAQkq5Nv" + + "I3VkSo6+mDhD7VfR16p5+cPgjabFb1yJYjit44H+852Tr1bzekpO8qdDw0un" + + "AOjou03PaJURRqI7E4oHPA9kRIPEHzqJyIxVJrly8hSMbbVaviZOLSzbxrvI" + + "J8qWlIenjvtD2m86tDZ/0V7QEek5bjlpr9wY8sEGtBhuWdRukWhHLm2RlmPY" + + "2pqodKPSiDxAy1mDQiOEMAhHOfrABDKroLsVOBa+zZyR+MzUcBZk4mhXZUmo" + + "dTaMjxYykxeOqnnlapKaz7qwFswwRrXP7n/Pa9XTxKpJms2s2pJZdKhZlAvp" + + "E7KNlmCV8ag2hhDF300Wu+J7syVrNffpqnn4jT8bdgL8orfAXT3dgTzwplni" + + "Fa2C5FQlaeGSG/7yM7qUXChppyAOA0aa3Ujbet9tf2PiS4+dsLjV1ynanz72" + + "zC0bbfzdhZBMY/mYEq6GBAH8lHpAWaoVda66iIoBjNk6+qtv/ShnEFmRawLy" + + "3KWyNeVw4gJjvejp+4Ch2I0zNssPrqcF6ne3k/FxB67eng7kqkFZRfC5xbLq" + + "NVG28rtlDCVVWkcbyPgo3cMaym5ZEj6Hf8E+Z84PuFhQBw7gJao781M0ddV2" + + "RIypj36LsxzzhpSPfmM+GHBtLzvryNqxlzViaHcsPBoh75XL9tQSPVzT6436" + + "5c6dzaW7lkak2TiPoWucxZvjh1PVqoijWvHv/YGav9ffjJef9TfREsBQG+ym" + + "Sw7Z4l7RZaWjfr76sO/K5FKlUmw91k8LyFeRtZ8gBIrGdV1j1DsHktHuH8/K" + + "v/lHolVp0QPI7vyrXRcZd7ccJv05dm5mj+CNw7JHvAHeIps1goDamOCROexB" + + "ksW7YqAuzex8xajTKtaESP3D1kZYz9BZ16sM5LWNjPNdcLygVHMBV7oAVepj" + + "tOd6BYY4xfFDSWT6UFcz0v1GgdsQaszcQdCoRL1XrCatRKjSvQDN6QGXUc22" + + "Cy/JqD3HHc7cqL8y2WELIPZcLNyDFe3P5Psvkcs/hysQPs3XGhfbWrvSarmF" + + "AlwFT5hJEy+pXeb7x+jNjOxaj0vq/k1gyXm1y/pWPZvB//MjLA8tU6mQCyUC" + + "U9wjAtrieJRAdZc4pqqO7Ha1Iq50vtdLu0I2mNn6M9/b2IUfwqziE+rBdXH5" + + "Wj2n3+TQed5xzpJIqG7iJQbOEY4byZgVmSQCJHjWBU1yaK+gkTGunPbv56+P" + + "PNYZ5uUJPWCrWSkmRow4Z8B/Gi1IMKkAsEsv6i6HwomZZoj9tZGpXL27ZKxC" + + "fZMnyIN3QMXrtCb+RHcRSTWlgraLfVMZvjtYh2Kxwb1wB/Lv6ClHT/A69uYZ" + + "QNSDQCCxSOaAOQoACjh2bj38g08nA/rGXUYft9LTEKIkqUSf4fMTc3WzTaqN" + + "MzZ+iXnNMPDYWSWnVOZ21HpkOoOID0zRbk2jBy1B0xW9kcS86ekhkBXhKYxw" + + "x+J1k3WqsMVnsVqPWWTRU/G5OCfgsVXfYElFlrmM3f3jiMADkdBsfEqrpPt3" + + "0QsVHp4T8Q6WzkOV8D5lIGdLKsF++8LSjwLjhERWXdwooq+6KoLPm3cm9Tiu" + + "LMjtfIfVYfaw09zXmKqOkVONEsZDLHTztqmNWNJJB1Ay5iL7QPvSjKQS9WIQ" + + "TJOARZD0k+qUW/9a3QHaeg3O9aqYFMxf7QO4FCHf1TIMNnr5LGoUIxC3n7Ki" + + "cB9MlAunuFud8DiiB8/+3QgslIVknChjQiCeZPFsJIszUvPooQJsRDcGXADH" + + "kXInEcaqT9EsHYnWwDtmZ7gQd+NgT3IqvlRJRZ6KXmyuphamZKieRkOIplHV" + + "muUq1T60+6tBHld2033XYtS0qY81/fOY8WbvjCxUjF5xu/So1tmW0tqr0l3y" + + "GGp8jyNE6vL8/gJgobfXTVgnZhPB86D17FNWwEWHG/dBis7gmo0mkZRh9+gk" + + "PLAl8E3UFqWmTLknSqqcI6ajgkyI3nmphyLc5H2l2mUYRI+bCiOunlWGGzMq" + + "Qj2oSuGdOYX/hNn7MfAYmb1WNwpopBJYHA3VKIKCH4YDLz8h5LF9v1iHpZT3" + + "IiHf1WEwC7JpI3Q1S09sJMjSih5dctNkmoCG56gJ0ZjmJvYhWy+A9/Nyd9qp" + + "oj0E6j0hf6p8dovu1eE2BqKRydCa0T2i+bPnNnB21KU2MLgV5NGw4tyIfUoR" + + "Ui8QSHDynL1Ob1BUbKuqT5p0Ybqths/oWeBN032wA8DOblale/gyz0fXWWTh" + + "VqD5ktw5SGRJTmA/tJfhK7kFfMdk+9Fsvw/yV735NAcTorVbOPJoEWSsq7k5" + + "vY1qreQO6tRd6Gx8aeHW0st8w0Cyf3UpLi8x+NcX53WJaYBhXXJtYZlEnZ3W" + + "do1Ekrs6TWrnRzSUk1uD3Ku47Gpd02hOTfN0T5lUUjaoqRLuvwyYmQiU47Ww" + + "Wnb5ftTAoljtH2P4LXQZyqYWca+BgHdSjlaadtJ7hG88zgSHomwu/QVSVRSJ" + + "zqW+0ekjRr45/9gKNmaDdFwZ41HBgly98x4Z1LzcimtylmgTpAmowJRCBSV5" + + "uad7WgR5Pw2LKWx8YnPAD9aJ78DfSA4LqkULHOfVfqM1CIDO92Makz1gL6bM" + + "6jEpuNkQHE1FifU31Dof4JeoGC+w6V6UjtmUrilKgq98UPAHHU8Bs3ADfXIH" + + "w5Gz/LEjwmUL5pEeFft2PMzf9HkgKcuCFrg8by4PgIv4wMiE6gXZCMfE+Mzd" + + "fulMuy1opZB6LdObgrv8uzhfsplRaVl4utuTGqg3ZE7PyZ+a2nVTBDj3Blx9" + + "88gBN6wjC7MnTRR7C3PlVfX0ApBjmX84Eu9AF7R0zc+XlqsguJK7KKWq9BFL" + + "xXETLlygW2oux+30km40WiZC70wZJuG/Y8NzPwZd3JiJ5/cVWySyppfBD5cY" + + "k6as7/9oXDj5OfXilXXJNnzMSp9Q9h0P0do3qteAp3um6ixvnE/unKtCDua1" + + "KuYbV9ThI+RedYYkYdyKSgBiFxfUtMmYw1E3tqjxm4vNlGJijmBM4HbEmR3S" + + "okiE+52LKS4SiNRNfp6Hbnghld56n/Bpjv3jsMlwES7415uKmAfm7pRQrB6I" + + "6MhGGYhpATf+q3iImH5nSkYt6OCyBjjII17Dkrs+Au/wOk9xhY81j2lua4hC" + + "VAWiv8lXTznHxcHl0e9w7lr2rqdl74byKD0ey+GT15C/oRYGM2LNTwNK/K4I" + + "hh629dJF+od59sUGg3fJ4qPM4cK0M81VxE86TvZP6Nmbah9L+uqVrnA4IT6O" + + "BmiJub1LG0awl59Khw/Nvc1wxje0dr6cuHQuXM2CIYKfaIyjs1snuCpO0KgQ" + + "Tkz7DpQSe9RUo6aC2870GuvKlTLWkI0WI/oRLU0sjgssUXraZQ/8XeC9pS2X" + + "d5FlZX+gA1OM2x6v/DQLzDeN18R6i6UeQZSgDMv5PeCM+1amS+wVznR+2pzx" + + "KNlyPta/4XYWhX/2GB5lwHtYlKDOnI8+0gWU4Lp+mrfKSYdpvnAg4SKRwL8V" + + "h344eiwCCpdDDOuqN02dJs4H552sy1SFwMvBnsJCRtQUCq6SPiJ+lrVTPsQZ" + + "snJcwOKQHNGHkWs2rTPU7nrhbXaRUCcTcPKknAg3wdORtT54ASE73dkufPUS" + + "8hgbDJB8EwD+nKy0Y2y1KdsCCHjoHqtXOwaCoPHecBud71ontPj0XCZ54drN" + + "U4coNXGJjUtKhRPMC45US6AJRYu37P4crc043eO8D+E9MgE9cm8zCF1aRJe5" + + "lP2uQLvGXvg2qdbrQP/ebQNZ3QJ2LUT1km3ApZXRi0ht0a9SzWsRo5CSQY2k" + + "g8K6YbslkxCT/AvYEGWjEHx2kBj96lSTYYz7nXkJHzLX5kbgXWAHavzWN04L" + + "Hqf6pbzbbiNpJ7SpG1SUxZE9xU34BP2msOD4aOUPBJCfd3pE+5Nrnwudk3r1" + + "Lwp9YBlbbI2md/A6z0H5qKrWYyViiFbfmUKZ/BrSt8+g8Z0MY26V+7wQCmZu" + + "JbyOQkLbPG3YghMUK/T//1NbEsgVK43Bh5mvMZgLOWFOHf360y1RBNtJgcpF" + + "/Ckig/TSA25XC4l3MQ0bSEdszSjUkRlKk6WARrZ62EpCV5mNP6XMJOPRpNRl" + + "DHvumo89/PKxn9/0GqLSGqkC+yHxOhxqF/3pe9wduSuEamM2FFySftqO0BKU" + + "uvYDGs2USoeZCO4xXELDn93caAYRCUIEzFYU6dT9JGEEgapq6UrmiS2Hi6/X" + + "zYcs41tJtI143kOJ6NKq/YzvZTNnyOiTmXuKJwE5R4VdtkZ2PBD8MZvqMpk9" + + "reFXpubJBL9z7ZqvvchZ2AHsnKWCOQ/rG+rRXTuWMDF5hHIhr8NOy6Sp8X1k" + + "DC49CFKkSv23OxhLQLfRBQHcKQ5IH0sJTtbHviBq+vB9OV8dz3qpLvAbTB89" + + "tPrKfy7jsfPaFEJUy9bjJsk8gg70WLR32OucUO5AStWk39b2C6PEGewzp+Pe" + + "uy/SWBly28gN3Em4RsHUptWkyiOrw7sQhwalJV60rwqROCfSb01jLfAcBgDl" + + "1yZ08YSKsMvRGUCRID22eDBxl8fFeNHyfPWZrsGegLiWpG4SEhdz9MuayNCW" + + "+K/rq5wXnvgmVeDx9rgeCSuEc2+iGgyirvVcwINSPoJIejyfLP8A+dNQrS8b" + + "6n6ZWKEpiK+4K6gQJArgbdU/2QdzHmDH+b4ITnrhqA2SVH5kjdglYMWBZ45/" + + "/Q5LwMEdqv/P48eWWxN8XMoIkVf+FtqeHwfr48AZhINxbQROlqBS7hCNYj44" + + "BLipDiGmeGI3pYeWsoZqu7hCRMPb42ziwSGFdvv4Q2HFWdgDYvirxqh2SbgF" + + "aznvDQxq4Zzk+TiJbHgphDZJR+DEHYX5n9HbgLWOp2kYWKWT0BPwzS1w++vK" + + "+pMEmbn3C5d7OEBIJ9TTD/jZXB3KP9tUICFFaFXUrk2752fBfO9kA5xxbxDk" + + "ISUvhwBgiNGxet1T5SoRKPb61Zz3NY0SLr+GD5KfH4mJSF6tOUZ2iAP81uUs" + + "fwPIxqHh83mMS5PW/DAEeJT2FFcBMVaXdj6Xc1hvIGGXYjc3NQLxII5vbQVR" + + "3UGhRFSJEi0urSXTFUDMan2AO24mM+jnNRCOxOIAx98qj6DKTfkcBZidH9tG" + + "nJAOlISyY49hJvSk57tjc0oiSq8ojE9bxQQ007mc+XnKP9/5dXrTa/zUhCZi" + + "DIeqvdOZ1ugRt1garJv+BS0kRrMpahYxkqUJijkSE6U+4+5V3ssWhWu+3VM/" + + "LpKK/sKXImOzcBbcdvzPd1/2yUp+ZCzDRB9qeOmdhZtEgKHp3b2Xw7211jfP" + + "ZWG3ydrVCduI2m2Vo4Lb+4NddZj3yN6xeurZw/JZIuzBcmOg6viEu+Be38GP" + + "VWz4DV3lAK/2eVPGUMVIVXthJCFLKaT10psSNqFYWi92OxhOIu0End71Gb1H" + + "tupvmdPZWCQbhaW8l2RvYMZuJFKpH+reSP6FrgqmrxXGf+2EXzz6PdbeLmnB" + + "UB9QcTdu8tsIuUvzh2Axvrxmqi5rigefuQqwvSgl4KPC2mFI3cKrVJ3kB4Nz" + + "gMIpgW1FzVkiVQSHMTno/bm1LxzGv5Bcjx48NbL183kkAb3kYGNfZHEE7EIN" + + "/3EgK1RUUF0YC9EAYt5U/hnNOofK5rNTjYPepexhY5/4Ve5msVrtn3C2Nlp7" + + "gpnGtHvcm2yoPuWo5ASHh+wGZWwkUMz19x7176l2GczPSajuK6CT2i3xnZ8Q" + + "VGQALJ3Tg83Lqg7LfUhQIFYr6yPttZAjuETlWXxIa2IDsxj6Jz9WBzQHr8TE" + + "1NY9XmTY2eenwpmNOVHrwn3ADzW6OyDHfjv6IY+INC9CAnGSf1EMiwUPNOpr" + + "oYhGfRzTgLLJQTPTWwkn4rmds8eLVdp1gF4uK9fEdY17nJFe39I2Tui4yhwD" + + "Ue39/dGYG16nNTqYj/yt07oilo8PKAKczLLN20Le0aYmOBMGWx+5gWGiPQGk" + + "Jmq0LCHO5rHf7L1j53+efwedTj1Z+qv20IQINJcUvgUX4XfJewiUoLU9Nf8P" + + "jOTIzyR7lNWV75kK0JZJz1jww94GjuCq6F/qXwAM3P+X1VThbLKd+drT3YmP" + + "WVOeOYWPOXUrU3OowSzMGIE5sq7rQY5WwZWpE8O5lUJ6fZwx+MjKVnAYdzAJ" + + "rRxH7eBJOFwn/IGlgJDUdvOHy2bXX9kcVP/ShWuflU1e0y158UTGQNiIRjN2" + + "E19RBBgTru0eB0DZ/yke4BhkeIo5u0Rg91asZHp2RHONDyTppR8wSO7aMKRZ" + + "BQYEv87BIO+B06YsohMfWa7GwD4jFd3XAm12aXIukDo8sMJ6f/C70NwyNsNB" + + "wvjMvl+8E4jK1s5qgagPwECIdl6RBtf0m/CDm3FS1jD8ghJnvbHG7aZnafm3" + + "jTPJcAUDP0+GGtK4aFvqC6yvbUPotlWYyPDhMaOOFSwuFUqn9tzlY3NPlo4x" + + "28rietj+sZjSd+fdUiPP5q7T/VR/SsnzIWTgWOUyEGVeJczUpSdqNO3MJoY+" + + "5MV6+KRkRAbULuVC+N6whOfPW4aihfNVLEBkUfkpo9f0by7fpVU6eJTaqv4T" + + "Z3qW1t80ZVUXN6qRnjG2t7UmTqP2rTXurYseWBYZceo59zfQQSMo5cirpLbh" + + "SlCrVXP/CbUM+OMoiudWha/RZw4fdximFlo6R+TxMoWdWOAMc1kfyL5q7tZk" + + "kJfAj7r3Y4XBcNeQ9bqKKdBzJxUNRvU2Be47fEfbVpKqDWFlxeOrj6tRqjKK" + + "YUt7zjZpYGFqG3YzTfXZVSQ6Qwmxu/QM6vFVjbOpsScYal7Io1qLnDBSUmRb" + + "v/gong0EpsUNvjQ40B8jmNUNsTnRF8memZC7k2cKLnah5RXyuLFvN4cZFSar" + + "LPhBgDBWRgtEzeShPtQiYzJCelbelDoFBz/KfavE4MLRYgXf6/AE3U7CAwDq" + + "splXWaEuCGw7Snwpchk4gCXSiFjVDj2ao2WMA6y/zot6a27ppekkvQRFCtkL" + + "SXNkgJ/F0mvgp3mQBOvo7Yd4NPJV++tRFf4tHWbb8VIopwGynZlnlxXyil0c" + + "P1tRMXjBWDHFY5GYv48XTon13fw/GORM7XMTbv30KXQvTGpLk24IEjIG5iD1" + + "MrqQaAgkWkzBFPwnZpKIenpGmO0G06uW0+c3eJRbfkUaVlsDCnB+3+qZNYSw" + + "ugJsWuMUo/brItbV3Yrt2012ocymZSqOGtUewz+VSOopAHG+uIZi2L9h3/kj" + + "cJr4b5QSsmFoRCAR5j7TSkVpsfTK6YH43FbXxOHamseOOE18TY5BLb/tIlU+" + + "i8p59WnYo5sDy20o/sDM9N8L0Ks4Vma6DIdwYm0YGRzLBR9N5i+HjcprWz4x" + + "FxBHMVMalm7metqsOihfb7aj/iu36uZ9eAEJNZra2vUz3F2oFwlK0aJwznMT" + + "+k06Rqd2xZOKZxWqbVeWMb8EPiAvjwtAbmoXzTf7AZPChwAtb/fkd8QhKAHt" + + "Ge1akmgoY/puFLMJnFECvmy8dlzVfsAX7JhBlVRkeEDofUDCnkh7brT9qqrR" + + "gj92kv+jO5PS2svsFJa+3bB6tuKLe+AHnuvaB1aAdf4aPxFGwHAS2a5ANqJ4" + + "CskScf9J9kCm6KwO+CmhdcjlZFMs8S8CV7XVpNrlwWDV0CdwEmZMvIuIvUB8" + + "Ic58/kCZ8A7OwUVzMEtmJPuLBDVNrS2jLTb3CKjWw5EO9H15J5FseeTz4jWj" + + "7PfjV95NT/n0IqhN/1CsozW6Ko2LDrzH9AjD267p/cF62Hc0a7XI+FMF+d0v" + + "myz/L8RjdZzwiq/Xg+gYWLT8uAv48yazhy+3h95Ttf8IP8E1pSAEvyiuKUcA" + + "liw8aOjVpYaBJU3SZEy/T4QAyY1wmiyaReHXZ+ayWHB+HIiCNdNXj5koUOUc" + + "LVKQBdvgjvMMLIUlUCJB+armPQ63GNp5bBfI1lhvjrs/He1HfgKYf8H6kWwf" + + "BrBSYVno6HkRNKutUpc2nrXCHRqmJtuzB7uabtGFQEZbxP6OHY01k+tLPHUz" + + "EJ/tUGZ7mUfZp1m+PwbXlSjRMYJhLJPsNbczNkuFdfIAfAN8YlUjaeHQWAuJ" + + "KaA5iwxIqENVCZR48WUI4s/1uXO3VNa+UoSGI5N9FLgfsf/m/3Er8djDf/VH" + + "kW6nG3u8maC6xuTmHh2w0QSsLhjqkjuIBoY7T2Ye+phZYhcjLTuRkoJxNGXv" + + "foVPuNghwAHm2Jw1QN0LjWQp0aggReKLBIAb5sTLYLQltGHDNj6ime+gQmk2" + + "2kb2QlCP2sOP2zs2/D7CuUWHVeeA5hcJc2eWEWv/I5s6cYysTM13dleBwIu0" + + "+0Lyz34cvXrC+9agwHa+uAdO9KYfuk8PjRmVPY5rgL5ux7QbhgA5Ou/1GFm7" + + "66fbdqYHNN48Dof8WeNQTZE1qlHl2ftAKyFk9vH+2T/1knJVHpEo2Dh5KywQ" + + "M41C0Gla+cIj+Wpit9hVYyF+VMC4MYbJDDQ/f5VCuSMXJIFZ7wwV5EkCLZV4" + + "qlDC37hMec645uyutF+SAFAyyiOufGnyR/spllpPXf8pF/HXvtwkPCyN/IKE" + + "vp9YOKtXdGfQ0NksPRP6f/nfy8X49Nmr7N4oexlVB/2hfym9ApWw3zVMhWpr" + + "sk9EWMkVzNccL084P0UBYDRwVmaU0OJHU1zDs5MS/joegbwjO1gA2FJcFdoE" + + "vbbLWCDJGVkZWvfgPr28xxSZAhYuFO5zJ+Sn+36NXPsAwQlbyMWp7y5R/JBH" + + "zHrQmpEp6uyyyYqOFA4QIWW4RhBW30gABmq+Dc9qqEUyVjRd+8RXf1Qvin7F" + + "tD0cTAOl2UISjI7Z7JexkSFBcS1uEEgG2SkGYycFa3TapP2PXEdL77pN+FJ3" + + "tuefmxbW4UaQq5xDr59BmhJ6bZ887I6vwi1t5Q2rqTNRxZjePkCqhtZSV0E7" + + "JfWxMEPxxzJz5e4/PMMdMUeN2lG45WAbdJuWYsuC7gb3gVmtCkSyTJcF0Xos" + + "Uh/jsWbVPsDWOle55iWepn7i0HBUQONI0iv/BLFTbU1+19frmpB6MEmV+t+P" + + "cUeiVWy2uoRXXJiZgZ6uWAPtSedlFNO3DGCl6a/POkU0OBvW5UpVlpVAJ2qt" + + "qXbBz3OYJ5eOS9xqRpdvqtkzIB7eXO+2Icxq281+M6Ug5PFRgyLpk20RXkyR" + + "PEqmjBnTkR8Ku2B2F4SvQJsKK3dxjGdxwYr9+3ReS69grg4/4WtbD4iVf/lE" + + "G/UrIyW4nCL3/k0y2LL/pdbCPsoT3kSLvtNxKF7sFnLxvxvPxGMvYpnGyE9s" + + "UeOtPY5LsIjRX3eMuT+msI8fPrlOcZ2ejz5FRYvvChBxB6o9w9ybZlxx0SUh" + + "1yqqW+hjCY0bfzaOxEVs8ZfGKgfS16AVN0sArOBdS+FhK3zKSAubqx4IfZ0y" + + "luFVMPAGUUo558vyGZNhmW6U1FJczZWz+yFOZMcH9Y21GRkE+JKnBIEY+cuM" + + "RolrU0Tzj3USUC8xazB6ipNZNKepCCzcRy+B8ulGVeaZHFzVLe+yt1zPvFOJ" + + "BQOoGDe9ZDsqo1QJHxTh7eaEWr8hMfLs5bDanrN8mBjhom+1Ni7RQEg7qtbf" + + "kWd6RdB5gDEZDeFNP/16n1dFf1M/lLYfKWUuYLXueOX4s3dFFAxyKqy9NXVk" + + "X7/s+d9XTQfIax6Zh3SH5YF47yddlysYZu/HjhaO31yq1+hBLQgeBEl91vnT" + + "Qg6DlMnh36Vpsfc36UqKo/97LMioJq+4vViL2CqMlTboeepvgOMjdm0VfPn1" + + "cN0ithvdPi0pOPjArFjhcsdF2I9qQpQCPfC9n4xpaz1E1PQpek5x/LqueH8F" + + "UgiOGoUZWSdRaFjXu9KPP77mayqTT8SnCx0flb0E92mEpI4P4zq58/nOnVWN" + + "uGcOZ7AqZRwIfIHJSMlXgaHQGg8YDoDXJKgp28fZZzESjzEzKlE4zwQyyAFe" + + "jQSXjRexLS9YqWpWaIFaVaNy6b3zIohOjLMWATB+OeuR48JfUKIsaBUz+HdA" + + "Y33pgtJsb4tmC99SeS1sBfZAw3hUYWUE3y24+u6lRdw6AX3SvfhC5Vc8qVt7" + + "+GFWGlOH9MdHYcoNxPpB3N0HqQYZk5uGgcTgHneJ3oq9QLRzURvzjEupTzI/" + + "z36YZRA9vm+TgWoCrhUH2/52vJhKgjOY4usDvJFfEUWHv61fOAxzy8wLgu5v" + + "NXBX8ABR1txwpN08BCs1I3aoODlTz/T/WwPNfGptkP1sQ4PgHxJdCQsvi5WM" + + "L2sBq/ZmIf2SVNQaRI7MkeS0z3NdnqxzY+8wTVjQVZG0zbpNpg1G9fEk6Rkk" + + "wV0vHEGXnZJ3DXTzMexg6NSyE3GXMJHa9J2fP4lMuKc89XtGaA+CU28RgbkE" + + "Zs+Mlbu0YNvk7JABJ/UHxf8UNJY9YG5BdUvJbElrbajWnllEaRauDzjnvjkZ" + + "U4Uw4fdHmzpu0PUuM9Wm5UusD5lZfj0Xng+XO4Kea9RheukO7CCf01jZuFlu" + + "Xgbi1tbOkkVA0AvWbnp2Dv59O75kaaVq4kBJB1SxUFb2DTvHTA2b8NYEfeis" + + "eVIiKNW9fDMJbbmwySQftx0SRcrKbCloN8q7RAzmewiyVBtCI8a5CNw3qtEO" + + "RjZYDPmLXaFU+uc83/dIMh3jnJcbZyUvt/X1NMsrF+sSonKepfVhq4mtO5XM" + + "lQGTY5Wyl6ytdlMbK/vwp4MsZXFsAzP85AOpEI9cHUnlYM/Q8YTMeLZt60hD" + + "Mqq9SU0USmvqbhteriLTuTczrsaebhXHsPbdcq1zopsOtA03q2hyQPebYWP5" + + "x79K6lUVxOar3JvnguVfyOrDBPRXDphI1Ew5g8dlGP5OoOhGWT4/S4OEIa0K" + + "32dRruB7A/F31osJeK8J2pvoosZzLpxh7nyU3Jyc0c8uuQqj+1NiGvERfV9W" + + "a2UkCOHaLwmNRb43ifkYIW9R66mL3Mu+hWo3aXfDriYxZHG61blhFYNDxkUf" + + "qx3BlDmcjbWae8v6G/JI7mEK0XKRI5Z4NgheSSY7VBnj4nQRRht5efUq1TWt" + + "OpK4Ws29BRhSfgd7DtpVS9zSW48JCfxGTuNHHbXzSWrLSAU0OX42ycv74gm0" + + "Nv7XeLzs5Bp79Vkc/YZRxGa65h5AfQzKf001czPofnw58fHa6WUqD5m2pEBC" + + "0fC/YSIpV7wJfUBuj/JlWGiwAkWpkQihq7mW8GcxUTk2nLLrBbWr4X8QBdXZ" + + "s9dA11UTul6nVzGnFDrWRbHgcAmU4bxSEsMYL31tGg/jMKPx6blN/M3I+KKN" + + "U+9y1Arn/36z471rKz6Xgo5bP4qbRxLArWnmV4BpB14hL0JeQJaqJtFuNIxw" + + "+y04cXQjdHxmjluTC5F4hViPS5rY5+AM4C7IqR8fjmC/pLNhWQsnz3/rH2Ax" + + "3zPs0E3vdeZl3JRMUeWqRYLQuF/Q38u08/8PthUhYyT978xWJ6+t9rrC2iS0" + + "QbRNvmqE1TuROy3JcLz8ig4Ryo6thY7tKnKuRFmbBQHWk+43yU5hUqw2H3hX" + + "roIYd9NqTeImqfesegSnRpSBnOnFQLRkI8KZOIQeyYzKOWVJQw16xwSX+PdU" + + "4hc6pA6+pIm5k5KO/UzJGmWpzpH1HyHuSIjhLi/zRGBHOXPZHLtTHjQO0fZs" + + "WH1QcmVrrrRvHhTXzKqKsQRfKtkgjQRCJtNIB5tQjWfwNgW4Lu0psB3x0sSL" + + "GnKm+BKjgE7HMApctusBLXNwplxsp8PYyZOiQeL+6v+iUCDLDLI5Tv6XIONW" + + "GzxU6SAAcVhJ14gy+95ptYSdc9YioUHvAgcletAy7oWdnpIliUfmlOELyvZF" + + "kpixQDAyNSVUUWxGsad4dwYRv+Q57WMWkDQB/WfkBfqK6EO0DQg0FvJSQ2Ij" + + "Fj7O4vOPDyXt/ir1QUxfELactILEpBTf0UUgIJAjcnAI0waPu9fN/619eo7V" + + "VH8Wpk3HUU9LjOIIDC7BAPPTE2xDa3kAG9VGweIXpL6YyW4JnAVSkou1pZWt" + + "CW05eMRe0HkDpEJb4iz/UHn2KII4ZjJaFUgSWgNDRiHRvMoW4tIImHuI4+Y7" + + "rokPlAlmO8yEnsLyBVgiPr51Sq9RWPCL1y3bryOfUoGFc/cozQ1csN02Mncz" + + "YeSbbwt0toufO1ex/gfsiteqRgZvSIn91yMsFl7lzEi3kyJIhW7hBrPDfAHm" + + "TZ5Czrcs1z0+JKfU1PXcuaRm/Bw+OY/1v8Z+YYKIynupdgnLCY8LfruNzk5S" + + "e/mT0UwgtoJE+TvceiYGTw+Rkf0a4jZiTEcs3lF/IRvIOnd/+5m1eeWtGJp+" + + "z6rlPrlRWjrhl4Ufqxob6U5jjY1/7zAMV6Ge7RgkNJiRy0Brb5+phAHpkajC" + + "I/q4m/qBBm+gqRrfmFvPfo1CeijfMelIXMh3+p628kWGpIAypU3ocEcVcXXG" + + "B+K/n2zyfbBQtMQ+MEUurRbn4G90gyRaHKgf3SuQSM53c+OVfJGXhR4Gtki9" + + "NF3kCMt3wiGXi+c25NEs07LZ+xWfLeK0/0IrAHCmG8IcoO6T8pujgZUEyIHv" + + "9Za/9vrvP72UlQ4+z6yUg0RNwlHgWN2nF0xnTQZXySXaoAaqwGA8HetCbx7s" + + "ePd+VFl1/gApyxeGhWFTf0d3YiBLRCqvdFCsKrC/ni7aIGgbpuvjxmHiTAKa" + + "Jaick9xE7a13b2pY557OVq6ExqRiC3c28z4YuKXfJf6IIeBug1HY9yEnjU37" + + "eqNJL/XbyImo55ARAH61MwL1RSqu7uWJDui4GKCOKC+piqOwLDjSx8AyRVN8" + + "zbsTxKtN0N0AUBqstlxgrfbV3/BCqKSQHCaqlg0Nrzk0T53RZEHyNv16qtr2" + + "iF45GMDj3k/lP/NLU4DQX3R0zx1dQirSfUr0PJGxZdwnfHFzSZ7o5YaAnqdW" + + "j8t4DGsu5wdktDOfqRsXrX3eKmeps5ycRBKTUgPhoccH+PFtMXYjkTH49aW4" + + "hKgnJd5I49A5o/Vdd5Z3zNFF7eSUsMFA6pYxXOy4/wQYpu8vqmYBs5p/WBM3" + + "wJkp0iLaEsEvJGSRNjbyuhV+N16GamJVIQVk0X2HvzKVtL1cHHN2f9BkFbFC" + + "R2iW/I0ZFz/OECDOnlS1Ea/jGXuEIOB2+4O/Fki7kQ1opkc5pB5ehMMCetXP" + + "cPJrEyyQJXsG0ZiCmr9RtGoEKG6lfvNxFWBtXHjXrFXjZ/KRZi7BS6ZPIRb+" + + "YER6V8tyLNkL86xTjkm1oq9+opihDSf2+dve/u3YFooowsleeNynMVEyEPo2" + + "yOLB8FO/l60qpSOSrepG6kS37ifjrv1piMyqLxz9EWP33jG0ajCEj1hAoke2" + + "5uLFL0xaYT5Hbb3SPD6E5Kwm3GrP53VMGpzxFb3WirP2iW1pSLH5ZwBSiiJa" + + "awGW/1JAZ/AemOroG1jpFXYG30euz9cj1ha97GagqGgaklIQGbGejqj1lu7/" + + "H8Uu47sdFxrQTbs0enJEr7iZdOWHb/Gk1u6X2+1d1+2ifn5k4dd2QrKi4lKZ" + + "TnzU6InfbE6wl7kblSGnvxG5CdMs6vfcs1VQHbahPxyZ1ci7h3Yda6MV1xNv" + + "8gru+cCbr/x6v0L0L0rjSg2ZwFq+UCexc8t7ONv6y6KhjbUgGmy15GthHqYQ" + + "/wFMIeobeq7yd04vUMhsvSxfXL54RECwu0Wz9OXfPU8yGdLiUqGDlVM/lrCF" + + "H7zdSU+XKqOoxA/Wb8zayXZehYRQqnDVlJzA39Sp4KtPQdIapZ42ViJ8SWXI" + + "sgtztW588KRMxjtMxpIj5eKucFr9bqfYsaYU74t3JQUIeWrKMEGlftBrT5Tn" + + "BIPhOlTSMWe3pWOkJP76uUm/mqrz/LirLgzKrMpsw32eUSQsizWwXnC2a9pf" + + "VQcqDIQBgIRxI6bp4U4IQIhCezOhZe+02pt/R6el4fvDyhGh2sjcUyt50XHa" + + "tobMMkNVoQTWm1UUJpRB5n0CbtXDRkB54kL7IYlhsZVBYQqDMihNbTvcGfUE" + + "tz+Yw405OdLawX5VpV4azSeXxncq4LlHgE23JKIpZjnQ/ueb8c/6EUyfn1u7" + + "4+lGsqIK87fwPrGP6tgozyo8e+uzYl2wIKjL3p1ypi9IJodtMtQJT4Aw/Nyk" + + "d+fB2zS7h54vyh9XJBqXBlyBJTDoevGxACfCZMOagdR4kmysiWUEqcaPSslx" + + "9is9VTALHRpN7LeKyTnPnMzFb1otJ+tYncqtvaP0I8hRgtWHsbiBqpjDUZxF" + + "nOXaXzbuYdEV2rzcQ9msOCqejRctklNVGwrFdqEKUeOV4QwwGJv6wb6rRYaB" + + "qXB0/8CEkoNYOC/VU668RDOkwTFd12w/9TOgr88DHX0dN0OHLKa7/xzNji1k" + + "OVkQcT+Bcrqr2pUWkic30U+YU7mJSC49tssKTROJ6SM6m25jou/0YuuYTge0" + + "S/bn+Th6Y7YJ79eqvmG2OneqcCwE+SzpehGo/LeROeBH5w3rGTcl2qcxvRf1" + + "SyyJ5aGlh6fseWgcO1NW2oLr+ih6JCpDf4vRcYjdaZysmzB9y5kLOY3rPQbI" + + "OxqaO1KshMb3fGJIcK53lZBqHQfqQ7CgeYotq2OGUmKzr2BVmkah+YIMUrRE" + + "xVGSlMzJyDABEE5cTBvcmq8MJvTdFeQrOHkAHJ4Y10v0rb01hGkvJbSUq5a9" + + "B7f7ulZPnYpWmJZ8iDPs2eETUH/fm/a+B1i2kb7QCs50zGfp6grwmwMb7fd2" + + "DEOkjXS6VEOfnzS4jlNhBfGRD0GORIjRCI2arB1hjQvthLU14Q03ZetymTXE" + + "dMml0i+t7wNhESkAMwvfqkPrG72sg32w8yCKh9zE7YATcElTAobdxR9aU8ei" + + "ulXgMb/PnC15/SZTvGzK4E5FGjRbRYx0ZJsQYpdzx4D0L/Yx0BEODfIdbXDV" + + "kSRMtltmWx+88xlqzN28I43ezoe/8rU7WzQvJLs/9N7Ud9JS6H2pHJxqGYQs" + + "3Sk32tnWjIk57PXk/++6IwsGonmalUSP53cILKDerkkj8LkOtbCSdmQu5uTb" + + "dXdxM6Yo6nHStyJyHZUz52qDbZruVnBLS2HXjG0LOBNSU80jbkNzJ9+uSr81" + + "bsHaUlIsq7Wksrv1pfNIz8ieisEJnk3FE6nitwh6w5RYF7Kl21a1vEPQUipZ" + + "hfPBLGel0lBmBb36va4ge0nketjV01j4lBStIg5c6c+V00gwsu3/Aj+EaMy8" + + "jDW1nle5f1wG6KQxAqLo78BIOojlyQjR1rAbPS+rvxTjirQ60LEPeyEnljmG" + + "xVnGGliSrnlRuI5KAkQxLCUEQTTFy3Dj+1NAUkx4Xoi7ARsfvj0L7T36wq0Y" + + "+aFViAoYfBXqNqf5vLbXo8hcKIkfvUf5b90ivNPnQx/nUH6LsSaDAUEpR3CR" + + "8c3iNn7BURwoIjtAz3NfEgsQRYbyQIb4hgCODp2tnhl+GK1bKvkgnbRoxyCJ" + + "XsK6Ka9lLK6TGP2AG7zdJIBBvWF4yCsNdF06qYuN32L0t4OOP6cRMowDchoY" + + "vwXr9KWAvAc4Kq3KnwwUDPTISLp33n9LFItdgZNZeMjZ3hi7mSisMB4lK0lX" + + "L4T3G/GNH+sYKgS17BRU1Dw/Bmt9LGOmQIFLsKErqIV+cXsBLlNiuC5lzl5Q" + + "W3DTNJhErd3vaecEAJJlTfSjSQ9PLy7nDLv/RjzVKNgXSerqfuiM05McEm40" + + "g6jQDRalN1alU8Cz3GLRjsfNGdYTsh/jPD4+ZiEqnCJo7VMxs+kb38etoTlz" + + "Zs3hoJKH3euds2uSSGn1yPYb7J4QkG0toLIydkwAvMMdIhwQ1VN6bU8cYGax" + + "FtmaugxN+n+00lb2Rbpdp+yVchdeNx1Yal30XPugP7x1OrVAZw5InTNCU9zQ" + + "Fx8ria6g4+t1GgwBqmPi1noSHHG3bThI74oBTsg3L4esRW27OMrTTzYVNemt" + + "dvJXN8yedTY2rVqwbKJO7bGR2VcDDn8ZgoaPBIvQuLSRBIdbUSIeKuLiuHbK" + + "IbkwtZTyz7LvrE1SZ0oDpMf19pb9fZPi3v7yQpFLx0oqqSYdhrJyOfhNVZXU" + + "dc4vbE0qez8MX9PNmyMtt4yktA+FC+2FM4P9jjdvaIfdm2Q7NhxjffvuwBJW" + + "SIoHBSEmxfxZgGCo29pOy2TZt/VpU8zpGpRBaqx0F9L2YzRJgwgOTYbkhF4w" + + "w1w03jCk3UWEg1Eq6kr6ZOEY3Us8DLTnx1RGKeGEpJ/vqtKzX1+KJS1t4E5G" + + "3eqa7WUqcyNqII/9ShMZqdfmXj1llgfuD+31HjDXXVO8RFY2zG/OneMkJJP2" + + "WfCs+IyN0I1+u/UJVMVW1d9y09nbrjruXSjvI2NwALB8NgtTHYbu3aLi0c02" + + "ijIB19xcNdSjwsmpR87lp9VFqIGEPVcYb+E11OODliUPNRPig6kPcbzGGq4b" + + "2CmbVVjPURU0U5cXJv0jqxGl8C7AsDIaJkXwGvQlp0t2wL/Wl66mAqBCQmJO" + + "Uw3A7/NbqGbhky8r4XMBBk0bOBn2jUIXyfJG696QPR27NrMshZRFG8fKmRfm" + + "4inNQQtcu6uUOKcoppeghWHBkK134LCFJakVrgmo0QeUXvdlR79imF9iyFDc" + + "Z6Fayr5Mh0RiDS0DtI4E4k17OVTjPYenflXCSk5VDCN8kM8d34wQEX2lahR2" + + "oWTBvJAFrvMqBL3zjnzjnNavoVaMlJy/Ezjrr+vNraCbNSY69Icflfb0xUEa" + + "RsdADuCKDVXoAavcUKw9aXBTolmHvquBBnUsyi630i2mONUg7ylqJCvCTCGk" + + "EDq48TofcRnuafZt38iwv5PRmRkhnMSGLR3L5AxjCAnSAUvqKPytH4QQ7+PJ" + + "NHc5qetzZdz+jRkCdCnC5YonOWyzi5I20U3Cdl7pL7Ev5INyk8knQLY2a88f" + + "9cUiV5kwPTAhMAkGBSsOAwIaBQAEFM74e0Rbt2IGCAn48XjvdAcaIl6cBBSY" + + "pFDCs7BGKfo6O4hW9fB0/2HXqwICBAA="; + + // You can use this method to print the java code for the BASE64_CERT + // constant. It will open the keystore file provided as argument and + // it will Base64 encode its content - then print the code that you can + // cut and paste back in this test. + private static final String encodeKeyStoreToBase64(String keystorePath) throws IOException { + // e.g.: keystorePath="temp0.jks" + try (FileInputStream fis = new FileInputStream(keystorePath)) { + byte[] bytes = fis.readAllBytes(); + String encoded = Base64.getEncoder().encodeToString(bytes); + format("BASE64_CERT", encoded); + return encoded; + } + } + + private static void format(String name, String value) { + System.out.println("private static final String " + name + " ="); + int start = 0, end = 60; + while (start < value.length() - 1 && end < value.length()) { + System.out.print(" \""); + System.out.print(value.substring(start, end) + .replace("\"", "\\\"")); + System.out.println("\" +"); + start = end; + end += 60; + } + if (end > value.length()) end = value.length(); + System.out.print(" \""); + System.out.print(value.substring(start, end)); + System.out.println("\";"); + } + + private static SSLContext createSSLContext(InputStream i) { + try { + char[] passphrase = "passphrase".toCharArray(); + KeyStore ks = KeyStore.getInstance("PKCS12"); + ks.load(i, passphrase); + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX"); + kmf.init(ks, passphrase); + + TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); + tmf.init(ks); + + SSLContext ssl = SSLContext.getInstance("TLS"); + ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); + return ssl; + } catch (KeyManagementException | KeyStoreException | + UnrecoverableKeyException | CertificateException | + NoSuchAlgorithmException e) { + throw new RuntimeException(e.getMessage()); + } catch (IOException io) { + throw new UncheckedIOException(io); + } + } + + static final byte[] DATA; + + static { + DATA = new byte[1024]; + int len = 'z' - 'a'; + for (int i = 0; i < DATA.length; i++) { + DATA[i] = (byte) ('a' + (i % len)); + } + } + + final SSLContext context; + final AtomicLong requestCounter = new AtomicLong(); + final AtomicLong responseCounter = new AtomicLong(); + HttpTestServer http1Server; + HttpTestServer http2Server; + HttpTestServer https1Server; + HttpTestServer https2Server; + DigestEchoServer.TunnelingProxy proxy; + + URI http1URI; + URI https1URI; + URI http2URI; + URI https2URI; + InetSocketAddress proxyAddress; + ProxySelector proxySelector; + HttpClient client; + List> futures = new CopyOnWriteArrayList<>(); + Set pending = new CopyOnWriteArraySet<>(); + + final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10, + TimeUnit.SECONDS, new LinkedBlockingQueue<>()); + final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1, + TimeUnit.SECONDS, new LinkedBlockingQueue<>()); + + LargeHandshakeTest(String cert) { + byte[] decoded = Base64.getDecoder().decode(BASE64_CERT); + context = createSSLContext(new ByteArrayInputStream(decoded)); + SSLContext.setDefault(context); + } + + public HttpClient newHttpClient(ProxySelector ps) { + HttpClient.Builder builder = HttpClient + .newBuilder() + .sslContext(context) + .executor(clientexec) + .proxy(ps); + return builder.build(); + } + + public void setUp() throws Exception { + try { + InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0); + + // HTTP/1.1 + HttpServer server1 = HttpServer.create(sa, 0); + server1.setExecutor(executor); + http1Server = HttpTestServer.of(server1); + http1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http1/"); + http1Server.start(); + http1URI = new URI("http://" + http1Server.serverAuthority() + "/LargeHandshakeTest/http1/"); + + + // HTTPS/1.1 + HttpsServer sserver1 = HttpsServer.create(sa, 100); + sserver1.setExecutor(executor); + sserver1.setHttpsConfigurator(new HttpsConfigurator(context)); + https1Server = HttpTestServer.of(sserver1); + https1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https1/"); + https1Server.start(); + https1URI = new URI("https://" + https1Server.serverAuthority() + "/LargeHandshakeTest/https1/"); + + // HTTP/2.0 + http2Server = HttpTestServer.of( + new Http2TestServer("localhost", false, 0)); + http2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http2/"); + http2Server.start(); + http2URI = new URI("http://" + http2Server.serverAuthority() + "/LargeHandshakeTest/http2/"); + + // HTTPS/2.0 + https2Server = HttpTestServer.of( + new Http2TestServer("localhost", true, 0)); + https2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https2/"); + https2Server.start(); + https2URI = new URI("https://" + https2Server.serverAuthority() + "/LargeHandshakeTest/https2/"); + + proxy = DigestEchoServer.createHttpsProxyTunnel( + DigestEchoServer.HttpAuthSchemeType.NONE); + proxyAddress = proxy.getProxyAddress(); + proxySelector = new HttpProxySelector(proxyAddress); + client = newHttpClient(proxySelector); + System.out.println("Setup: done"); + } catch (Exception x) { + tearDown(); + throw x; + } catch (Error e) { + tearDown(); + throw e; + } + } + + public static void main(String[] args) throws Exception { + System.out.print("The certificate used in this test was generated " + + "with the following command:\n\t"); + System.out.println(COMMAND); + String cert; + if (args.length == 1) { + String storeFile = args[0]; + System.out.println("Parsing jks file: " + storeFile); + format("COMMAND", COMMAND); + cert = encodeKeyStoreToBase64(storeFile); + } else { + cert = BASE64_CERT; + } + LargeHandshakeTest test = new LargeHandshakeTest(cert); + + test.setUp(); + long start = System.nanoTime(); + try { + test.run(args); + } finally { + try { + long elapsed = System.nanoTime() - start; + System.out.println("*** Elapsed: " + Duration.ofNanos(elapsed)); + } finally { + test.tearDown(); + } + } + } + + public void run(String... args) throws Exception { + List serverURIs = List.of(http1URI, http2URI, https1URI, https2URI); + for (int i = 0; i < 5; i++) { + for (URI base : serverURIs) { + if (base.getScheme().equalsIgnoreCase("https")) { + URI proxy = i % 1 == 0 ? base.resolve(URI.create("proxy/foo?n=" + requestCounter.incrementAndGet())) + : base.resolve(URI.create("direct/foo?n=" + requestCounter.incrementAndGet())); + test(proxy); + } + } + for (URI base : serverURIs) { + URI direct = base.resolve(URI.create("direct/foo?n=" + requestCounter.incrementAndGet())); + test(direct); + } + } + CompletableFuture.allOf(futures.toArray(new CompletableFuture[0])).join(); + } + + public void test(URI uri) throws Exception { + System.out.println("Testing with " + uri); + pending.add(uri); + HttpRequest request = HttpRequest.newBuilder(uri).build(); + CompletableFuture> resp = + client.sendAsync(request, HttpResponse.BodyHandlers.ofString()) + .whenComplete((r, t) -> this.requestCompleted(request, r, t)); + futures.add(resp); + } + + private void requestCompleted(HttpRequest request, HttpResponse r, Throwable t) { + responseCounter.incrementAndGet(); + pending.remove(request.uri()); + System.out.println(request + " -> " + (t == null ? r : t) + + " [still pending: " + (requestCounter.get() - responseCounter.get()) + "]"); + if (pending.size() < 10 && requestCounter.get() > 10) { + pending.forEach(u -> System.out.println("\tpending: " + u)); + } + } + + public void tearDown() { + proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop); + http1Server = stop(http1Server, HttpTestServer::stop); + https1Server = stop(https1Server, HttpTestServer::stop); + http2Server = stop(http2Server, HttpTestServer::stop); + https2Server = stop(https2Server, HttpTestServer::stop); + client = null; + try { + executor.awaitTermination(2000, TimeUnit.MILLISECONDS); + } catch (Throwable x) { + } finally { + executor.shutdownNow(); + } + try { + clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS); + } catch (Throwable x) { + } finally { + clientexec.shutdownNow(); + } + System.out.println("Teardown: done"); + } + + private interface Stoppable { + public void stop(T service) throws Exception; + } + + static T stop(T service, Stoppable stop) { + try { + if (service != null) stop.stop(service); + } catch (Throwable x) { + } + ; + return null; + } + + static class HttpProxySelector extends ProxySelector { + private static final List NO_PROXY = List.of(Proxy.NO_PROXY); + private final List proxyList; + + HttpProxySelector(InetSocketAddress proxyAddress) { + proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress)); + } + + @Override + public List select(URI uri) { + // our proxy only supports tunneling + if (uri.getScheme().equalsIgnoreCase("https")) { + if (uri.getPath().contains("/proxy/")) { + return proxyList; + } + } + return NO_PROXY; + } + + @Override + public void connectFailed(URI uri, SocketAddress sa, IOException ioe) { + System.err.println("Connection to proxy failed: " + ioe); + System.err.println("Proxy: " + sa); + System.err.println("\tURI: " + uri); + ioe.printStackTrace(); + } + } + + public static class HttpTestLargeHandler implements HttpTestHandler { + @Override + public void handle(HttpTestExchange t) throws IOException { + try (InputStream is = t.getRequestBody(); + OutputStream os = t.getResponseBody()) { + byte[] bytes = is.readAllBytes(); + assert bytes.length == 0; + URI u = t.getRequestURI(); + long responseID = Long.parseLong(u.getQuery().substring(2)); + System.out.println("Server " + t.getRequestURI() + " sending response " + responseID); + t.sendResponseHeaders(200, DATA.length * 3); + for (int i = 0; i < 3; i++) { + os.write(DATA); + } + System.out.println("\tresp:" + responseID + ": done"); + } + } + } +} diff -r 64597a6fd186 -r 6b6bf0de534b test/jdk/java/net/httpclient/LargeResponseTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/java/net/httpclient/LargeResponseTest.java Wed Oct 16 14:50:53 2019 +0100 @@ -0,0 +1,305 @@ +/* + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +import com.sun.net.httpserver.HttpServer; +import com.sun.net.httpserver.HttpsConfigurator; +import com.sun.net.httpserver.HttpsServer; +import jdk.test.lib.net.SimpleSSLContext; + +import javax.net.ssl.SSLContext; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.Proxy; +import java.net.ProxySelector; +import java.net.SocketAddress; +import java.net.URI; +import java.net.http.HttpClient; +import java.net.http.HttpRequest; +import java.net.http.HttpResponse; +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.List; +import java.util.Set; +import java.util.concurrent.CompletableFuture; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.concurrent.CopyOnWriteArraySet; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.LinkedBlockingQueue; +import java.util.concurrent.ThreadPoolExecutor; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicLong; + +/** + * @test + * @bug 8231449 + * @summary This test verifies that the HttpClient works correctly when the server + * sends large amount of data. Note that this test will pass even without + * the fix for JDK-8231449, which is unfortunate. + * @library /test/lib http2/server + * @build jdk.test.lib.net.SimpleSSLContext HttpServerAdapters DigestEchoServer LargeResponseTest + * @modules java.net.http/jdk.internal.net.http.common + * java.net.http/jdk.internal.net.http.frame + * java.net.http/jdk.internal.net.http.hpack + * java.logging + * java.base/sun.net.www.http + * java.base/sun.net.www + * java.base/sun.net + * @run main/othervm -Dtest.requiresHost=true + * -Djdk.httpclient.HttpClient.log=headers + * -Djdk.internal.httpclient.debug=true + * LargeResponseTest + * + */ +public class LargeResponseTest implements HttpServerAdapters { + static final byte[] DATA; + static { + DATA = new byte[64 * 1024]; + int len = 'z' - 'a'; + for (int i=0; i < DATA.length; i++) { + DATA[i] = (byte) ('a' + (i % len)); + } + } + + static final SSLContext context; + static { + try { + context = new SimpleSSLContext().get(); + SSLContext.setDefault(context); + } catch (Exception x) { + throw new ExceptionInInitializerError(x); + } + } + + final AtomicLong requestCounter = new AtomicLong(); + final AtomicLong responseCounter = new AtomicLong(); + HttpTestServer http1Server; + HttpTestServer http2Server; + HttpTestServer https1Server; + HttpTestServer https2Server; + DigestEchoServer.TunnelingProxy proxy; + + URI http1URI; + URI https1URI; + URI http2URI; + URI https2URI; + InetSocketAddress proxyAddress; + ProxySelector proxySelector; + HttpClient client; + List> futures = new CopyOnWriteArrayList<>(); + Set pending = new CopyOnWriteArraySet<>(); + + final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10, + TimeUnit.SECONDS, new LinkedBlockingQueue<>()); + final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1, + TimeUnit.SECONDS, new LinkedBlockingQueue<>()); + + public HttpClient newHttpClient(ProxySelector ps) { + HttpClient.Builder builder = HttpClient + .newBuilder() + .sslContext(context) + .executor(clientexec) + .proxy(ps); + return builder.build(); + } + + public void setUp() throws Exception { + try { + InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0); + + // HTTP/1.1 + HttpServer server1 = HttpServer.create(sa, 0); + server1.setExecutor(executor); + http1Server = HttpTestServer.of(server1); + http1Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/http1/"); + http1Server.start(); + http1URI = new URI("http://" + http1Server.serverAuthority() + "/LargeResponseTest/http1/"); + + + // HTTPS/1.1 + HttpsServer sserver1 = HttpsServer.create(sa, 100); + sserver1.setExecutor(executor); + sserver1.setHttpsConfigurator(new HttpsConfigurator(context)); + https1Server = HttpTestServer.of(sserver1); + https1Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/https1/"); + https1Server.start(); + https1URI = new URI("https://" + https1Server.serverAuthority() + "/LargeResponseTest/https1/"); + + // HTTP/2.0 + http2Server = HttpTestServer.of( + new Http2TestServer("localhost", false, 0)); + http2Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/http2/"); + http2Server.start(); + http2URI = new URI("http://" + http2Server.serverAuthority() + "/LargeResponseTest/http2/"); + + // HTTPS/2.0 + https2Server = HttpTestServer.of( + new Http2TestServer("localhost", true, 0)); + https2Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/https2/"); + https2Server.start(); + https2URI = new URI("https://" + https2Server.serverAuthority() + "/LargeResponseTest/https2/"); + + proxy = DigestEchoServer.createHttpsProxyTunnel( + DigestEchoServer.HttpAuthSchemeType.NONE); + proxyAddress = proxy.getProxyAddress(); + proxySelector = new HttpProxySelector(proxyAddress); + client = newHttpClient(proxySelector); + System.out.println("Setup: done"); + } catch (Exception x) { + tearDown(); throw x; + } catch (Error e) { + tearDown(); throw e; + } + } + + public static void main(String[] args) throws Exception { + LargeResponseTest test = new LargeResponseTest(); + test.setUp(); + long start = System.nanoTime(); + try { + test.run(args); + } finally { + try { + long elapsed = System.nanoTime() - start; + System.out.println("*** Elapsed: " + Duration.ofNanos(elapsed)); + } finally { + test.tearDown(); + } + } + } + + public void run(String... args) throws Exception { + List serverURIs = List.of(http1URI, http2URI, https1URI, https2URI); + for (int i=0; i<5; i++) { + for (URI base : serverURIs) { + if (base.getScheme().equalsIgnoreCase("https")) { + URI proxy = i % 1 == 0 ? base.resolve(URI.create("proxy/foo?n="+requestCounter.incrementAndGet())) + : base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet())); + test(proxy); + } + } + for (URI base : serverURIs) { + URI direct = base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet())); + test(direct); + } + } + CompletableFuture.allOf(futures.toArray(new CompletableFuture[0])).join(); + } + + public void test(URI uri) throws Exception { + System.out.println("Testing with " + uri); + pending.add(uri); + HttpRequest request = HttpRequest.newBuilder(uri).build(); + CompletableFuture> resp = + client.sendAsync(request, HttpResponse.BodyHandlers.ofString()) + .whenComplete((r, t) -> this.requestCompleted(request, r, t)); + futures.add(resp); + } + + private void requestCompleted(HttpRequest request, HttpResponse r, Throwable t) { + responseCounter.incrementAndGet(); + pending.remove(request.uri()); + System.out.println(request + " -> " + (t == null ? r : t) + + " [still pending: " + (requestCounter.get() - responseCounter.get()) +"]"); + if (pending.size() < 10 && requestCounter.get() > 10) { + pending.forEach(u -> System.out.println("\tpending: " + u)); + } + } + + public void tearDown() { + proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop); + http1Server = stop(http1Server, HttpTestServer::stop); + https1Server = stop(https1Server, HttpTestServer::stop); + http2Server = stop(http2Server, HttpTestServer::stop); + https2Server = stop(https2Server, HttpTestServer::stop); + client = null; + try { + executor.awaitTermination(2000, TimeUnit.MILLISECONDS); + } catch (Throwable x) { + } finally { + executor.shutdownNow(); + } + try { + clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS); + } catch (Throwable x) { + } finally { + clientexec.shutdownNow(); + } + System.out.println("Teardown: done"); + } + + private interface Stoppable { public void stop(T service) throws Exception; } + + static T stop(T service, Stoppable stop) { + try { if (service != null) stop.stop(service); } catch (Throwable x) { }; + return null; + } + + static class HttpProxySelector extends ProxySelector { + private static final List NO_PROXY = List.of(Proxy.NO_PROXY); + private final List proxyList; + HttpProxySelector(InetSocketAddress proxyAddress) { + proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress)); + } + + @Override + public List select(URI uri) { + // our proxy only supports tunneling + if (uri.getScheme().equalsIgnoreCase("https")) { + if (uri.getPath().contains("/proxy/")) { + return proxyList; + } + } + return NO_PROXY; + } + + @Override + public void connectFailed(URI uri, SocketAddress sa, IOException ioe) { + System.err.println("Connection to proxy failed: " + ioe); + System.err.println("Proxy: " + sa); + System.err.println("\tURI: " + uri); + ioe.printStackTrace(); + } + } + + public static class HttpTestLargeHandler implements HttpTestHandler { + @Override + public void handle(HttpTestExchange t) throws IOException { + try (InputStream is = t.getRequestBody(); + OutputStream os = t.getResponseBody()) { + byte[] bytes = is.readAllBytes(); + assert bytes.length == 0; + URI u = t.getRequestURI(); + long responseID = Long.parseLong(u.getQuery().substring(2)); + System.out.println("Server " + t.getRequestURI() + " sending response " + responseID); + t.sendResponseHeaders(200, DATA.length * 3); + for (int i=0; i<3; i++) { + os.write(DATA); + } + System.out.println("\tresp:" + responseID + ": done"); + } + } + } + +}