From Newsgroup: comp.protocols.time.ntp
--00000000000016da9a062751bf16
Content-Type: multipart/alternative; boundary="00000000000012c655062751bf6b"
--00000000000012c655062751bf6b
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hi Dave,
I appreciate you taking the time to respond and thank you for providing the information.
I have filed the bug below, please let me know if any fields need to be set
in the bug.
https://bugs.ntp.org/show_bug.cgi?id=3D3954
Thanks & Regards,
Samiya khanum
On Tue, Nov 19, 2024 at 7:22=E2=80=AFPM Dave Hart <
davehart@gmail.com> wrot=
e:
Thanks for the reminder to respond, I managed to miss the your first
response due to a fast-filling inbox, please accept my apologies.
Thank you also for letting me know this is a regression in 4.2.8p18
compared to 4.2.8p17, it helps prioritize the problem. I have already be=
en
working on a fix, in fact, as it affects many algorithms, not just SHA2.
The problem is with some changes I made in this code to rationalize the return value of a function, which was returning the total MAC size on success, and 4 on failure, which is the size in bytes of the key number without the actual digest signature which would be there on success. I changed it to return zero in the failure case, which is a more common expected pattern, but failed to change all the places that touch it.
I should have a patch available soon. Rather than a laser-focused patch, I've been also working to update the unit tests around symmetric keys and improve the "help keytype" output to reflect which algorithms will actual=
ly
work, after observing the behavior with OpenSSL 3 with and without FIPS
mode enabled, which disables some older digest algorithms but didn't
prevent them from appearing in "help keytype" output.
Please file a bug report at https://bugs.ntp.org/ to track the issue.
I've been tracking it under the re-opening of https://bugs.ntp.org/3940
but it would be best to have a new report noting it's a regression which
will also enable you to be notified when I have a fix ready to test.
Cheers,
Dave Hart
On Mon, Nov 18, 2024 at 6:03=E2=80=AFAM Samiya Khanum <samiya.khanum@broa=
dcom.com>
wrote:
Hi Dave,
Thank you for your response.
Yes, in the previous version "4.2.8p17", SHA2 is working fine.
I have built NTP with OpenSSL library version 3.1.5.
The supported algorithms in both NTP versions are the same.
*# ntpq -c "help keytype"*
*function: set key type to use for authenticated requests, one of:*
* AES128CMAC, MD5, RIPEMD160, SHA1, SHAKE128*
I am wondering how SHA2 is working in the previous version and not in th=
e
latest version(4.2.8p18). Could you please elaborate more on this?
Thanks & Regards,
Samiya khanum
On Sat, Nov 16, 2024 at 3:38=E2=80=AFPM Dave Hart <davehart@gmail.com> w= rote:
On Fri, Nov 15, 2024 at 10:44=E2=80=AFAM Samiya Khanum <questions@lists= .ntp.org>
wrote:
Hi,
Hello, Samiya.
I have upgraded NTP to 4.2.8p18, and the OpenSSL to 3.1.5.
NTP time sync with SHA2 key is not working, can you please let us know >>>> whether SHA2 is supported on this version or not.
Was SHA2 working for you with an earlier version? If not, try SHA1.
I'm working on a change to enable ntpd to support stronger digest
algorithms that produce more than 160 bits. It will only use the first=
160
bits of the digest, but it will still be a stronger signature using the
more modern digests. Using that test version, I don't see SHA2 support=
ed
by OpenSSL 3.x, but I see SHA256, SHA384, and SHA512, which I'm guessin=
g
are SHA2 with different digest lengths, as there are also SHA3-224,
SHA3-256, SHA3-384, and SHA3-512 available.
For a complete list of digests algorithms supported by your ntpd, try:
ntpq -c "help keytype"
Cheers,
Dave Hart
This electronic communication and the information and any files
transmitted with it, or attached to it, are confidential and are intende=
d
solely for the use of the individual or entity to whom it is addressed a=
nd
may contain information that is confidential, legally privileged, protec= ted
by privacy laws, or otherwise restricted from disclosure to anyone else.=
If
you are not the intended recipient or the person responsible for deliver= ing
the e-mail to the intended recipient, you are hereby notified that any u= se,
copying, distributing, dissemination, forwarding, printing, or copying o=
f
this e-mail is strictly prohibited. If you received this e-mail in error=
,
please return the e-mail to the sender, delete it from your computer, an=
d
destroy any printed copy of it.
--=20
This electronic communication and the information and any files transmitted= =20
with it, or attached to it, are confidential and are intended solely for=20
the use of the individual or entity to whom it is addressed and may contain= =20
information that is confidential, legally privileged, protected by privacy=
=20
laws, or otherwise restricted from disclosure to anyone else. If you are=20
not the intended recipient or the person responsible for delivering the=20 e-mail to the intended recipient, you are hereby notified that any use,=20 copying, distributing, dissemination, forwarding, printing, or copying of=
=20
this e-mail is strictly prohibited. If you received this e-mail in error,=
=20
please return the e-mail to the sender, delete it from your computer, and=
=20
destroy any printed copy of it.
--00000000000012c655062751bf6b
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div><div class=3D"gmail= _default" style=3D"font-size:small">Hi Dave,</div><div class=3D"gmail_defau= lt" style=3D"font-size:small"><br></div><div class=3D"gmail_default" style= =3D"font-size:small">I appreciate you taking the time to respond and thank = you for providing the information.</div><div class=3D"gmail_default" style= =3D"font-size:small"><br></div><div class=3D"gmail_default" style=3D"font-s= ize:small">I have filed the bug below, please let me know if any fields nee=
d to be set in the bug.</div><div class=3D"gmail_default"><a href=3D"https:= //bugs.ntp.org/show_bug.cgi?id=3D3954">
https://bugs.ntp.org/show_bug.cgi?id= =3D3954</a></div><br clear=3D"all"></div><div><div dir=3D"ltr" class=3D"gma= il_signature"><div dir=3D"ltr"><div><div dir=3D"ltr">Thanks & Regards,<= br></div><div dir=3D"ltr"><div>Samiya khanum</div></div></div></div></div><= /div><br></div></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" = class=3D"gmail_attr">On Tue, Nov 19, 2024 at 7:22=E2=80=AFPM Dave Hart <=
<a href=3D"mailto:
davehart@gmail.com">
davehart@gmail.com</a>> wrote:<br>= </div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;b= order-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><d= iv><div class=3D"gmail_default" style=3D"font-family:"trebuchet ms&quo= t;,sans-serif">Thanks for the reminder to respond, I managed to miss the yo= ur=C2=A0first response due to a fast-filling inbox, please accept my apolog= ies.</div><div class=3D"gmail_default" style=3D"font-family:"trebuchet=
ms",sans-serif"><br></div><div class=3D"gmail_default" style=3D"font-= family:"trebuchet ms",sans-serif">Thank you also for letting me k= now this is a regression in 4.2.8p18 compared to 4.2.8p17, it helps priorit= ize the problem.=C2=A0 I have already been working on a fix, in fact, as it=
affects many algorithms, not just SHA2.=C2=A0 The problem is with some cha= nges I made in this code to rationalize the return value of a function, whi=
ch was returning the total MAC size on success, and 4 on failure, which is = the size in bytes of the key number without the actual digest signature whi=
ch would be there on success.=C2=A0 I changed it to return zero in the fail= ure case, which is a more common expected pattern, but failed to change all=
the places that touch it.</div><div class=3D"gmail_default" style=3D"font-= family:"trebuchet ms",sans-serif"><br></div><div class=3D"gmail_d= efault" style=3D"font-family:"trebuchet ms",sans-serif">I should = have a patch available soon.=C2=A0 Rather than a laser-focused patch, I'= ;ve been also working to update the unit tests around symmetric keys and im= prove the "help keytype" output to reflect which algorithms will = actually work, after observing the behavior with OpenSSL 3 with and without=
FIPS mode enabled, which disables some older digest algorithms but didn= 9;t prevent them from appearing in "help keytype" output.</div><d=
iv class=3D"gmail_default" style=3D"font-family:"trebuchet ms",sa= ns-serif"><br></div><div class=3D"gmail_default" style=3D"font-family:"= ;trebuchet ms",sans-serif">Please file a bug report at <a href=3D"http= s://bugs.ntp.org/" target=3D"_blank">
https://bugs.ntp.org/</a> to track the=
issue.=C2=A0 I've been tracking it under the re-opening of <a href=3D"=
https://bugs.ntp.org/3940" target=3D"_blank">
https://bugs.ntp.org/3940</a> = but it would be best to have a new report noting it's a regression whic=
h will also enable you to be notified when I have a fix ready to test.</div= ><div class=3D"gmail_default" style=3D"font-family:"trebuchet ms"= ,sans-serif"><br></div><div class=3D"gmail_default" style=3D"font-family:&q= uot;trebuchet ms",sans-serif"><div style=3D"font-family:Arial,Helvetic= a,sans-serif"><span style=3D"color:rgb(102,102,102);font-family:tahoma,sans= -serif">Cheers,</span></div><div style=3D"font-family:Arial,Helvetica,sans-= serif"><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr"><font fa= ce=3D"tahoma, sans-serif" color=3D"#666666">Dave Hart</font></div></div></d= iv><br></div></div><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gma= il_attr">On Mon, Nov 18, 2024 at 6:03=E2=80=AFAM Samiya Khanum <<a href= =3D"mailto:
samiya.khanum@broadcom.com" target=3D"_blank">samiya.khanum@broa= dcom.com</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D= "margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-le= ft:1ex"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"= ><div><div style=3D"font-size:small">Hi Dave,</div><div style=3D"font-size:= small"><br></div><div style=3D"font-size:small">Thank you for your response= .</div><div style=3D"font-size:small"><br></div><div style=3D"font-size:sma= ll">Yes, in the previous version "4.2.8p17", SHA2 is=C2=A0working=
fine.</div><div style=3D"font-size:small"><br></div><div style=3D"font-siz= e:small">I have built=C2=A0NTP with OpenSSL library=C2=A0version 3.1.5.</di= v><div style=3D"font-size:small">The supported algorithms in both NTP versi= ons are the same.</div><div><div><i><font face=3D"georgia, serif"># ntpq -c=
"help keytype"</font></i></div><div><i><font face=3D"georgia, se= rif">function: set key type to use for authenticated requests, one of:</fon= t></i></div><div><i><font face=3D"georgia, serif">=C2=A0 =C2=A0 AES128CMAC,=
MD5, RIPEMD160, SHA1, SHAKE128</font></i></div><div style=3D"font-size:sma= ll"><br></div><div style=3D"font-size:small">I am wondering how SHA2 is wor= king in the previous version and not in the latest version(4.2.8p18). Could=
you please elaborate more on this?=C2=A0</div></div><br clear=3D"all"></di= v><div><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr"><div><di=
v dir=3D"ltr">Thanks & Regards,<br></div><div dir=3D"ltr"><div>Samiya k= hanum</div></div></div></div></div></div><br></div></div></div></div><br><d=
iv class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Sat, Nov = 16, 2024 at 3:38=E2=80=AFPM Dave Hart <<a href=3D"mailto:davehart@gmail.= com" target=3D"_blank">
davehart@gmail.com</a>> wrote:<br></div><blockquo=
te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px = solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div dir=3D"ltr">= <div><div style=3D"font-family:"trebuchet ms",sans-serif"></div><= /div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_a= ttr">On Fri, Nov 15, 2024 at 10:44=E2=80=AFAM Samiya Khanum <<a href=3D"= mailto:
questions@lists.ntp.org" target=3D"_blank">
questions@lists.ntp.org</= a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0p=
x 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><d=
iv dir=3D"ltr"><div dir=3D"ltr"><div><div style=3D"font-size:small">Hi,</di= v></div></div></div></blockquote><div><br></div><div><div style=3D"font-fam= ily:"trebuchet ms",sans-serif">Hello, Samiya.</div></div><div sty= le=3D"font-family:"trebuchet ms",sans-serif"><br></div><blockquot=
e class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px s= olid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div dir=3D"ltr"><= div><div style=3D"font-size:small">I have upgraded NTP to=C2=A04.2.8p18, an=
d the OpenSSL to 3.1.5.</div><div style=3D"font-size:small">NTP time sync w= ith SHA2 key is not working, can you please let us know whether SHA2 is sup= ported=C2=A0on this version or not.</div></div></div></div></blockquote><di= v><br></div><div><div style=3D"font-family:"trebuchet ms",sans-se= rif">Was SHA2 working for you with an earlier version?=C2=A0 If not, try SH= A1.</div><div style=3D"font-family:"trebuchet ms",sans-serif"><br= ></div><div style=3D"font-family:"trebuchet ms",sans-serif">I'=
;m working on a change to enable ntpd to support=C2=A0stronger digest algor= ithms that produce more than 160 bits.=C2=A0 It will only use the first 160=
bits of the digest, but it will still be a stronger signature using the mo=
re modern digests.=C2=A0 Using that test version, I don't see SHA2 supp= orted by OpenSSL 3.x, but I see SHA256, SHA384, and SHA512, which I'm g= uessing are SHA2 with different digest lengths, as there are also=C2=A0=C2= =A0SHA3-224, SHA3-256, SHA3-384, and SHA3-512 available.</div><div style=3D= "font-family:"trebuchet ms",sans-serif"><br></div><div style=3D"f= ont-family:"trebuchet ms",sans-serif">For a complete list of dige= sts algorithms supported by your ntpd, try:</div><div style=3D"font-family:= "trebuchet ms",sans-serif"><br></div><div><font face=3D"monospace= ">ntpq -c "help keytype"</font></div></div><div style=3D"font-fam= ily:"trebuchet ms",sans-serif"></div><div><div dir=3D"ltr" class= =3D"gmail_signature"><div dir=3D"ltr"><font face=3D"tahoma, sans-serif" col= or=3D"#666666">Cheers,<br>Dave Hart</font></div></div></div><br></div></div=
</blockquote></div>
<span style=3D"background-color:rgb(255,255,255)"><font size=3D"2">This ele= ctronic communication and the information and any files transmitted with it=
, or attached to it, are confidential and are intended solely for the use o=
f the individual or entity to whom it is addressed and may contain informat= ion that is confidential, legally privileged, protected by privacy laws, or=
otherwise restricted from disclosure to anyone else. If you are not the in= tended recipient or the person responsible for delivering the e-mail to the=
intended recipient, you are hereby notified that any use, copying, distrib= uting, dissemination, forwarding, printing, or copying of this e-mail is st= rictly prohibited. If you received this e-mail in error, please return the = e-mail to the sender, delete it from your computer, and destroy any printed=
copy of it.</font></span></blockquote></div></div>
</blockquote></div>
<span style=3D"background-color:rgb(255,255,255)"><font size=3D"2">This ele= ctronic communication and the information and any files transmitted with it=
, or attached to it, are confidential and are intended solely for the use o=
f the individual or entity to whom it is addressed and may contain informat= ion that is confidential, legally privileged, protected by privacy laws, or=
otherwise restricted from disclosure to anyone else. If you are not the in= tended recipient or the person responsible for delivering the e-mail to the=
intended recipient, you are hereby notified that any use, copying, distrib= uting, dissemination, forwarding, printing, or copying of this e-mail is st= rictly prohibited. If you received this e-mail in error, please return the = e-mail to the sender, delete it from your computer, and destroy any printed=
copy of it.</font></span>
--00000000000012c655062751bf6b--
--00000000000016da9a062751bf16
Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIIQcAYJKoZIhvcNAQcCoIIQYTCCEF0CAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGg gg3HMIIFDTCCA/WgAwIBAgIQeEqpED+lv77edQixNJMdADANBgkqhkiG9w0BAQsFADBMMSAwHgYD VQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UE AxMKR2xvYmFsU2lnbjAeFw0yMDA5MTYwMDAwMDBaFw0yODA5MTYwMDAwMDBaMFsxCzAJBgNVBAYT AkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIEdDQyBS MyBQZXJzb25hbFNpZ24gMiBDQSAyMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA vbCmXCcsbZ/a0fRIQMBxp4gJnnyeneFYpEtNydrZZ+GeKSMdHiDgXD1UnRSIudKo+moQ6YlCOu4t rVWO/EiXfYnK7zeop26ry1RpKtogB7/O115zultAz64ydQYLe+a1e/czkALg3sgTcOOcFZTXk38e aqsXsipoX1vsNurqPtnC27TWsA7pk4uKXscFjkeUE8JZu9BDKaswZygxBOPBQBwrA5+20Wxlk6k1 e6EKaaNaNZUy30q3ArEf30ZDpXyfCtiXnupjSK8WU2cK4qsEtj09JS4+mhi0CTCrCnXAzum3tgcH cHRg0prcSzzEUDQWoFxyuqwiwhHu3sPQNmFOMwIDAQABo4IB2jCCAdYwDgYDVR0PAQH/BAQDAgGG MGAGA1UdJQRZMFcGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNxQCAgYKKwYBBAGCNwoDBAYJ KwYBBAGCNxUGBgorBgEEAYI3CgMMBggrBgEFBQcDBwYIKwYBBQUHAxEwEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHQ4EFgQUljPR5lgXWzR1ioFWZNW+SN6hj88wHwYDVR0jBBgwFoAUj/BLf6guRSSu TVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9i YWxzaWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5j b20vY2FjZXJ0L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs c2lnbi5jb20vcm9vdC1yMy5jcmwwWgYDVR0gBFMwUTALBgkrBgEEAaAyASgwQgYKKwYBBAGgMgEo CjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAN BgkqhkiG9w0BAQsFAAOCAQEAdAXk/XCnDeAOd9nNEUvWPxblOQ/5o/q6OIeTYvoEvUUi2qHUOtbf jBGdTptFsXXe4RgjVF9b6DuizgYfy+cILmvi5hfk3Iq8MAZsgtW+A/otQsJvK2wRatLE61RbzkX8 9/OXEZ1zT7t/q2RiJqzpvV8NChxIj+P7WTtepPm9AIj0Keue+gS2qvzAZAY34ZZeRHgA7g5O4TPJ /oTd+4rgiU++wLDlcZYd/slFkaT3xg4qWDepEMjT4T1qFOQIL+ijUArYS4owpPg9NISTKa1qqKWJ jFoyms0d0GwOniIIbBvhI2MJ7BSY9MYtWVT5jJO3tsVHwj4cp92CSFuGwunFMzCCA18wggJHoAMC AQICCwQAAAAAASFYUwiiMA0GCSqGSIb3DQEBCwUAMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9v dCBDQSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTA5 MDMxODEwMDAwMFoXDTI5MDMxODEwMDAwMFowTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENB IC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMJXaQeQZ4Ihb1wIO2hMoonv0FdhHFrYhy/EYCQ8eyip0E XyTLLkvhYIJG4VKrDIFHcGzdZNHr9SyjD4I9DCuul9e2FIYQebs7E4B3jAjhSdJqYi8fXvqWaN+J J5U4nwbXPsnLJlkNc96wyOkmDoMVxu9bi9IEYMpJpij2aTv2y8gokeWdimFXN6x0FNx04Druci8u nPvQu7/1PQDhBjPogiuuU6Y6FnOM3UEOIDrAtKeh6bJPkC4yYOlXy7kEkmho5TgmYHWyn3f/kRTv riBJ/K1AFUjRAjFhGV64l++td7dkmnq/X8ET75ti+w1s4FRpFqkD2m7pg5NxdsZphYIXAgMBAAGj QjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSP8Et/qC5FJK5N UPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAS0DbwFCq/sgM7/eWVEVJu5YACUGssxOGhigH M8pr5nS5ugAtrqQK0/Xx8Q+Kv3NnSoPHRHt44K9ubG8DKY4zOUXDjuS5V2yq/BKW7FPGLeQkbLmU Y/vcU2hnVj6DuM81IcPJaP7O2sJTqsyQiunwXUaMld16WCgaLx3ezQA3QY/tRG3XUyiXfvNnBB4V 14qWtNPeTCekTBtzc3b0F5nCH3oO4y0IrQocLP88q1UOD5F+NuvDV0m+4S4tfGCLw0FREyOdzvcy a5QBqJnnLDMfOjsl0oZAzjsshnjJYS8Uuu7bVW/fhO4FCU29KNhyztNiUGUe65KXgzHZs7XKR1g/ XzCCBU8wggQ3oAMCAQICDE447oxE0xxW9xhc+DANBgkqhkiG9w0BAQsFADBbMQswCQYDVQQGEwJC RTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTExMC8GA1UEAxMoR2xvYmFsU2lnbiBHQ0MgUjMg UGVyc29uYWxTaWduIDIgQ0EgMjAyMDAeFw0yMzA2MDgxNzUyNTdaFw0yNjA2MDgxNzUyNTdaMIGQ MQswCQYDVQQGEwJJTjESMBAGA1UECBMJS2FybmF0YWthMRIwEAYDVQQHEwlCYW5nYWxvcmUxFjAU BgNVBAoTDUJyb2FkY29tIEluYy4xFjAUBgNVBAMTDVNhbWl5YSBLaGFudW0xKTAnBgkqhkiG9w0B CQEWGnNhbWl5YS5raGFudW1AYnJvYWRjb20uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA0JYGHmToeJ3HotboaroZiSCNUcBQl7N1vKQL4HEH+iXIG3P1EleeMxUcAmzcYRQC4xz8 5Q9EG0kYa+tVbDhQlXCqY3yYsYo3dyLptr2DUbGw1ZEpJgtCuMEgIsOzV6QTEl6gP0ckIOs2Fxwd 8fFP7/r8Hpe6fbUzunU/0wfrixItoBFGG4dLy4CALzSHrRi0Ta6JQIPWF5N+Uzd3319MrWqM49F7 bMhWGG4KcprA76TSgVT192NCQDDqQyVe7mpAjUU9Q3StR1tH4Yo0/JiEoBPoBybPg6lJZuv6Y/LE tAIv/faZqQzD3BXm4o+CAk8Ze9i70g6u0epcOkmO60xjyQIDAQABo4IB2zCCAdcwDgYDVR0PAQH/ BAQDAgWgMIGjBggrBgEFBQcBAQSBljCBkzBOBggrBgEFBQcwAoZCaHR0cDovL3NlY3VyZS5nbG9i YWxzaWduLmNvbS9jYWNlcnQvZ3NnY2NyM3BlcnNvbmFsc2lnbjJjYTIwMjAuY3J0MEEGCCsGAQUF BzABhjVodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9nc2djY3IzcGVyc29uYWxzaWduMmNhMjAy MDBNBgNVHSAERjBEMEIGCisGAQQBoDIBKAowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xv YmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCQYDVR0TBAIwADBJBgNVHR8EQjBAMD6gPKA6hjhodHRw Oi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZ2NjcjNwZXJzb25hbHNpZ24yY2EyMDIwLmNybDAlBgNV HREEHjAcgRpzYW1peWEua2hhbnVtQGJyb2FkY29tLmNvbTATBgNVHSUEDDAKBggrBgEFBQcDBDAf BgNVHSMEGDAWgBSWM9HmWBdbNHWKgVZk1b5I3qGPzzAdBgNVHQ4EFgQUI7TwfDqVBACzI/4KeNsS 7yksh04wDQYJKoZIhvcNAQELBQADggEBAFQjjaHObY5dl9vGw32UCGwC80PE9/FfjdBmng60z8CD zlHFj7MWRnvvzIj/93kuS67riULYQPYOULdPYpL7cyQKUWeOSpgxCBjarrR7dndVXGwrgLJHTfpH facrhzBlOtIavrD6QhYTsz0NhATHqIdsDwgU7/mNwoNrDzje14DtIW8UdfoBH55a5d+4f2RdDKcO 91/S61Ko2i9T2vQ8r+SZGKdsxMj5ZL5XhsexyPZhuP9zKUVPqinX/PQcFqWNlJg/aVkDQSSyQIXT yFp9aI8sN29RAaiCEyFZscbteDaDHvFcD3FOqPzwC43owlpnCwI441vri5NpjUZSHrhwJrIxggJt MIICaQIBATBrMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTEwLwYD VQQDEyhHbG9iYWxTaWduIEdDQyBSMyBQZXJzb25hbFNpZ24gMiBDQSAyMDIwAgxOOO6MRNMcVvcY XPgwDQYJYIZIAWUDBAIBBQCggdQwLwYJKoZIhvcNAQkEMSIEIDA3NAmP9xVrPL19XvZ/z0e91Ky9 Q6pALX6anE2zeYSRMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTI0 MTEyMDA1NTE1MlowaQYJKoZIhvcNAQkPMVwwWjALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsG CWCGSAFlAwQBAjAKBggqhkiG9w0DBzALBgkqhkiG9w0BAQowCwYJKoZIhvcNAQEHMAsGCWCGSAFl AwQCATANBgkqhkiG9w0BAQEFAASCAQB52TT6rbipCG2SFyTF0arRGtIDCYHIbSBUAKriEJYquHbJ 6fcrlUruf+vZ1ce0Lk6DibaLhIocZOzW3fEiSewBTrq7GtS1cnn9X1giimx2AcDlFz9AR+My4N5T N0b88nS630jb7ADFKdNM2rkagVfq0/hivaFbTNkeMUxqC5ay/WOCya8FpIYnl4l+4z4VH+b3SafN cS/qAPgSrsK0jlBCe+Iot+cHrxoEjJBzYk0zlmE85JrcgreNVng65Ljdi09B6v63yZyotYtInPAu QFPw4ozBH4yJE0E0WnkgJ393SAlbV+ekocxZoBRwB62eJ+HO/kPt3WwYtG4FNqUQnDys --00000000000016da9a062751bf16--
--- Synchronet 3.20a-Linux NewsLink 1.114